Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/jzZHGEQPm7osGOSBB27rKnC9DaA.roa
File: jzZHGEQPm7osGOSBB27rKnC9DaA.roa (raw, json)
Hash identifier: xiZlqTKS+tp246QqiiCsX2Q8zAo1bw7J4C3iPzWBCnw=
Subject key identifier: 8F:36:47:18:44:0F:9B:BA:2C:18:E4:81:07:6E:EB:2A:70:BD:0D:A0
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 019681478766DA5B56E0B7A592A8D3675526
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/jzZHGEQPm7osGOSBB27rKnC9DaA.roa
Signing time: Tue 29 Apr 2025 11:21:10 +0000
ROA not before: Tue 29 Apr 2025 11:21:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 178.173.232.0/22 maxlen: 24
188.209.156.0/22 maxlen: 22
213.173.32.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 04 May 2025 21:21:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:81:47:87:66:da:5b:56:e0:b7:a5:92:a8:d3:67:55:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Apr 29 11:21:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f364718440f9bba2c18e481076eeb2a70bd0da0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:47:ea:33:c1:19:0d:d3:7a:26:f9:96:d3:ec:
d5:45:0d:08:23:1d:aa:0e:4c:22:e6:b6:b5:4f:c4:
10:14:4b:0f:e0:6a:2a:bc:d6:fa:5a:5e:21:d6:53:
a6:41:2c:59:ce:1a:7b:8e:49:bd:93:73:5d:e4:54:
c8:ef:22:e5:6f:35:eb:8b:4c:48:f4:38:ad:8b:41:
da:90:2f:12:ed:1a:a1:69:cb:7f:17:20:ce:ea:4f:
fd:06:b3:49:b0:a8:af:18:5d:39:19:37:87:6c:c0:
65:eb:04:83:f9:e8:b4:a1:d4:ea:b7:bf:e3:e5:2e:
97:08:46:90:0b:98:9a:1d:b2:7a:f6:67:c8:df:71:
98:44:9c:aa:8d:35:61:94:77:1a:46:87:c0:07:ec:
b9:a1:be:ef:77:71:9a:1c:7f:a4:fc:2f:14:4d:5f:
06:cc:30:16:20:f7:48:02:97:6d:4b:b8:5d:53:c1:
a4:ca:77:b5:57:ec:6e:c8:3b:4b:2a:51:f7:e3:71:
a1:89:ca:a4:fc:f3:3a:cc:c8:e8:87:9a:60:b2:f5:
9b:3a:8f:5c:90:7b:f8:ad:2a:fe:43:72:7d:0e:bd:
94:a5:da:40:c5:02:f9:4a:4a:79:15:d8:68:59:58:
36:21:24:ad:89:08:07:2b:90:96:c8:72:2e:0b:0c:
1d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:36:47:18:44:0F:9B:BA:2C:18:E4:81:07:6E:EB:2A:70:BD:0D:A0
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/jzZHGEQPm7osGOSBB27rKnC9DaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.173.232.0/22
188.209.156.0/22
213.173.32.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:dc:05:ac:5b:02:91:7e:05:67:5d:7c:11:cc:57:d4:a3:7a:
b0:53:4f:e9:6f:5a:1e:2a:55:e7:d0:14:af:52:89:fe:29:b1:
85:dd:c4:1a:61:64:95:26:61:35:57:0f:52:fd:cb:0b:37:c9:
a7:3d:26:02:7a:95:0a:5a:3d:3e:41:20:1e:f3:e5:04:80:29:
1a:82:fb:bf:a6:2b:51:2d:9b:d4:65:71:cf:e1:6a:af:87:24:
83:8f:41:5f:f5:0b:58:6e:1e:44:33:85:d1:d3:ad:69:2a:dc:
bc:dd:ca:42:2f:1c:3f:71:a6:6f:34:c9:37:b0:92:63:fe:e1:
98:6c:ae:1b:5f:fd:a2:af:c8:c8:c5:86:ec:98:9b:af:22:a6:
d2:1d:bc:1f:4e:38:64:44:27:ff:3d:58:22:a8:b9:54:b0:34:
17:2f:79:57:7b:f6:40:14:6e:b5:f2:af:3f:45:38:70:df:b0:
3f:fd:00:04:81:85:d8:f1:51:93:ac:ef:58:14:66:d0:39:5b:
fe:7e:f3:5a:c9:c1:cf:54:3b:e7:cf:b2:f8:8e:8a:62:06:7f:
65:77:1b:07:59:47:dd:34:ec:5e:84:38:01:4c:b8:59:58:80:
66:7c:62:c1:92:0c:b2:88:9e:9d:9c:c0:40:0a:62:03:be:b5:
7d:cc:ef:e1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZaBR4dm2ltW4LelkqjTZ1UmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwNDI5MTEyMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjM2NDcxODQ0MGY5YmJhMmMxOGU0ODEwNzZlZWIyYTcwYmQwZGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6UfqM8EZDdN6JvmW0+zVRQ0IIx2q
Dkwi5ra1T8QQFEsP4GoqvNb6Wl4h1lOmQSxZzhp7jkm9k3Nd5FTI7yLlbzXri0xI
9Diti0HakC8S7Rqhact/FyDO6k/9BrNJsKivGF05GTeHbMBl6wSD+ei0odTqt7/j
5S6XCEaQC5iaHbJ69mfI33GYRJyqjTVhlHcaRofAB+y5ob7vd3GaHH+k/C8UTV8G
zDAWIPdIApdtS7hdU8Gkyne1V+xuyDtLKlH343Ghicqk/PM6zMjoh5pgsvWbOo9c
kHv4rSr+Q3J9Dr2UpdpAxQL5Skp5FdhoWVg2ISStiQgHK5CWyHIuCwwdiwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI82RxhED5u6LBjkgQdu6ypwvQ2gMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvanpaSEdFUVBtN29zR09TQkIyN3JLbkM5RGFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCsq3oAwQC
vNGcAwQC1a0gMA0GCSqGSIb3DQEBCwUAA4IBAQAb3AWsWwKRfgVnXXwRzFfUo3qw
U0/pb1oeKlXn0BSvUon+KbGF3cQaYWSVJmE1Vw9S/csLN8mnPSYCepUKWj0+QSAe
8+UEgCkagvu/pitRLZvUZXHP4WqvhySDj0Ff9QtYbh5EM4XR061pKty83cpCLxw/
caZvNMk3sJJj/uGYbK4bX/2ir8jIxYbsmJuvIqbSHbwfTjhkRCf/PVgiqLlUsDQX
L3lXe/ZAFG618q8/RThw37A//QAEgYXY8VGTrO9YFGbQOVv+fvNaycHPVDvnz7L4
jopiBn9ldxsHWUfdNOxehDgBTLhZWIBmfGLBkgyyiJ6dnMBACmIDvrV9zO/h
-----END CERTIFICATE-----
Generated at Wed May 14 12:34:01 2025 by rpki-client