Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/CzzSQ2PY-vHmCtk5EzcV6rPXmVw.roa
File: CzzSQ2PY-vHmCtk5EzcV6rPXmVw.roa (raw, json)
Hash identifier: Eynd4zc6/VSXYviD52LkEsuyazt8OyBYu4ufmxzt6E8=
Subject key identifier: 0B:3C:D2:43:63:D8:FA:F1:E6:0A:D9:39:13:37:15:EA:B3:D7:99:5C
Certificate issuer: /CN=5a5e66b2759e50bb69bb0a4409eeb3ba48c46c56
Certificate serial: 0195B849A810142942F7290FB9BE32511E11
Authority key identifier: 5A:5E:66:B2:75:9E:50:BB:69:BB:0A:44:09:EE:B3:BA:48:C4:6C:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wl5msnWeULtpuwpECe6zukjEbFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/CzzSQ2PY-vHmCtk5EzcV6rPXmVw.roa
Signing time: Fri 21 Mar 2025 10:39:49 +0000
ROA not before: Fri 21 Mar 2025 10:39:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58030
IP address blocks: 91.237.254.0/24 maxlen: 24
91.237.255.0/24 maxlen: 24
91.238.0.0/24 maxlen: 24
2001:67c:1158::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 21 Mar 2025 13:11:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b8:49:a8:10:14:29:42:f7:29:0f:b9:be:32:51:1e:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a5e66b2759e50bb69bb0a4409eeb3ba48c46c56
Validity
Not Before: Mar 21 10:39:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b3cd24363d8faf1e60ad939133715eab3d7995c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:c6:6c:87:45:e5:bf:6d:88:6b:7e:0d:8d:e8:
57:2a:95:a8:b6:7f:a9:de:95:0c:f8:5c:b4:f1:4a:
60:15:3e:52:8c:b7:e3:04:04:99:44:60:fd:51:cc:
cb:d8:21:eb:41:71:ca:da:4b:b2:48:37:3b:49:ea:
d2:f9:a2:4d:ca:c3:35:44:ed:5f:95:8f:d3:bd:db:
5f:50:b8:44:dc:3e:ba:89:3b:40:a9:a4:37:84:a7:
a4:b3:8d:47:ac:3a:15:4b:8e:af:04:d9:93:fb:57:
9f:6e:d8:fb:8e:3e:e6:62:f4:46:9b:71:57:7a:79:
d0:22:83:db:34:ef:7a:16:d4:d5:6f:f6:00:2a:e4:
71:10:4e:8f:c4:26:fc:5d:6a:a4:54:5b:30:b4:b0:
23:11:be:ea:3a:b4:ae:9e:92:38:b2:75:d6:b6:b2:
2d:e6:fe:0f:07:97:06:cf:5b:ce:19:ae:7c:4c:a4:
30:05:cd:de:42:21:4c:f3:9a:de:f5:66:06:df:2b:
67:8b:7b:a5:43:33:8d:e2:04:bf:bd:69:1a:55:e4:
5e:be:ef:6f:9a:09:b8:26:f1:84:97:94:98:4c:a3:
e1:1a:cc:cd:84:a6:93:c4:75:cb:0e:b3:30:d5:08:
d0:e2:dc:a5:d4:cb:69:79:df:fa:46:e5:a5:94:14:
b4:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:3C:D2:43:63:D8:FA:F1:E6:0A:D9:39:13:37:15:EA:B3:D7:99:5C
X509v3 Authority Key Identifier:
keyid:5A:5E:66:B2:75:9E:50:BB:69:BB:0A:44:09:EE:B3:BA:48:C4:6C:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wl5msnWeULtpuwpECe6zukjEbFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/CzzSQ2PY-vHmCtk5EzcV6rPXmVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/Wl5msnWeULtpuwpECe6zukjEbFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.254.0-91.238.0.255
