Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/c08e1e-f5bd-4a1a-8aba-ccf6454bb24c/1/CKZghi4sPihi39uSvLbP3_-hzx0.roa
File: CKZghi4sPihi39uSvLbP3_-hzx0.roa (raw, json)
Hash identifier: JKjglGfS/fiez6oeJyjsfqJ0c9a16J4ThzYBhVfztc4=
Subject key identifier: 08:A6:60:86:2E:2C:3E:28:62:DF:DB:92:BC:B6:CF:DF:FF:A1:CF:1D
Certificate issuer: /CN=380b283a0513940d520a680b8b3d14dbc367770d
Certificate serial: 0194266BB45D86263E1BF47B1B1E1C0458E0
Authority key identifier: 38:0B:28:3A:05:13:94:0D:52:0A:68:0B:8B:3D:14:DB:C3:67:77:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OAsoOgUTlA1SCmgLiz0U28Nndw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/c08e1e-f5bd-4a1a-8aba-ccf6454bb24c/1/CKZghi4sPihi39uSvLbP3_-hzx0.roa
Signing time: Thu 02 Jan 2025 09:49:40 +0000
ROA not before: Thu 02 Jan 2025 09:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57771
IP address blocks: 185.54.93.0/24 maxlen: 24
2a00:8641::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 05 Jan 2025 19:02:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:b4:5d:86:26:3e:1b:f4:7b:1b:1e:1c:04:58:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=380b283a0513940d520a680b8b3d14dbc367770d
Validity
Not Before: Jan 2 09:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=08a660862e2c3e2862dfdb92bcb6cfdfffa1cf1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:6a:56:ab:f0:e9:b1:a2:9c:08:1a:17:da:c0:
da:24:87:24:58:61:73:60:1c:ca:db:0b:6f:7b:42:
60:7e:6a:7f:55:af:88:aa:b8:06:66:5e:61:0f:bd:
54:b4:a7:2c:d5:67:48:d8:dd:87:dd:45:88:65:a6:
0b:fa:ff:d3:39:1a:5e:7b:7f:8e:ce:3e:42:35:51:
af:02:8b:25:4f:79:3d:69:5a:80:bb:0e:b6:55:ab:
82:cf:76:ac:51:b5:aa:03:42:41:f0:6e:71:83:b3:
59:34:05:d1:e1:4b:43:66:c4:ac:19:d5:5e:06:e7:
3c:ab:68:75:f7:35:67:bb:39:7e:6c:90:c4:20:49:
92:96:2e:87:5f:43:e2:7d:b8:55:78:d9:c7:8a:54:
4f:b9:a2:ee:56:42:b1:97:3c:85:8b:89:c6:51:2c:
cb:bc:84:1d:41:c8:52:7c:3b:4f:68:70:2c:d8:30:
b0:fe:20:90:13:6d:50:02:2e:52:d5:29:26:1c:12:
54:b7:03:cc:2f:2d:46:40:49:52:53:94:d2:be:89:
f0:f2:8b:0f:40:37:5d:9c:8e:1b:21:e4:8f:a5:78:
f8:48:dc:4c:af:b2:43:17:77:30:97:52:58:0d:ed:
28:94:bf:34:60:26:df:9a:8e:b2:21:b1:a3:d7:e1:
53:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:A6:60:86:2E:2C:3E:28:62:DF:DB:92:BC:B6:CF:DF:FF:A1:CF:1D
X509v3 Authority Key Identifier:
keyid:38:0B:28:3A:05:13:94:0D:52:0A:68:0B:8B:3D:14:DB:C3:67:77:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OAsoOgUTlA1SCmgLiz0U28Nndw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/c08e1e-f5bd-4a1a-8aba-ccf6454bb24c/1/CKZghi4sPihi39uSvLbP3_-hzx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/c08e1e-f5bd-4a1a-8aba-ccf6454bb24c/1/OAsoOgUTlA1SCmgLiz0U28Nndw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.93.0/24
