Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db357d-b170-40a5-a669-82eba0cb3b0d/1/zZ8Y7pfgvX39akunj8_X0dtcXzY.roa
File: zZ8Y7pfgvX39akunj8_X0dtcXzY.roa (raw, json)
Hash identifier: SXi1mKmzklPN6+EEoIW8l2r2Dv/1qVfoZbwZCXX9VnE=
Subject key identifier: CD:9F:18:EE:97:E0:BD:7D:FD:6A:4B:A7:8F:CF:D7:D1:DB:5C:5F:36
Certificate issuer: /CN=220f413fb0af0bd8fe130820d3049d0e71ed4bb0
Certificate serial: 0194B0D6AD51B1C68183D24A965159943989
Authority key identifier: 22:0F:41:3F:B0:AF:0B:D8:FE:13:08:20:D3:04:9D:0E:71:ED:4B:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ig9BP7CvC9j-Ewgg0wSdDnHtS7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db357d-b170-40a5-a669-82eba0cb3b0d/1/zZ8Y7pfgvX39akunj8_X0dtcXzY.roa
Signing time: Wed 29 Jan 2025 06:54:06 +0000
ROA not before: Wed 29 Jan 2025 06:54:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198949
IP address blocks: 217.169.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Mar 2025 21:56:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b0:d6:ad:51:b1:c6:81:83:d2:4a:96:51:59:94:39:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=220f413fb0af0bd8fe130820d3049d0e71ed4bb0
Validity
Not Before: Jan 29 06:54:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd9f18ee97e0bd7dfd6a4ba78fcfd7d1db5c5f36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:d7:81:b6:92:f3:df:f8:64:4a:12:b3:65:c1:
30:b4:bb:29:3c:62:8a:1d:7d:e1:b0:c9:3b:cf:6b:
5e:f2:f9:da:d1:0e:fd:e4:2c:59:53:b3:16:59:3e:
13:a4:ba:95:2c:03:82:c8:ad:43:b2:42:c4:ca:60:
49:45:71:6a:f5:ce:f8:3f:5c:ce:3b:3e:01:14:a5:
47:af:c1:b1:3f:c4:0f:05:45:a9:02:c4:16:27:be:
43:4c:5e:fc:ed:87:d5:80:db:b1:53:f0:7d:54:28:
00:8c:ac:8d:52:f3:33:d1:ab:ba:9b:5b:dd:8c:bb:
5a:78:c5:39:9a:27:ec:4c:27:e2:24:74:9e:da:2f:
91:ba:07:1d:7d:06:4f:9f:55:d7:64:b0:6d:b8:df:
c8:8a:78:5c:87:7d:45:0b:3f:cf:48:27:c9:fb:84:
05:a3:f0:ff:e3:5b:85:a4:ee:fe:39:c5:f4:ee:f0:
84:02:a1:21:3c:5f:24:db:4e:be:4c:70:ed:9c:72:
3f:b2:12:c4:4d:54:45:45:95:a1:f0:5d:70:a0:15:
1f:aa:2f:5b:39:c3:cd:9d:fe:fd:4a:fe:be:bd:44:
2d:72:93:32:c7:3b:69:f9:3f:ea:88:b2:ab:77:f8:
73:55:bc:01:05:4c:c1:92:a9:25:a0:90:b5:a2:2a:
81:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:9F:18:EE:97:E0:BD:7D:FD:6A:4B:A7:8F:CF:D7:D1:DB:5C:5F:36
X509v3 Authority Key Identifier:
keyid:22:0F:41:3F:B0:AF:0B:D8:FE:13:08:20:D3:04:9D:0E:71:ED:4B:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ig9BP7CvC9j-Ewgg0wSdDnHtS7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db357d-b170-40a5-a669-82eba0cb3b0d/1/zZ8Y7pfgvX39akunj8_X0dtcXzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db357d-b170-40a5-a669-82eba0cb3b0d/1/Ig9BP7CvC9j-Ewgg0wSdDnHtS7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.169.200.0/24
