Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/ZUftFA10uUCMidLmkEGZ8frKAQ4.roa
File: ZUftFA10uUCMidLmkEGZ8frKAQ4.roa (raw, json)
Hash identifier: KDcn3fgkyUHT2lJnWFsqBFh14UcgynGS602s1dZHViU=
Subject key identifier: 65:47:ED:14:0D:74:B9:40:8C:89:D2:E6:90:41:99:F1:FA:CA:01:0E
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FA1A957D9AE98949367BF6B5989C9
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/ZUftFA10uUCMidLmkEGZ8frKAQ4.roa
Signing time: Thu 02 Jan 2025 05:49:17 +0000
ROA not before: Thu 02 Jan 2025 05:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43875
IP address blocks: 185.67.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Mar 2025 10:15:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:a1:a9:57:d9:ae:98:94:93:67:bf:6b:59:89:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6547ed140d74b9408c89d2e6904199f1faca010e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a7:fa:e8:27:8f:df:ec:de:62:0c:72:6d:98:
d2:ba:d0:f0:42:00:a2:e1:19:cb:fb:a3:99:d1:33:
52:52:a4:3a:24:27:b9:58:3c:86:5c:60:72:88:34:
1d:d5:5f:56:c3:79:b5:4a:cb:64:52:bf:2a:79:db:
76:df:50:98:c7:29:49:33:2f:e5:5f:e0:c8:43:31:
7e:ca:be:19:95:ba:cf:e3:38:5a:35:a0:0d:75:89:
9e:49:c8:ce:2b:d5:e3:95:b2:a5:a9:d6:31:1e:9e:
04:f7:83:b8:44:eb:e4:f1:51:85:22:5b:f4:23:2a:
2b:a5:f0:27:c3:35:2f:4e:9e:db:ed:b2:7b:8f:e3:
b7:30:74:63:f0:6d:ee:3c:15:c3:cc:c8:0c:94:48:
db:9b:59:f4:d8:b3:ba:85:95:c1:1b:ed:5d:a8:c5:
99:86:b6:75:2d:2d:c1:2e:e7:6e:85:22:cf:d9:7d:
12:48:c2:03:c9:cf:6c:ff:0b:40:d9:b0:56:86:d5:
13:8c:e9:39:13:53:51:e2:b1:b1:27:80:0b:e4:f2:
bf:51:56:95:98:ed:2b:88:1a:5a:b4:d2:52:de:ea:
6f:e4:e1:21:7e:65:d2:42:80:13:6b:a0:76:7d:c3:
e9:8d:bf:2b:c5:b5:ed:b4:90:63:68:3c:ef:57:0d:
e9:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:47:ED:14:0D:74:B9:40:8C:89:D2:E6:90:41:99:F1:FA:CA:01:0E
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/ZUftFA10uUCMidLmkEGZ8frKAQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.252.0/24
Signature Algorithm: sha256WithRSAEncryption
42:6e:30:58:3b:79:59:4b:09:f3:67:ac:33:f8:89:66:d7:43:
f2:84:7f:bb:d8:c0:15:74:39:30:7c:b7:d5:73:05:6b:69:ac:
c7:50:c1:8c:83:71:e3:00:e0:80:bb:c4:ad:a6:9b:2a:0e:99:
65:9e:88:3f:97:f0:c6:b2:d0:34:c4:8c:df:53:9b:b5:eb:de:
18:32:3b:a0:8a:7b:a9:a0:53:03:86:67:36:eb:55:c6:91:93:
58:70:29:6a:ae:5a:b3:c5:e0:28:1a:51:bf:d4:28:00:26:0b:
d6:38:1a:2d:c1:3c:77:eb:89:96:2d:61:32:7e:85:f6:c9:d1:
df:bd:e4:d3:d9:46:bd:d5:09:52:a2:c0:00:ac:89:ae:6e:dc:
2b:1d:2c:f4:6f:cd:16:6c:a1:d5:a0:f3:a0:37:14:67:51:03:
94:13:82:64:99:39:3f:48:0a:3a:ad:68:b6:c2:4f:4a:5f:98:
9f:bf:7e:18:eb:d8:a7:3d:27:47:61:38:3c:4c:76:ce:cb:55:
0d:f0:da:e7:35:49:f6:5d:37:66:25:5e:2c:38:cd:1c:3d:58:
ed:02:21:56:bb:d5:d6:b1:e0:76:51:44:67:f8:b1:94:bd:85:
0a:c8:6e:a5:1d:a8:43:58:fb:74:07:e8:3b:7c:a3:e9:a5:0f:
d7:67:e8:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj6GpV9mumJSTZ79rWYnJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTQ3ZWQxNDBkNzRiOTQwOGM4OWQyZTY5MDQxOTlmMWZhY2EwMTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKf66CeP3+zeYgxybZjSutDwQgCi
4RnL+6OZ0TNSUqQ6JCe5WDyGXGByiDQd1V9Ww3m1SstkUr8qedt231CYxylJMy/l
X+DIQzF+yr4ZlbrP4zhaNaANdYmeScjOK9XjlbKlqdYxHp4E94O4ROvk8VGFIlv0
IyorpfAnwzUvTp7b7bJ7j+O3MHRj8G3uPBXDzMgMlEjbm1n02LO6hZXBG+1dqMWZ
hrZ1LS3BLuduhSLP2X0SSMIDyc9s/wtA2bBWhtUTjOk5E1NR4rGxJ4AL5PK/UVaV
mO0riBpatNJS3upv5OEhfmXSQoATa6B2fcPpjb8rxbXttJBjaDzvVw3pmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGVH7RQNdLlAjInS5pBBmfH6ygEOMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvWlVmdEZBMTB1VUNNaWRMbWtFR1o4ZnJLQVE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUP8MA0G
CSqGSIb3DQEBCwUAA4IBAQBCbjBYO3lZSwnzZ6wz+Ilm10PyhH+72MAVdDkwfLfV
cwVraazHUMGMg3HjAOCAu8StppsqDpllnog/l/DGstA0xIzfU5u1694YMjuginup
oFMDhmc261XGkZNYcClqrlqzxeAoGlG/1CgAJgvWOBotwTx364mWLWEyfoX2ydHf
veTT2Ua91QlSosAArImubtwrHSz0b80WbKHVoPOgNxRnUQOUE4JkmTk/SAo6rWi2
wk9KX5ifv34Y69inPSdHYTg8THbOy1UN8NrnNUn2XTdmJV4sOM0cPVjtAiFWu9XW
seB2UURn+LGUvYUKyG6lHahDWPt0B+g7fKPppQ/XZ+ga
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:41:17 2025 by rpki-client