Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/zDxzR5nG0VS4OpZWvmjrDw73N3g.roa
File: zDxzR5nG0VS4OpZWvmjrDw73N3g.roa (raw, json)
Hash identifier: 4kPmeeVdioXr5Bt+wcEQyrftJGr9O+QckLKKzeoBpvM=
Subject key identifier: CC:3C:73:47:99:C6:D1:54:B8:3A:96:56:BE:68:EB:0F:0E:F7:37:78
Certificate issuer: /CN=44a7e5a33d9c5a965d9fbfdeecdc871af0a5d4f8
Certificate serial: 0194939A3E66260178E5930A70AD45F5FD7B
Authority key identifier: 44:A7:E5:A3:3D:9C:5A:96:5D:9F:BF:DE:EC:DC:87:1A:F0:A5:D4:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RKfloz2cWpZdn7_e7NyHGvCl1Pg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/zDxzR5nG0VS4OpZWvmjrDw73N3g.roa
Signing time: Thu 23 Jan 2025 14:39:06 +0000
ROA not before: Thu 23 Jan 2025 14:39:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54111
IP address blocks: 185.222.176.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 24 Jan 2025 09:03:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:93:9a:3e:66:26:01:78:e5:93:0a:70:ad:45:f5:fd:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44a7e5a33d9c5a965d9fbfdeecdc871af0a5d4f8
Validity
Not Before: Jan 23 14:39:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc3c734799c6d154b83a9656be68eb0f0ef73778
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:7d:fd:ad:03:f3:16:c5:d1:a9:d9:bb:52:08:
bf:f4:1c:02:59:17:f9:35:ca:49:7a:f8:df:24:53:
ec:c0:f7:aa:64:27:b6:19:a0:26:f5:61:45:d2:20:
33:a2:de:bb:49:dd:0b:fd:e3:54:d2:ab:cb:33:a8:
40:4a:17:d5:a4:f9:87:e7:96:96:f2:f2:8e:91:20:
38:96:5a:c5:e2:de:84:54:b9:b5:e6:51:c4:4d:a4:
52:3e:48:4a:69:9f:7f:a5:bf:bc:33:94:0a:c2:46:
d1:a4:1e:37:48:90:c2:a1:bf:be:f8:db:b8:80:fe:
f8:99:8a:ae:22:f3:36:30:4f:98:06:1b:e7:eb:f0:
04:6d:7b:96:0f:23:c5:8e:01:cb:0a:83:f1:41:f0:
3d:bf:ec:10:6c:06:49:cd:e1:5b:c8:6a:c9:5d:99:
4a:e9:8c:0c:14:86:62:f1:40:b0:75:a7:8d:a9:e2:
51:83:1d:10:ae:bb:40:8c:d6:d5:92:b6:81:5d:98:
44:52:ba:52:ed:68:0f:a4:9e:52:7b:04:7e:cf:f5:
35:fa:0d:2a:ad:f8:22:68:99:48:94:3b:a7:fe:5b:
14:fa:cf:a5:89:fa:d0:09:a7:47:f2:02:d5:80:ea:
98:f8:09:14:01:7e:36:6c:80:82:45:d5:6a:d7:3a:
87:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:3C:73:47:99:C6:D1:54:B8:3A:96:56:BE:68:EB:0F:0E:F7:37:78
X509v3 Authority Key Identifier:
keyid:44:A7:E5:A3:3D:9C:5A:96:5D:9F:BF:DE:EC:DC:87:1A:F0:A5:D4:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RKfloz2cWpZdn7_e7NyHGvCl1Pg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/zDxzR5nG0VS4OpZWvmjrDw73N3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/RKfloz2cWpZdn7_e7NyHGvCl1Pg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.176.0/23
