Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/zJtGYyZRc8W2K9T7bwhT7OCYFos.roa
File: zJtGYyZRc8W2K9T7bwhT7OCYFos.roa (raw, json)
Hash identifier: q42hTMIU61ggcwEvZqA7acNbu8HPV8t9vJe0vd71f0c=
Subject key identifier: CC:9B:46:63:26:51:73:C5:B6:2B:D4:FB:6F:08:53:EC:E0:98:16:8B
Certificate issuer: /CN=543c5c34a62ffbed8fc0f0ec01b42c0c50ee7ef7
Certificate serial: 019421B21DB276C1BD781FEC9C69683399A8
Authority key identifier: 54:3C:5C:34:A6:2F:FB:ED:8F:C0:F0:EC:01:B4:2C:0C:50:EE:7E:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VDxcNKYv--2PwPDsAbQsDFDufvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/zJtGYyZRc8W2K9T7bwhT7OCYFos.roa
Signing time: Wed 01 Jan 2025 11:48:28 +0000
ROA not before: Wed 01 Jan 2025 11:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61272
IP address blocks: 185.23.16.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 03 Feb 2025 18:26:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:1d:b2:76:c1:bd:78:1f:ec:9c:69:68:33:99:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=543c5c34a62ffbed8fc0f0ec01b42c0c50ee7ef7
Validity
Not Before: Jan 1 11:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc9b4663265173c5b62bd4fb6f0853ece098168b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:be:ed:14:d4:bc:6f:5a:63:41:e7:a1:d4:e2:
f9:5d:67:40:37:c5:a0:a6:e5:37:e0:5b:bc:a1:a2:
92:11:42:a6:c9:e9:9c:e4:9a:89:b0:37:39:92:31:
70:e3:86:f8:d0:f5:a2:5c:1c:ac:37:4a:80:0b:99:
46:96:bf:b6:d5:30:dc:c4:85:d7:63:09:84:dc:05:
8d:e3:99:52:05:4e:22:17:cf:a2:da:41:00:12:63:
cf:56:e8:62:01:c7:f6:6b:f6:0d:f9:86:38:38:ef:
87:1d:0c:46:db:22:ac:a1:42:91:db:fb:7c:50:f9:
21:d4:48:02:68:27:44:51:0b:f9:68:e9:fc:ed:9f:
62:cc:a9:a7:bb:cf:0d:23:33:8b:1d:04:8a:54:5b:
60:7a:7d:99:08:a7:20:a4:6f:93:c1:13:43:06:ea:
b2:34:c6:f3:89:7a:c2:bb:d9:01:db:3c:6a:52:8e:
65:a2:95:e1:4b:30:a6:fd:17:4d:af:12:ef:9c:af:
a2:bb:73:b8:c2:52:67:dc:9f:f6:f1:ff:c7:b4:24:
2d:d5:be:0d:36:c9:33:2d:9b:3c:9e:5d:25:95:e4:
56:58:73:00:00:27:ea:20:e9:52:44:30:ad:1e:e9:
93:7a:f0:b0:9f:b3:12:f9:66:39:d1:f2:49:2d:55:
2e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:9B:46:63:26:51:73:C5:B6:2B:D4:FB:6F:08:53:EC:E0:98:16:8B
X509v3 Authority Key Identifier:
keyid:54:3C:5C:34:A6:2F:FB:ED:8F:C0:F0:EC:01:B4:2C:0C:50:EE:7E:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VDxcNKYv--2PwPDsAbQsDFDufvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/zJtGYyZRc8W2K9T7bwhT7OCYFos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/VDxcNKYv--2PwPDsAbQsDFDufvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.16.0/23
