Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/cdbb49-57c5-454f-9b05-e65292158f43/1/zCpAnIiV856N7V400u7Rq4NjcMU.roa
File: zCpAnIiV856N7V400u7Rq4NjcMU.roa (raw, json)
Hash identifier: ijkEZcPV04OvBidxdoSZ8VGl3CvQkCxc4MgEqFSpKD0=
Subject key identifier: CC:2A:40:9C:88:95:F3:9E:8D:ED:5E:34:D2:EE:D1:AB:83:63:70:C5
Certificate issuer: /CN=7aa812372b83a5e0c9fca15a552bb63638a3827d
Certificate serial: 0193B1BC85C1F23D27E066759DEEC0164738
Authority key identifier: 7A:A8:12:37:2B:83:A5:E0:C9:FC:A1:5A:55:2B:B6:36:38:A3:82:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eqgSNyuDpeDJ_KFaVSu2Njijgn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/cdbb49-57c5-454f-9b05-e65292158f43/1/zCpAnIiV856N7V400u7Rq4NjcMU.roa
Signing time: Tue 10 Dec 2024 18:02:22 +0000
ROA not before: Tue 10 Dec 2024 18:02:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35399
IP address blocks: 87.236.56.0/21 maxlen: 21
87.236.56.0/22 maxlen: 22
87.236.56.0/24 maxlen: 24
87.236.57.0/24 maxlen: 24
87.236.58.0/24 maxlen: 24
87.236.59.0/24 maxlen: 24
87.236.60.0/22 maxlen: 22
87.236.60.0/24 maxlen: 24
87.236.61.0/24 maxlen: 24
87.236.62.0/24 maxlen: 24
87.236.63.0/24 maxlen: 24
2a03:b300::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b1:bc:85:c1:f2:3d:27:e0:66:75:9d:ee:c0:16:47:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7aa812372b83a5e0c9fca15a552bb63638a3827d
Validity
Not Before: Dec 10 18:02:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc2a409c8895f39e8ded5e34d2eed1ab836370c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:01:f2:dc:19:8d:2e:8f:8b:69:aa:d7:b2:1a:
b0:63:ce:0b:bb:25:41:94:60:13:ef:24:4b:95:f3:
cc:d3:ae:20:0d:c7:d8:e1:88:80:92:55:21:b5:4d:
04:9b:b2:b0:37:e2:8f:58:db:8e:26:60:5f:ac:7a:
1b:da:6d:bf:ac:fd:18:d1:99:4a:29:97:b2:ae:ef:
66:8d:f8:a1:7e:26:be:bc:82:80:95:79:9d:ed:5a:
fa:1d:ee:a4:25:2c:c6:8f:b0:95:a7:d5:15:05:61:
a1:9a:23:d5:3f:04:2a:29:cc:c4:03:66:07:53:c8:
0a:7d:1e:c6:60:a1:9d:c3:09:7b:eb:32:4e:78:ec:
b0:71:ba:03:0b:0d:a8:73:31:e5:2d:97:2b:5e:9c:
c0:cc:7d:c4:c4:67:d5:64:74:c6:bc:2e:25:68:92:
ea:b2:f8:71:29:73:dc:8a:cf:54:ea:82:67:09:81:
69:56:b7:c7:68:e6:7f:14:33:62:80:c7:3f:29:83:
24:2b:0b:87:e5:69:79:95:31:ff:16:22:55:0e:8b:
1f:61:08:e7:b1:f4:be:7d:49:1f:bc:3d:fe:41:7a:
31:83:ec:54:01:8f:d1:63:71:45:70:7b:13:13:5e:
ab:a6:f9:64:ea:ce:18:fc:8f:be:87:c8:e7:44:5a:
9e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:2A:40:9C:88:95:F3:9E:8D:ED:5E:34:D2:EE:D1:AB:83:63:70:C5
X509v3 Authority Key Identifier:
keyid:7A:A8:12:37:2B:83:A5:E0:C9:FC:A1:5A:55:2B:B6:36:38:A3:82:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eqgSNyuDpeDJ_KFaVSu2Njijgn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/cdbb49-57c5-454f-9b05-e65292158f43/1/zCpAnIiV856N7V400u7Rq4NjcMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/cdbb49-57c5-454f-9b05-e65292158f43/1/eqgSNyuDpeDJ_KFaVSu2Njijgn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.56.0/21
