Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/rcZdY4ZOLZvFkWNmHGjDP5i3Zt0.roa
File: rcZdY4ZOLZvFkWNmHGjDP5i3Zt0.roa (raw, json)
Hash identifier: yFY5uWsl1Oth6ywsZ0hzNsYdTzcn/saFlfJcgb7nAZc=
Subject key identifier: AD:C6:5D:63:86:4E:2D:9B:C5:91:63:66:1C:68:C3:3F:98:B7:66:DD
Certificate issuer: /CN=a6947681da0db7fe79315ec6dbda28bf8d660fc0
Certificate serial: 018CCA2A47731E1536F80B47D51BE698ED14
Authority key identifier: A6:94:76:81:DA:0D:B7:FE:79:31:5E:C6:DB:DA:28:BF:8D:66:0F:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ppR2gdoNt_55MV7G29oov41mD8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/rcZdY4ZOLZvFkWNmHGjDP5i3Zt0.roa
Signing time: Tue 02 Jan 2024 12:33:37 +0000
ROA not before: Tue 02 Jan 2024 12:33:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34867
IP address blocks: 185.48.196.0/22 maxlen: 22
95.67.0.0/17 maxlen: 17
2a00:17a0::/32 maxlen: 32
2a00:17a0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:47:73:1e:15:36:f8:0b:47:d5:1b:e6:98:ed:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6947681da0db7fe79315ec6dbda28bf8d660fc0
Validity
Not Before: Jan 2 12:33:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=adc65d63864e2d9bc59163661c68c33f98b766dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ac:cc:17:ba:24:1d:56:fe:34:f6:10:c2:57:
a3:76:05:b7:ec:68:c3:2b:6c:f4:30:fb:48:6e:d4:
4f:bb:82:37:2e:38:fc:8c:c0:6d:94:25:03:5f:db:
d6:39:5f:b6:a1:ec:5d:c3:5c:11:7c:d8:4d:04:ed:
57:0a:0d:ba:b3:e3:f5:ba:af:5a:e2:fc:65:b1:c0:
d6:9d:ac:df:16:69:e6:50:49:9a:ab:79:4f:d9:ea:
5e:07:6f:92:af:00:5d:a7:db:cd:8d:e3:86:8c:6d:
99:52:54:ce:29:d5:6d:a8:17:b1:35:1d:ee:77:6e:
c5:cb:51:90:bf:37:96:be:bf:27:18:a9:7c:ca:f0:
f3:b2:bc:d0:c8:e6:56:c7:20:c1:4d:79:b1:70:c5:
77:79:22:42:99:6a:f1:87:53:2b:74:f1:d4:b5:44:
83:eb:62:54:83:ca:2d:27:de:f1:18:80:75:44:51:
40:88:6e:a2:98:ad:bd:1a:18:20:36:5b:31:ab:01:
f2:81:9d:bd:92:ba:e0:13:fe:95:47:23:4b:a3:80:
81:60:e8:05:50:29:c3:55:28:4e:e0:45:a4:9d:f6:
6d:da:91:30:1e:7a:8f:09:71:d8:44:8f:34:59:84:
70:0f:43:24:a5:5f:37:48:d7:43:21:df:3e:3a:a6:
17:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:C6:5D:63:86:4E:2D:9B:C5:91:63:66:1C:68:C3:3F:98:B7:66:DD
X509v3 Authority Key Identifier:
keyid:A6:94:76:81:DA:0D:B7:FE:79:31:5E:C6:DB:DA:28:BF:8D:66:0F:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ppR2gdoNt_55MV7G29oov41mD8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/rcZdY4ZOLZvFkWNmHGjDP5i3Zt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/ppR2gdoNt_55MV7G29oov41mD8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.67.0.0/17
185.48.196.0/22
IPv6:
