Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/21a4fd-bd8a-4aa4-8c45-5710305439ec/1/p0oZ4q6lHrN2uY6gOzA5xnEORLo.roa
File: p0oZ4q6lHrN2uY6gOzA5xnEORLo.roa (raw, json)
Hash identifier: +3pVCZ5GKtwQuNKqa60g7O/l0ZyA3msRy8do5+lhnMA=
Subject key identifier: A7:4A:19:E2:AE:A5:1E:B3:76:B9:8E:A0:3B:30:39:C6:71:0E:44:BA
Certificate issuer: /CN=25292652a9ecd9c6bdc8264b9948df6212207624
Certificate serial: 0190116BC7D5572F0C38BF0CC28BD3D5C42B
Authority key identifier: 25:29:26:52:A9:EC:D9:C6:BD:C8:26:4B:99:48:DF:62:12:20:76:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JSkmUqns2ca9yCZLmUjfYhIgdiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/21a4fd-bd8a-4aa4-8c45-5710305439ec/1/p0oZ4q6lHrN2uY6gOzA5xnEORLo.roa
Signing time: Thu 13 Jun 2024 11:46:34 +0000
ROA not before: Thu 13 Jun 2024 11:46:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201698
IP address blocks: 185.64.156.0/22 maxlen: 22
2a04:f8c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:11:6b:c7:d5:57:2f:0c:38:bf:0c:c2:8b:d3:d5:c4:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25292652a9ecd9c6bdc8264b9948df6212207624
Validity
Not Before: Jun 13 11:46:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a74a19e2aea51eb376b98ea03b3039c6710e44ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:4c:9e:e9:7c:06:aa:61:69:7e:f3:0e:64:e8:
ec:f5:40:23:23:d2:e7:ef:ac:28:0a:7c:e4:8c:4d:
24:8f:59:17:ca:23:3d:bf:00:8a:06:f1:3b:8a:6e:
ee:bd:5e:74:97:1d:54:27:c6:85:08:7b:39:6b:fe:
a2:cd:64:6d:97:a8:0a:ba:ed:50:e8:45:c9:de:46:
01:25:0b:77:49:ff:18:f5:78:03:d5:11:ec:f2:3f:
83:3e:82:e7:f6:ce:69:a1:db:08:2c:76:fc:4f:81:
72:d1:ac:1f:d9:27:46:0a:ad:38:51:9c:b1:c3:8c:
60:aa:0a:ff:b6:76:3a:b9:f1:77:12:9a:8c:b8:2a:
41:82:6b:92:3f:c3:68:a5:26:5e:2d:ad:2a:95:89:
92:98:eb:aa:0e:97:2d:0a:3f:fb:dd:26:16:1b:9e:
39:87:63:d2:9a:47:71:43:bd:c8:86:d3:d2:01:cf:
3b:3a:1a:4d:f2:f4:16:c7:f3:fa:fe:5f:0b:7a:ab:
d8:99:ee:2e:ea:5d:a3:fe:20:b9:f9:99:8c:40:07:
d0:96:a7:4d:c4:58:1f:4c:89:07:3e:6b:c2:16:43:
e5:30:9c:c5:bc:e3:2d:40:c9:f2:14:28:91:9c:46:
4d:3b:0d:f5:ce:7f:59:c8:e7:50:f7:36:00:20:4f:
61:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:4A:19:E2:AE:A5:1E:B3:76:B9:8E:A0:3B:30:39:C6:71:0E:44:BA
X509v3 Authority Key Identifier:
keyid:25:29:26:52:A9:EC:D9:C6:BD:C8:26:4B:99:48:DF:62:12:20:76:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JSkmUqns2ca9yCZLmUjfYhIgdiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/21a4fd-bd8a-4aa4-8c45-5710305439ec/1/p0oZ4q6lHrN2uY6gOzA5xnEORLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/21a4fd-bd8a-4aa4-8c45-5710305439ec/1/JSkmUqns2ca9yCZLmUjfYhIgdiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.156.0/22
