Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/ZV1VKgFC7csHnN_WGhkxWKrmc2E.roa
File: ZV1VKgFC7csHnN_WGhkxWKrmc2E.roa (raw, json)
Hash identifier: 39+cw8hPdkxAGvg59BUtz48hkqPgPHHhoGN6DeV7ouA=
Subject key identifier: 65:5D:55:2A:01:42:ED:CB:07:9C:DF:D6:1A:19:31:58:AA:E6:73:61
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 0195DCB90D752A8A16130FD1391659F96ECB
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/ZV1VKgFC7csHnN_WGhkxWKrmc2E.roa
Signing time: Fri 28 Mar 2025 12:27:49 +0000
ROA not before: Fri 28 Mar 2025 12:27:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 170.62.237.0/24 maxlen: 24
170.62.239.0/24 maxlen: 24
170.62.244.0/24 maxlen: 24
170.62.245.0/24 maxlen: 24
193.142.58.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Apr 2025 06:45:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:dc:b9:0d:75:2a:8a:16:13:0f:d1:39:16:59:f9:6e:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Mar 28 12:27:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=655d552a0142edcb079cdfd61a193158aae67361
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:49:09:dc:99:1f:98:86:6b:7e:f9:27:32:7d:
fb:02:af:e9:3f:5a:8d:8e:b6:6a:f2:1c:ae:0c:d2:
7e:70:04:97:eb:9d:5b:2a:4f:05:87:31:0e:21:c8:
bc:95:d4:d3:b8:21:14:36:dd:39:8d:dc:7c:c0:b3:
e1:4f:7f:e6:06:fb:df:e3:d9:1c:c4:8d:fd:69:8a:
45:83:13:67:93:e8:bd:31:33:47:bc:08:52:8c:f5:
cc:cb:b7:12:97:06:7e:c2:90:8e:cf:bf:4f:77:3d:
4c:ac:09:10:cd:09:2a:64:c8:02:1e:bc:ec:6c:17:
bc:2f:93:88:22:19:d6:db:3b:6f:b7:51:6b:45:ef:
5e:9d:a6:af:f3:86:1f:b5:13:d2:cf:bc:6a:5f:d7:
55:e6:3b:31:aa:a2:40:66:e7:60:a5:0b:10:51:f0:
c2:be:15:99:30:6b:64:ee:7b:05:fd:51:63:e0:2e:
d6:fd:1e:2e:21:bd:17:6c:56:78:98:2e:2a:77:c8:
e1:43:12:0b:88:f9:bb:49:d0:a9:21:67:fa:05:0e:
d8:b2:49:ad:af:95:c1:7e:a7:ca:5c:a0:68:4e:c7:
95:b9:83:a0:c9:bc:07:97:db:98:9b:49:8d:19:f0:
7c:02:58:9b:46:f6:43:0d:a0:c1:73:9a:8e:cc:b7:
5f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:5D:55:2A:01:42:ED:CB:07:9C:DF:D6:1A:19:31:58:AA:E6:73:61
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/ZV1VKgFC7csHnN_WGhkxWKrmc2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.62.237.0/24
170.62.239.0/24
170.62.244.0/23
193.142.58.0/24
Signature Algorithm: sha256WithRSAEncryption
d7:e0:14:e0:98:15:87:56:a6:8a:b5:1e:3a:f0:90:95:72:a0:
08:75:fd:e3:ae:52:ac:15:05:71:bc:52:02:45:a4:31:51:8d:
28:4c:a9:df:49:20:55:1d:01:1a:7f:23:e7:e2:be:a6:33:5d:
3f:9f:80:e6:13:92:38:f0:58:aa:12:4c:46:8a:24:50:aa:02:
89:66:5f:3e:6c:9c:3b:20:a1:43:a6:a7:89:da:17:ab:9a:f5:
b2:e7:db:6c:63:73:2f:2d:1d:ff:03:65:af:0d:f4:e9:40:55:
4c:68:d6:ca:c2:d5:4b:d1:05:16:4a:6a:08:8d:63:52:3d:33:
31:6f:93:3a:18:df:f1:b9:00:c6:4a:bb:e1:dc:f0:6d:73:99:
1e:c1:7d:d1:a2:f5:3a:3d:30:7b:cb:b1:04:b6:c6:83:2b:72:
14:50:5a:a1:3d:6d:3e:90:e6:9b:69:c5:cf:63:16:77:1c:43:
f7:bc:80:1e:b1:9a:6a:b9:97:f6:5e:67:d3:ef:51:e0:c7:d1:
54:dd:9a:9c:15:cd:6a:91:b5:1b:d7:30:60:00:fd:a7:5d:b6:
ea:23:a0:05:da:91:35:f3:c2:86:18:18:b1:ec:90:be:d5:46:
29:43:0c:c2:28:b7:d4:69:d2:85:07:23:36:71:5b:86:06:12:
fe:86:5b:62
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZXcuQ11KooWEw/RORZZ+W7LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMzI4MTIyNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTVkNTUyYTAxNDJlZGNiMDc5Y2RmZDYxYTE5MzE1OGFhZTY3MzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUkJ3JkfmIZrfvknMn37Aq/pP1qN
jrZq8hyuDNJ+cASX651bKk8FhzEOIci8ldTTuCEUNt05jdx8wLPhT3/mBvvf49kc
xI39aYpFgxNnk+i9MTNHvAhSjPXMy7cSlwZ+wpCOz79Pdz1MrAkQzQkqZMgCHrzs
bBe8L5OIIhnW2ztvt1FrRe9enaav84YftRPSz7xqX9dV5jsxqqJAZudgpQsQUfDC
vhWZMGtk7nsF/VFj4C7W/R4uIb0XbFZ4mC4qd8jhQxILiPm7SdCpIWf6BQ7Yskmt
r5XBfqfKXKBoTseVuYOgybwHl9uYm0mNGfB8AlibRvZDDaDBc5qOzLdfQQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGVdVSoBQu3LB5zf1hoZMViq5nNhMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvWlYxVktnRkM3Y3NIbk5fV0doa3hXS3JtYzJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAqj7tAwQA
qj7vAwQBqj70AwQAwY46MA0GCSqGSIb3DQEBCwUAA4IBAQDX4BTgmBWHVqaKtR46
8JCVcqAIdf3jrlKsFQVxvFICRaQxUY0oTKnfSSBVHQEafyPn4r6mM10/n4DmE5I4
8FiqEkxGiiRQqgKJZl8+bJw7IKFDpqeJ2hermvWy59tsY3MvLR3/A2WvDfTpQFVM
aNbKwtVL0QUWSmoIjWNSPTMxb5M6GN/xuQDGSrvh3PBtc5kewX3RovU6PTB7y7EE
tsaDK3IUUFqhPW0+kOabacXPYxZ3HEP3vIAesZpquZf2XmfT71Hgx9FU3ZqcFc1q
kbUb1zBgAP2nXbbqI6AF2pE188KGGBix7JC+1UYpQwzCKLfUadKFByM2cVuGBhL+
hlti
-----END CERTIFICATE-----
Generated at Fri Apr 11 22:35:10 2025 by rpki-client