Signature Algorithm: sha256WithRSAEncryption
33:ae:0d:c8:26:02:45:e2:c8:42:00:41:5b:ba:2a:80:8f:58:
c7:ab:fd:2b:00:8d:37:ca:86:d2:97:41:86:a2:c0:1e:ad:40:
e8:ef:cd:f8:45:fa:bd:02:cc:14:0b:bc:a7:9d:c9:67:d4:5f:
89:31:cb:14:ab:65:bb:40:5c:9c:bd:7e:48:fe:84:b5:ad:ab:
5a:19:c4:18:ed:e7:30:97:a8:e2:c4:a2:6f:34:dc:16:3d:8f:
45:13:8f:9f:c5:11:34:a5:e5:5e:c1:f1:26:bc:6b:58:04:1b:
81:fe:21:8e:0b:c7:b3:7d:f8:c5:97:7b:16:7b:0c:17:0a:dc:
1b:71:91:50:4c:9c:59:92:60:85:65:2f:31:a4:88:d1:76:3a:
45:e6:9c:59:ff:e8:91:d9:dc:2f:eb:74:da:d2:bc:dd:b9:94:
3d:98:94:08:a9:8f:40:e5:7a:b9:e2:9f:dd:cf:e3:20:3c:93:
6c:51:5b:a8:7d:e1:90:07:d8:3d:33:48:9f:ad:ba:79:64:b6:
c6:62:4f:7f:c6:9f:a7:77:b1:6b:9c:43:f5:45:21:ec:ae:71:
10:75:84:c2:96:ef:c1:68:1e:70:ef:01:8d:55:3a:e4:d5:e2:
44:90:09:ce:79:34:d4:a4:c2:48:17:e5:03:85:d8:00:d0:07:
de:d2:09:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsh2ydsG9eB/snGloM5moMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0M2M1YzM0YTYyZmZiZWQ4ZmMwZjBlYzAxYjQyYzBjNTBl
ZTdlZjcwHhcNMjUwMTAxMTE0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzliNDY2MzI2NTE3M2M1YjYyYmQ0ZmI2ZjA4NTNlY2UwOTgxNjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp77tFNS8b1pjQeeh1OL5XWdAN8Wg
puU34Fu8oaKSEUKmyemc5JqJsDc5kjFw44b40PWiXBysN0qAC5lGlr+21TDcxIXX
YwmE3AWN45lSBU4iF8+i2kEAEmPPVuhiAcf2a/YN+YY4OO+HHQxG2yKsoUKR2/t8
UPkh1EgCaCdEUQv5aOn87Z9izKmnu88NIzOLHQSKVFtgen2ZCKcgpG+TwRNDBuqy
NMbziXrCu9kB2zxqUo5lopXhSzCm/RdNrxLvnK+iu3O4wlJn3J/28f/HtCQt1b4N
NskzLZs8nl0lleRWWHMAACfqIOlSRDCtHumTevCwn7MS+WY50fJJLVUu3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMybRmMmUXPFtivU+28IU+zgmBaLMB8GA1UdIwQY
MBaAFFQ8XDSmL/vtj8Dw7AG0LAxQ7n73MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkR4Y05LWXYtLTJQd1BEc0FiUXNERkR1ZnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8xNmUwMjItNGRhOC00Njg0LTg1ZTYt
ZjRmMWY5M2UwNDY3LzEvekp0R1l5WlJjOFcySzlUN2J3aFQ3T0NZRm9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8xNmUwMjItNGRhOC00Njg0LTg1ZTYtZjRmMWY5M2UwNDY3
LzEvVkR4Y05LWXYtLTJQd1BEc0FiUXNERkR1ZnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuRcQMA0G
CSqGSIb3DQEBCwUAA4IBAQAzrg3IJgJF4shCAEFbuiqAj1jHq/0rAI03yobSl0GG
osAerUDo7834Rfq9AswUC7ynncln1F+JMcsUq2W7QFycvX5I/oS1rataGcQY7ecw
l6jixKJvNNwWPY9FE4+fxRE0peVewfEmvGtYBBuB/iGOC8ezffjFl3sWewwXCtwb
cZFQTJxZkmCFZS8xpIjRdjpF5pxZ/+iR2dwv63Ta0rzduZQ9mJQIqY9A5Xq54p/d
z+MgPJNsUVuofeGQB9g9M0ifrbp5ZLbGYk9/xp+nd7FrnEP1RSHsrnEQdYTClu/B
aB5w7wGNVTrk1eJEkAnOeTTUpMJIF+UDhdgA0Afe0gkr
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:06:42 2025 by rpki-client