Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/059543-69e4-48f6-a175-ac96f6aab494/1/zlQRO20Yk1_mYAoDpUObQZaWYXM.roa
File: zlQRO20Yk1_mYAoDpUObQZaWYXM.roa (raw, json)
Hash identifier: Oo/xutKqqErCWrKO49upZDYxcU17kciA5FCpoX0gbs0=
Subject key identifier: CE:54:11:3B:6D:18:93:5F:E6:60:0A:03:A5:43:9B:41:96:96:61:73
Certificate issuer: /CN=52bf21eeb36414b3280e6c33b0b57296b8f6b675
Certificate serial: 018CC8DED464CFAA109ADE957D9FA9C458B0
Authority key identifier: 52:BF:21:EE:B3:64:14:B3:28:0E:6C:33:B0:B5:72:96:B8:F6:B6:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ur8h7rNkFLMoDmwzsLVylrj2tnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/059543-69e4-48f6-a175-ac96f6aab494/1/zlQRO20Yk1_mYAoDpUObQZaWYXM.roa
Signing time: Tue 02 Jan 2024 06:31:35 +0000
ROA not before: Tue 02 Jan 2024 06:31:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42563
IP address blocks: 91.197.56.0/24 maxlen: 24
2001:678:41c::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:d4:64:cf:aa:10:9a:de:95:7d:9f:a9:c4:58:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52bf21eeb36414b3280e6c33b0b57296b8f6b675
Validity
Not Before: Jan 2 06:31:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce54113b6d18935fe6600a03a5439b4196966173
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d0:ff:8d:7b:f8:b7:09:1a:25:0a:bd:5b:5e:
bb:be:cf:d5:4f:1b:ec:eb:62:74:94:26:a3:b2:e0:
91:8f:18:a3:36:92:a5:a3:fb:d1:a3:e5:ee:88:72:
52:59:d5:83:8c:b9:9e:72:6b:58:a8:61:da:54:3e:
41:39:f1:9e:8f:87:ef:35:86:ad:64:fc:0f:1c:d4:
0e:0b:16:f1:ac:13:42:a7:b6:9c:41:1e:96:54:4a:
a5:12:f3:8b:af:61:89:ba:1d:58:64:19:dc:56:00:
d6:01:37:c7:94:97:c6:a0:8c:75:64:3d:58:64:46:
30:a0:cc:f9:d6:76:62:13:01:b0:2d:04:f7:02:1b:
07:f0:a1:d4:ea:53:dc:d1:8c:25:c7:75:8d:c1:ab:
8e:07:92:03:f8:bc:1e:13:d1:1d:6e:e6:57:34:71:
a1:c2:d3:9e:6d:08:3f:72:ca:37:b0:f2:8f:b7:98:
39:a3:65:44:1b:f5:f1:00:7d:ef:c1:ae:0a:6b:aa:
fb:a4:77:33:d6:a6:76:75:a1:f3:3f:a6:30:84:12:
16:61:3d:b8:c4:c7:a4:47:5d:7b:fe:2d:f7:65:ec:
5b:c3:0e:77:d9:f3:ac:8f:30:03:39:ae:92:8c:71:
7e:b6:7b:cb:be:4f:8f:52:39:09:2f:82:f3:78:11:
f6:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:54:11:3B:6D:18:93:5F:E6:60:0A:03:A5:43:9B:41:96:96:61:73
X509v3 Authority Key Identifier:
keyid:52:BF:21:EE:B3:64:14:B3:28:0E:6C:33:B0:B5:72:96:B8:F6:B6:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ur8h7rNkFLMoDmwzsLVylrj2tnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/059543-69e4-48f6-a175-ac96f6aab494/1/zlQRO20Yk1_mYAoDpUObQZaWYXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/059543-69e4-48f6-a175-ac96f6aab494/1/Ur8h7rNkFLMoDmwzsLVylrj2tnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.56.0/24
