Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Pbtz1zz3u4NUqNELi65I5zYmugc.roa
File: Pbtz1zz3u4NUqNELi65I5zYmugc.roa (raw, json)
Hash identifier: OkpU2oYfVj+wpWoDSIOMsk9FnGFgQJ1n4a+1/tKw+sY=
Subject key identifier: 3D:BB:73:D7:3C:F7:BB:83:54:A8:D1:0B:8B:AE:48:E7:36:26:BA:07
Certificate issuer: /CN=363f09508fdf256448219b284bb09b23b2b51396
Certificate serial: 01946EEE6C0A0EFE6346F0BFD99154C23D48
Authority key identifier: 36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Pbtz1zz3u4NUqNELi65I5zYmugc.roa
Signing time: Thu 16 Jan 2025 11:45:06 +0000
ROA not before: Thu 16 Jan 2025 11:45:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12989
IP address blocks: 2.59.22.0/24 maxlen: 24
86.54.28.0/24 maxlen: 24
86.54.29.0/24 maxlen: 24
212.104.140.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 Jan 2025 19:22:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6e:ee:6c:0a:0e:fe:63:46:f0:bf:d9:91:54:c2:3d:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363f09508fdf256448219b284bb09b23b2b51396
Validity
Not Before: Jan 16 11:45:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3dbb73d73cf7bb8354a8d10b8bae48e73626ba07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:1d:ad:a8:aa:9c:64:f6:09:8f:f2:72:f0:53:
82:ef:3f:34:09:95:32:48:80:27:91:56:29:04:c4:
b7:87:ba:d7:2a:df:bf:b6:56:ec:0d:b0:bc:8b:aa:
a2:eb:54:6b:c0:07:f5:64:38:ed:2a:16:1a:83:2a:
c4:d7:1e:e9:35:d6:f7:ae:23:87:3a:a6:f5:db:83:
58:c3:5f:ad:01:f4:d9:dd:c2:a6:1a:d8:9c:39:4d:
42:89:6e:d7:80:45:20:cc:de:d4:4d:47:29:f6:34:
e4:57:41:11:1b:9b:94:30:64:45:1d:28:07:78:e4:
05:46:14:c1:e1:52:fd:3f:7d:93:4b:1b:38:3f:91:
3a:bd:50:e3:17:03:5c:fa:18:ab:7a:29:5c:0f:ae:
67:7a:65:94:7f:42:7e:ad:85:d2:83:42:0f:ce:f0:
52:8d:29:53:ba:4c:5d:f1:49:3f:a5:fc:09:0f:a3:
88:d2:b5:01:6b:05:c1:34:39:9b:00:ec:09:44:00:
a1:ba:40:8c:89:f6:78:c2:12:ec:f7:cb:0e:ff:2c:
b5:77:49:e2:7b:83:98:89:a9:99:f3:c7:52:7e:79:
ef:0e:f7:16:83:d1:36:4e:cd:20:22:d4:1b:b4:11:
07:df:13:e6:66:29:9c:8e:4f:f1:1d:7a:66:d9:00:
9c:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:BB:73:D7:3C:F7:BB:83:54:A8:D1:0B:8B:AE:48:E7:36:26:BA:07
X509v3 Authority Key Identifier:
keyid:36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Pbtz1zz3u4NUqNELi65I5zYmugc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.22.0/24
86.54.28.0/23
212.104.140.0/24
Signature Algorithm: sha256WithRSAEncryption
