Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/a764ce-12ae-41b5-81b6-02aba5d1b3a4/1/CCIZ4F7StSrtDOaWMjq0iF2pg2Y.roa
File: CCIZ4F7StSrtDOaWMjq0iF2pg2Y.roa (raw, json)
Hash identifier: 8OTqeQVn+pGc5lbGEO3tVuqJmkLJAgkfkctNyr+ZLZg=
Subject key identifier: 08:22:19:E0:5E:D2:B5:2A:ED:0C:E6:96:32:3A:B4:88:5D:A9:83:66
Certificate issuer: /CN=a01746cf6bbdc8bd5666f306811bdffd216b1aa6
Certificate serial: 018F9AC5150AD8AF669414A0B15DCCC4F807
Authority key identifier: A0:17:46:CF:6B:BD:C8:BD:56:66:F3:06:81:1B:DF:FD:21:6B:1A:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oBdGz2u9yL1WZvMGgRvf_SFrGqY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/a764ce-12ae-41b5-81b6-02aba5d1b3a4/1/CCIZ4F7StSrtDOaWMjq0iF2pg2Y.roa
Signing time: Tue 21 May 2024 10:49:18 +0000
ROA not before: Tue 21 May 2024 10:49:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12935
IP address blocks: 185.173.4.0/22 maxlen: 22
2a02:6980::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 21 May 2024 15:09:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9a:c5:15:0a:d8:af:66:94:14:a0:b1:5d:cc:c4:f8:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a01746cf6bbdc8bd5666f306811bdffd216b1aa6
Validity
Not Before: May 21 10:49:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=082219e05ed2b52aed0ce696323ab4885da98366
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a6:1f:45:d9:c6:fa:f4:99:df:35:69:c2:55:
49:f7:07:80:4b:49:f2:a7:99:f5:cf:19:5e:b4:5c:
99:95:15:91:de:ce:1f:1c:ef:8e:94:86:cc:a0:d6:
ea:ff:89:d2:3c:f6:ee:be:44:57:b8:22:ed:53:c0:
90:02:1f:02:86:84:65:9b:78:ec:87:2e:a1:9a:f3:
2d:c4:b0:c8:29:a3:e6:c6:1a:b8:d6:55:e3:26:02:
5d:10:20:c0:fd:66:2e:e4:6d:e4:30:80:a6:ef:98:
cd:c8:c4:ac:32:df:2e:4a:cc:b1:d6:77:e5:df:69:
e6:5e:b1:3c:e3:8c:00:71:8b:16:ae:d7:65:3b:b8:
5b:1b:c2:5d:ac:0e:13:15:d2:cc:52:2d:b1:b6:22:
54:63:99:fe:e5:ee:b4:f0:e2:2c:33:6f:2e:b8:81:
d8:85:b5:79:b4:5a:c4:97:b2:c1:b8:b4:c4:91:dc:
93:5c:bb:95:b6:81:3f:99:ab:33:85:bd:c0:5f:d1:
08:32:ed:3b:b9:a4:12:2a:7d:7c:29:87:02:12:2e:
ff:36:75:7e:0f:23:1b:b2:4d:f1:37:8d:22:39:38:
a8:21:25:a8:7d:b4:31:55:6c:fd:ac:84:9b:e7:4a:
65:57:91:a9:d6:9b:6d:ee:fb:33:28:52:26:e9:56:
f5:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:22:19:E0:5E:D2:B5:2A:ED:0C:E6:96:32:3A:B4:88:5D:A9:83:66
X509v3 Authority Key Identifier:
keyid:A0:17:46:CF:6B:BD:C8:BD:56:66:F3:06:81:1B:DF:FD:21:6B:1A:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oBdGz2u9yL1WZvMGgRvf_SFrGqY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a764ce-12ae-41b5-81b6-02aba5d1b3a4/1/CCIZ4F7StSrtDOaWMjq0iF2pg2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a764ce-12ae-41b5-81b6-02aba5d1b3a4/1/oBdGz2u9yL1WZvMGgRvf_SFrGqY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.4.0/22
