Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/3a72ba-1dca-40d9-a8ad-4ce6231f2ad9/1/Z52CwfOJmSHpi30bivKAIbmxLNo.roa
File: Z52CwfOJmSHpi30bivKAIbmxLNo.roa (raw, json)
Hash identifier: SDlCF+Rdmk6kFJZpKACWbKNsKJTaYqZ57IgzS1Kcz88=
Subject key identifier: 67:9D:82:C1:F3:89:99:21:E9:8B:7D:1B:8A:F2:80:21:B9:B1:2C:DA
Certificate issuer: /CN=6eae4bb0513980c87f9bac592952c095777ac12e
Certificate serial: 0193C0DF08D87758EABB46FFD0E4BB6D9942
Authority key identifier: 6E:AE:4B:B0:51:39:80:C8:7F:9B:AC:59:29:52:C0:95:77:7A:C1:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bq5LsFE5gMh_m6xZKVLAlXd6wS4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/3a72ba-1dca-40d9-a8ad-4ce6231f2ad9/1/Z52CwfOJmSHpi30bivKAIbmxLNo.roa
Signing time: Fri 13 Dec 2024 16:34:22 +0000
ROA not before: Fri 13 Dec 2024 16:34:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 553
IP address blocks: 141.72.0.0/16 maxlen: 16
141.72.0.0/17 maxlen: 17
141.72.128.0/18 maxlen: 18
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c0:df:08:d8:77:58:ea:bb:46:ff:d0:e4:bb:6d:99:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6eae4bb0513980c87f9bac592952c095777ac12e
Validity
Not Before: Dec 13 16:34:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=679d82c1f3899921e98b7d1b8af28021b9b12cda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4d:57:91:64:29:e2:d6:e6:ce:1f:6d:9b:02:
5e:77:b9:79:10:c6:04:e2:ed:0a:3b:22:84:c3:56:
b5:22:5e:95:26:dc:ea:86:63:02:b6:9d:60:4f:6a:
c6:24:6f:39:74:33:ea:a0:8a:d4:1a:d6:33:e4:75:
6a:7f:86:9e:09:41:5b:50:23:98:6d:61:ef:92:b8:
54:4c:83:2b:64:d1:59:3d:6d:6e:0f:e0:46:99:8a:
ea:32:06:bb:8c:99:5e:cd:55:c6:c1:75:92:aa:f9:
d0:e0:61:9e:97:f1:31:64:b7:55:73:c1:ba:d6:c6:
f7:5c:6f:85:71:4c:ab:10:a7:11:1c:83:0c:e7:07:
cf:a9:f1:6c:d7:c8:9a:df:7d:0c:3d:1d:74:36:ce:
b4:10:3a:c0:71:b2:fd:94:29:8c:d5:36:ed:17:0f:
aa:37:19:d7:34:b6:50:84:0f:51:35:ae:1d:95:8f:
8c:77:ae:c6:48:f5:f9:a6:8c:5f:87:24:e7:1c:9b:
72:7b:9c:dd:aa:ac:65:0a:65:2a:0c:e7:97:0d:3a:
d2:90:4b:f3:6f:56:e9:37:c0:bd:51:19:da:2a:d0:
ba:fa:ce:1f:57:1d:12:90:30:9a:a0:b8:9a:22:54:
63:61:18:56:68:0b:5e:eb:f6:e1:04:de:da:3b:e0:
52:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:9D:82:C1:F3:89:99:21:E9:8B:7D:1B:8A:F2:80:21:B9:B1:2C:DA
X509v3 Authority Key Identifier:
keyid:6E:AE:4B:B0:51:39:80:C8:7F:9B:AC:59:29:52:C0:95:77:7A:C1:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bq5LsFE5gMh_m6xZKVLAlXd6wS4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3a72ba-1dca-40d9-a8ad-4ce6231f2ad9/1/Z52CwfOJmSHpi30bivKAIbmxLNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3a72ba-1dca-40d9-a8ad-4ce6231f2ad9/1/bq5LsFE5gMh_m6xZKVLAlXd6wS4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.72.0.0/16