21:cc:de:cd:08:c7:50:93:7a:56:35:18:f5:7d:cf:fd:f6:27:
07:0d:e8:dc:d0:0c:90:7c:f5:bc:ce:28:dc:d0:00:6a:5e:6f:
00:2a:42:16:54:a3:e6:b8:ee:8c:8b:83:c5:55:ac:14:52:a3:
fc:4d:48:17:c3:a0:e3:f2:8d:4b:0c:2b:f9:e4:5d:a7:18:03:
63:54:82:32:53:cf:8a:c1:1c:f5:3c:7b:3c:f0:0c:e3:4a:27:
67:8b:92:d6:6c:bb:63:93:0a:fe:80:2b:d6:4c:07:e0:7e:a1:
dd:67:ee:55:5b:f0:92:c1:ba:89:e6:00:e4:1e:46:b0:bd:8b:
80:be:d4:f9:a6:d3:09:cb:5d:4d:28:a6:6d:45:3b:17:2d:bc:
79:d7:4a:c1:cb:0e:46:f8:b4:5b:b4:95:d5:3a:80:92:03:0c:
dd:b8:5f:c3:ba:79:68:8e:b6:d4:b5:8b:9d:c9:2f:bc:34:f2:
3c:d9:93:1b:cf:38:16:19:5a:dc:fa:89:b9:08:e7:08:cc:86:
b9:72:22:15:42:18:84:6f:41:79:86:9f:5c:c0:e9:1a:2c:4d:
12:5f:65:cd:dc:29:29:9c:e7:49:74:7f:49:54:1d:dd:c8:9a:
81:eb:68:d5:f0:16:74:a2:3f:ef:f7:44:40:32:cc:ee:6f:f9:
3c:90:c7:e6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZRu7mwKDv5jRvC/2ZFUwj1IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2M2YwOTUwOGZkZjI1NjQ0ODIxOWIyODRiYjA5YjIzYjJi
NTEzOTYwHhcNMjUwMTE2MTE0NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGJiNzNkNzNjZjdiYjgzNTRhOGQxMGI4YmFlNDhlNzM2MjZiYTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkx2tqKqcZPYJj/Jy8FOC7z80CZUy
SIAnkVYpBMS3h7rXKt+/tlbsDbC8i6qi61RrwAf1ZDjtKhYagyrE1x7pNdb3riOH
Oqb124NYw1+tAfTZ3cKmGticOU1CiW7XgEUgzN7UTUcp9jTkV0ERG5uUMGRFHSgH
eOQFRhTB4VL9P32TSxs4P5E6vVDjFwNc+hireilcD65nemWUf0J+rYXSg0IPzvBS
jSlTukxd8Uk/pfwJD6OI0rUBawXBNDmbAOwJRAChukCMifZ4whLs98sO/yy1d0ni
e4OYiamZ88dSfnnvDvcWg9E2Ts0gItQbtBEH3xPmZimcjk/xHXpm2QCcpwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD27c9c897uDVKjRC4uuSOc2JroHMB8GA1UdIwQY
MBaAFDY/CVCP3yVkSCGbKEuwmyOytROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTIt
ZmQ4MTQ0NTVhODY4LzEvUGJ0ejF6ejN1NE5VcU5FTGk2NUk1elltdWdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTItZmQ4MTQ0NTVhODY4
LzEvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjsWAwQB
VjYcAwQA1GiMMA0GCSqGSIb3DQEBCwUAA4IBAQAhzN7NCMdQk3pWNRj1fc/99icH
Dejc0AyQfPW8zijc0ABqXm8AKkIWVKPmuO6Mi4PFVawUUqP8TUgXw6Dj8o1LDCv5
5F2nGANjVIIyU8+KwRz1PHs88AzjSidni5LWbLtjkwr+gCvWTAfgfqHdZ+5VW/CS
wbqJ5gDkHkawvYuAvtT5ptMJy11NKKZtRTsXLbx510rByw5G+LRbtJXVOoCSAwzd
uF/DunlojrbUtYudyS+8NPI82ZMbzzgWGVrc+om5COcIzIa5ciIVQhiEb0F5hp9c
wOkaLE0SX2XN3CkpnOdJdH9JVB3dyJqB62jV8BZ0oj/v90RAMszub/k8kMfm
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:50:42 2025 by rpki-client