Signature Algorithm: sha256WithRSAEncryption
77:40:5e:70:bc:32:8d:a7:e6:70:2b:9d:0c:f1:f4:ec:7c:83:
0b:ec:23:e2:d4:d0:cb:3f:34:4a:2d:d2:25:1a:43:f0:71:a4:
23:f2:50:0b:33:dd:fd:bf:37:fb:9e:b0:3d:f7:16:a1:e3:13:
91:b4:7e:dc:ce:6d:28:f7:eb:a1:0f:28:f5:7c:d1:2b:c8:cd:
9b:ba:c4:d7:47:13:c1:3d:61:5e:9d:13:ac:87:3f:01:71:a0:
7d:cf:f9:aa:2b:d9:3e:80:eb:e1:b3:c7:00:ec:19:dc:67:3a:
34:4b:bf:75:cc:e8:bc:0d:f1:1b:3d:9b:e9:c9:98:9b:a3:d1:
5a:9e:7d:57:2e:00:f4:5e:f9:51:82:b6:16:6e:dd:f4:f4:58:
d2:6f:a0:78:b9:9d:f7:63:3c:a0:b9:37:7f:6c:30:a3:73:c1:
0f:88:21:24:82:fd:b8:59:ee:09:77:fa:02:8b:2b:33:18:74:
62:99:c9:de:c6:4b:16:31:51:21:45:2a:bf:ba:26:0f:96:36:
b9:e3:ed:53:47:16:e8:f0:b3:b9:cc:aa:27:23:de:e0:84:ee:
fb:3c:97:ff:34:ae:23:62:5e:ce:9d:b4:53:c4:57:0c:ad:e8:
e1:8f:1d:e7:0b:25:03:8e:c9:c4:b0:7e:3b:08:9c:2f:3d:3b:
40:7e:f0:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSTmj5mJgF45ZMKcK1F9f17MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YTdlNWEzM2Q5YzVhOTY1ZDlmYmZkZWVjZGM4NzFhZjBh
NWQ0ZjgwHhcNMjUwMTIzMTQzOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzNjNzM0Nzk5YzZkMTU0YjgzYTk2NTZiZTY4ZWIwZjBlZjczNzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2X39rQPzFsXRqdm7Ugi/9BwCWRf5
NcpJevjfJFPswPeqZCe2GaAm9WFF0iAzot67Sd0L/eNU0qvLM6hAShfVpPmH55aW
8vKOkSA4llrF4t6EVLm15lHETaRSPkhKaZ9/pb+8M5QKwkbRpB43SJDCob+++Nu4
gP74mYquIvM2ME+YBhvn6/AEbXuWDyPFjgHLCoPxQfA9v+wQbAZJzeFbyGrJXZlK
6YwMFIZi8UCwdaeNqeJRgx0QrrtAjNbVkraBXZhEUrpS7WgPpJ5SewR+z/U1+g0q
rfgiaJlIlDun/lsU+s+lifrQCadH8gLVgOqY+AkUAX42bICCRdVq1zqH5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMw8c0eZxtFUuDqWVr5o6w8O9zd4MB8GA1UdIwQY
MBaAFESn5aM9nFqWXZ+/3uzchxrwpdT4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUktmbG96MmNXcFpkbjdfZTdOeUhHdkNsMVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wZDgwODgtZWE5My00YWJiLTg5OTYt
MjFjZjU2Y2JjZTEyLzEvekR4elI1bkcwVlM0T3BaV3ZtanJEdzczTjNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8wZDgwODgtZWE5My00YWJiLTg5OTYtMjFjZjU2Y2JjZTEy
LzEvUktmbG96MmNXcFpkbjdfZTdOeUhHdkNsMVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBud6wMA0G
CSqGSIb3DQEBCwUAA4IBAQB3QF5wvDKNp+ZwK50M8fTsfIML7CPi1NDLPzRKLdIl
GkPwcaQj8lALM939vzf7nrA99xah4xORtH7czm0o9+uhDyj1fNEryM2busTXRxPB
PWFenROshz8BcaB9z/mqK9k+gOvhs8cA7BncZzo0S791zOi8DfEbPZvpyZibo9Fa
nn1XLgD0XvlRgrYWbt309FjSb6B4uZ33YzyguTd/bDCjc8EPiCEkgv24We4Jd/oC
iyszGHRimcnexksWMVEhRSq/uiYPlja54+1TRxbo8LO5zKonI97ghO77PJf/NK4j
Yl7OnbRTxFcMrejhjx3nCyUDjsnEsH47CJwvPTtAfvCr
-----END CERTIFICATE-----
Generated at Sat May 3 23:54:47 2025 by rpki-client