Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/5d6255-65c9-4bfa-b9d7-f657519d0233/1/errC_k26UWJgsvD2pBYuu6qRz1I.roa
File: errC_k26UWJgsvD2pBYuu6qRz1I.roa (raw, json)
Hash identifier: GL6LD8bjYoUKBzDUIokIZJzpMuAqC8zi1ZQqjVIQP0o=
Subject key identifier: 7A:BA:C2:FE:4D:BA:51:62:60:B2:F0:F6:A4:16:2E:BB:AA:91:CF:52
Certificate issuer: /CN=64dfe26d403141be9059ab2144325b402d4cab7d
Certificate serial: 019423D6E30D39A51FDD217BD3BBEA2A13ED
Authority key identifier: 64:DF:E2:6D:40:31:41:BE:90:59:AB:21:44:32:5B:40:2D:4C:AB:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZN_ibUAxQb6QWashRDJbQC1Mq30.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/5d6255-65c9-4bfa-b9d7-f657519d0233/1/errC_k26UWJgsvD2pBYuu6qRz1I.roa
Signing time: Wed 01 Jan 2025 21:47:52 +0000
ROA not before: Wed 01 Jan 2025 21:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49760
IP address blocks: 185.54.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Feb 2025 11:51:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:e3:0d:39:a5:1f:dd:21:7b:d3:bb:ea:2a:13:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64dfe26d403141be9059ab2144325b402d4cab7d
Validity
Not Before: Jan 1 21:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7abac2fe4dba516260b2f0f6a4162ebbaa91cf52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:35:68:ee:ff:ad:5d:bd:0f:ee:57:ae:cb:67:
44:2d:9e:74:25:d3:73:12:59:73:7d:80:36:61:b3:
1a:fa:75:06:f9:54:f4:bc:a9:13:ea:c5:eb:29:2f:
38:ea:7b:74:61:80:7b:be:48:26:79:77:5e:3a:27:
c6:7c:8b:b9:2e:63:76:b6:09:4b:7a:47:69:8d:5c:
a0:7c:eb:f6:1c:ba:cd:34:55:4e:49:68:ad:e4:82:
b4:ca:25:b7:ea:b9:f7:c1:25:16:9f:1f:9e:c1:b2:
66:66:e8:f1:a0:f7:02:3d:fe:51:07:da:02:e7:b0:
76:ea:06:78:98:70:0d:ff:e8:38:8d:61:23:66:bf:
e5:80:cd:89:88:24:9b:4e:fb:8d:c9:0f:5c:14:dd:
0f:3c:9f:5b:56:6d:e1:bc:c0:f0:6d:6b:9e:87:a8:
ac:f5:df:63:1e:3c:30:16:ca:09:ba:ba:51:0d:d9:
4e:88:43:37:31:78:1c:5a:49:07:85:d0:ac:85:71:
cb:c2:16:7f:f2:77:a8:65:38:09:6f:36:0a:25:de:
93:81:a4:20:07:0d:6f:86:6a:e2:5c:fd:da:77:6f:
0b:bd:81:1e:96:42:2c:74:4f:ed:cc:19:19:c6:55:
98:eb:88:5f:b3:0d:2a:d8:5d:37:45:0c:b8:54:0b:
0d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:BA:C2:FE:4D:BA:51:62:60:B2:F0:F6:A4:16:2E:BB:AA:91:CF:52
X509v3 Authority Key Identifier:
keyid:64:DF:E2:6D:40:31:41:BE:90:59:AB:21:44:32:5B:40:2D:4C:AB:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZN_ibUAxQb6QWashRDJbQC1Mq30.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/5d6255-65c9-4bfa-b9d7-f657519d0233/1/errC_k26UWJgsvD2pBYuu6qRz1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/5d6255-65c9-4bfa-b9d7-f657519d0233/1/ZN_ibUAxQb6QWashRDJbQC1Mq30.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.158.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:d4:14:79:c9:5d:ed:e1:25:de:5d:c1:88:25:0a:4c:7a:05:
