Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/zW-eicyl1F7YksM7aopvBRY4AX8.roa
File: zW-eicyl1F7YksM7aopvBRY4AX8.roa (raw, json)
Hash identifier: 883p4poTJkyaG5Ib4YmTzesRaNw4p8khXMn9rhGdMIE=
Subject key identifier: CD:6F:9E:89:CC:A5:D4:5E:D8:92:C3:3B:6A:8A:6F:05:16:38:01:7F
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0194ACE3EF6629F4E7B48A41E5FA50955BA3
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/zW-eicyl1F7YksM7aopvBRY4AX8.roa
Signing time: Tue 28 Jan 2025 12:30:06 +0000
ROA not before: Tue 28 Jan 2025 12:30:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25198
IP address blocks: 194.85.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Feb 2025 08:09:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ac:e3:ef:66:29:f4:e7:b4:8a:41:e5:fa:50:95:5b:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 28 12:30:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd6f9e89cca5d45ed892c33b6a8a6f051638017f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2e:d7:c3:e8:5a:64:21:4a:32:78:1d:87:ff:
74:f6:e9:44:d1:ff:a7:db:68:a7:64:b1:1b:54:c3:
29:1a:3d:55:ba:39:e2:59:4b:51:78:80:45:33:0f:
e6:1f:cb:7d:79:eb:9a:db:bd:a4:51:75:de:9b:fe:
1a:44:d5:57:99:d5:4f:92:6e:80:ea:00:56:c1:36:
9c:4d:14:e5:47:da:f9:24:c1:41:22:35:3c:cc:c7:
e1:f6:d2:4f:b2:84:31:ce:70:ba:e5:71:a3:bb:05:
88:22:74:95:ea:c5:97:35:33:7c:a8:39:ec:50:99:
da:32:45:b5:2f:70:ae:8a:d7:60:db:50:3f:f2:42:
f4:0f:f2:48:6f:af:b1:1e:50:62:ec:3b:0c:8e:c3:
a2:df:4c:50:e5:fb:99:9b:3f:5a:4d:b7:af:80:d7:
21:2f:ef:6e:1d:f3:59:23:86:f4:4d:ff:3d:d2:d2:
d3:af:2f:53:08:f6:c7:2c:fa:a0:a0:c5:a8:16:c5:
4e:ab:ad:b0:03:fd:63:67:96:58:9e:e7:d3:12:68:
d0:c8:86:0a:e4:0d:2e:43:75:3d:3c:83:de:d1:94:
ea:28:3f:8a:b0:2a:88:f9:3b:1e:61:06:54:52:44:
05:75:18:8f:b9:3c:05:53:4e:ef:ab:96:44:6d:4b:
0b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:6F:9E:89:CC:A5:D4:5E:D8:92:C3:3B:6A:8A:6F:05:16:38:01:7F
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/zW-eicyl1F7YksM7aopvBRY4AX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.85.249.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:82:50:b4:59:d7:ce:8f:a5:1b:9b:3e:73:f3:7c:8e:c4:c8:
a5:87:d5:27:df:b1:c9:f5:cd:38:b8:47:16:22:49:dd:43:71:
f7:4a:86:05:7f:a0:71:37:96:34:6e:51:ad:a8:ee:8a:f9:6b:
eb:c0:d7:3f:8a:00:c2:9c:b9:bd:49:6b:40:5d:f8:a3:d7:dd:
d3:73:de:54:5d:19:55:6f:91:df:fe:ce:cb:73:87:a3:20:5a:
6d:05:9b:d7:18:fc:d8:fc:20:5d:8c:11:05:e4:42:71:f9:6a:
1c:08:e8:da:68:74:78:20:5e:34:74:e6:a8:a8:b0:9f:2a:06:
69:ce:62:01:a6:e0:0f:4a:91:7a:70:bf:73:e6:b3:1d:cd:6e:
96:72:ca:86:b1:6b:49:a2:c5:62:18:26:c5:65:ab:0a:4a:f5:
0b:11:7f:ba:1f:5f:d0:6b:64:3f:a2:f3:13:84:15:6f:2a:32:
91:e2:10:b4:c4:85:51:e7:04:73:ae:fe:48:c2:71:90:6e:35:
9e:0a:e6:b0:e2:81:29:5a:f8:89:dd:3e:60:12:63:83:72:a8:
1a:af:e6:56:c0:94:a8:0f:cd:64:00:38:b3:4b:cf:51:d8:a8:
2c:4d:49:75:ab:78:46:96:aa:06:79:bb:c3:4a:b0:27:d5:cd:
29:ad:fb:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSs4+9mKfTntIpB5fpQlVujMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMTI4MTIzMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDZmOWU4OWNjYTVkNDVlZDg5MmMzM2I2YThhNmYwNTE2MzgwMTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqS7Xw+haZCFKMngdh/909ulE0f+n
22inZLEbVMMpGj1VujniWUtReIBFMw/mH8t9eeua272kUXXem/4aRNVXmdVPkm6A
6gBWwTacTRTlR9r5JMFBIjU8zMfh9tJPsoQxznC65XGjuwWIInSV6sWXNTN8qDns
UJnaMkW1L3Cuitdg21A/8kL0D/JIb6+xHlBi7DsMjsOi30xQ5fuZmz9aTbevgNch
L+9uHfNZI4b0Tf890tLTry9TCPbHLPqgoMWoFsVOq62wA/1jZ5ZYnufTEmjQyIYK
5A0uQ3U9PIPe0ZTqKD+KsCqI+TseYQZUUkQFdRiPuTwFU07vq5ZEbUsLBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM1vnonMpdRe2JLDO2qKbwUWOAF/MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvelctZWljeWwxRjdZa3NNN2FvcHZCUlk0QVg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlX5MA0G
CSqGSIb3DQEBCwUAA4IBAQB8glC0WdfOj6Ubmz5z83yOxMilh9Un37HJ9c04uEcW
IkndQ3H3SoYFf6BxN5Y0blGtqO6K+WvrwNc/igDCnLm9SWtAXfij193Tc95UXRlV
b5Hf/s7Lc4ejIFptBZvXGPzY/CBdjBEF5EJx+WocCOjaaHR4IF40dOaoqLCfKgZp
zmIBpuAPSpF6cL9z5rMdzW6WcsqGsWtJosViGCbFZasKSvULEX+6H1/Qa2Q/ovMT
hBVvKjKR4hC0xIVR5wRzrv5IwnGQbjWeCuaw4oEpWviJ3T5gEmODcqgar+ZWwJSo
D81kADizS89R2KgsTUl1q3hGlqoGebvDSrAn1c0prft3
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:42:41 2025 by rpki-client