Signature Algorithm: sha256WithRSAEncryption
55:dc:88:49:43:a3:dc:dd:71:30:0d:c9:35:b0:52:5c:7a:81:
15:e7:b7:8b:46:d9:7c:48:9d:71:20:38:4d:9f:f5:0a:96:3c:
ca:f6:e4:fa:48:b4:6b:fc:d5:23:42:47:f2:fe:48:d1:a0:6a:
33:a0:48:01:da:77:e7:d4:5b:bd:54:ea:ca:9a:6d:ca:5a:23:
0c:1d:bb:92:c0:ef:f8:e4:11:59:80:5c:50:b1:ee:26:f8:bd:
ce:72:01:08:47:40:4a:dd:e3:99:7a:1f:31:8b:aa:f8:e2:49:
90:4e:cc:32:a5:5d:19:ec:6c:03:5e:9d:d8:7e:9f:27:3c:5f:
8a:51:11:66:48:fc:54:a7:5e:de:e8:bc:77:07:e3:31:3f:80:
94:cf:35:21:be:21:58:ff:e8:65:a5:d7:90:6f:0a:93:fe:e7:
1c:16:cd:bb:53:94:94:60:b0:93:5d:68:8a:1e:47:01:6f:37:
08:ca:07:d8:99:07:58:c4:61:da:f8:6e:00:22:ff:6f:c2:c2:
87:f9:eb:e5:bf:11:91:eb:c4:41:36:3f:c0:b7:9b:e7:d8:13:
13:c3:11:e7:a1:b9:0f:e8:91:50:fd:dc:6c:0b:5f:d7:fb:58:
fe:37:7f:79:06:de:9a:1c:d0:50:a5:ed:09:64:81:12:71:85:
3a:a4:bc:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSw1q1RscaBg9JKllFZlDmJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMGY0MTNmYjBhZjBiZDhmZTEzMDgyMGQzMDQ5ZDBlNzFl
ZDRiYjAwHhcNMjUwMTI5MDY1NDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDlmMThlZTk3ZTBiZDdkZmQ2YTRiYTc4ZmNmZDdkMWRiNWM1ZjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA79eBtpLz3/hkShKzZcEwtLspPGKK
HX3hsMk7z2te8vna0Q795CxZU7MWWT4TpLqVLAOCyK1DskLEymBJRXFq9c74P1zO
Oz4BFKVHr8GxP8QPBUWpAsQWJ75DTF787YfVgNuxU/B9VCgAjKyNUvMz0au6m1vd
jLtaeMU5mifsTCfiJHSe2i+RugcdfQZPn1XXZLBtuN/Iinhch31FCz/PSCfJ+4QF
o/D/41uFpO7+OcX07vCEAqEhPF8k206+THDtnHI/shLETVRFRZWh8F1woBUfqi9b
OcPNnf79Sv6+vUQtcpMyxztp+T/qiLKrd/hzVbwBBUzBkqkloJC1oiqBdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM2fGO6X4L19/WpLp4/P19HbXF82MB8GA1UdIwQY
MBaAFCIPQT+wrwvY/hMIINMEnQ5x7UuwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWc5QlA3Q3ZDOWotRXdnZzB3U2REbkh0UzdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjM1N2QtYjE3MC00MGE1LWE2Njkt
ODJlYmEwY2IzYjBkLzEvelo4WTdwZmd2WDM5YWt1bmo4X1gwZHRjWHpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjM1N2QtYjE3MC00MGE1LWE2NjktODJlYmEwY2IzYjBk
LzEvSWc5QlA3Q3ZDOWotRXdnZzB3U2REbkh0UzdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2anIMA0G
CSqGSIb3DQEBCwUAA4IBAQBV3IhJQ6Pc3XEwDck1sFJceoEV57eLRtl8SJ1xIDhN
n/UKljzK9uT6SLRr/NUjQkfy/kjRoGozoEgB2nfn1Fu9VOrKmm3KWiMMHbuSwO/4
5BFZgFxQse4m+L3OcgEIR0BK3eOZeh8xi6r44kmQTswypV0Z7GwDXp3Yfp8nPF+K
URFmSPxUp17e6Lx3B+MxP4CUzzUhviFY/+hlpdeQbwqT/uccFs27U5SUYLCTXWiK
HkcBbzcIygfYmQdYxGHa+G4AIv9vwsKH+evlvxGR68RBNj/At5vn2BMTwxHnobkP
6JFQ/dxsC1/X+1j+N395Bt6aHNBQpe0JZIEScYU6pLzJ
-----END CERTIFICATE-----
Generated at Mon Apr 14 21:11:44 2025 by rpki-client