Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/f96900-cf17-41f5-ae28-2b00ea32937b/1/KlmZ0q_JL_OpKC1g8F_0nPHhr0I.roa
File: KlmZ0q_JL_OpKC1g8F_0nPHhr0I.roa (raw, json)
Hash identifier: 72L8ay1WOVq8oWVDrVppH01E7uPGB9xCY041o7Eiw8M=
Subject key identifier: 2A:59:99:D2:AF:C9:2F:F3:A9:28:2D:60:F0:5F:F4:9C:F1:E1:AF:42
Certificate issuer: /CN=ff32d6463621b13f78e530d144feac023e1e4582
Certificate serial: 01947B4E267341883F513251B20A85EE75CF
Authority key identifier: FF:32:D6:46:36:21:B1:3F:78:E5:30:D1:44:FE:AC:02:3E:1E:45:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_zLWRjYhsT945TDRRP6sAj4eRYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/f96900-cf17-41f5-ae28-2b00ea32937b/1/KlmZ0q_JL_OpKC1g8F_0nPHhr0I.roa
Signing time: Sat 18 Jan 2025 21:25:06 +0000
ROA not before: Sat 18 Jan 2025 21:25:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62425
IP address blocks: 185.84.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Jan 2025 19:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:7b:4e:26:73:41:88:3f:51:32:51:b2:0a:85:ee:75:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff32d6463621b13f78e530d144feac023e1e4582
Validity
Not Before: Jan 18 21:25:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a5999d2afc92ff3a9282d60f05ff49cf1e1af42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:2c:e1:f7:6e:0a:63:cc:b1:33:f4:29:a4:bb:
df:97:ac:37:46:8a:c3:85:5d:f4:1b:a6:63:5c:a7:
27:de:e0:05:92:f3:37:de:04:9a:31:91:14:32:90:
be:8c:36:54:34:74:65:25:26:f1:72:92:02:c2:7e:
13:fb:ca:2f:58:33:44:73:87:0e:75:ac:be:e0:05:
4f:e6:35:97:0b:ac:f8:b7:12:3b:6e:93:34:06:9f:
2e:a4:5e:c3:5a:5a:b6:71:27:66:bc:83:3e:20:d0:
71:21:96:f6:71:a8:49:21:dd:fa:2b:ca:4c:46:58:
58:13:50:0b:54:71:0b:15:b6:d3:95:62:46:00:50:
fc:6a:da:a6:ea:a3:11:c1:96:30:ce:d3:83:c1:05:
99:a5:bb:07:fd:68:29:a3:ad:a6:bd:4e:04:2c:bd:
5d:3f:94:ec:9b:f8:b7:e6:3a:f4:cd:e3:1e:eb:37:
81:cc:98:42:8a:df:9f:df:66:28:f1:98:b4:17:7f:
68:9b:2a:1b:e3:83:f5:40:5d:21:a4:8c:70:14:03:
b5:97:4c:1c:67:07:03:56:0c:be:01:5b:71:82:fb:
85:a3:8a:93:70:61:7a:57:a5:a7:f8:e9:3c:59:a5:
88:30:49:75:e8:71:49:3a:7c:b5:d5:80:c3:1b:ea:
f7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:59:99:D2:AF:C9:2F:F3:A9:28:2D:60:F0:5F:F4:9C:F1:E1:AF:42
X509v3 Authority Key Identifier:
keyid:FF:32:D6:46:36:21:B1:3F:78:E5:30:D1:44:FE:AC:02:3E:1E:45:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_zLWRjYhsT945TDRRP6sAj4eRYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/f96900-cf17-41f5-ae28-2b00ea32937b/1/KlmZ0q_JL_OpKC1g8F_0nPHhr0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/f96900-cf17-41f5-ae28-2b00ea32937b/1/_zLWRjYhsT945TDRRP6sAj4eRYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.158.0/24
