Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/83d246-740d-4b01-9020-db5aa577c3af/1/hz8U61BnNPCotSZN1bHQRGjXbJ0.roa
File: hz8U61BnNPCotSZN1bHQRGjXbJ0.roa (raw, json)
Hash identifier: iZE9NtSNm0pJkxYodNkkwLQ5DhUTLKc5G8dp5t9Dv6g=
Subject key identifier: 87:3F:14:EB:50:67:34:F0:A8:B5:26:4D:D5:B1:D0:44:68:D7:6C:9D
Certificate issuer: /CN=c5ee963f82a0fb0866d42553b3378597d9f3ef68
Certificate serial: 0193C1E221770E9A278870281F65DE23BF15
Authority key identifier: C5:EE:96:3F:82:A0:FB:08:66:D4:25:53:B3:37:85:97:D9:F3:EF:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xe6WP4Kg-whm1CVTszeFl9nz72g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/83d246-740d-4b01-9020-db5aa577c3af/1/hz8U61BnNPCotSZN1bHQRGjXbJ0.roa
Signing time: Fri 13 Dec 2024 21:17:22 +0000
ROA not before: Fri 13 Dec 2024 21:17:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210020
IP address blocks: 185.225.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c1:e2:21:77:0e:9a:27:88:70:28:1f:65:de:23:bf:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5ee963f82a0fb0866d42553b3378597d9f3ef68
Validity
Not Before: Dec 13 21:17:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=873f14eb506734f0a8b5264dd5b1d04468d76c9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:71:96:75:8b:a6:98:21:32:fa:e6:7b:4c:ee:
bc:6c:32:12:d7:c3:f5:1c:d6:ad:94:56:a2:83:87:
0f:21:ac:4a:79:3a:0a:b0:18:39:40:60:f9:12:17:
f4:71:44:83:38:60:9d:68:55:50:ae:35:92:a7:92:
4f:d8:c6:18:83:7e:dd:09:5a:ef:96:9e:9f:0e:02:
6c:59:44:14:86:ea:25:31:30:28:19:60:f9:93:ba:
87:49:6e:45:7c:ac:7a:62:89:72:3e:c6:76:31:7f:
11:eb:2d:d0:81:bd:57:0d:e3:1a:4d:ad:10:2d:a8:
c7:f6:24:da:d2:36:da:7a:e9:6d:1d:34:f1:f8:bd:
1e:dd:9f:f5:06:7c:52:14:50:42:c2:48:fd:a0:67:
87:7d:44:8e:8a:54:e4:39:7d:64:60:39:92:b9:c8:
bc:51:e7:d0:0e:bf:b6:74:d7:14:0a:79:20:f9:7f:
fa:4f:63:e2:84:5a:8a:61:75:57:f8:67:fa:f1:f6:
f0:98:f8:5b:57:01:b5:24:e1:f1:35:18:37:00:cf:
27:11:a2:13:2b:47:06:92:2b:1f:e3:bc:c3:7f:3e:
31:ae:03:c3:af:f4:e2:78:0c:86:77:38:2b:00:84:
0b:19:c1:35:33:46:f2:c3:30:2d:d0:07:c3:a8:3d:
58:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:3F:14:EB:50:67:34:F0:A8:B5:26:4D:D5:B1:D0:44:68:D7:6C:9D
X509v3 Authority Key Identifier:
keyid:C5:EE:96:3F:82:A0:FB:08:66:D4:25:53:B3:37:85:97:D9:F3:EF:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xe6WP4Kg-whm1CVTszeFl9nz72g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/83d246-740d-4b01-9020-db5aa577c3af/1/hz8U61BnNPCotSZN1bHQRGjXbJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/83d246-740d-4b01-9020-db5aa577c3af/1/xe6WP4Kg-whm1CVTszeFl9nz72g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.199.0/24
