Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/a1bd16-84b4-4612-a7f0-9c76d10ec532/1/2oz__xmONbWsRaJfOTNocB1nmMI.roa
File: 2oz__xmONbWsRaJfOTNocB1nmMI.roa (raw, json)
Hash identifier: k4oUnE57OY6iOn/BxNt8oFPRmRDoG42dL64+cO8Cjq8=
Subject key identifier: DA:8C:FF:FF:19:8E:35:B5:AC:45:A2:5F:39:33:68:70:1D:67:98:C2
Certificate issuer: /CN=6b7dfe4b68b20895ededf3a003232a979e17c38c
Certificate serial: 019669B288F476B8510F307485E04929DE3A
Authority key identifier: 6B:7D:FE:4B:68:B2:08:95:ED:ED:F3:A0:03:23:2A:97:9E:17:C3:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a33-S2iyCJXt7fOgAyMql54Xw4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/a1bd16-84b4-4612-a7f0-9c76d10ec532/1/2oz__xmONbWsRaJfOTNocB1nmMI.roa
Signing time: Thu 24 Apr 2025 21:27:10 +0000
ROA not before: Thu 24 Apr 2025 21:27:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202105
IP address blocks: 185.164.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 27 Apr 2025 06:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:69:b2:88:f4:76:b8:51:0f:30:74:85:e0:49:29:de:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b7dfe4b68b20895ededf3a003232a979e17c38c
Validity
Not Before: Apr 24 21:27:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da8cffff198e35b5ac45a25f393368701d6798c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f9:7c:8e:4b:c6:88:31:df:46:9a:0e:c3:53:
2d:8f:40:f9:8a:d0:08:d1:46:a9:66:f7:f9:cd:21:
8c:54:62:37:ea:e9:fb:b6:67:ed:8b:c2:85:ad:d4:
f2:c8:1b:dd:bb:1f:4e:29:28:b1:86:62:e2:1b:de:
b2:34:95:a0:38:44:f5:a2:ca:49:d6:71:ad:ec:cf:
61:12:a5:e8:27:dc:d3:db:2d:c6:3d:c3:07:85:83:
40:ab:8b:3d:ae:8e:a4:22:0c:68:a5:df:d5:6f:c3:
d9:14:68:64:09:63:91:cb:e3:15:6c:29:42:e5:e0:
40:10:6b:56:51:2d:78:ed:36:33:b1:bc:b1:b4:b8:
37:0b:73:9e:5b:53:31:0a:2b:ac:38:61:40:97:f2:
bf:f9:1a:f8:e7:e5:ae:3e:0f:18:0b:19:a8:63:db:
05:67:92:20:12:81:1b:e2:95:0b:9c:00:f1:56:5b:
9d:a1:db:ea:fc:3f:78:42:6c:62:fe:9e:11:33:65:
f6:03:d3:0b:35:ff:92:63:6f:80:a5:02:03:7b:7f:
cc:fe:8d:89:87:0b:31:25:38:9f:31:d2:e1:48:3e:
a0:ff:7e:12:9c:e9:1e:c2:42:32:d0:e7:e5:11:98:
b1:16:e1:c9:20:30:1f:c0:fd:62:e9:9e:d5:85:10:
19:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:8C:FF:FF:19:8E:35:B5:AC:45:A2:5F:39:33:68:70:1D:67:98:C2
X509v3 Authority Key Identifier:
keyid:6B:7D:FE:4B:68:B2:08:95:ED:ED:F3:A0:03:23:2A:97:9E:17:C3:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a33-S2iyCJXt7fOgAyMql54Xw4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/a1bd16-84b4-4612-a7f0-9c76d10ec532/1/2oz__xmONbWsRaJfOTNocB1nmMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/a1bd16-84b4-4612-a7f0-9c76d10ec532/1/a33-S2iyCJXt7fOgAyMql54Xw4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.20.0/24
