Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/014f47-628b-4fb8-b344-a409e22a243e/1/nMov1z5_Pxq1_FzcwxrSybVeCS0.roa
File: nMov1z5_Pxq1_FzcwxrSybVeCS0.roa (raw, json)
Hash identifier: u16LGenpgRVurO+eS6aSavvc08vesAxrMEpB59NmCAY=
Subject key identifier: 9C:CA:2F:D7:3E:7F:3F:1A:B5:FC:5C:DC:C3:1A:D2:C9:B5:5E:09:2D
Certificate issuer: /CN=70a76929cbe21cedd94c012ba58bb0b6f129722e
Certificate serial: 01942444A550E4D9A75D352DA764D9533A76
Authority key identifier: 70:A7:69:29:CB:E2:1C:ED:D9:4C:01:2B:A5:8B:B0:B6:F1:29:72:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cKdpKcviHO3ZTAErpYuwtvEpci4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/014f47-628b-4fb8-b344-a409e22a243e/1/nMov1z5_Pxq1_FzcwxrSybVeCS0.roa
Signing time: Wed 01 Jan 2025 23:47:46 +0000
ROA not before: Wed 01 Jan 2025 23:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60785
IP address blocks: 185.25.224.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:24:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:a5:50:e4:d9:a7:5d:35:2d:a7:64:d9:53:3a:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70a76929cbe21cedd94c012ba58bb0b6f129722e
Validity
Not Before: Jan 1 23:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9cca2fd73e7f3f1ab5fc5cdcc31ad2c9b55e092d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a7:f9:75:a1:21:97:1b:6f:25:48:83:55:05:
c7:c0:16:94:46:e9:c0:2b:e0:06:49:1c:19:c1:6d:
49:35:0a:e0:ca:56:3a:da:70:8e:6d:a8:b1:08:31:
90:85:b0:2d:cb:96:c8:fd:0c:c7:ac:54:5f:e9:de:
22:4b:85:10:b9:76:8d:ca:97:3a:df:14:e1:eb:0f:
db:39:85:fe:64:ea:eb:1a:f4:9c:60:0f:38:98:a4:
8f:fb:e1:be:3f:ea:a0:35:2f:2a:6a:80:50:3c:2e:
6b:13:b7:3c:6c:35:8e:2f:4e:bd:37:ae:e0:79:94:
0e:c8:28:e0:3b:f8:5b:ee:7b:67:a6:f0:5d:1a:ef:
da:97:fe:bb:f6:65:9f:16:c3:93:37:95:02:3d:51:
ab:91:fc:ba:65:17:af:fa:43:08:86:90:75:de:47:
62:a3:ce:54:b8:0e:60:6d:52:21:2e:9b:c0:e9:05:
7f:db:db:e8:86:70:f0:ef:a4:ed:04:67:82:ec:d8:
33:cd:b6:10:82:9a:a2:6c:f2:45:71:f9:68:48:b1:
78:bf:cb:06:fb:5f:0d:c2:86:f7:bd:6d:97:85:a2:
ad:b5:4a:bb:e1:9a:34:15:2c:91:b6:c0:f4:81:62:
57:d7:66:52:55:3d:96:26:55:58:2c:0c:bd:43:bb:
6f:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:CA:2F:D7:3E:7F:3F:1A:B5:FC:5C:DC:C3:1A:D2:C9:B5:5E:09:2D
X509v3 Authority Key Identifier:
keyid:70:A7:69:29:CB:E2:1C:ED:D9:4C:01:2B:A5:8B:B0:B6:F1:29:72:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cKdpKcviHO3ZTAErpYuwtvEpci4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/014f47-628b-4fb8-b344-a409e22a243e/1/nMov1z5_Pxq1_FzcwxrSybVeCS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/014f47-628b-4fb8-b344-a409e22a243e/1/cKdpKcviHO3ZTAErpYuwtvEpci4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.224.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:d1:d0:b7:cb:b3:47:84:dd:df:f6:71:db:02:2a:b4:e6:6c:
91:2f:30:f6:78:2c:d4:41:1e:ef:e7:8c:55:7b:a7:2b:d7:5e:
01:dc:22:10:b7:67:00:44:55:0f:8f:7f:97:60:d9:40:03:1a:
9f:ec:77:72:5b:b9:6a:12:f9:57:95:73:b5:40:98:f4:0e:81:
9f:82:db:12:6c:97:08:33:70:79:f7:59:3c:4c:ea:cd:02:54:
74:93:c7:76:75:12:31:18:67:25:b7:02:1e:bc:08:13:74:7e:
8c:ed:7f:2d:95:c4:69:00:9d:7f:b3:a8:38:e6:3a:a3:6f:fd:
c5:25:65:46:f2:45:34:95:5a:30:4a:ef:98:fd:80:26:ee:7e:
9b:56:b3:95:b3:13:fc:f7:47:0f:0c:56:2d:0c:84:ef:03:0d:
fb:bf:13:7f:31:bf:6c:b6:cd:9d:c5:cc:39:4f:ed:84:74:43:
20:58:d3:21:35:40:72:00:71:11:36:90:ab:ec:68:a4:31:6f:
10:4a:23:55:44:f3:65:88:be:9c:95:6e:e3:c2:3a:3b:67:b4:
3c:b1:99:24:d8:88:76:1e:ca:25:17:fa:27:16:79:36:14:b1:
7e:e9:2a:6b:d4:88:1a:43:35:e8:6c:f8:9d:a4:a9:e5:d7:22:
e0:e3:32:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRKVQ5NmnXTUtp2TZUzp2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYTc2OTI5Y2JlMjFjZWRkOTRjMDEyYmE1OGJiMGI2ZjEy
OTcyMmUwHhcNMjUwMTAxMjM0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2NhMmZkNzNlN2YzZjFhYjVmYzVjZGNjMzFhZDJjOWI1NWUwOTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6f5daEhlxtvJUiDVQXHwBaURunA
K+AGSRwZwW1JNQrgylY62nCObaixCDGQhbAty5bI/QzHrFRf6d4iS4UQuXaNypc6
3xTh6w/bOYX+ZOrrGvScYA84mKSP++G+P+qgNS8qaoBQPC5rE7c8bDWOL069N67g
eZQOyCjgO/hb7ntnpvBdGu/al/679mWfFsOTN5UCPVGrkfy6ZRev+kMIhpB13kdi
o85UuA5gbVIhLpvA6QV/29vohnDw76TtBGeC7NgzzbYQgpqibPJFcfloSLF4v8sG
+18Nwob3vW2XhaKttUq74Zo0FSyRtsD0gWJX12ZSVT2WJlVYLAy9Q7tvNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJzKL9c+fz8atfxc3MMa0sm1XgktMB8GA1UdIwQY
MBaAFHCnaSnL4hzt2UwBK6WLsLbxKXIuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0tkcEtjdmlITzNaVEFFcnBZdXd0dkVwY2k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8wMTRmNDctNjI4Yi00ZmI4LWIzNDQt
YTQwOWUyMmEyNDNlLzEvbk1vdjF6NV9QeHExX0Z6Y3d4clN5YlZlQ1MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8wMTRmNDctNjI4Yi00ZmI4LWIzNDQtYTQwOWUyMmEyNDNl
LzEvY0tkcEtjdmlITzNaVEFFcnBZdXd0dkVwY2k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRngMA0G
CSqGSIb3DQEBCwUAA4IBAQB60dC3y7NHhN3f9nHbAiq05myRLzD2eCzUQR7v54xV
e6cr114B3CIQt2cARFUPj3+XYNlAAxqf7HdyW7lqEvlXlXO1QJj0DoGfgtsSbJcI
M3B591k8TOrNAlR0k8d2dRIxGGcltwIevAgTdH6M7X8tlcRpAJ1/s6g45jqjb/3F
JWVG8kU0lVowSu+Y/YAm7n6bVrOVsxP890cPDFYtDITvAw37vxN/Mb9sts2dxcw5
T+2EdEMgWNMhNUByAHERNpCr7GikMW8QSiNVRPNliL6clW7jwjo7Z7Q8sZkk2Ih2
HsolF/onFnk2FLF+6Spr1IgaQzXobPidpKnl1yLg4zIA
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:35:28 2025 by rpki-client