Signature Algorithm: sha256WithRSAEncryption
05:fd:9f:86:32:cc:ca:73:70:77:fe:9a:35:f8:c4:14:9d:bd:
e6:d1:bc:2d:6e:3a:02:cc:01:da:1c:0b:60:f5:a1:30:80:1f:
3b:43:16:b7:4c:6e:c6:2f:70:8c:e4:79:e5:ad:94:19:fc:a4:
d8:e1:86:8b:d3:22:77:ec:c7:bd:f8:b6:c4:d2:0d:58:83:c4:
c9:0c:0c:5d:77:ed:a5:f9:e4:a0:c1:bd:a4:6e:a4:00:21:27:
32:8b:06:66:91:ef:f2:25:b0:2c:1a:a3:fe:f7:47:03:37:0e:
ec:27:93:f5:84:ea:a9:11:ef:9e:d0:4d:dc:8c:8a:bc:e4:f3:
44:6e:fc:21:87:49:b8:ad:87:d0:4f:de:4b:2b:d3:24:4e:53:
c6:13:e7:dd:bd:52:f7:fb:6e:1f:ba:f3:86:7b:51:2a:b5:71:
e4:b7:93:38:44:f5:a8:14:79:04:19:68:0b:ac:b8:ef:58:24:
70:45:54:65:00:f7:b5:da:4e:6a:ca:52:e3:d8:5b:dd:ee:af:
77:e4:91:b5:75:e7:f4:1b:a9:9c:0a:ba:91:71:de:56:13:c9:
44:9e:ab:4c:73:28:28:89:d2:1c:30:cc:16:c3:55:02:f9:d9:
6e:15:e3:74:ba:1a:6b:a8:5e:ca:73:8c:5f:43:18:01:6b:d6:
c1:4f:6f:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPB4iF3DponiHAoH2XeI78VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ZWU5NjNmODJhMGZiMDg2NmQ0MjU1M2IzMzc4NTk3ZDlm
M2VmNjgwHhcNMjQxMjEzMjExNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzNmMTRlYjUwNjczNGYwYThiNTI2NGRkNWIxZDA0NDY4ZDc2YzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3GWdYummCEy+uZ7TO68bDIS18P1
HNatlFaig4cPIaxKeToKsBg5QGD5Ehf0cUSDOGCdaFVQrjWSp5JP2MYYg37dCVrv
lp6fDgJsWUQUhuolMTAoGWD5k7qHSW5FfKx6YolyPsZ2MX8R6y3Qgb1XDeMaTa0Q
LajH9iTa0jbaeultHTTx+L0e3Z/1BnxSFFBCwkj9oGeHfUSOilTkOX1kYDmSuci8
UefQDr+2dNcUCnkg+X/6T2PihFqKYXVX+Gf68fbwmPhbVwG1JOHxNRg3AM8nEaIT
K0cGkisf47zDfz4xrgPDr/TieAyGdzgrAIQLGcE1M0bywzAt0AfDqD1YfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIc/FOtQZzTwqLUmTdWx0ERo12ydMB8GA1UdIwQY
MBaAFMXulj+CoPsIZtQlU7M3hZfZ8+9oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGU2V1A0S2ctd2htMUNWVHN6ZUZsOW56NzJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS84M2QyNDYtNzQwZC00YjAxLTkwMjAt
ZGI1YWE1NzdjM2FmLzEvaHo4VTYxQm5OUENvdFNaTjFiSFFSR2pYYkowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS84M2QyNDYtNzQwZC00YjAxLTkwMjAtZGI1YWE1NzdjM2Fm
LzEveGU2V1A0S2ctd2htMUNWVHN6ZUZsOW56NzJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueHHMA0G
CSqGSIb3DQEBCwUAA4IBAQAF/Z+GMszKc3B3/po1+MQUnb3m0bwtbjoCzAHaHAtg
9aEwgB87Qxa3TG7GL3CM5HnlrZQZ/KTY4YaL0yJ37Me9+LbE0g1Yg8TJDAxdd+2l
+eSgwb2kbqQAIScyiwZmke/yJbAsGqP+90cDNw7sJ5P1hOqpEe+e0E3cjIq85PNE
bvwhh0m4rYfQT95LK9MkTlPGE+fdvVL3+24fuvOGe1EqtXHkt5M4RPWoFHkEGWgL
rLjvWCRwRVRlAPe12k5qylLj2Fvd7q935JG1def0G6mcCrqRcd5WE8lEnqtMcygo
idIcMMwWw1UC+dluFeN0uhprqF7Kc4xfQxgBa9bBT29m
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:20:53 2025 by rpki-client