Signature Algorithm: sha256WithRSAEncryption
88:fd:dc:e2:71:4e:59:d0:d1:04:9d:e9:56:6c:39:93:d7:66:
75:62:55:9c:18:27:a2:21:57:fc:1e:bb:94:89:1e:ea:18:5b:
6f:1f:b3:d6:30:b2:a1:eb:02:7d:69:04:62:be:70:b7:f7:d4:
62:7b:fd:0f:9f:83:4c:e4:c4:b4:3e:7a:05:cd:61:33:76:84:
a8:30:71:62:f1:ff:90:50:bb:0c:e6:a4:2f:4d:1c:dd:5f:06:
82:c1:b1:46:ff:de:52:7d:64:3b:7b:e2:8b:79:96:27:77:c6:
19:20:87:24:0a:09:d1:4b:7f:86:ae:79:e3:c0:e8:83:2c:9d:
cf:bd:02:e6:68:d8:52:b9:ce:87:76:9b:cd:99:2b:37:c4:5a:
1c:14:d5:46:62:95:14:e1:99:9b:dc:f8:5b:d8:0b:57:d8:81:
e9:d9:d4:6f:76:77:d7:d4:9a:e3:29:bc:ce:83:8e:c7:da:35:
8a:27:82:be:4b:77:7c:9a:04:b0:1a:a9:ee:36:e8:e9:44:4a:
1d:eb:03:14:a7:ed:39:eb:fa:c9:33:70:37:5b:59:ed:bb:05:
c4:cc:97:4b:2a:e6:8d:2f:ab:42:a5:90:e8:c9:f2:4c:1b:df:
74:cd:90:34:c9:46:3e:05:bb:1b:4a:6e:2b:cd:7f:43:f7:ce:
ad:e1:94:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZpsoj0drhRDzB0heBJKd46MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiN2RmZTRiNjhiMjA4OTVlZGVkZjNhMDAzMjMyYTk3OWUx
N2MzOGMwHhcNMjUwNDI0MjEyNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYThjZmZmZjE5OGUzNWI1YWM0NWEyNWYzOTMzNjg3MDFkNjc5OGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPl8jkvGiDHfRpoOw1Mtj0D5itAI
0UapZvf5zSGMVGI36un7tmfti8KFrdTyyBvdux9OKSixhmLiG96yNJWgOET1ospJ
1nGt7M9hEqXoJ9zT2y3GPcMHhYNAq4s9ro6kIgxopd/Vb8PZFGhkCWORy+MVbClC
5eBAEGtWUS147TYzsbyxtLg3C3OeW1MxCiusOGFAl/K/+Rr45+WuPg8YCxmoY9sF
Z5IgEoEb4pULnADxVludodvq/D94Qmxi/p4RM2X2A9MLNf+SY2+ApQIDe3/M/o2J
hwsxJTifMdLhSD6g/34SnOkewkIy0OflEZixFuHJIDAfwP1i6Z7VhRAZdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNqM//8ZjjW1rEWiXzkzaHAdZ5jCMB8GA1UdIwQY
MBaAFGt9/ktosgiV7e3zoAMjKpeeF8OMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTMzLVMyaXlDSlh0N2ZPZ0F5TXFsNTRYdzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9hMWJkMTYtODRiNC00NjEyLWE3ZjAt
OWM3NmQxMGVjNTMyLzEvMm96X194bU9OYldzUmFKZk9UTm9jQjFubU1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9hMWJkMTYtODRiNC00NjEyLWE3ZjAtOWM3NmQxMGVjNTMy
LzEvYTMzLVMyaXlDSlh0N2ZPZ0F5TXFsNTRYdzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaQUMA0G
CSqGSIb3DQEBCwUAA4IBAQCI/dzicU5Z0NEEnelWbDmT12Z1YlWcGCeiIVf8HruU
iR7qGFtvH7PWMLKh6wJ9aQRivnC399Rie/0Pn4NM5MS0PnoFzWEzdoSoMHFi8f+Q
ULsM5qQvTRzdXwaCwbFG/95SfWQ7e+KLeZYnd8YZIIckCgnRS3+GrnnjwOiDLJ3P
vQLmaNhSuc6HdpvNmSs3xFocFNVGYpUU4Zmb3Phb2AtX2IHp2dRvdnfX1JrjKbzO
g47H2jWKJ4K+S3d8mgSwGqnuNujpREod6wMUp+056/rJM3A3W1ntuwXEzJdLKuaN
L6tCpZDoyfJMG990zZA0yUY+BbsbSm4rzX9D986t4ZTo
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:38:09 2025 by rpki-client