Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/r83frH9BGawBfgK_JTraObeU-zo.roa
File: r83frH9BGawBfgK_JTraObeU-zo.roa (raw, json)
Hash identifier: YzmQi6VVqJNva4JyYk63p97vdlqbBP33buJRICw6l0M=
Subject key identifier: AF:CD:DF:AC:7F:41:19:AC:01:7E:02:BF:25:3A:DA:39:B7:94:FB:3A
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 019425FCD980CB120E136B94C1B08D019459
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/r83frH9BGawBfgK_JTraObeU-zo.roa
Signing time: Thu 02 Jan 2025 07:48:35 +0000
ROA not before: Thu 02 Jan 2025 07:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 185.52.136.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Jan 2025 01:08:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:d9:80:cb:12:0e:13:6b:94:c1:b0:8d:01:94:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 2 07:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=afcddfac7f4119ac017e02bf253ada39b794fb3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:45:42:29:e7:f3:28:4e:51:a9:88:67:78:27:
dc:92:57:6c:2d:c1:a4:bc:15:36:4c:ae:23:70:68:
f6:bc:64:5d:03:91:58:0a:d7:49:65:fa:80:fe:83:
2a:b8:10:c9:14:b9:0a:7e:09:87:b3:a0:3a:50:24:
2a:1d:32:aa:d5:36:0a:98:bf:0c:78:c8:d4:4e:e4:
b8:44:0b:d9:b5:c8:96:b6:8a:57:5d:ec:07:c6:df:
49:d7:03:32:8c:51:42:b8:fc:03:38:a4:b7:a0:8c:
2e:3b:92:b8:5f:54:86:70:d0:cd:24:36:bf:f8:04:
b2:fe:01:8a:02:17:0c:a9:a0:13:e1:7f:6f:47:bb:
9d:a4:3c:6f:16:63:6e:7c:25:51:86:66:88:ff:00:
ee:6f:e2:e2:a8:f4:a1:a7:eb:f7:01:27:4d:b6:06:
03:85:70:86:3b:60:cc:8a:d0:d1:83:54:d1:92:17:
af:5c:d3:69:6a:6e:2c:92:ac:0c:29:5e:a8:df:5d:
79:37:69:8f:7f:9f:0d:04:5b:d3:52:47:62:40:98:
6f:cd:49:e3:48:5a:08:1c:5f:fa:1d:8c:9c:82:c4:
f2:6d:c2:cb:71:c7:04:41:06:fd:29:a9:27:d5:f3:
8c:24:be:d8:76:ae:36:b1:26:30:9f:bc:87:61:b7:
c2:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:CD:DF:AC:7F:41:19:AC:01:7E:02:BF:25:3A:DA:39:B7:94:FB:3A
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/r83frH9BGawBfgK_JTraObeU-zo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.136.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:ba:7c:23:5a:51:bb:1c:9a:a0:8a:bf:9d:7e:22:21:f5:79:
fe:41:24:05:c0:00:da:1e:32:27:1b:88:1c:7e:ad:1c:66:f3:
1f:7a:71:18:e3:04:7b:0c:3a:77:df:14:87:9c:42:27:d7:ec:
f5:37:1d:01:29:fb:70:bc:53:dd:d0:8c:e0:82:a4:f0:a5:65:
37:77:31:36:08:8c:9e:d6:c4:2e:95:3d:34:b4:e4:7c:b0:2f:
3a:39:e4:c8:b4:46:eb:bc:90:62:9a:8a:cd:a1:77:cc:2a:e6:
57:e2:c6:a8:4b:9c:e3:28:c9:8f:c4:4a:05:40:ae:c4:4b:71:
e7:4c:90:fb:5d:5b:6a:62:f5:63:16:99:29:ff:b8:f6:27:27:
a2:2d:80:62:0a:a1:34:77:62:9e:64:80:97:19:a2:b6:e7:cb:
be:03:08:dd:2d:22:2b:1e:16:76:fe:45:3f:ad:77:04:fa:0a:
1b:7a:b5:22:fb:0b:4d:4a:9a:3e:67:e2:25:cb:99:52:8b:69:
87:f8:2d:fb:23:c3:95:b0:ee:ee:9a:3a:02:25:2c:f3:a9:1f:
93:bc:7e:b7:0a:1e:14:a4:e2:37:bf:43:34:2f:19:98:e5:6c:
2f:24:75:7b:3f:e6:23:79:22:b5:02:26:2f:8b:09:9e:cf:33:
ff:0f:71:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/NmAyxIOE2uUwbCNAZRZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwMTAyMDc0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmNkZGZhYzdmNDExOWFjMDE3ZTAyYmYyNTNhZGEzOWI3OTRmYjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkVCKefzKE5RqYhneCfckldsLcGk
vBU2TK4jcGj2vGRdA5FYCtdJZfqA/oMquBDJFLkKfgmHs6A6UCQqHTKq1TYKmL8M
eMjUTuS4RAvZtciWtopXXewHxt9J1wMyjFFCuPwDOKS3oIwuO5K4X1SGcNDNJDa/
+ASy/gGKAhcMqaAT4X9vR7udpDxvFmNufCVRhmaI/wDub+LiqPShp+v3ASdNtgYD
hXCGO2DMitDRg1TRkhevXNNpam4skqwMKV6o3115N2mPf58NBFvTUkdiQJhvzUnj
SFoIHF/6HYycgsTybcLLcccEQQb9Kakn1fOMJL7Ydq42sSYwn7yHYbfCLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK/N36x/QRmsAX4CvyU62jm3lPs6MB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvcjgzZnJIOUJHYXdCZmdLX0pUcmFPYmVVLXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTSIMA0G
CSqGSIb3DQEBCwUAA4IBAQCOunwjWlG7HJqgir+dfiIh9Xn+QSQFwADaHjInG4gc
fq0cZvMfenEY4wR7DDp33xSHnEIn1+z1Nx0BKftwvFPd0IzggqTwpWU3dzE2CIye
1sQulT00tOR8sC86OeTItEbrvJBimorNoXfMKuZX4saoS5zjKMmPxEoFQK7ES3Hn
TJD7XVtqYvVjFpkp/7j2JyeiLYBiCqE0d2KeZICXGaK258u+AwjdLSIrHhZ2/kU/
rXcE+goberUi+wtNSpo+Z+Ily5lSi2mH+C37I8OVsO7umjoCJSzzqR+TvH63Ch4U
pOI3v0M0LxmY5WwvJHV7P+YjeSK1AiYviwmezzP/D3Hn
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:34:00 2025 by rpki-client