Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/fzdzpHnlxfBXtqrHbJRnkK0p3H0.roa
File: fzdzpHnlxfBXtqrHbJRnkK0p3H0.roa (raw, json)
Hash identifier: qCdtV80kzc6/8Gh2dPdMGVSuON5vb744T06k/rkDPkE=
Subject key identifier: 7F:37:73:A4:79:E5:C5:F0:57:B6:AA:C7:6C:94:67:90:AD:29:DC:7D
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0194EB13F3856C24C50B4ADA38F2BB8450B4
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/fzdzpHnlxfBXtqrHbJRnkK0p3H0.roa
Signing time: Sun 09 Feb 2025 14:19:00 +0000
ROA not before: Sun 09 Feb 2025 14:19:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215365
IP address blocks: 5.231.253.0/24 maxlen: 24
77.90.60.0/24 maxlen: 24
94.249.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Feb 2025 19:02:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:eb:13:f3:85:6c:24:c5:0b:4a:da:38:f2:bb:84:50:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Feb 9 14:19:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f3773a479e5c5f057b6aac76c946790ad29dc7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1d:24:21:8d:95:61:fd:80:31:3d:88:a4:b0:
44:f8:99:59:56:82:71:e7:d6:b3:70:d0:d6:36:08:
6b:39:f5:2b:60:9a:79:7f:22:f0:3c:a8:f2:82:81:
40:ba:3e:b3:d3:45:85:86:31:8c:e8:f8:68:95:dd:
44:97:ad:05:59:41:d4:6c:09:e0:0f:2e:7d:f3:91:
4e:c5:06:80:29:e8:a1:4d:4b:fa:4f:c5:60:02:56:
6d:a2:d4:64:3e:34:07:d6:cd:9e:dc:e0:03:55:bd:
f0:42:e3:3d:1a:b5:b4:28:a4:9f:85:23:d7:00:dd:
57:05:60:3b:15:09:29:c6:cc:4f:13:a9:4c:a3:da:
66:ce:d3:75:03:43:3d:fe:8f:29:0f:ac:f6:e9:62:
79:d6:c2:11:4f:b3:ec:be:f3:48:16:3e:e2:5d:d2:
be:32:bd:84:43:1f:0f:93:0d:3a:21:00:66:6f:9e:
8d:9a:1c:e8:08:8b:2d:74:6b:16:9b:49:79:93:42:
ca:a0:7e:95:b0:81:d6:13:50:48:1f:65:10:cf:62:
59:77:0b:34:4b:24:e0:9d:92:49:27:42:60:9d:79:
b4:91:bc:8f:67:8e:76:67:ca:dd:1c:34:73:95:f7:
73:4d:9e:73:15:fd:8f:7c:ac:32:19:6a:0d:cd:7a:
03:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:37:73:A4:79:E5:C5:F0:57:B6:AA:C7:6C:94:67:90:AD:29:DC:7D
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/fzdzpHnlxfBXtqrHbJRnkK0p3H0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.253.0/24
77.90.60.0/24
94.249.148.0/24
Signature Algorithm: sha256WithRSAEncryption
11:4f:62:59:e9:e0:e6:36:5e:74:1c:d4:59:c6:c0:a4:34:3b:
cf:70:a2:04:c7:86:73:0d:46:f3:74:43:91:56:31:6e:d4:91:
12:b4:fd:a4:49:14:52:a8:a7:21:1f:17:45:8e:b5:14:72:e0:
5f:49:8b:7b:4e:17:9a:da:44:44:30:5b:20:b7:bf:3f:6c:1d:
69:fb:95:b2:43:42:5c:6c:20:ad:b0:3e:d2:d7:09:ab:fb:52:
73:ab:58:17:b3:b3:ef:7a:17:f1:4e:88:35:0f:3d:e3:b6:5f:
6f:be:a2:69:00:67:bd:6a:11:c6:cd:e0:6c:8f:a9:28:64:0a:
2c:67:f1:07:f1:18:41:b5:1a:33:c3:e5:6d:a5:ad:ef:9e:84:
18:37:d6:3a:89:5c:93:ef:06:2b:05:d0:62:24:35:20:f7:de:
0f:52:0b:ff:33:6d:32:51:4f:5f:c5:0e:0c:af:21:cd:e2:da:
1f:41:a7:39:a1:83:58:f9:8b:69:aa:48:f3:1e:ca:df:dc:97:
98:31:1e:b4:c7:47:d9:cb:41:59:05:66:63:2a:d1:d0:00:2f:
e2:2f:5c:03:78:be:31:bf:99:ed:46:eb:10:aa:88:2a:49:62:
5e:f2:46:38:4b:74:38:a7:e7:c2:fe:01:68:ee:6a:99:e8:25:
95:a5:9b:25
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZTrE/OFbCTFC0raOPK7hFC0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMjA5MTQxOTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjM3NzNhNDc5ZTVjNWYwNTdiNmFhYzc2Yzk0Njc5MGFkMjlkYzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtx0kIY2VYf2AMT2IpLBE+JlZVoJx
59azcNDWNghrOfUrYJp5fyLwPKjygoFAuj6z00WFhjGM6Phold1El60FWUHUbAng
Dy5985FOxQaAKeihTUv6T8VgAlZtotRkPjQH1s2e3OADVb3wQuM9GrW0KKSfhSPX
AN1XBWA7FQkpxsxPE6lMo9pmztN1A0M9/o8pD6z26WJ51sIRT7PsvvNIFj7iXdK+
Mr2EQx8Pkw06IQBmb56NmhzoCIstdGsWm0l5k0LKoH6VsIHWE1BIH2UQz2JZdws0
SyTgnZJJJ0JgnXm0kbyPZ452Z8rdHDRzlfdzTZ5zFf2PfKwyGWoNzXoDkwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH83c6R55cXwV7aqx2yUZ5CtKdx9MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvZnpkenBIbmx4ZkJYdHFySGJKUm5rSzBwM0gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABef9AwQA
TVo8AwQAXvmUMA0GCSqGSIb3DQEBCwUAA4IBAQART2JZ6eDmNl50HNRZxsCkNDvP
cKIEx4ZzDUbzdEORVjFu1JEStP2kSRRSqKchHxdFjrUUcuBfSYt7Thea2kREMFsg
t78/bB1p+5WyQ0JcbCCtsD7S1wmr+1Jzq1gXs7PvehfxTog1Dz3jtl9vvqJpAGe9
ahHGzeBsj6koZAosZ/EH8RhBtRozw+Vtpa3vnoQYN9Y6iVyT7wYrBdBiJDUg994P
Ugv/M20yUU9fxQ4MryHN4tofQac5oYNY+YtpqkjzHsrf3JeYMR60x0fZy0FZBWZj
KtHQAC/iL1wDeL4xv5ntRusQqogqSWJe8kY4S3Q4p+fC/gFo7mqZ6CWVpZsl
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:33:13 2025 by rpki-client