IPv6:
2a03:b300::/32
Signature Algorithm: sha256WithRSAEncryption
03:7b:8f:9d:69:47:91:78:1b:66:00:16:e6:2f:fe:a3:43:ed:
c8:cd:3c:a3:d1:ba:d2:96:4b:bb:fe:f6:f3:17:63:1d:ca:52:
14:c9:88:ac:46:bc:7b:dd:56:ca:64:13:ae:77:be:22:75:ef:
7b:43:7c:d6:24:f6:a3:2f:57:57:79:99:27:48:4a:74:42:53:
4c:de:41:bd:d4:ab:ac:f8:7b:7d:0b:0b:61:a9:a5:6a:42:7b:
b6:01:cc:4d:d2:9f:be:1a:a4:41:86:2f:ff:01:07:e6:75:b7:
80:99:99:5d:94:68:18:3f:16:c1:61:f1:e8:28:c3:67:bf:1e:
35:8a:92:53:e8:49:07:4b:5b:b2:58:23:15:c1:12:0b:d6:e0:
57:d7:29:c9:2a:02:42:ee:6c:40:5e:cb:6a:ae:d9:09:89:8e:
40:e6:9d:7b:93:10:9f:1c:1d:04:dc:52:e8:6d:04:9f:9e:b5:
48:55:ee:e3:23:f3:ee:56:f8:66:b6:e0:2b:47:66:6f:64:e7:
d3:9d:d4:62:fd:6a:86:79:be:e8:33:f6:f3:a9:76:8b:56:99:
f3:c3:f5:c9:cb:9e:7d:2a:74:5c:e9:e8:ee:30:78:c0:54:6f:
e5:54:46:7d:b7:e5:a5:72:a5:34:c4:18:54:c4:a3:93:4d:cd:
82:79:d8:c2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZOxvIXB8j0n4GZ1ne7AFkc4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhYTgxMjM3MmI4M2E1ZTBjOWZjYTE1YTU1MmJiNjM2Mzhh
MzgyN2QwHhcNMjQxMjEwMTgwMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzJhNDA5Yzg4OTVmMzllOGRlZDVlMzRkMmVlZDFhYjgzNjM3MGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQHy3BmNLo+LaarXshqwY84LuyVB
lGAT7yRLlfPM064gDcfY4YiAklUhtU0Em7KwN+KPWNuOJmBfrHob2m2/rP0Y0ZlK
KZeyru9mjfihfia+vIKAlXmd7Vr6He6kJSzGj7CVp9UVBWGhmiPVPwQqKczEA2YH
U8gKfR7GYKGdwwl76zJOeOywcboDCw2oczHlLZcrXpzAzH3ExGfVZHTGvC4laJLq
svhxKXPcis9U6oJnCYFpVrfHaOZ/FDNigMc/KYMkKwuH5Wl5lTH/FiJVDosfYQjn
sfS+fUkfvD3+QXoxg+xUAY/RY3FFcHsTE16rpvlk6s4Y/I++h8jnRFqeiwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMwqQJyIlfOeje1eNNLu0auDY3DFMB8GA1UdIwQY
MBaAFHqoEjcrg6XgyfyhWlUrtjY4o4J9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXFnU055dURwZURKX0tGYVZTdTJOamlqZ24wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9jZGJiNDktNTdjNS00NTRmLTliMDUt
ZTY1MjkyMTU4ZjQzLzEvekNwQW5JaVY4NTZON1Y0MDB1N1JxNE5qY01VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9jZGJiNDktNTdjNS00NTRmLTliMDUtZTY1MjkyMTU4ZjQz
LzEvZXFnU055dURwZURKX0tGYVZTdTJOamlqZ24wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDV+w4MA0E
AgACMAcDBQAqA7MAMA0GCSqGSIb3DQEBCwUAA4IBAQADe4+daUeReBtmABbmL/6j
Q+3IzTyj0brSlku7/vbzF2MdylIUyYisRrx73VbKZBOud74ide97Q3zWJPajL1dX
eZknSEp0QlNM3kG91Kus+Ht9CwthqaVqQnu2AcxN0p++GqRBhi//AQfmdbeAmZld
lGgYPxbBYfHoKMNnvx41ipJT6EkHS1uyWCMVwRIL1uBX1ynJKgJC7mxAXstqrtkJ
iY5A5p17kxCfHB0E3FLobQSfnrVIVe7jI/PuVvhmtuArR2ZvZOfTndRi/WqGeb7o
M/bzqXaLVpnzw/XJy559KnRc6ejuMHjAVG/lVEZ9t+WlcqU0xBhUxKOTTc2CedjC
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:31:35 2025 by rpki-client