Signature Algorithm: sha256WithRSAEncryption
15:a1:51:d9:5f:74:74:43:31:c2:32:2c:61:5a:fc:e1:2e:8e:
37:b3:ed:3c:dd:b3:33:8c:9f:c7:36:8a:18:e1:c7:b2:76:51:
91:a2:0b:b0:09:1a:3f:39:26:80:7b:e1:57:69:01:58:ae:0f:
11:85:4f:2f:d0:94:4f:3c:d8:4e:9e:a4:ae:b2:6e:8a:c2:3e:
f4:fd:4e:75:8f:f4:bf:dd:78:3c:dd:b5:ba:2c:cb:16:9e:fd:
aa:a1:c1:28:31:df:ff:c9:8d:55:fa:71:2d:7e:df:e5:73:49:
69:67:d3:f8:0b:80:4d:61:d8:84:9c:76:83:8b:0f:f5:a1:9e:
59:8a:55:f4:9b:ed:f2:cf:6d:f2:77:98:e0:58:7b:28:15:0a:
79:b0:05:d5:6f:44:51:73:65:16:ec:55:a6:61:5c:c2:57:a5:
e0:30:e5:23:08:45:29:60:9c:f8:27:50:07:e5:95:43:e4:b3:
af:7f:04:25:21:58:93:c8:57:c2:40:02:5a:45:ea:f8:39:d0:
84:b7:5b:b3:06:7e:df:99:e4:6c:e6:bd:c4:5e:86:36:0a:d8:
88:b5:45:12:c6:81:59:9a:bd:3e:0a:64:68:99:9f:1c:cb:40:
59:d6:f4:1e:00:c3:8b:cd:49:02:30:1f:9d:19:c7:d6:be:bd:
59:1d:f9:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZR7TiZzQYg/UTJRsgqF7nXPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMzJkNjQ2MzYyMWIxM2Y3OGU1MzBkMTQ0ZmVhYzAyM2Ux
ZTQ1ODIwHhcNMjUwMTE4MjEyNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTU5OTlkMmFmYzkyZmYzYTkyODJkNjBmMDVmZjQ5Y2YxZTFhZjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSzh924KY8yxM/QppLvfl6w3RorD
hV30G6ZjXKcn3uAFkvM33gSaMZEUMpC+jDZUNHRlJSbxcpICwn4T+8ovWDNEc4cO
day+4AVP5jWXC6z4txI7bpM0Bp8upF7DWlq2cSdmvIM+INBxIZb2cahJId36K8pM
RlhYE1ALVHELFbbTlWJGAFD8atqm6qMRwZYwztODwQWZpbsH/Wgpo62mvU4ELL1d
P5Tsm/i35jr0zeMe6zeBzJhCit+f32Yo8Zi0F39omyob44P1QF0hpIxwFAO1l0wc
ZwcDVgy+AVtxgvuFo4qTcGF6V6Wn+Ok8WaWIMEl16HFJOny11YDDG+r3AwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCpZmdKvyS/zqSgtYPBf9Jzx4a9CMB8GA1UdIwQY
MBaAFP8y1kY2IbE/eOUw0UT+rAI+HkWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3pMV1JqWWhzVDk0NVREUlJQNnNBajRlUllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9mOTY5MDAtY2YxNy00MWY1LWFlMjgt
MmIwMGVhMzI5MzdiLzEvS2xtWjBxX0pMX09wS0MxZzhGXzBuUEhocjBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9mOTY5MDAtY2YxNy00MWY1LWFlMjgtMmIwMGVhMzI5Mzdi
LzEvX3pMV1JqWWhzVDk0NVREUlJQNnNBajRlUllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVSeMA0G
CSqGSIb3DQEBCwUAA4IBAQAVoVHZX3R0QzHCMixhWvzhLo43s+083bMzjJ/HNooY
4ceydlGRoguwCRo/OSaAe+FXaQFYrg8RhU8v0JRPPNhOnqSusm6Kwj70/U51j/S/
3Xg83bW6LMsWnv2qocEoMd//yY1V+nEtft/lc0lpZ9P4C4BNYdiEnHaDiw/1oZ5Z
ilX0m+3yz23yd5jgWHsoFQp5sAXVb0RRc2UW7FWmYVzCV6XgMOUjCEUpYJz4J1AH
5ZVD5LOvfwQlIViTyFfCQAJaRer4OdCEt1uzBn7fmeRs5r3EXoY2CtiItUUSxoFZ
mr0+CmRomZ8cy0BZ1vQeAMOLzUkCMB+dGcfWvr1ZHfnj
-----END CERTIFICATE-----
Generated at Wed Apr 9 00:03:43 2025 by rpki-client