IPv6:
2a02:6980::/32
Signature Algorithm: sha256WithRSAEncryption
e0:f4:66:68:66:e0:4f:51:34:de:68:e1:fb:a9:cc:f9:93:da:
97:c9:47:a1:72:22:4e:61:64:c8:49:f0:5d:e7:2e:3f:1f:ad:
18:eb:82:53:86:a8:8b:d2:1e:55:0a:4a:cb:61:2d:6f:a0:da:
79:c2:22:25:01:97:03:40:84:5a:f4:6e:0c:82:2a:4a:3d:dd:
19:b0:71:38:7c:4e:33:27:46:83:db:5d:e5:ef:1c:8d:95:8f:
19:b2:c8:bb:1d:bf:53:1d:3c:f3:ad:48:fa:53:98:93:5f:fd:
ab:e7:e4:38:38:e9:df:ba:60:7c:9b:1e:04:4d:2e:28:6a:32:
09:0e:8d:54:b1:42:71:3f:9d:a1:46:9b:da:3d:57:5d:69:37:
63:3d:cf:89:8d:4e:1d:d7:2e:bd:ab:c3:60:dc:f8:12:f8:e0:
35:8b:41:02:43:59:6a:5e:34:e4:32:3c:d0:fc:6e:48:0c:4e:
c4:b9:8b:73:15:f0:05:a9:40:60:2c:0e:1f:94:c1:2a:58:f4:
b6:8a:54:ee:f2:f0:42:95:f8:07:66:b2:7f:b5:8c:89:f1:0b:
9e:f7:e9:4f:25:3b:41:e0:57:23:61:b1:2a:d6:a0:d0:93:69:
4c:ab:50:d8:b1:cb:01:18:6b:6e:db:df:13:2a:be:1a:42:e4:
0e:85:c3:ff
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY+axRUK2K9mlBSgsV3MxPgHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMTc0NmNmNmJiZGM4YmQ1NjY2ZjMwNjgxMWJkZmZkMjE2
YjFhYTYwHhcNMjQwNTIxMTA0OTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODIyMTllMDVlZDJiNTJhZWQwY2U2OTYzMjNhYjQ4ODVkYTk4MzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKYfRdnG+vSZ3zVpwlVJ9weAS0ny
p5n1zxletFyZlRWR3s4fHO+OlIbMoNbq/4nSPPbuvkRXuCLtU8CQAh8ChoRlm3js
hy6hmvMtxLDIKaPmxhq41lXjJgJdECDA/WYu5G3kMICm75jNyMSsMt8uSsyx1nfl
32nmXrE844wAcYsWrtdlO7hbG8JdrA4TFdLMUi2xtiJUY5n+5e608OIsM28uuIHY
hbV5tFrEl7LBuLTEkdyTXLuVtoE/maszhb3AX9EIMu07uaQSKn18KYcCEi7/NnV+
DyMbsk3xN40iOTioISWofbQxVWz9rISb50plV5Gp1ptt7vszKFIm6Vb1dwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAgiGeBe0rUq7QzmljI6tIhdqYNmMB8GA1UdIwQY
MBaAFKAXRs9rvci9VmbzBoEb3/0haxqmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0JkR3oydTl5TDFXWnZNR2dSdmZfU0ZyR3FZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9hNzY0Y2UtMTJhZS00MWI1LTgxYjYt
MDJhYmE1ZDFiM2E0LzEvQ0NJWjRGN1N0U3J0RE9hV01qcTBpRjJwZzJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9hNzY0Y2UtMTJhZS00MWI1LTgxYjYtMDJhYmE1ZDFiM2E0
LzEvb0JkR3oydTl5TDFXWnZNR2dSdmZfU0ZyR3FZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCua0EMA0E
AgACMAcDBQAqAmmAMA0GCSqGSIb3DQEBCwUAA4IBAQDg9GZoZuBPUTTeaOH7qcz5
k9qXyUehciJOYWTISfBd5y4/H60Y64JThqiL0h5VCkrLYS1voNp5wiIlAZcDQIRa
9G4MgipKPd0ZsHE4fE4zJ0aD213l7xyNlY8Zssi7Hb9THTzzrUj6U5iTX/2r5+Q4
OOnfumB8mx4ETS4oajIJDo1UsUJxP52hRpvaPVddaTdjPc+JjU4d1y69q8Ng3PgS
+OA1i0ECQ1lqXjTkMjzQ/G5IDE7EuYtzFfAFqUBgLA4flMEqWPS2ilTu8vBClfgH
ZrJ/tYyJ8Que9+lPJTtB4FcjYbEq1qDQk2lMq1DYscsBGGtu298TKr4aQuQOhcP/
-----END CERTIFICATE-----
Generated at Tue May 6 09:15:02 2025 by rpki-client