Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/71fea1-3919-42f7-9e03-e4030fa1b04a/1/Z1Jg-k5g_pli28NjTKIG0sybTWc.roa
File: Z1Jg-k5g_pli28NjTKIG0sybTWc.roa (raw, json)
Hash identifier: Ku0M3Ike5QZsEIxI4b2lq17JFFCO/SCrs8hD5t7pMZA=
Subject key identifier: 67:52:60:FA:4E:60:FE:99:62:DB:C3:63:4C:A2:06:D2:CC:9B:4D:67
Certificate issuer: /CN=2c6d66124362880f5e4c54852f8376d2b9d137f4
Certificate serial: 0194266B73D1450C6A7BB098E5A7320249C8
Authority key identifier: 2C:6D:66:12:43:62:88:0F:5E:4C:54:85:2F:83:76:D2:B9:D1:37:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LG1mEkNiiA9eTFSFL4N20rnRN_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/71fea1-3919-42f7-9e03-e4030fa1b04a/1/Z1Jg-k5g_pli28NjTKIG0sybTWc.roa
Signing time: Thu 02 Jan 2025 09:49:23 +0000
ROA not before: Thu 02 Jan 2025 09:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 32787
IP address blocks: 185.101.240.0/22 maxlen: 24
195.191.28.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Jan 2025 11:40:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:73:d1:45:0c:6a:7b:b0:98:e5:a7:32:02:49:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c6d66124362880f5e4c54852f8376d2b9d137f4
Validity
Not Before: Jan 2 09:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=675260fa4e60fe9962dbc3634ca206d2cc9b4d67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:07:33:50:0f:84:0b:ed:2b:b4:bf:ee:44:a4:
61:90:a3:1d:c3:b3:2a:a2:b1:a0:55:bb:38:d7:ce:
1c:13:66:9c:4c:6d:33:00:69:a7:1e:ab:c0:3a:6c:
6c:0a:44:f9:66:25:2d:63:23:80:c6:3b:1f:90:06:
b6:84:bd:28:01:04:13:5b:40:f2:27:b5:5b:a0:56:
3c:fa:64:ce:02:53:4b:3d:23:2b:d7:6d:92:3f:17:
92:7d:5f:94:85:24:90:7c:58:b3:65:73:46:e5:14:
5b:69:e2:47:36:e3:d3:be:11:23:98:e6:73:4d:81:
c8:41:ce:98:90:6a:e3:fb:b3:5a:64:c2:48:bc:61:
31:2e:a2:48:53:cb:1d:96:e4:50:f6:fb:47:b5:cb:
d4:cd:97:b0:77:0a:af:d4:d5:b7:11:08:f3:96:cf:
4c:7a:e5:f1:7f:73:f9:c0:8e:43:e5:4a:64:92:27:
12:ff:74:a1:ba:7b:14:9c:26:0c:c4:3f:ba:7a:b0:
3a:cf:76:59:07:81:a4:90:34:c7:38:75:b9:b3:a5:
10:5a:70:10:49:6b:c3:9a:27:08:2a:e0:c1:db:4f:
eb:81:88:68:4b:53:2d:34:eb:09:f4:5d:90:ab:0a:
5c:d3:a5:63:83:3b:59:77:0a:00:e8:17:56:e8:25:
6e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:52:60:FA:4E:60:FE:99:62:DB:C3:63:4C:A2:06:D2:CC:9B:4D:67
X509v3 Authority Key Identifier:
keyid:2C:6D:66:12:43:62:88:0F:5E:4C:54:85:2F:83:76:D2:B9:D1:37:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LG1mEkNiiA9eTFSFL4N20rnRN_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/71fea1-3919-42f7-9e03-e4030fa1b04a/1/Z1Jg-k5g_pli28NjTKIG0sybTWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/71fea1-3919-42f7-9e03-e4030fa1b04a/1/LG1mEkNiiA9eTFSFL4N20rnRN_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.240.0/22