2a00:17a0::/29
Signature Algorithm: sha256WithRSAEncryption
0b:4f:29:56:0f:9b:6e:fb:6f:8b:bf:fe:c4:5d:07:2f:9e:3f:
7d:ef:fa:09:b2:39:b3:f9:7b:41:f4:dd:aa:70:1f:37:58:62:
88:d5:87:4b:59:8a:38:2d:73:2d:5f:f4:76:57:d1:ee:12:b4:
8c:59:54:06:0d:8f:8d:4f:24:58:1a:7c:0d:cc:e4:7d:ea:93:
53:05:18:0b:33:d3:45:0a:2f:b0:69:e0:6e:c2:ee:27:40:ce:
10:14:f3:44:ff:bf:4e:4e:90:d0:b5:95:94:c4:08:c8:a9:57:
c7:0d:e8:74:63:ab:3c:c8:8e:89:a7:e7:03:87:d6:33:44:40:
1a:ca:1a:bd:f8:71:e8:c7:37:46:15:f6:e2:1e:77:95:8e:86:
5e:0b:18:1b:9c:94:97:c2:f2:2a:bb:a1:b0:a4:bb:ed:05:61:
73:46:65:c2:0c:1d:ff:75:07:0c:8d:ad:fe:6a:5d:12:32:15:
32:5b:37:94:c4:80:22:c3:7b:3b:21:ea:8b:02:23:bb:53:c8:
3a:08:2b:cf:b1:36:1a:11:ba:d6:16:11:b2:cc:b7:01:ff:11:
59:fe:d6:8b:e3:25:68:2f:c4:35:2c:67:9f:a7:dc:53:5f:9c:
82:be:4f:8b:ee:fd:18:dd:78:3d:c7:2e:bb:16:7c:9d:a7:cf:
aa:25:32:78
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzKKkdzHhU2+AtH1RvmmO0UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2OTQ3NjgxZGEwZGI3ZmU3OTMxNWVjNmRiZGEyOGJmOGQ2
NjBmYzAwHhcNMjQwMTAyMTIzMzM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGM2NWQ2Mzg2NGUyZDliYzU5MTYzNjYxYzY4YzMzZjk4Yjc2NmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2KzMF7okHVb+NPYQwlejdgW37GjD
K2z0MPtIbtRPu4I3Ljj8jMBtlCUDX9vWOV+2oexdw1wRfNhNBO1XCg26s+P1uq9a
4vxlscDWnazfFmnmUEmaq3lP2epeB2+SrwBdp9vNjeOGjG2ZUlTOKdVtqBexNR3u
d27Fy1GQvzeWvr8nGKl8yvDzsrzQyOZWxyDBTXmxcMV3eSJCmWrxh1MrdPHUtUSD
62JUg8otJ97xGIB1RFFAiG6imK29GhggNlsxqwHygZ29krrgE/6VRyNLo4CBYOgF
UCnDVShO4EWknfZt2pEwHnqPCXHYRI80WYRwD0MkpV83SNdDId8+OqYXBwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFK3GXWOGTi2bxZFjZhxowz+Yt2bdMB8GA1UdIwQY
MBaAFKaUdoHaDbf+eTFextvaKL+NZg/AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHBSMmdkb050XzU1TVY3RzI5b292NDFtRDhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9mNjQ5YTItNTE4ZC00NDU2LTk4YTct
MjNjM2RmODJjMjMwLzEvcmNaZFk0Wk9MWnZGa1dObUhHakRQNWkzWnQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9mNjQ5YTItNTE4ZC00NDU2LTk4YTctMjNjM2RmODJjMjMw
LzEvcHBSMmdkb050XzU1TVY3RzI5b292NDFtRDhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHX0MAAwQC
uTDEMA0EAgACMAcDBQMqABegMA0GCSqGSIb3DQEBCwUAA4IBAQALTylWD5tu+2+L
v/7EXQcvnj997/oJsjmz+XtB9N2qcB83WGKI1YdLWYo4LXMtX/R2V9HuErSMWVQG
DY+NTyRYGnwNzOR96pNTBRgLM9NFCi+waeBuwu4nQM4QFPNE/79OTpDQtZWUxAjI
qVfHDeh0Y6s8yI6Jp+cDh9YzREAayhq9+HHoxzdGFfbiHneVjoZeCxgbnJSXwvIq
u6GwpLvtBWFzRmXCDB3/dQcMja3+al0SMhUyWzeUxIAiw3s7IeqLAiO7U8g6CCvP
sTYaEbrWFhGyzLcB/xFZ/taL4yVoL8Q1LGefp9xTX5yCvk+L7v0Y3Xg9xy67Fnyd
p8+qJTJ4
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:44:32 2025 by rpki-client