Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/0ZpSBetXDyfUBhEguBXXnnZrG-g.roa
File: 0ZpSBetXDyfUBhEguBXXnnZrG-g.roa (raw, json)
Hash identifier: XVA4IkuLaTtFipanZxLNpCEawnZQBmCfbQSKadAQB+I=
Subject key identifier: D1:9A:52:05:EB:57:0F:27:D4:06:11:20:B8:15:D7:9E:76:6B:1B:E8
Certificate issuer: /CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Certificate serial: 0194C7764D5D26B51101C37074EC099DA997
Authority key identifier: 95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/0ZpSBetXDyfUBhEguBXXnnZrG-g.roa
Signing time: Sun 02 Feb 2025 16:20:06 +0000
ROA not before: Sun 02 Feb 2025 16:20:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 185.37.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Feb 2025 17:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c7:76:4d:5d:26:b5:11:01:c3:70:74:ec:09:9d:a9:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Validity
Not Before: Feb 2 16:20:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d19a5205eb570f27d4061120b815d79e766b1be8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:5c:3b:fe:05:ee:ca:ae:a5:98:60:52:10:73:
ed:ca:d9:ae:2e:e2:6c:b1:16:b3:7b:c4:ab:81:0b:
3f:bc:5f:28:52:84:63:00:0b:cc:a7:86:35:cd:13:
a6:5a:9b:bb:31:e7:e9:c3:e1:38:87:21:be:d5:18:
53:a6:86:2a:2e:97:71:bb:37:f2:00:72:dc:50:e1:
3c:1a:b2:35:2e:f7:54:4f:5d:1e:2c:2e:70:cc:bd:
24:32:fe:f8:76:0d:db:2c:57:41:96:87:55:19:f4:
c3:3c:fb:67:38:1c:bd:11:4b:68:1d:18:f5:02:b1:
5f:50:b7:eb:9b:25:87:d7:8b:16:97:d0:0a:17:13:
b4:2f:78:c1:cf:07:8c:6e:02:00:be:85:c5:f3:4b:
a4:30:26:56:f0:d0:dd:b8:c5:0a:5e:25:f3:b1:47:
f7:8a:8f:48:b5:66:95:3a:cc:5d:12:ac:d4:f6:d8:
1a:f4:10:36:80:b0:9e:14:4c:b6:dd:37:08:d5:27:
3e:66:e6:5f:af:f0:83:62:fd:21:ec:72:a3:a7:2f:
a5:db:c0:fb:0f:d3:bb:09:6e:6b:86:3d:14:66:11:
b8:05:8e:d7:e8:cc:0e:f8:34:a6:1e:1d:90:b0:fa:
f7:ef:1e:b1:45:a8:5f:d8:a0:63:50:6b:db:f2:b5:
6f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:9A:52:05:EB:57:0F:27:D4:06:11:20:B8:15:D7:9E:76:6B:1B:E8
X509v3 Authority Key Identifier:
keyid:95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/0ZpSBetXDyfUBhEguBXXnnZrG-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.103.0/24
Signature Algorithm: sha256WithRSAEncryption
89:98:aa:98:75:bf:3a:9f:30:1a:51:37:2d:16:de:57:45:ac:
ef:b8:a4:0b:c5:17:78:68:d2:f9:2f:b8:38:c4:df:52:cc:a7:
0c:0f:7b:83:89:21:51:db:8a:a9:5f:7b:c4:73:e6:46:37:2a:
2f:d5:7c:f3:53:1e:17:60:b3:1c:58:c1:82:2f:5b:7e:ea:d6:
70:4b:3e:12:7e:f2:00:9f:48:2e:14:64:4a:8b:37:1c:1e:0c:
d6:d8:10:35:2c:ca:f6:6a:4d:ad:70:82:f8:92:18:0d:5a:af:
99:2c:4e:72:a9:2b:be:1c:18:78:78:aa:cd:71:5c:af:36:5e:
99:66:fc:d1:a9:a8:44:42:7b:c6:a7:dd:dd:17:9c:c9:8f:34:
74:d4:a1:17:65:4b:33:85:56:84:95:4b:7e:a1:f4:e3:6a:1c:
43:0f:a1:ff:31:cc:3b:c1:5d:fc:de:a6:ca:1c:5a:1c:a0:e6:
75:6d:61:20:64:44:ba:50:63:80:08:5d:8f:c8:21:5a:a6:1d:
5a:4d:0d:2b:7e:8f:e3:98:0a:b9:48:ec:a5:1d:b5:7f:38:ac:
6e:43:2c:4a:e9:c4:32:7a:67:6a:af:ea:a1:c3:43:20:57:f1:
f4:62:6d:83:e4:54:22:72:5e:0c:3b:1f:43:09:cd:4f:08:c5:
6a:40:df:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTHdk1dJrURAcNwdOwJnamXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MjJhYjY3OTIyY2UwMjc1ZThjNjFhYmZhODJkMmE3NTRh
ZjZkYzQwHhcNMjUwMjAyMTYyMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTlhNTIwNWViNTcwZjI3ZDQwNjExMjBiODE1ZDc5ZTc2NmIxYmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVw7/gXuyq6lmGBSEHPtytmuLuJs
sRaze8SrgQs/vF8oUoRjAAvMp4Y1zROmWpu7Mefpw+E4hyG+1RhTpoYqLpdxuzfy
AHLcUOE8GrI1LvdUT10eLC5wzL0kMv74dg3bLFdBlodVGfTDPPtnOBy9EUtoHRj1
ArFfULfrmyWH14sWl9AKFxO0L3jBzweMbgIAvoXF80ukMCZW8NDduMUKXiXzsUf3
io9ItWaVOsxdEqzU9tga9BA2gLCeFEy23TcI1Sc+ZuZfr/CDYv0h7HKjpy+l28D7
D9O7CW5rhj0UZhG4BY7X6MwO+DSmHh2QsPr37x6xRahf2KBjUGvb8rVvWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNGaUgXrVw8n1AYRILgV1552axvoMB8GA1UdIwQY
MBaAFJUiq2eSLOAnXoxhq/qC0qdUr23EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEt
ZTUyNmE5NDA5ZmI4LzEvMFpwU0JldFhEeWZVQmhFZ3VCWFhublpyRy1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEtZTUyNmE5NDA5ZmI4
LzEvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSVnMA0G
CSqGSIb3DQEBCwUAA4IBAQCJmKqYdb86nzAaUTctFt5XRazvuKQLxRd4aNL5L7g4
xN9SzKcMD3uDiSFR24qpX3vEc+ZGNyov1XzzUx4XYLMcWMGCL1t+6tZwSz4SfvIA
n0guFGRKizccHgzW2BA1LMr2ak2tcIL4khgNWq+ZLE5yqSu+HBh4eKrNcVyvNl6Z
ZvzRqahEQnvGp93dF5zJjzR01KEXZUszhVaElUt+ofTjahxDD6H/Mcw7wV383qbK
HFocoOZ1bWEgZES6UGOACF2PyCFaph1aTQ0rfo/jmAq5SOylHbV/OKxuQyxK6cQy
emdqr+qhw0MgV/H0Ym2D5FQicl4MOx9DCc1PCMVqQN/P
-----END CERTIFICATE-----
Generated at Wed Apr 16 07:40:22 2025 by rpki-client