b6:5c:4d:14:5f:a9:f5:97:44:37:9a:28:32:be:f9:ae:90:68:
21:b8:ab:a5:a1:29:55:f1:e2:c9:7d:31:25:81:1f:d7:6d:08:
56:82:fe:9f:4e:9f:9d:c4:a5:8c:6a:3f:f6:bb:97:89:fd:07:
a1:22:7c:f3:a7:b2:b7:a4:27:a5:3b:eb:4a:b9:d6:ff:e3:a2:
6e:c8:ad:1b:ea:0c:bc:d8:0b:fe:5c:f0:53:52:f8:eb:f3:b4:
a8:a0:77:ed:7e:1a:93:38:bf:10:a9:3b:79:4d:80:85:16:bf:
c1:a8:f3:ae:d1:be:f0:62:04:23:90:e2:53:05:22:05:66:22:
81:b9:2d:d9:6f:11:37:e6:97:bd:d3:79:bd:df:6f:e8:84:1b:
89:64:42:f4:00:ea:c4:12:c2:e8:d0:85:cd:f6:4d:c2:2b:de:
e6:fe:83:f6:4a:73:3d:b9:1e:7a:ea:20:10:88:bc:9a:51:3e:
9c:dc:bf:e7:ba:d7:d5:2a:47:b6:ba:19:a1:f4:9a:e0:3e:be:
6e:80:b6:9e:a9:63:53:a4:4d:c5:d6:e6:f2:2d:62:d5:b8:0c:
15:b7:d4:e5:b3:68:96:26:3a:02:cb:ed:f0:91:38:64:55:52:
d6:74:5c:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1uMNOaUf3SF707vqKhPtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZGZlMjZkNDAzMTQxYmU5MDU5YWIyMTQ0MzI1YjQwMmQ0
Y2FiN2QwHhcNMjUwMTAxMjE0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWJhYzJmZTRkYmE1MTYyNjBiMmYwZjZhNDE2MmViYmFhOTFjZjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDVo7v+tXb0P7leuy2dELZ50JdNz
EllzfYA2YbMa+nUG+VT0vKkT6sXrKS846nt0YYB7vkgmeXdeOifGfIu5LmN2tglL
ekdpjVygfOv2HLrNNFVOSWit5IK0yiW36rn3wSUWnx+ewbJmZujxoPcCPf5RB9oC
57B26gZ4mHAN/+g4jWEjZr/lgM2JiCSbTvuNyQ9cFN0PPJ9bVm3hvMDwbWueh6is
9d9jHjwwFsoJurpRDdlOiEM3MXgcWkkHhdCshXHLwhZ/8neoZTgJbzYKJd6TgaQg
Bw1vhmriXP3ad28LvYEelkIsdE/tzBkZxlWY64hfsw0q2F03RQy4VAsNnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHq6wv5NulFiYLLw9qQWLruqkc9SMB8GA1UdIwQY
MBaAFGTf4m1AMUG+kFmrIUQyW0AtTKt9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5faWJVQXhRYjZRV2FzaFJESmJRQzFNcTMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81ZDYyNTUtNjVjOS00YmZhLWI5ZDct
ZjY1NzUxOWQwMjMzLzEvZXJyQ19rMjZVV0pnc3ZEMnBCWXV1NnFSejFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81ZDYyNTUtNjVjOS00YmZhLWI5ZDctZjY1NzUxOWQwMjMz
LzEvWk5faWJVQXhRYjZRV2FzaFJESmJRQzFNcTMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTaeMA0G
CSqGSIb3DQEBCwUAA4IBAQBa1BR5yV3t4SXeXcGIJQpMegW2XE0UX6n1l0Q3migy
vvmukGghuKuloSlV8eLJfTElgR/XbQhWgv6fTp+dxKWMaj/2u5eJ/QehInzzp7K3
pCelO+tKudb/46JuyK0b6gy82Av+XPBTUvjr87SooHftfhqTOL8QqTt5TYCFFr/B
qPOu0b7wYgQjkOJTBSIFZiKBuS3ZbxE35pe903m932/ohBuJZEL0AOrEEsLo0IXN
9k3CK97m/oP2SnM9uR566iAQiLyaUT6c3L/nutfVKke2uhmh9JrgPr5ugLaeqWNT
pE3F1ubyLWLVuAwVt9Tls2iWJjoCy+3wkThkVVLWdFwJ
-----END CERTIFICATE-----
Generated at Tue Apr 29 13:49:06 2025 by rpki-client