195.191.28.0/23
Signature Algorithm: sha256WithRSAEncryption
be:28:90:b0:25:9f:aa:7e:cb:93:54:16:d9:bf:af:d1:55:d6:
d9:25:1b:5c:5c:3f:07:75:5d:14:02:e6:03:7e:c0:ac:1c:dd:
ac:ae:59:f3:f9:ff:0e:c3:62:a4:48:1d:4e:ea:2e:5c:2f:d0:
18:31:fd:40:48:ea:5e:ce:ae:d3:a0:69:28:18:d3:ab:3e:58:
b0:54:06:9a:ee:bd:17:7a:00:73:71:c1:01:71:f7:0e:d0:71:
1f:68:48:4f:10:af:92:28:1f:dc:f4:83:17:e6:0f:69:ff:f3:
4b:53:a1:af:9f:5b:91:15:10:83:9e:3b:84:7b:b5:c4:79:28:
f1:fc:af:3d:04:40:bf:1a:45:2f:96:83:c7:00:a2:e5:2f:db:
cb:de:2a:e2:4d:1f:00:01:1f:42:30:53:74:a2:b9:11:20:e3:
ab:43:0c:b3:9f:34:c2:39:00:20:ad:45:0c:29:16:41:d2:09:
95:a3:6b:2f:ab:89:cc:1e:ea:5b:c0:08:4e:f5:18:8b:08:bc:
8b:cd:0d:10:2b:c9:c3:22:b4:8e:78:53:94:cf:40:2f:3f:c5:
00:9f:42:de:f8:fe:ee:bd:d3:14:6f:34:3b:83:db:e2:dd:18:
8d:e0:fa:67:9d:9b:67:ef:af:1a:67:d2:b8:c1:01:98:53:a4:
a7:ee:74:f2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQma3PRRQxqe7CY5acyAknIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNmQ2NjEyNDM2Mjg4MGY1ZTRjNTQ4NTJmODM3NmQyYjlk
MTM3ZjQwHhcNMjUwMTAyMDk0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzUyNjBmYTRlNjBmZTk5NjJkYmMzNjM0Y2EyMDZkMmNjOWI0ZDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAczUA+EC+0rtL/uRKRhkKMdw7Mq
orGgVbs4184cE2acTG0zAGmnHqvAOmxsCkT5ZiUtYyOAxjsfkAa2hL0oAQQTW0Dy
J7VboFY8+mTOAlNLPSMr122SPxeSfV+UhSSQfFizZXNG5RRbaeJHNuPTvhEjmOZz
TYHIQc6YkGrj+7NaZMJIvGExLqJIU8sdluRQ9vtHtcvUzZewdwqv1NW3EQjzls9M
euXxf3P5wI5D5UpkkicS/3ShunsUnCYMxD+6erA6z3ZZB4GkkDTHOHW5s6UQWnAQ
SWvDmicIKuDB20/rgYhoS1MtNOsJ9F2Qqwpc06VjgztZdwoA6BdW6CVu5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGdSYPpOYP6ZYtvDY0yiBtLMm01nMB8GA1UdIwQY
MBaAFCxtZhJDYogPXkxUhS+DdtK50Tf0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEcxbUVrTmlpQTllVEZTRkw0TjIwcm5STl9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS83MWZlYTEtMzkxOS00MmY3LTllMDMt
ZTQwMzBmYTFiMDRhLzEvWjFKZy1rNWdfcGxpMjhOalRLSUcwc3liVFdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS83MWZlYTEtMzkxOS00MmY3LTllMDMtZTQwMzBmYTFiMDRh
LzEvTEcxbUVrTmlpQTllVEZTRkw0TjIwcm5STl9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuWXwAwQB
w78cMA0GCSqGSIb3DQEBCwUAA4IBAQC+KJCwJZ+qfsuTVBbZv6/RVdbZJRtcXD8H
dV0UAuYDfsCsHN2srlnz+f8Ow2KkSB1O6i5cL9AYMf1ASOpezq7ToGkoGNOrPliw
VAaa7r0XegBzccEBcfcO0HEfaEhPEK+SKB/c9IMX5g9p//NLU6Gvn1uRFRCDnjuE
e7XEeSjx/K89BEC/GkUvloPHAKLlL9vL3iriTR8AAR9CMFN0orkRIOOrQwyznzTC
OQAgrUUMKRZB0gmVo2svq4nMHupbwAhO9RiLCLyLzQ0QK8nDIrSOeFOUz0AvP8UA
n0Le+P7uvdMUbzQ7g9vi3RiN4PpnnZtn768aZ9K4wQGYU6Sn7nTy
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:58:13 2025 by rpki-client