Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/zAkD8hfg9JPENKdqLNNuSfowjoQ.roa
File: zAkD8hfg9JPENKdqLNNuSfowjoQ.roa (raw, json)
Hash identifier: f81D3TQIuyjGRYpRZt6UAKBeR2661qGI7515liyxuOg=
Subject key identifier: CC:09:03:F2:17:E0:F4:93:C4:34:A7:6A:2C:D3:6E:49:FA:30:8E:84
Certificate issuer: /CN=4456c14cd8724f9a909627b94e006cf69d12307b
Certificate serial: 0194228DC662E3042A3A292229A0235C742A
Authority key identifier: 44:56:C1:4C:D8:72:4F:9A:90:96:27:B9:4E:00:6C:F6:9D:12:30:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFbBTNhyT5qQlie5TgBs9p0SMHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/zAkD8hfg9JPENKdqLNNuSfowjoQ.roa
Signing time: Wed 01 Jan 2025 15:48:24 +0000
ROA not before: Wed 01 Jan 2025 15:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 93.93.96.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 16 Feb 2025 17:02:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:c6:62:e3:04:2a:3a:29:22:29:a0:23:5c:74:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4456c14cd8724f9a909627b94e006cf69d12307b
Validity
Not Before: Jan 1 15:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc0903f217e0f493c434a76a2cd36e49fa308e84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b3:08:15:b0:80:ca:30:1e:61:3e:5c:56:21:
e4:a4:2a:4b:f8:a1:d6:b8:05:ec:07:c2:2d:6a:2d:
3d:ce:30:cb:87:10:8c:71:15:d7:79:5f:b4:1c:ef:
91:57:90:dd:35:2d:df:15:bc:80:60:36:69:66:be:
a0:92:8c:cd:14:5a:ae:3a:49:f5:16:36:72:c5:44:
87:e9:09:f6:12:a4:29:37:b5:1a:83:e0:93:08:0c:
0f:ff:46:1f:c0:0c:d8:4a:ff:e6:06:5d:1b:1d:dc:
2e:66:fd:5b:84:7b:55:59:20:5c:b6:95:ea:dd:b3:
52:55:85:80:04:56:f3:c4:7c:ef:c2:ec:df:66:c7:
6e:75:aa:a3:a1:5f:c5:1b:42:6f:ec:13:aa:d3:6d:
01:21:e3:82:18:7b:26:88:23:a8:6c:69:31:c6:71:
03:14:cb:d1:52:41:c7:33:ae:6a:fa:36:d9:63:d0:
b9:a6:f8:9e:71:16:6f:f3:54:49:34:f2:cc:19:7a:
97:1e:95:ec:5e:a2:fb:31:e9:d9:9e:bc:91:4c:b9:
a4:70:cb:32:db:00:10:82:aa:59:c8:ab:9e:c4:81:
42:d0:b1:14:07:84:df:ff:10:b5:d6:b1:16:29:59:
0a:b1:6f:69:cf:2d:d0:df:c0:be:39:e9:9d:a2:44:
8e:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:09:03:F2:17:E0:F4:93:C4:34:A7:6A:2C:D3:6E:49:FA:30:8E:84
X509v3 Authority Key Identifier:
keyid:44:56:C1:4C:D8:72:4F:9A:90:96:27:B9:4E:00:6C:F6:9D:12:30:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFbBTNhyT5qQlie5TgBs9p0SMHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/zAkD8hfg9JPENKdqLNNuSfowjoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/RFbBTNhyT5qQlie5TgBs9p0SMHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.93.96.0/22
