Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/zIYp42irVHevPrtdnRuvuCpJ8Xg.roa
File: zIYp42irVHevPrtdnRuvuCpJ8Xg.roa (raw, json)
Hash identifier: j5bzuLxTnCLlwK1fSl4F8cBP1HHPcWZghqw+y+LVcvE=
Subject key identifier: CC:86:29:E3:68:AB:54:77:AF:3E:BB:5D:9D:1B:AF:B8:2A:49:F1:78
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019445E4F23690028DCB121FF63B8CB42223
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/zIYp42irVHevPrtdnRuvuCpJ8Xg.roa
Signing time: Wed 08 Jan 2025 12:30:19 +0000
ROA not before: Wed 08 Jan 2025 12:30:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200908
IP address blocks: 185.224.36.0/22 maxlen: 24
185.254.156.0/24 maxlen: 24
185.254.158.0/24 maxlen: 24
194.41.118.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Jan 2025 21:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:45:e4:f2:36:90:02:8d:cb:12:1f:f6:3b:8c:b4:22:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 8 12:30:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc8629e368ab5477af3ebb5d9d1bafb82a49f178
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:29:53:1c:48:92:99:db:c1:a5:92:a8:a7:df:
ab:89:60:67:cf:0c:0e:b0:f2:5f:af:d4:de:52:45:
6b:f5:4b:a4:ce:51:cb:f5:79:30:aa:3b:47:e1:9c:
24:49:72:00:a6:55:82:6f:07:c1:f0:70:0e:9f:55:
e3:0e:b5:26:86:79:93:9d:73:28:df:fb:23:77:f1:
7d:e8:59:c9:44:fe:af:4b:3b:4a:38:52:a0:8f:c2:
1d:e3:e7:e5:8f:3d:87:58:c2:09:c0:00:35:4e:33:
1e:20:b0:53:85:47:29:20:35:f5:17:d9:91:d6:fc:
a8:c2:fa:14:57:6c:1a:73:5a:58:4b:a1:b5:de:bb:
81:41:23:ce:23:93:56:78:7d:bc:ea:51:11:ac:c5:
4e:e6:82:51:ae:2d:cb:fe:61:ac:71:a0:0a:76:c3:
e7:b9:3e:34:dd:da:b6:68:94:b1:b5:51:e1:5b:cc:
69:64:53:06:ef:47:de:ac:ef:f8:15:9e:64:fa:d1:
d1:f1:2b:fc:0c:82:85:08:25:6e:80:e2:93:ab:39:
6f:bf:b2:1b:08:b3:89:1f:d0:1a:e8:d1:62:21:47:
f2:d1:c0:ab:97:36:cb:47:3e:c4:a6:f2:4c:72:07:
13:2c:54:0f:61:3e:76:e3:8a:1d:24:21:d0:b2:1e:
2c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:86:29:E3:68:AB:54:77:AF:3E:BB:5D:9D:1B:AF:B8:2A:49:F1:78
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/zIYp42irVHevPrtdnRuvuCpJ8Xg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.36.0/22
185.254.156.0/24
185.254.158.0/24
194.41.118.0/24
Signature Algorithm: sha256WithRSAEncryption
49:1b:b4:24:f5:a0:47:36:5e:e8:e4:d6:9b:a1:19:3f:3e:3a:
a0:cc:bf:12:94:79:2d:5b:d9:60:ce:59:c4:f1:15:ef:05:ce:
e9:90:7f:b6:95:7b:cb:78:cc:3f:cd:ed:e6:47:f4:fa:d1:9b:
b5:cb:26:17:1c:33:1d:8b:43:e8:a0:23:2a:f0:99:9b:45:83:
6b:3f:f6:36:ab:21:5e:53:86:bc:af:eb:77:57:9c:1c:1b:1e:
ae:94:e1:ff:02:38:ef:51:95:a2:0f:4c:d8:fb:51:8f:7c:56:
1b:95:88:a0:21:dd:6d:7b:6c:93:f0:87:a9:84:16:bb:a5:3f:
30:74:e5:96:00:e0:22:93:da:e1:dc:21:d8:be:c5:c1:53:97:
62:34:b8:e8:a0:c6:6c:64:0f:e9:5f:70:a9:7d:c7:a8:dd:7d:
ad:f6:1d:d2:30:96:7a:7e:de:c7:eb:ea:0d:76:a3:1f:d7:4c:
0e:f8:55:e1:c8:ee:7e:2e:42:fb:0b:e4:39:c3:98:5c:cf:3c:
2e:96:ae:c3:dc:d3:82:2f:38:43:e7:e6:51:84:07:64:80:fd:
87:5f:7b:25:a1:48:e7:39:55:90:e4:eb:a2:22:c6:44:ad:3d:
27:44:5d:5d:1b:b5:e6:79:82:51:da:88:e9:90:b0:da:81:bc:
f2:79:34:bb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZRF5PI2kAKNyxIf9juMtCIjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTA4MTIzMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzg2MjllMzY4YWI1NDc3YWYzZWJiNWQ5ZDFiYWZiODJhNDlmMTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvilTHEiSmdvBpZKop9+riWBnzwwO
sPJfr9TeUkVr9UukzlHL9XkwqjtH4ZwkSXIAplWCbwfB8HAOn1XjDrUmhnmTnXMo
3/sjd/F96FnJRP6vSztKOFKgj8Id4+fljz2HWMIJwAA1TjMeILBThUcpIDX1F9mR
1vyowvoUV2wac1pYS6G13ruBQSPOI5NWeH286lERrMVO5oJRri3L/mGscaAKdsPn
uT403dq2aJSxtVHhW8xpZFMG70ferO/4FZ5k+tHR8Sv8DIKFCCVugOKTqzlvv7Ib
CLOJH9Aa6NFiIUfy0cCrlzbLRz7EpvJMcgcTLFQPYT5244odJCHQsh4seQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMyGKeNoq1R3rz67XZ0br7gqSfF4MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEveklZcDQyaXJWSGV2UHJ0ZG5SdXZ1Q3BKOFhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCueAkAwQA
uf6cAwQAuf6eAwQAwil2MA0GCSqGSIb3DQEBCwUAA4IBAQBJG7Qk9aBHNl7o5Nab
oRk/PjqgzL8SlHktW9lgzlnE8RXvBc7pkH+2lXvLeMw/ze3mR/T60Zu1yyYXHDMd
i0PooCMq8JmbRYNrP/Y2qyFeU4a8r+t3V5wcGx6ulOH/AjjvUZWiD0zY+1GPfFYb
lYigId1te2yT8IephBa7pT8wdOWWAOAik9rh3CHYvsXBU5diNLjooMZsZA/pX3Cp
fceo3X2t9h3SMJZ6ft7H6+oNdqMf10wO+FXhyO5+LkL7C+Q5w5hczzwulq7D3NOC
LzhD5+ZRhAdkgP2HX3sloUjnOVWQ5OuiIsZErT0nRF1dG7XmeYJR2ojpkLDagbzy
eTS7
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:31:20 2025 by rpki-client