IPv6:
2001:678:41c::/48
Signature Algorithm: sha256WithRSAEncryption
2a:a8:d3:6b:d7:48:9a:9e:4a:b0:e6:45:b0:0c:ca:f6:f4:83:
eb:c3:c5:d0:64:2a:48:e5:5d:df:f3:45:8e:9f:eb:1d:0b:74:
1f:5d:6d:79:e2:92:be:ba:be:82:7e:c1:18:9a:d2:a6:41:16:
c5:69:1e:97:e8:77:b6:da:0c:46:27:f7:1c:34:ca:85:ad:a3:
3b:34:19:ed:05:09:5a:ee:e9:a6:a1:ea:ad:66:14:4b:36:f6:
94:18:7d:aa:0d:96:30:0d:16:c2:b4:e6:76:c5:4d:26:4e:3e:
67:3a:c1:ab:e3:4b:fd:d8:fe:dc:e4:7d:c9:a9:4b:7e:7f:3e:
f9:1d:54:3a:e0:a3:4a:b3:7f:e8:b4:20:87:00:9d:3c:56:ad:
4a:4c:19:34:9e:d9:d1:8a:96:57:88:d0:44:b3:ca:42:b7:2e:
99:f8:cd:17:ab:b8:0a:75:0c:cb:6f:77:fa:37:97:dc:10:c3:
f9:73:80:14:65:1d:39:69:ee:3b:db:9b:26:8a:85:2d:74:d7:
04:78:c2:f3:0c:16:a8:8a:2b:12:81:59:7a:bf:e6:86:dd:f8:
ce:3d:f3:e8:b8:bd:e1:73:e3:3b:a7:f6:8c:b4:5e:ec:15:b9:
ff:0e:30:76:cb:90:3e:0b:b4:6b:92:e8:79:77:96:85:a4:16:
b5:f4:7a:be
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzI3tRkz6oQmt6VfZ+pxFiwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYmYyMWVlYjM2NDE0YjMyODBlNmMzM2IwYjU3Mjk2Yjhm
NmI2NzUwHhcNMjQwMTAyMDYzMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTU0MTEzYjZkMTg5MzVmZTY2MDBhMDNhNTQzOWI0MTk2OTY2MTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtD/jXv4twkaJQq9W167vs/VTxvs
62J0lCajsuCRjxijNpKlo/vRo+XuiHJSWdWDjLmecmtYqGHaVD5BOfGej4fvNYat
ZPwPHNQOCxbxrBNCp7acQR6WVEqlEvOLr2GJuh1YZBncVgDWATfHlJfGoIx1ZD1Y
ZEYwoMz51nZiEwGwLQT3AhsH8KHU6lPc0Ywlx3WNwauOB5ID+LweE9EdbuZXNHGh
wtOebQg/cso3sPKPt5g5o2VEG/XxAH3vwa4Ka6r7pHcz1qZ2daHzP6YwhBIWYT24
xMekR117/i33Zexbww532fOsjzADOa6SjHF+tnvLvk+PUjkJL4LzeBH23wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM5UETttGJNf5mAKA6VDm0GWlmFzMB8GA1UdIwQY
MBaAFFK/Ie6zZBSzKA5sM7C1cpa49rZ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXI4aDdyTmtGTE1vRG13enNMVnlscmoydG5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8wNTk1NDMtNjllNC00OGY2LWExNzUt
YWM5NmY2YWFiNDk0LzEvemxRUk8yMFlrMV9tWUFvRHBVT2JRWmFXWVhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8wNTk1NDMtNjllNC00OGY2LWExNzUtYWM5NmY2YWFiNDk0
LzEvVXI4aDdyTmtGTE1vRG13enNMVnlscmoydG5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW8U4MA8E
AgACMAkDBwAgAQZ4BBwwDQYJKoZIhvcNAQELBQADggEBACqo02vXSJqeSrDmRbAM
yvb0g+vDxdBkKkjlXd/zRY6f6x0LdB9dbXnikr66voJ+wRia0qZBFsVpHpfod7ba
DEYn9xw0yoWtozs0Ge0FCVru6aah6q1mFEs29pQYfaoNljANFsK05nbFTSZOPmc6
wavjS/3Y/tzkfcmpS35/PvkdVDrgo0qzf+i0IIcAnTxWrUpMGTSe2dGKlleI0ESz
ykK3Lpn4zReruAp1DMtvd/o3l9wQw/lzgBRlHTlp7jvbmyaKhS101wR4wvMMFqiK
KxKBWXq/5obd+M498+i4veFz4zun9oy0XuwVuf8OMHbLkD4LtGuS6Hl3loWkFrX0
er4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:48 2025 by rpki-client