Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/a54b85-af3e-47c6-80e7-c4142df35cc3/1/Zjo6Wv7l6i2ElfMtqNuvTCS7qks.roa
File: Zjo6Wv7l6i2ElfMtqNuvTCS7qks.roa (raw, json)
Hash identifier: zmLraZkesUkIi0Vx/4XofkRWI28iYmxXkQCGGxsTXWA=
Subject key identifier: 66:3A:3A:5A:FE:E5:EA:2D:84:95:F3:2D:A8:DB:AF:4C:24:BB:AA:4B
Certificate issuer: /CN=df158dcb290ec5ae7f66c1fa0f8d963211deea54
Certificate serial: 01963D5AEA1733C9A6237C2B48C51C9188EA
Authority key identifier: DF:15:8D:CB:29:0E:C5:AE:7F:66:C1:FA:0F:8D:96:32:11:DE:EA:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3xWNyykOxa5_ZsH6D42WMhHe6lQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/a54b85-af3e-47c6-80e7-c4142df35cc3/1/Zjo6Wv7l6i2ElfMtqNuvTCS7qks.roa
Signing time: Wed 16 Apr 2025 06:48:10 +0000
ROA not before: Wed 16 Apr 2025 06:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216210
IP address blocks: 91.216.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Apr 2025 15:25:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3d:5a:ea:17:33:c9:a6:23:7c:2b:48:c5:1c:91:88:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df158dcb290ec5ae7f66c1fa0f8d963211deea54
Validity
Not Before: Apr 16 06:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=663a3a5afee5ea2d8495f32da8dbaf4c24bbaa4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:0c:97:b6:61:f2:e0:7a:a4:49:4d:66:40:82:
e3:73:bb:b8:8b:49:d9:51:39:2f:78:52:75:92:aa:
7d:56:4c:3f:75:a7:ae:88:6a:db:d4:7d:70:3d:c3:
69:da:40:30:6c:36:9b:6c:a9:48:94:ff:7d:a6:0b:
a7:a0:b9:1e:82:0e:b4:23:46:26:75:26:86:67:54:
d4:4c:c2:1d:40:c0:bd:5d:ef:20:4f:c5:39:0e:3b:
43:ab:b3:64:75:87:96:0d:2e:ce:e3:b4:93:fa:6f:
d0:ed:d1:48:bd:4f:a6:44:45:7b:0c:74:f0:de:dc:
7c:9b:c1:2a:88:8e:f7:e8:6d:4d:c6:23:d6:28:f8:
f5:75:f8:bd:d6:98:de:4f:e0:13:38:de:b1:d6:95:
f8:77:c2:24:fe:32:4f:6e:df:b8:41:7e:30:64:86:
73:26:b4:55:e0:a3:bf:a1:05:98:ec:04:15:b9:ee:
ac:d5:cf:3f:74:d6:ac:2a:c2:b7:8c:6d:b9:9e:50:
32:d8:6b:a6:b6:f2:ad:41:1e:a8:30:be:43:5c:0a:
83:f3:07:eb:8d:3f:bf:8b:17:6e:18:8d:40:9f:7c:
18:2f:91:be:9e:92:40:92:b0:5f:f6:37:2c:99:62:
c5:a3:b5:0e:26:45:6d:79:bf:5f:3a:e8:99:74:cd:
2f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:3A:3A:5A:FE:E5:EA:2D:84:95:F3:2D:A8:DB:AF:4C:24:BB:AA:4B
X509v3 Authority Key Identifier:
keyid:DF:15:8D:CB:29:0E:C5:AE:7F:66:C1:FA:0F:8D:96:32:11:DE:EA:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3xWNyykOxa5_ZsH6D42WMhHe6lQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/a54b85-af3e-47c6-80e7-c4142df35cc3/1/Zjo6Wv7l6i2ElfMtqNuvTCS7qks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/a54b85-af3e-47c6-80e7-c4142df35cc3/1/3xWNyykOxa5_ZsH6D42WMhHe6lQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.112.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:24:a0:bc:ca:d8:2e:ec:5c:20:4a:7d:cf:72:c4:26:dd:5e:
e8:8a:80:6e:f2:e0:0d:04:b1:bd:b0:d3:35:19:f0:06:d5:2e:
93:b1:b2:70:a8:2d:84:58:30:73:fa:77:c8:72:0a:5d:e9:48:
3f:50:7e:44:8d:d8:74:67:f4:09:1c:97:a7:af:2a:7a:dd:8d:
60:77:99:60:d7:e8:41:40:61:46:6b:c4:1f:c9:2e:8e:52:c5:
81:64:50:52:f3:83:ab:a2:b0:4a:cf:f6:fd:d8:98:f5:d5:4a:
02:95:ec:d6:c1:4b:7e:87:85:58:0f:9a:97:db:a4:f6:a4:91:
02:b1:6c:db:a6:ef:46:b5:6f:18:0d:57:8b:e5:e3:11:93:e6:
9d:0f:52:90:ed:31:d9:d7:fe:4c:8c:f0:d7:ef:42:2c:b6:d4:
1f:28:bc:d8:5f:5e:ab:07:f5:9b:74:61:0e:5e:5d:76:61:d2:
ed:f3:1e:a7:d3:cc:5d:28:c3:d1:ef:90:d4:b8:11:40:43:b8:
91:28:69:0d:2a:b3:fc:c6:06:b5:f9:ac:4d:b0:ed:a4:eb:3b:
d7:d1:1f:4a:97:68:26:a4:9f:d3:93:c3:ef:60:7d:98:74:c7:
40:30:c6:34:0b:00:f3:f4:57:0f:b8:7d:57:ed:ac:6d:6e:5f:
bc:e0:d3:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZY9WuoXM8mmI3wrSMUckYjqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMTU4ZGNiMjkwZWM1YWU3ZjY2YzFmYTBmOGQ5NjMyMTFk
ZWVhNTQwHhcNMjUwNDE2MDY0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjNhM2E1YWZlZTVlYTJkODQ5NWYzMmRhOGRiYWY0YzI0YmJhYTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4wyXtmHy4HqkSU1mQILjc7u4i0nZ
UTkveFJ1kqp9Vkw/daeuiGrb1H1wPcNp2kAwbDabbKlIlP99pgunoLkegg60I0Ym
dSaGZ1TUTMIdQMC9Xe8gT8U5DjtDq7NkdYeWDS7O47ST+m/Q7dFIvU+mREV7DHTw
3tx8m8EqiI736G1NxiPWKPj1dfi91pjeT+ATON6x1pX4d8Ik/jJPbt+4QX4wZIZz
JrRV4KO/oQWY7AQVue6s1c8/dNasKsK3jG25nlAy2GumtvKtQR6oML5DXAqD8wfr
jT+/ixduGI1An3wYL5G+npJAkrBf9jcsmWLFo7UOJkVteb9fOuiZdM0vDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGY6Olr+5eothJXzLajbr0wku6pLMB8GA1UdIwQY
MBaAFN8VjcspDsWuf2bB+g+NljIR3upUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3hXTnl5a094YTVfWnNINkQ0MldNaEhlNmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9hNTRiODUtYWYzZS00N2M2LTgwZTct
YzQxNDJkZjM1Y2MzLzEvWmpvNld2N2w2aTJFbGZNdHFOdXZUQ1M3cWtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9hNTRiODUtYWYzZS00N2M2LTgwZTctYzQxNDJkZjM1Y2Mz
LzEvM3hXTnl5a094YTVfWnNINkQ0MldNaEhlNmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9hwMA0G
CSqGSIb3DQEBCwUAA4IBAQDCJKC8ytgu7FwgSn3PcsQm3V7oioBu8uANBLG9sNM1
GfAG1S6TsbJwqC2EWDBz+nfIcgpd6Ug/UH5Ejdh0Z/QJHJenryp63Y1gd5lg1+hB
QGFGa8QfyS6OUsWBZFBS84OrorBKz/b92Jj11UoClezWwUt+h4VYD5qX26T2pJEC
sWzbpu9GtW8YDVeL5eMRk+adD1KQ7THZ1/5MjPDX70IsttQfKLzYX16rB/WbdGEO
Xl12YdLt8x6n08xdKMPR75DUuBFAQ7iRKGkNKrP8xga1+axNsO2k6zvX0R9Kl2gm
pJ/Tk8PvYH2YdMdAMMY0CwDz9FcPuH1X7axtbl+84NOV
-----END CERTIFICATE-----
Generated at Wed Apr 23 06:28:52 2025 by rpki-client