Signature Algorithm: sha256WithRSAEncryption
99:93:db:96:04:a2:31:bb:5f:4b:46:5c:c7:7c:11:5d:ba:00:
cb:a3:ae:0c:37:6b:86:56:c7:89:51:48:42:55:f3:38:50:54:
d6:09:74:5a:10:39:45:c3:ed:08:29:f9:4d:f5:87:03:75:42:
d1:8e:e9:ea:2a:9d:42:7f:4f:4b:c8:b5:c3:80:19:26:b4:53:
63:36:43:b7:4a:55:2f:25:c8:57:4c:63:f4:7d:f6:29:6f:c6:
26:41:91:54:67:24:ac:da:20:79:01:ad:16:88:09:b9:f9:33:
12:be:89:0b:56:22:52:ac:82:a5:ef:92:dd:c9:bc:8f:ef:cc:
a8:8d:e9:c5:fd:6f:e0:7f:dc:aa:75:f8:b9:90:31:38:63:f7:
3d:47:c7:08:fe:2d:5a:55:cd:a3:ec:a8:24:62:ba:d2:87:24:
13:e9:2c:55:22:dc:04:58:1c:04:e2:da:01:af:3b:49:3b:41:
12:93:65:a4:41:83:8c:7c:a4:1a:0d:41:75:56:dd:dd:91:31:
f3:31:f2:e4:1b:60:35:8f:0b:73:27:81:7a:42:6d:b4:a6:cd:
05:18:b5:93:59:9d:7e:e9:af:89:cb:5b:fc:f2:06:92:5e:04:
6a:5f:2b:25:c4:2e:cb:07:31:01:3f:51:af:d7:dc:04:6c:ea:
88:2c:df:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijcZi4wQqOikiKaAjXHQqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTZjMTRjZDg3MjRmOWE5MDk2MjdiOTRlMDA2Y2Y2OWQx
MjMwN2IwHhcNMjUwMTAxMTU0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzA5MDNmMjE3ZTBmNDkzYzQzNGE3NmEyY2QzNmU0OWZhMzA4ZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrMIFbCAyjAeYT5cViHkpCpL+KHW
uAXsB8Itai09zjDLhxCMcRXXeV+0HO+RV5DdNS3fFbyAYDZpZr6gkozNFFquOkn1
FjZyxUSH6Qn2EqQpN7Uag+CTCAwP/0YfwAzYSv/mBl0bHdwuZv1bhHtVWSBctpXq
3bNSVYWABFbzxHzvwuzfZsdudaqjoV/FG0Jv7BOq020BIeOCGHsmiCOobGkxxnED
FMvRUkHHM65q+jbZY9C5pviecRZv81RJNPLMGXqXHpXsXqL7MenZnryRTLmkcMsy
2wAQgqpZyKuexIFC0LEUB4Tf/xC11rEWKVkKsW9pzy3Q38C+OemdokSOmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMwJA/IX4PSTxDSnaizTbkn6MI6EMB8GA1UdIwQY
MBaAFERWwUzYck+akJYnuU4AbPadEjB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZiQlROaHlUNXFRbGllNVRnQnM5cDBTTUhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS81ZWNmYzItZGE3MC00MzMzLThmOTYt
NWI4NzgyNWMwN2VlLzEvekFrRDhoZmc5SlBFTktkcUxOTnVTZm93am9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS81ZWNmYzItZGE3MC00MzMzLThmOTYtNWI4NzgyNWMwN2Vl
LzEvUkZiQlROaHlUNXFRbGllNVRnQnM5cDBTTUhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXV1gMA0G
CSqGSIb3DQEBCwUAA4IBAQCZk9uWBKIxu19LRlzHfBFdugDLo64MN2uGVseJUUhC
VfM4UFTWCXRaEDlFw+0IKflN9YcDdULRjunqKp1Cf09LyLXDgBkmtFNjNkO3SlUv
JchXTGP0ffYpb8YmQZFUZySs2iB5Aa0WiAm5+TMSvokLViJSrIKl75LdybyP78yo
jenF/W/gf9yqdfi5kDE4Y/c9R8cI/i1aVc2j7KgkYrrShyQT6SxVItwEWBwE4toB
rztJO0ESk2WkQYOMfKQaDUF1Vt3dkTHzMfLkG2A1jwtzJ4F6Qm20ps0FGLWTWZ1+
6a+Jy1v88gaSXgRqXyslxC7LBzEBP1Gv19wEbOqILN+n
-----END CERTIFICATE-----
Generated at Thu Apr 17 11:40:56 2025 by rpki-client