Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/X8O8Gq8tIbK4g9GpVxbZCa-ZENI.roa
File: X8O8Gq8tIbK4g9GpVxbZCa-ZENI.roa (raw, json)
Hash identifier: EwJmhW4ApkFCnOWARp3wUC8wqKL0YfOG5twOWr3NzAE=
Subject key identifier: 5F:C3:BC:1A:AF:2D:21:B2:B8:83:D1:A9:57:16:D9:09:AF:99:10:D2
Certificate issuer: /CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Certificate serial: 019425FDC853C48A28FF96E329F9B014FB51
Authority key identifier: 6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/X8O8Gq8tIbK4g9GpVxbZCa-ZENI.roa
Signing time: Thu 02 Jan 2025 07:49:36 +0000
ROA not before: Thu 02 Jan 2025 07:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205957
IP address blocks: 185.190.148.0/23 maxlen: 23
194.28.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Jan 2025 12:42:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:c8:53:c4:8a:28:ff:96:e3:29:f9:b0:14:fb:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Validity
Not Before: Jan 2 07:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5fc3bc1aaf2d21b2b883d1a95716d909af9910d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ed:93:74:bb:7b:01:31:20:21:3c:ca:0d:f2:
3a:44:b8:2d:8f:88:c3:f5:3e:d1:36:8b:fb:5f:b9:
2e:87:63:ae:83:f7:3a:36:bb:bf:e2:8f:1f:bf:aa:
09:5d:9a:ae:d6:37:90:28:df:90:3a:5e:0b:c3:16:
e4:21:f4:25:64:0e:4d:77:03:4c:67:07:17:6e:57:
ab:e0:db:aa:21:53:c2:bb:17:bb:83:1d:5b:a9:8d:
47:91:1c:f8:d3:56:5b:44:12:7f:e7:13:29:40:15:
37:cf:43:6b:34:c6:12:44:31:4f:fd:c4:a6:1f:e8:
53:f6:3e:e1:26:cb:17:e6:ae:bc:7b:1a:5d:e9:e1:
de:f1:85:69:83:a9:f2:47:dd:21:cd:72:29:39:a3:
e2:28:e8:29:4f:df:e5:3c:dd:d4:f3:28:69:e9:05:
aa:95:dd:50:91:76:b6:ba:cd:59:67:74:62:67:60:
b5:88:bf:20:40:83:ee:a8:55:de:9a:5e:60:f1:02:
6e:46:d0:94:8a:c8:7f:ca:2a:18:a5:08:be:4b:f1:
70:c7:5e:e0:a3:ef:e2:41:54:74:b2:11:23:6c:2f:
fe:9c:07:a3:54:c0:c0:c6:58:c9:10:d2:5e:18:5e:
da:f4:16:05:f9:a8:b2:ec:e7:bf:e1:00:3c:3d:a6:
9d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:C3:BC:1A:AF:2D:21:B2:B8:83:D1:A9:57:16:D9:09:AF:99:10:D2
X509v3 Authority Key Identifier:
keyid:6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/X8O8Gq8tIbK4g9GpVxbZCa-ZENI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.148.0/23
194.28.102.0/24
Signature Algorithm: sha256WithRSAEncryption
16:bd:3a:be:03:b8:5a:c5:ae:2d:67:9a:0c:f5:fa:60:1b:11:
1e:e9:f9:8b:bc:3a:f7:7a:6a:2d:40:2a:c5:34:a1:d0:e2:25:
30:88:11:c9:ef:62:c6:15:64:f3:52:38:4c:73:43:3a:c9:65:
a3:b5:e5:13:5f:44:0e:51:2c:43:50:72:7a:38:41:0d:bc:19:
5a:05:29:e0:ed:45:ca:64:87:31:8e:42:4a:a2:2a:a1:3a:07:
fc:42:f6:5f:5d:d2:1e:f7:86:cd:26:49:4c:11:a5:b7:0a:a9:
23:be:1a:63:2d:80:9e:e7:93:2d:a5:09:77:dd:f0:0b:b9:5d:
79:73:d9:5e:c2:5c:a9:02:88:cb:df:9f:9a:15:08:ad:f4:31:
c5:3c:0a:60:63:db:58:4b:58:10:04:ac:61:b2:08:18:6b:f2:
09:c6:1f:02:18:e8:b8:f7:84:b0:69:63:82:da:43:2f:6b:ec:
ce:0d:68:9a:20:37:c9:82:0b:a2:b5:23:bb:eb:cd:15:93:72:
8e:63:e2:0c:ca:40:bc:bb:ac:a7:60:9d:3d:e3:43:ee:be:3c:
4b:a7:b9:ef:55:4d:f9:39:ea:8d:75:ba:5e:7c:dc:87:07:71:
fd:bb:7a:9c:1f:f7:4d:86:fc:77:b2:6b:2c:6e:09:14:45:00:
ed:62:87:d9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQl/chTxIoo/5bjKfmwFPtRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZTk3Y2Y0ZDhkMGJjMTdiM2FmMWQ2MmM0ZDcxNDg4NjYx
YmQyMTIwHhcNMjUwMTAyMDc0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmMzYmMxYWFmMmQyMWIyYjg4M2QxYTk1NzE2ZDkwOWFmOTkxMGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+2TdLt7ATEgITzKDfI6RLgtj4jD
9T7RNov7X7kuh2Oug/c6Nru/4o8fv6oJXZqu1jeQKN+QOl4LwxbkIfQlZA5NdwNM
ZwcXbler4NuqIVPCuxe7gx1bqY1HkRz401ZbRBJ/5xMpQBU3z0NrNMYSRDFP/cSm
H+hT9j7hJssX5q68expd6eHe8YVpg6nyR90hzXIpOaPiKOgpT9/lPN3U8yhp6QWq
ld1QkXa2us1ZZ3RiZ2C1iL8gQIPuqFXeml5g8QJuRtCUish/yioYpQi+S/Fwx17g
o+/iQVR0shEjbC/+nAejVMDAxljJENJeGF7a9BYF+aiy7Oe/4QA8PaadvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF/DvBqvLSGyuIPRqVcW2QmvmRDSMB8GA1UdIwQY
MBaAFGzpfPTY0LwXs68dYsTXFIhmG9ISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMt
Mzk5M2FhMzI0ZTFmLzEvWDhPOEdxOHRJYks0ZzlHcFZ4YlpDYS1aRU5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMtMzk5M2FhMzI0ZTFm
LzEvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBub6UAwQA
whxmMA0GCSqGSIb3DQEBCwUAA4IBAQAWvTq+A7haxa4tZ5oM9fpgGxEe6fmLvDr3
emotQCrFNKHQ4iUwiBHJ72LGFWTzUjhMc0M6yWWjteUTX0QOUSxDUHJ6OEENvBla
BSng7UXKZIcxjkJKoiqhOgf8QvZfXdIe94bNJklMEaW3CqkjvhpjLYCe55MtpQl3
3fALuV15c9lewlypAojL35+aFQit9DHFPApgY9tYS1gQBKxhsggYa/IJxh8CGOi4
94SwaWOC2kMva+zODWiaIDfJgguitSO7680Vk3KOY+IMykC8u6ynYJ0940PuvjxL
p7nvVU35OeqNdbpefNyHB3H9u3qcH/dNhvx3smssbgkURQDtYofZ
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:19:25 2025 by rpki-client