Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/3c3da0-d3f8-4aa2-8334-26d759365402/1/KZcG4xQ8x5k889Cqv8fbRBn4ns8.roa
File: KZcG4xQ8x5k889Cqv8fbRBn4ns8.roa (raw, json)
Hash identifier: N1nf/sCmAGG/IIKhLamN15uJe2PyalRyYw0GTY1uwW0=
Subject key identifier: 29:97:06:E3:14:3C:C7:99:3C:F3:D0:AA:BF:C7:DB:44:19:F8:9E:CF
Certificate issuer: /CN=36242148e3e636a90343f3e95044b8dfdb9d1cd9
Certificate serial: 0195AF83DE59B35E58E47782BFE4DCBF9DFE
Authority key identifier: 36:24:21:48:E3:E6:36:A9:03:43:F3:E9:50:44:B8:DF:DB:9D:1C:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NiQhSOPmNqkDQ_PpUES439udHNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/3c3da0-d3f8-4aa2-8334-26d759365402/1/KZcG4xQ8x5k889Cqv8fbRBn4ns8.roa
Signing time: Wed 19 Mar 2025 17:46:49 +0000
ROA not before: Wed 19 Mar 2025 17:46:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19843
IP address blocks: 185.164.184.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Mar 2025 17:46:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:af:83:de:59:b3:5e:58:e4:77:82:bf:e4:dc:bf:9d:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36242148e3e636a90343f3e95044b8dfdb9d1cd9
Validity
Not Before: Mar 19 17:46:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=299706e3143cc7993cf3d0aabfc7db4419f89ecf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:f1:3e:e6:4a:4e:28:33:6b:c7:b5:74:a6:4a:
39:70:21:c4:2c:ef:bc:d4:62:db:15:ea:98:53:aa:
ed:b4:ca:57:c3:94:90:7a:cf:36:be:a8:4f:29:31:
ff:c5:1a:70:08:15:46:e0:d5:49:77:7c:cc:1e:33:
ec:5c:98:2f:bc:7b:0f:12:cd:99:0e:d5:35:b5:29:
25:c9:1c:72:c1:97:86:6b:7b:73:9b:0e:08:4a:d4:
07:74:8c:c3:3d:37:e9:78:46:21:f3:f2:d7:43:7f:
3c:17:9c:6f:e6:0c:5a:e2:11:63:bf:05:95:55:a9:
a3:a1:ac:1e:5c:58:39:28:f8:50:39:d3:0e:b6:94:
d8:54:11:4e:80:31:26:5f:09:8d:58:d3:c7:20:6e:
57:99:08:d8:0d:63:bb:c1:3e:51:a9:c1:26:d3:78:
10:63:0a:33:cd:71:44:99:83:3c:22:fd:c3:86:0c:
78:51:9d:58:95:e7:02:d3:07:5a:57:5d:c3:40:fb:
af:12:7f:ba:17:ec:bf:0c:3e:56:6b:0a:07:48:d3:
cd:b5:b0:48:36:7c:f0:3b:4e:a5:ef:0e:97:c6:9e:
30:2c:a2:c5:ba:c8:36:d7:73:4a:53:97:22:de:19:
74:d4:03:40:df:1a:fa:fd:7a:98:d5:ce:9d:b0:10:
69:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:97:06:E3:14:3C:C7:99:3C:F3:D0:AA:BF:C7:DB:44:19:F8:9E:CF
X509v3 Authority Key Identifier:
keyid:36:24:21:48:E3:E6:36:A9:03:43:F3:E9:50:44:B8:DF:DB:9D:1C:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiQhSOPmNqkDQ_PpUES439udHNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3c3da0-d3f8-4aa2-8334-26d759365402/1/KZcG4xQ8x5k889Cqv8fbRBn4ns8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3c3da0-d3f8-4aa2-8334-26d759365402/1/NiQhSOPmNqkDQ_PpUES439udHNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.184.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:26:9a:6d:24:0e:d4:82:aa:35:ad:d3:83:85:02:59:a9:99:
f2:2e:d9:e9:33:7b:43:d4:8b:4a:6c:1d:47:8d:84:83:c3:fb:
fa:34:36:8f:b5:91:46:3c:e6:ce:c7:8b:e5:ee:92:96:6f:53:
16:fe:cf:c6:46:7c:e1:c6:f2:b7:6e:56:73:a1:af:80:b5:ee:
b9:43:38:db:c3:fd:0f:b5:6c:e0:42:bc:5b:ec:56:7e:2c:7a:
46:ba:c0:80:d7:5f:88:24:3e:52:91:97:0c:94:84:b6:09:b7:
7d:d6:bc:f9:5b:e5:78:fc:e1:23:99:4a:be:29:a2:94:b7:9f:
49:77:0b:d6:34:d8:01:95:cb:08:c6:55:4d:cc:d6:3e:ee:0f:
1d:6c:40:2d:9c:59:f0:09:b4:78:5c:bb:5d:e3:32:49:27:fc:
f2:4a:62:dd:2a:7b:29:5d:88:b3:03:b9:4d:8f:01:d9:5e:08:
99:e3:bd:d3:45:77:d3:f8:88:39:8f:a6:31:a0:90:df:54:1f:
f8:23:18:2a:df:ca:7b:ed:75:6e:ea:8e:2d:41:02:2a:0b:a9:
72:60:de:a7:b9:f1:f8:ae:d7:f6:b2:7a:d5:57:78:f7:3b:b0:
89:d3:eb:f9:6a:ff:cb:02:75:07:de:19:cc:aa:46:16:06:4b:
05:bd:66:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWvg95Zs15Y5HeCv+Tcv53+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MjQyMTQ4ZTNlNjM2YTkwMzQzZjNlOTUwNDRiOGRmZGI5
ZDFjZDkwHhcNMjUwMzE5MTc0NjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTk3MDZlMzE0M2NjNzk5M2NmM2QwYWFiZmM3ZGI0NDE5Zjg5ZWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6vE+5kpOKDNrx7V0pko5cCHELO+8
1GLbFeqYU6rttMpXw5SQes82vqhPKTH/xRpwCBVG4NVJd3zMHjPsXJgvvHsPEs2Z
DtU1tSklyRxywZeGa3tzmw4IStQHdIzDPTfpeEYh8/LXQ388F5xv5gxa4hFjvwWV
VamjoaweXFg5KPhQOdMOtpTYVBFOgDEmXwmNWNPHIG5XmQjYDWO7wT5RqcEm03gQ
YwozzXFEmYM8Iv3Dhgx4UZ1YlecC0wdaV13DQPuvEn+6F+y/DD5WawoHSNPNtbBI
NnzwO06l7w6Xxp4wLKLFusg213NKU5ci3hl01ANA3xr6/XqY1c6dsBBpOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCmXBuMUPMeZPPPQqr/H20QZ+J7PMB8GA1UdIwQY
MBaAFDYkIUjj5japA0Pz6VBEuN/bnRzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlRaFNPUG1OcWtEUV9QcFVFUzQzOXVkSE5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8zYzNkYTAtZDNmOC00YWEyLTgzMzQt
MjZkNzU5MzY1NDAyLzEvS1pjRzR4UTh4NWs4ODlDcXY4ZmJSQm40bnM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8zYzNkYTAtZDNmOC00YWEyLTgzMzQtMjZkNzU5MzY1NDAy
LzEvTmlRaFNPUG1OcWtEUV9QcFVFUzQzOXVkSE5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaS4MA0G
CSqGSIb3DQEBCwUAA4IBAQCbJpptJA7Ugqo1rdODhQJZqZnyLtnpM3tD1ItKbB1H
jYSDw/v6NDaPtZFGPObOx4vl7pKWb1MW/s/GRnzhxvK3blZzoa+Ate65Qzjbw/0P
tWzgQrxb7FZ+LHpGusCA11+IJD5SkZcMlIS2Cbd91rz5W+V4/OEjmUq+KaKUt59J
dwvWNNgBlcsIxlVNzNY+7g8dbEAtnFnwCbR4XLtd4zJJJ/zySmLdKnspXYizA7lN
jwHZXgiZ473TRXfT+Ig5j6YxoJDfVB/4Ixgq38p77XVu6o4tQQIqC6lyYN6nufH4
rtf2snrVV3j3O7CJ0+v5av/LAnUH3hnMqkYWBksFvWZ/
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:15:59 2025 by rpki-client