Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/zCtxuxbI8kXYv8iQ1CVzP4UWYr0.roa
File: zCtxuxbI8kXYv8iQ1CVzP4UWYr0.roa (raw, json)
Hash identifier: QZP1IKkwTEZ8275rVg0NAv/bmISXWIolELeFfbOXDhc=
Subject key identifier: CC:2B:71:BB:16:C8:F2:45:D8:BF:C8:90:D4:25:73:3F:85:16:62:BD
Certificate issuer: /CN=363f09508fdf256448219b284bb09b23b2b51396
Certificate serial: 0194D35E9D67C68C1540F6FB617FB8CC5116
Authority key identifier: 36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/zCtxuxbI8kXYv8iQ1CVzP4UWYr0.roa
Signing time: Tue 04 Feb 2025 23:49:40 +0000
ROA not before: Tue 04 Feb 2025 23:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30058
IP address blocks: 212.104.141.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Feb 2025 21:19:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d3:5e:9d:67:c6:8c:15:40:f6:fb:61:7f:b8:cc:51:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363f09508fdf256448219b284bb09b23b2b51396
Validity
Not Before: Feb 4 23:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc2b71bb16c8f245d8bfc890d425733f851662bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:24:60:aa:90:8f:39:1a:41:8b:0a:ac:51:22:
a3:80:37:4e:a2:83:12:ec:7e:63:2e:17:ea:ff:8d:
a6:a0:54:77:fc:e3:df:4b:e6:1f:a6:f5:8f:e2:bb:
1a:2e:79:20:73:91:c4:be:15:17:d7:94:14:36:cf:
03:98:74:dd:34:10:71:a0:a5:5f:04:cd:c9:a4:7d:
1b:74:88:99:f9:1c:61:b4:7f:86:c9:8d:27:62:41:
55:b2:3c:a4:bf:f1:64:9a:d4:dd:c9:09:2b:9c:ba:
41:bc:77:da:30:bc:c7:c1:0c:c3:b6:8a:1a:6b:71:
5d:8c:35:03:2e:33:3a:ed:ea:ed:c5:da:11:1b:de:
de:79:c9:49:29:59:f9:15:5f:30:18:33:ab:e3:39:
e0:ca:a8:5c:30:e8:1a:4f:83:ee:34:c1:e3:c9:36:
20:1f:49:4c:f7:02:e2:a7:13:80:68:b4:19:8b:e3:
fa:96:55:a5:9b:c6:ba:8c:53:3d:32:01:74:94:52:
88:bc:c3:46:89:49:2c:d3:68:43:bf:e0:0f:09:17:
af:a7:46:d5:2e:f8:39:42:48:7c:f6:5c:57:62:29:
7c:a3:fb:a9:d6:bd:63:dd:d9:f5:c5:ce:2e:b2:15:
bb:18:9b:f1:6b:d0:d7:d3:7a:37:c1:a9:b0:e8:4f:
1e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:2B:71:BB:16:C8:F2:45:D8:BF:C8:90:D4:25:73:3F:85:16:62:BD
X509v3 Authority Key Identifier:
keyid:36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/zCtxuxbI8kXYv8iQ1CVzP4UWYr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.104.141.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:16:d6:43:39:10:c9:db:3e:6c:21:08:da:ee:8d:72:4e:9f:
dc:0b:6d:e6:2e:26:eb:05:c4:d6:6d:c7:33:08:b4:6b:a1:5d:
23:cf:f8:f3:74:c5:4d:77:d9:5d:9a:f7:11:ac:b2:7b:1b:af:
37:26:04:9c:1d:15:92:d9:0f:86:c5:bf:49:15:a1:24:68:07:
6d:72:50:9d:af:99:1f:ab:28:59:64:22:a2:8d:55:1e:04:ae:
38:26:f0:94:8a:90:84:ce:f9:3a:52:f9:5c:47:be:a5:02:b2:
77:dd:19:89:67:cf:b6:0d:19:0d:90:d5:30:b3:fd:f1:a1:80:
88:c5:f1:d3:4e:9e:b0:64:6b:b7:15:84:53:76:df:3f:6c:09:
65:14:7b:91:20:d5:93:c0:09:16:85:98:87:71:6b:45:19:67:
1f:fc:8d:ff:b2:37:c3:dc:f9:4c:eb:ef:9f:57:84:23:af:75:
e9:44:d0:07:8d:1a:c0:98:c2:4d:55:19:82:2a:f5:91:a6:9b:
9a:e2:69:bd:e6:9b:e8:23:fa:f8:81:bb:0b:c5:bd:dd:59:32:
4f:86:68:04:06:e6:5a:39:36:20:9b:c4:41:f1:01:70:e9:5d:
28:83:7e:98:4b:8e:28:3e:24:7a:2e:1e:39:5c:ac:fd:86:70:
2f:79:31:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTTXp1nxowVQPb7YX+4zFEWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2M2YwOTUwOGZkZjI1NjQ0ODIxOWIyODRiYjA5YjIzYjJi
NTEzOTYwHhcNMjUwMjA0MjM0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzJiNzFiYjE2YzhmMjQ1ZDhiZmM4OTBkNDI1NzMzZjg1MTY2MmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSRgqpCPORpBiwqsUSKjgDdOooMS
7H5jLhfq/42moFR3/OPfS+YfpvWP4rsaLnkgc5HEvhUX15QUNs8DmHTdNBBxoKVf
BM3JpH0bdIiZ+RxhtH+GyY0nYkFVsjykv/FkmtTdyQkrnLpBvHfaMLzHwQzDtooa
a3FdjDUDLjM67ertxdoRG97eeclJKVn5FV8wGDOr4zngyqhcMOgaT4PuNMHjyTYg
H0lM9wLipxOAaLQZi+P6llWlm8a6jFM9MgF0lFKIvMNGiUks02hDv+APCRevp0bV
Lvg5Qkh89lxXYil8o/up1r1j3dn1xc4ushW7GJvxa9DX03o3wamw6E8eCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMwrcbsWyPJF2L/IkNQlcz+FFmK9MB8GA1UdIwQY
MBaAFDY/CVCP3yVkSCGbKEuwmyOytROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTIt
ZmQ4MTQ0NTVhODY4LzEvekN0eHV4Ykk4a1hZdjhpUTFDVnpQNFVXWXIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTItZmQ4MTQ0NTVhODY4
LzEvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1GiNMA0G
CSqGSIb3DQEBCwUAA4IBAQA/FtZDORDJ2z5sIQja7o1yTp/cC23mLibrBcTWbccz
CLRroV0jz/jzdMVNd9ldmvcRrLJ7G683JgScHRWS2Q+Gxb9JFaEkaAdtclCdr5kf
qyhZZCKijVUeBK44JvCUipCEzvk6UvlcR76lArJ33RmJZ8+2DRkNkNUws/3xoYCI
xfHTTp6wZGu3FYRTdt8/bAllFHuRINWTwAkWhZiHcWtFGWcf/I3/sjfD3PlM6++f
V4Qjr3XpRNAHjRrAmMJNVRmCKvWRppua4mm95pvoI/r4gbsLxb3dWTJPhmgEBuZa
OTYgm8RB8QFw6V0og36YS44oPiR6Lh45XKz9hnAveTHE
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:27:32 2025 by rpki-client