IPv6:
2001:67c:1158::/48
Signature Algorithm: sha256WithRSAEncryption
78:cf:a2:1f:51:5e:71:12:7a:ef:7b:b0:08:ff:d6:f4:4b:93:
5b:89:b8:dd:92:91:09:a7:cb:b8:b1:2c:04:c1:d1:b2:1b:7e:
d2:0d:7a:0f:29:5c:74:3b:bb:60:b8:fc:a7:e3:87:ae:95:7a:
40:79:26:8d:10:fe:54:b4:47:92:4b:88:22:26:5f:dd:82:39:
6f:6c:dd:27:94:e6:76:7c:9c:7e:41:c6:5d:a9:22:a9:6b:5a:
1a:9b:44:d0:a5:e3:4d:b8:81:25:27:95:a8:ab:06:1a:db:16:
83:0d:6e:b5:d3:67:67:0d:d8:9d:16:b1:6c:c0:78:34:78:15:
ee:d6:f9:43:14:8b:78:49:00:76:56:b9:f3:c0:6c:93:1b:fe:
ce:d9:6a:10:20:52:61:87:7a:d1:1a:d6:af:df:92:96:cb:9e:
d9:a7:04:66:3a:3f:a8:71:aa:a3:20:6a:13:8d:fc:33:80:aa:
a2:c5:21:e6:7c:60:6b:ea:14:48:d7:ec:79:a3:e3:0f:5c:50:
c5:8c:12:11:2c:cb:2c:f2:ae:36:2b:d7:7c:2f:b1:ea:2e:6b:
4d:05:06:f7:af:32:d1:ea:fb:e2:42:93:f8:17:d0:39:ab:7f:
b7:6c:99:ca:45:1d:03:5b:e0:4f:48:34:a3:ed:43:f6:da:01:
59:29:a2:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZW4SagQFClC9ykPub4yUR4RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNWU2NmIyNzU5ZTUwYmI2OWJiMGE0NDA5ZWViM2JhNDhj
NDZjNTYwHhcNMjUwMzIxMTAzOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjNjZDI0MzYzZDhmYWYxZTYwYWQ5MzkxMzM3MTVlYWIzZDc5OTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8cZsh0Xlv22Ia34NjehXKpWotn+p
3pUM+Fy08UpgFT5SjLfjBASZRGD9UczL2CHrQXHK2kuySDc7SerS+aJNysM1RO1f
lY/TvdtfULhE3D66iTtAqaQ3hKeks41HrDoVS46vBNmT+1efbtj7jj7mYvRGm3FX
ennQIoPbNO96FtTVb/YAKuRxEE6PxCb8XWqkVFswtLAjEb7qOrSunpI4snXWtrIt
5v4PB5cGz1vOGa58TKQwBc3eQiFM85re9WYG3ytni3ulQzON4gS/vWkaVeRevu9v
mgm4JvGEl5SYTKPhGszNhKaTxHXLDrMw1QjQ4tyl1Mtped/6RuWllBS0uwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAs80kNj2Prx5grZORM3Feqz15lcMB8GA1UdIwQY
MBaAFFpeZrJ1nlC7absKRAnus7pIxGxWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2w1bXNuV2VVTHRwdXdwRUNlNnp1a2pFYkZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi80Zjc2YjQtN2Q1Ni00N2EwLWFjNWIt
NjUzZjIzOWZlOWEwLzEvQ3p6U1EyUFktdkhtQ3RrNUV6Y1Y2clBYbVZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi80Zjc2YjQtN2Q1Ni00N2EwLWFjNWItNjUzZjIzOWZlOWEw
LzEvV2w1bXNuV2VVTHRwdXdwRUNlNnp1a2pFYkZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAFb7f4D
BABb7gAwDwQCAAIwCQMHACABBnwRWDANBgkqhkiG9w0BAQsFAAOCAQEAeM+iH1Fe
cRJ673uwCP/W9EuTW4m43ZKRCafLuLEsBMHRsht+0g16DylcdDu7YLj8p+OHrpV6
QHkmjRD+VLRHkkuIIiZf3YI5b2zdJ5TmdnycfkHGXakiqWtaGptE0KXjTbiBJSeV
qKsGGtsWgw1utdNnZw3YnRaxbMB4NHgV7tb5QxSLeEkAdla588Bskxv+ztlqECBS
YYd60RrWr9+Slsue2acEZjo/qHGqoyBqE438M4CqosUh5nxga+oUSNfseaPjD1xQ
xYwSESzLLPKuNivXfC+x6i5rTQUG968y0er74kKT+BfQOat/t2yZykUdA1vgT0g0
o+1D9toBWSmiVw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:21:30 2025 by rpki-client