Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/ZwnP0-U8meqVgabdny5-xlO2cKM.roa
File: ZwnP0-U8meqVgabdny5-xlO2cKM.roa (raw, json)
Hash identifier: gghTMEM8shTp3p+BOoveuiIlzeORUHiqzKKPe64ksgY=
Subject key identifier: 67:09:CF:D3:E5:3C:99:EA:95:81:A6:DD:9F:2E:7E:C6:53:B6:70:A3
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 01942825570355B9553EE11785970CD3BF98
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/ZwnP0-U8meqVgabdny5-xlO2cKM.roa
Signing time: Thu 02 Jan 2025 17:52:03 +0000
ROA not before: Thu 02 Jan 2025 17:52:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5378
IP address blocks: 2a01:840::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 20 Jan 2025 13:56:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:57:03:55:b9:55:3e:e1:17:85:97:0c:d3:bf:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Jan 2 17:52:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6709cfd3e53c99ea9581a6dd9f2e7ec653b670a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8f:d9:6b:dc:9e:b5:ff:3f:5c:72:6a:d5:34:
6d:c1:ab:9d:7d:52:bb:5c:74:79:d3:6f:93:26:67:
68:31:ac:48:71:ca:0a:11:fb:22:10:d0:55:bd:42:
4c:f0:8c:7d:d4:b6:e8:29:9b:86:47:9d:e1:4a:69:
6a:be:e9:e8:9b:1d:b8:ab:99:a7:f9:96:6a:74:e7:
7c:4f:6d:50:30:da:4b:37:f4:7e:3c:12:c2:1d:cc:
f0:c4:4a:dc:fa:7d:8a:11:8e:18:7d:eb:26:42:3f:
b9:c1:c5:d5:fc:65:ac:df:42:02:14:5a:40:1e:3d:
1e:5b:11:a7:3b:f4:74:c4:c9:ad:e7:bd:77:ef:dc:
e8:a3:19:70:9c:a1:ae:71:7a:6b:56:81:41:29:74:
9f:7c:19:b4:bb:00:57:39:03:01:11:d6:40:2c:f1:
2a:7b:f0:49:b9:70:e5:f2:93:d1:82:cf:f5:f3:96:
1c:82:71:1e:59:94:17:09:b1:d6:84:c1:35:2e:c3:
35:c9:c1:bd:be:12:3a:3b:a7:3a:a1:2c:2b:dc:90:
f0:31:de:4a:bc:f6:9e:56:5f:a1:0d:dc:ee:b1:9b:
1c:71:ef:e9:3e:59:b2:82:91:c4:74:0c:1e:13:aa:
47:cc:48:44:23:12:43:04:fd:ed:f3:f7:ee:ae:63:
9b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:09:CF:D3:E5:3C:99:EA:95:81:A6:DD:9F:2E:7E:C6:53:B6:70:A3
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/ZwnP0-U8meqVgabdny5-xlO2cKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:840::/32
Signature Algorithm: sha256WithRSAEncryption
02:55:e8:64:a7:88:5b:27:81:86:ce:35:ed:42:33:3d:4e:02:
0b:91:23:ef:55:69:86:52:4f:9c:0a:fe:f7:2f:07:59:55:18:
d9:dc:20:44:99:18:c1:58:b9:fc:43:46:d4:95:96:ed:77:7a:
59:59:56:8b:75:b7:a3:6a:eb:bd:4f:fe:6c:ae:d0:bb:ae:b3:
ea:a9:e1:c6:d6:a5:c9:ab:db:11:f0:1c:ac:4c:9a:c5:ef:db:
a6:07:b0:9d:a8:6d:46:df:8a:0f:3f:fb:37:df:25:d8:d1:9c:
bc:c7:95:35:9e:88:a8:5a:23:3f:7c:f2:05:b1:9c:d7:f1:89:
fb:fc:02:25:f7:29:d5:de:2b:01:ce:3c:57:f4:69:25:d5:d9:
97:89:46:4f:b9:e8:70:72:64:bb:c9:23:d1:53:92:1c:7a:65:
51:c8:26:a2:3d:5e:d3:ac:55:fd:71:51:31:43:3d:a4:bb:39:
ad:2a:07:cb:87:d2:e6:79:f5:56:d9:ff:eb:12:b6:d9:60:3a:
d9:f9:98:10:03:6a:3b:66:09:f0:48:3b:09:a5:bf:d6:fe:cb:
46:64:95:91:da:b7:f8:7a:29:e9:10:df:5e:be:63:8c:73:fc:
a9:79:3d:b6:7d:ca:ae:09:d7:f8:c2:05:fc:95:82:1b:93:ce:
98:77:91:2f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQoJVcDVblVPuEXhZcM07+YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjUwMTAyMTc1MjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzA5Y2ZkM2U1M2M5OWVhOTU4MWE2ZGQ5ZjJlN2VjNjUzYjY3MGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtI/Za9yetf8/XHJq1TRtwaudfVK7
XHR502+TJmdoMaxIccoKEfsiENBVvUJM8Ix91LboKZuGR53hSmlqvunomx24q5mn
+ZZqdOd8T21QMNpLN/R+PBLCHczwxErc+n2KEY4YfesmQj+5wcXV/GWs30ICFFpA
Hj0eWxGnO/R0xMmt571379zooxlwnKGucXprVoFBKXSffBm0uwBXOQMBEdZALPEq
e/BJuXDl8pPRgs/185YcgnEeWZQXCbHWhME1LsM1ycG9vhI6O6c6oSwr3JDwMd5K
vPaeVl+hDdzusZscce/pPlmygpHEdAweE6pHzEhEIxJDBP3t8/furmObawIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGcJz9PlPJnqlYGm3Z8ufsZTtnCjMB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvWnduUDAtVThtZXFWZ2FiZG55NS14bE8yY0tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgEIQDAN
BgkqhkiG9w0BAQsFAAOCAQEAAlXoZKeIWyeBhs417UIzPU4CC5Ej71VphlJPnAr+
9y8HWVUY2dwgRJkYwVi5/ENG1JWW7Xd6WVlWi3W3o2rrvU/+bK7Qu66z6qnhxtal
yavbEfAcrEyaxe/bpgewnahtRt+KDz/7N98l2NGcvMeVNZ6IqFojP3zyBbGc1/GJ
+/wCJfcp1d4rAc48V/RpJdXZl4lGT7nocHJku8kj0VOSHHplUcgmoj1e06xV/XFR
MUM9pLs5rSoHy4fS5nn1Vtn/6xK22WA62fmYEANqO2YJ8Eg7CaW/1v7LRmSVkdq3
+Hop6RDfXr5jjHP8qXk9tn3KrgnX+MIF/JWCG5POmHeRLw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:14:48 2025 by rpki-client