IPv6:
2a00:8641::/32
Signature Algorithm: sha256WithRSAEncryption
74:55:2d:98:96:3d:f4:46:e3:3a:c0:02:c0:ea:67:39:a8:5e:
c0:83:08:46:c3:40:0b:de:38:17:80:87:a9:c6:47:bd:7e:88:
89:df:d1:eb:a2:78:4f:19:f7:5c:ab:f2:40:16:04:fa:38:c2:
c9:4e:90:b1:c8:d8:ec:8d:0a:18:91:80:4e:71:db:51:6e:8e:
31:38:28:57:5d:f4:53:9c:02:ef:7b:09:a4:2d:9d:9a:b9:5b:
be:73:18:e8:74:8e:8f:c4:35:1a:ee:81:e5:fb:cf:ad:74:a3:
85:53:ed:e5:b4:c5:56:91:27:44:c7:0c:48:56:5a:c0:92:e3:
f1:1c:c2:a4:df:4c:ee:8e:74:1d:40:f9:25:f9:46:1f:30:e1:
0a:cd:66:61:80:7b:89:c8:22:a3:57:85:a0:55:c0:6a:58:ca:
2d:d0:6a:70:d7:53:d4:6a:d9:e9:29:e3:bd:cb:18:63:fe:00:
30:69:d0:40:23:07:89:4b:d9:23:59:d0:5b:67:c7:8f:84:cf:
4b:63:ef:d9:b1:53:7b:6f:a1:b6:05:2f:69:ea:12:a2:ff:ef:
1f:5c:d4:db:07:6e:58:bc:64:92:3d:f3:ab:68:31:77:53:66:
e0:60:d0:47:d1:6d:c1:52:2c:73:65:15:01:9e:cd:bd:84:4b:
e8:b9:14:dd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQma7RdhiY+G/R7Gx4cBFjgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MGIyODNhMDUxMzk0MGQ1MjBhNjgwYjhiM2QxNGRiYzM2
Nzc3MGQwHhcNMjUwMTAyMDk0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGE2NjA4NjJlMmMzZTI4NjJkZmRiOTJiY2I2Y2ZkZmZmYTFjZjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2pWq/DpsaKcCBoX2sDaJIckWGFz
YBzK2wtve0Jgfmp/Va+IqrgGZl5hD71UtKcs1WdI2N2H3UWIZaYL+v/TORpee3+O
zj5CNVGvAoslT3k9aVqAuw62VauCz3asUbWqA0JB8G5xg7NZNAXR4UtDZsSsGdVe
Buc8q2h19zVnuzl+bJDEIEmSli6HX0PifbhVeNnHilRPuaLuVkKxlzyFi4nGUSzL
vIQdQchSfDtPaHAs2DCw/iCQE21QAi5S1SkmHBJUtwPMLy1GQElSU5TSvonw8osP
QDddnI4bIeSPpXj4SNxMr7JDF3cwl1JYDe0olL80YCbfmo6yIbGj1+FTGwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAimYIYuLD4oYt/bkry2z9//oc8dMB8GA1UdIwQY
MBaAFDgLKDoFE5QNUgpoC4s9FNvDZ3cNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Fzb09nVVRsQTFTQ21nTGl6MFUyOE5uZHcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9jMDhlMWUtZjViZC00YTFhLThhYmEt
Y2NmNjQ1NGJiMjRjLzEvQ0taZ2hpNHNQaWhpMzl1U3ZMYlAzXy1oengwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9jMDhlMWUtZjViZC00YTFhLThhYmEtY2NmNjQ1NGJiMjRj
LzEvT0Fzb09nVVRsQTFTQ21nTGl6MFUyOE5uZHcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuTZdMA0E
AgACMAcDBQAqAIZBMA0GCSqGSIb3DQEBCwUAA4IBAQB0VS2Ylj30RuM6wALA6mc5
qF7AgwhGw0AL3jgXgIepxke9foiJ39HronhPGfdcq/JAFgT6OMLJTpCxyNjsjQoY
kYBOcdtRbo4xOChXXfRTnALvewmkLZ2auVu+cxjodI6PxDUa7oHl+8+tdKOFU+3l
tMVWkSdExwxIVlrAkuPxHMKk30zujnQdQPkl+UYfMOEKzWZhgHuJyCKjV4WgVcBq
WMot0Gpw11PUatnpKeO9yxhj/gAwadBAIweJS9kjWdBbZ8ePhM9LY+/ZsVN7b6G2
BS9p6hKi/+8fXNTbB25YvGSSPfOraDF3U2bgYNBH0W3BUixzZRUBns29hEvouRTd
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:37:10 2025 by rpki-client