Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/z0DZ6l2nckTDGti6oUBP-tlLQ6A.roa
File: z0DZ6l2nckTDGti6oUBP-tlLQ6A.roa (raw, json)
Hash identifier: z2lDgZ08go/uB3KKXy8XNOeUmaC3mppBSbaGg9ydMPM=
Subject key identifier: CF:40:D9:EA:5D:A7:72:44:C3:1A:D8:BA:A1:40:4F:FA:D9:4B:43:A0
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01959A42662AD9D782492D57B51BEF84639D
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/z0DZ6l2nckTDGti6oUBP-tlLQ6A.roa
Signing time: Sat 15 Mar 2025 14:43:17 +0000
ROA not before: Sat 15 Mar 2025 14:43:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 163.5.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Apr 2025 16:39:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:9a:42:66:2a:d9:d7:82:49:2d:57:b5:1b:ef:84:63:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Mar 15 14:43:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf40d9ea5da77244c31ad8baa1404ffad94b43a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ff:a7:4f:89:85:02:40:6c:92:5e:c4:13:48:
f9:73:c1:24:3a:a8:2c:1a:9e:dd:27:de:4f:26:de:
28:b2:2b:1c:c2:04:12:e3:3a:99:d6:49:73:d3:16:
6c:e3:bf:3b:c1:e3:de:eb:45:5b:93:f9:9e:03:75:
56:ef:a2:0c:07:58:8d:1d:0a:be:ba:e6:e3:49:0e:
ec:52:a6:c5:e0:25:16:64:2c:13:9c:5d:03:5a:1c:
b0:a5:42:5f:ff:ff:e1:df:1c:c4:db:56:06:41:22:
af:bc:d0:b8:84:8a:34:18:b9:7d:8e:73:e0:75:1c:
99:26:1b:0d:9b:7a:21:a3:64:67:90:3b:cb:33:ba:
84:5b:27:36:cf:b1:a3:83:47:42:44:22:4d:f0:5b:
6b:89:ba:82:6a:2d:16:0a:f1:59:05:a5:bf:2c:4e:
45:95:2d:51:8f:71:30:52:a1:ad:80:f7:6f:68:b4:
f0:dc:92:82:24:20:c3:9e:83:8a:e9:f0:ce:fd:22:
f1:db:35:4d:00:e5:df:9f:03:c3:a8:9c:db:96:ff:
10:e8:2a:00:1e:c4:b2:26:c5:05:c8:0c:e5:83:bc:
82:8f:ee:9c:a0:4f:9a:83:fc:99:df:f5:30:23:4d:
66:9d:0c:d6:41:63:d0:5e:be:7f:83:d8:5e:09:8e:
3e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:40:D9:EA:5D:A7:72:44:C3:1A:D8:BA:A1:40:4F:FA:D9:4B:43:A0
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/z0DZ6l2nckTDGti6oUBP-tlLQ6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.41.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:eb:b5:7f:81:62:b2:2b:2b:a4:32:79:b4:e8:75:8a:8d:db:
3e:9f:dc:b0:e8:7f:ee:5a:10:84:7e:8a:54:9c:07:56:6b:3c:
a9:6e:a7:cb:d1:ad:b0:a3:a7:3c:f7:e1:3b:fa:f8:bd:8c:36:
e8:31:d5:8e:16:83:10:3f:0e:59:10:5e:85:2c:05:f9:83:b4:
b3:0a:0a:17:71:ae:b0:ff:e1:75:72:ac:ea:3f:f1:2f:ca:37:
cd:e6:f1:23:3a:6a:07:b4:61:38:ec:8d:04:a0:1a:c9:bc:cc:
a4:e8:ae:e3:16:03:20:1f:8d:3d:4a:d7:76:82:0d:52:b3:1e:
44:bb:f5:9a:74:28:cc:82:28:60:22:c2:6e:4d:aa:75:97:0a:
e7:c9:a4:fc:f3:54:34:9c:2e:87:2b:3b:b3:ad:86:16:82:a1:
73:20:39:a2:bc:7e:21:03:c2:f1:2f:ed:e9:4e:30:ce:3c:2e:
cd:bc:0f:03:ad:7a:7a:58:3f:96:ed:cb:80:05:b8:22:ec:21:
75:ae:80:ed:cc:31:5f:f9:5e:08:1e:1c:fa:a3:ba:23:80:c2:
03:3b:ef:26:b4:80:22:c6:bb:78:69:94:9c:4e:97:11:9c:d5:
75:3c:82:ea:38:96:df:5c:a3:1e:1b:89:31:fe:46:f0:6b:a5:
4d:b9:9a:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWaQmYq2deCSS1XtRvvhGOdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMzE1MTQ0MzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjQwZDllYTVkYTc3MjQ0YzMxYWQ4YmFhMTQwNGZmYWQ5NGI0M2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApP+nT4mFAkBskl7EE0j5c8EkOqgs
Gp7dJ95PJt4osiscwgQS4zqZ1klz0xZs4787wePe60Vbk/meA3VW76IMB1iNHQq+
uubjSQ7sUqbF4CUWZCwTnF0DWhywpUJf///h3xzE21YGQSKvvNC4hIo0GLl9jnPg
dRyZJhsNm3oho2RnkDvLM7qEWyc2z7Gjg0dCRCJN8FtribqCai0WCvFZBaW/LE5F
lS1Rj3EwUqGtgPdvaLTw3JKCJCDDnoOK6fDO/SLx2zVNAOXfnwPDqJzblv8Q6CoA
HsSyJsUFyAzlg7yCj+6coE+ag/yZ3/UwI01mnQzWQWPQXr5/g9heCY4+3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM9A2epdp3JEwxrYuqFAT/rZS0OgMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvejBEWjZsMm5ja1RER3RpNm9VQlAtdGxMUTZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowUpMA0G
CSqGSIb3DQEBCwUAA4IBAQAr67V/gWKyKyukMnm06HWKjds+n9yw6H/uWhCEfopU
nAdWazypbqfL0a2wo6c89+E7+vi9jDboMdWOFoMQPw5ZEF6FLAX5g7SzCgoXca6w
/+F1cqzqP/EvyjfN5vEjOmoHtGE47I0EoBrJvMyk6K7jFgMgH409Std2gg1Ssx5E
u/WadCjMgihgIsJuTap1lwrnyaT881Q0nC6HKzuzrYYWgqFzIDmivH4hA8LxL+3p
TjDOPC7NvA8DrXp6WD+W7cuABbgi7CF1roDtzDFf+V4IHhz6o7ojgMIDO+8mtIAi
xrt4aZScTpcRnNV1PILqOJbfXKMeG4kx/kbwa6VNuZrq
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:01:20 2025 by rpki-client