Signature Algorithm: sha256WithRSAEncryption
86:86:19:0e:6e:09:b4:4c:a8:ea:e1:7f:6e:e4:be:43:2b:76:
25:36:4b:f5:9a:57:c2:46:cb:65:af:8a:44:db:12:1b:8d:07:
92:ad:e3:4a:12:b2:e3:c7:a9:84:e4:ed:69:19:83:53:c6:f5:
33:0c:e1:2d:28:78:99:07:b1:56:9c:0e:c7:38:b0:a2:02:d0:
e8:54:66:2b:88:ce:f2:fb:88:a2:5f:13:bb:e9:37:a6:e2:f6:
07:d4:6c:ed:68:76:1e:ff:9d:4b:b1:d8:bd:1e:51:b0:d5:73:
6d:da:96:f1:13:5b:9b:6b:3a:8b:e5:b6:37:e3:f8:b0:11:e8:
3d:24:ce:8a:10:42:6e:ad:78:62:24:21:88:1d:0c:9d:1f:35:
76:8e:c9:33:0b:a7:05:12:7e:e9:b4:e1:a2:8a:9a:ab:63:64:
7d:47:2f:e1:7d:1b:6c:18:0a:37:2e:31:12:83:c7:05:b1:29:
57:f6:2f:e4:8b:2a:c4:02:e4:71:2f:3e:f5:2b:6a:cd:13:2e:
b7:76:6c:8c:8d:69:12:b2:93:67:7e:1b:f2:19:db:37:03:5f:
70:f8:dd:b6:27:db:8d:8e:d2:9b:a1:d4:81:37:84:71:00:83:
1f:68:86:9b:de:b2:8c:3a:10:46:45:81:5e:39:b6:b5:b8:73:
d5:f0:45:98
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZPA3wjYd1jqu0b/0OS7bZlCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlYWU0YmIwNTEzOTgwYzg3ZjliYWM1OTI5NTJjMDk1Nzc3
YWMxMmUwHhcNMjQxMjEzMTYzNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzlkODJjMWYzODk5OTIxZTk4YjdkMWI4YWYyODAyMWI5YjEyY2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt01XkWQp4tbmzh9tmwJed7l5EMYE
4u0KOyKEw1a1Il6VJtzqhmMCtp1gT2rGJG85dDPqoIrUGtYz5HVqf4aeCUFbUCOY
bWHvkrhUTIMrZNFZPW1uD+BGmYrqMga7jJlezVXGwXWSqvnQ4GGel/ExZLdVc8G6
1sb3XG+FcUyrEKcRHIMM5wfPqfFs18ia330MPR10Ns60EDrAcbL9lCmM1TbtFw+q
NxnXNLZQhA9RNa4dlY+Md67GSPX5poxfhyTnHJtye5zdqqxlCmUqDOeXDTrSkEvz
b1bpN8C9URnaKtC6+s4fVx0SkDCaoLiaIlRjYRhWaAte6/bhBN7aO+BSGQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFGedgsHziZkh6Yt9G4rygCG5sSzaMB8GA1UdIwQY
MBaAFG6uS7BROYDIf5usWSlSwJV3esEuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnE1THNGRTVnTWhfbTZ4WktWTEFsWGQ2d1M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8zYTcyYmEtMWRjYS00MGQ5LWE4YWQt
NGNlNjIzMWYyYWQ5LzEvWjUyQ3dmT0ptU0hwaTMwYml2S0FJYm14TE5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8zYTcyYmEtMWRjYS00MGQ5LWE4YWQtNGNlNjIzMWYyYWQ5
LzEvYnE1THNGRTVnTWhfbTZ4WktWTEFsWGQ2d1M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjUgwDQYJ
KoZIhvcNAQELBQADggEBAIaGGQ5uCbRMqOrhf27kvkMrdiU2S/WaV8JGy2WvikTb
EhuNB5Kt40oSsuPHqYTk7WkZg1PG9TMM4S0oeJkHsVacDsc4sKIC0OhUZiuIzvL7
iKJfE7vpN6bi9gfUbO1odh7/nUux2L0eUbDVc23alvETW5trOovltjfj+LAR6D0k
zooQQm6teGIkIYgdDJ0fNXaOyTMLpwUSfum04aKKmqtjZH1HL+F9G2wYCjcuMRKD
xwWxKVf2L+SLKsQC5HEvPvUras0TLrd2bIyNaRKyk2d+G/IZ2zcDX3D43bYn242O
0puh1IE3hHEAgx9ohpvesow6EEZFgV45trW4c9XwRZg=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:12:12 2025 by rpki-client