IPv6:
2a04:f8c0::/29
Signature Algorithm: sha256WithRSAEncryption
a3:e7:59:9c:87:82:06:0a:16:66:ba:a9:fa:43:d6:7a:29:ee:
b9:e9:a6:f0:64:01:9e:8e:32:7f:57:4f:7e:53:85:ce:58:aa:
2a:1d:8e:dd:9f:2a:1d:4c:43:3b:80:e4:a8:b4:bb:66:a3:0b:
7b:0c:03:49:50:73:ca:4e:4b:86:a6:58:a3:6c:c2:e7:74:09:
a7:bb:32:41:ad:99:1e:e4:ef:8c:e9:11:28:f4:cb:90:db:3e:
e4:fb:d3:9a:6a:b2:c9:59:2c:cb:2a:e9:d0:68:d0:92:a3:e4:
aa:6a:c8:da:d7:23:06:bb:1b:cd:5c:bb:df:e8:80:1a:0f:58:
98:d4:a0:eb:42:d8:7b:cb:94:2f:69:98:4c:7a:78:c9:53:eb:
44:66:62:2c:56:ad:e0:a9:8e:a2:88:30:c4:34:e7:95:a0:68:
6b:9b:6a:fc:66:55:e4:c3:73:91:f0:2a:97:ec:2e:44:62:17:
a2:0e:40:16:f3:fb:a4:87:87:7a:fa:97:a9:2c:d5:4a:c5:81:
84:47:0e:36:b0:d6:d0:75:ef:94:bd:28:9f:d9:c3:68:e5:4b:
ea:ba:1c:63:9e:1e:21:e3:4e:01:5b:5b:a5:db:2c:5a:72:14:
28:03:72:3c:98:32:89:a4:ec:68:67:68:55:e1:79:4e:2d:10:
46:33:a4:c1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZARa8fVVy8MOL8MwovT1cQrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MjkyNjUyYTllY2Q5YzZiZGM4MjY0Yjk5NDhkZjYyMTIy
MDc2MjQwHhcNMjQwNjEzMTE0NjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzRhMTllMmFlYTUxZWIzNzZiOThlYTAzYjMwMzljNjcxMGU0NGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkye6XwGqmFpfvMOZOjs9UAjI9Ln
76woCnzkjE0kj1kXyiM9vwCKBvE7im7uvV50lx1UJ8aFCHs5a/6izWRtl6gKuu1Q
6EXJ3kYBJQt3Sf8Y9XgD1RHs8j+DPoLn9s5podsILHb8T4Fy0awf2SdGCq04UZyx
w4xgqgr/tnY6ufF3EpqMuCpBgmuSP8NopSZeLa0qlYmSmOuqDpctCj/73SYWG545
h2PSmkdxQ73IhtPSAc87OhpN8vQWx/P6/l8LeqvYme4u6l2j/iC5+ZmMQAfQlqdN
xFgfTIkHPmvCFkPlMJzFvOMtQMnyFCiRnEZNOw31zn9ZyOdQ9zYAIE9howIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKdKGeKupR6zdrmOoDswOcZxDkS6MB8GA1UdIwQY
MBaAFCUpJlKp7NnGvcgmS5lI32ISIHYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlNrbVVxbnMyY2E5eUNaTG1VamZZaElnZGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yMWE0ZmQtYmQ4YS00YWE0LThjNDUt
NTcxMDMwNTQzOWVjLzEvcDBvWjRxNmxIck4ydVk2Z096QTV4bkVPUkxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yMWE0ZmQtYmQ4YS00YWE0LThjNDUtNTcxMDMwNTQzOWVj
LzEvSlNrbVVxbnMyY2E5eUNaTG1VamZZaElnZGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUCcMA0E
AgACMAcDBQMqBPjAMA0GCSqGSIb3DQEBCwUAA4IBAQCj51mch4IGChZmuqn6Q9Z6
Ke656abwZAGejjJ/V09+U4XOWKoqHY7dnyodTEM7gOSotLtmowt7DANJUHPKTkuG
plijbMLndAmnuzJBrZke5O+M6REo9MuQ2z7k+9OaarLJWSzLKunQaNCSo+Sqasja
1yMGuxvNXLvf6IAaD1iY1KDrQth7y5QvaZhMenjJU+tEZmIsVq3gqY6iiDDENOeV
oGhrm2r8ZlXkw3OR8CqX7C5EYheiDkAW8/ukh4d6+pepLNVKxYGERw42sNbQde+U
vSif2cNo5Uvquhxjnh4h404BW1ul2yxachQoA3I8mDKJpOxoZ2hV4XlOLRBGM6TB
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:35:02 2025 by rpki-client