Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/53696f-f973-47fb-8d79-addc6d4bb2e7/1/Zhpz-qkWJ3qvCFOgiV-BniewV-A.roa
File: Zhpz-qkWJ3qvCFOgiV-BniewV-A.roa (raw, json)
Hash identifier: M5wnqOd3GIMLdq1AzDchcU6wmi+Vvtp3i7m/eRiMfCc=
Subject key identifier: 66:1A:73:FA:A9:16:27:7A:AF:08:53:A0:89:5F:81:9E:27:B0:57:E0
Certificate issuer: /CN=49a9e891e06d42277dc4fb5fbd69e9abd8e29883
Certificate serial: 018CCA2864A5A8F5F7DF24FE148723AA119C
Authority key identifier: 49:A9:E8:91:E0:6D:42:27:7D:C4:FB:5F:BD:69:E9:AB:D8:E2:98:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SanokeBtQid9xPtfvWnpq9jimIM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/53696f-f973-47fb-8d79-addc6d4bb2e7/1/Zhpz-qkWJ3qvCFOgiV-BniewV-A.roa
Signing time: Tue 02 Jan 2024 12:31:34 +0000
ROA not before: Tue 02 Jan 2024 12:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196655
IP address blocks: 109.68.128.0/21 maxlen: 24
185.40.200.0/22 maxlen: 24
178.22.16.0/21 maxlen: 21
193.142.23.0/24 maxlen: 24
2a00:1f50::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:28:64:a5:a8:f5:f7:df:24:fe:14:87:23:aa:11:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49a9e891e06d42277dc4fb5fbd69e9abd8e29883
Validity
Not Before: Jan 2 12:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=661a73faa916277aaf0853a0895f819e27b057e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ea:b1:30:ea:36:96:ff:3c:ea:10:9f:21:26:
73:cb:f9:c4:fd:11:ce:69:38:00:f1:84:d9:33:fe:
10:ce:32:97:03:e9:35:7f:dc:19:dd:61:a1:eb:a7:
4d:fc:79:4d:9e:73:c9:a6:69:4d:ec:f2:19:92:45:
46:31:3a:6d:ed:51:c2:ef:41:93:f0:dc:44:64:3a:
98:97:e1:c7:f9:b5:94:ed:fc:a6:92:b6:15:b3:c8:
e7:72:35:46:0d:be:6e:a8:2b:ca:08:29:b4:f2:2f:
53:5e:ba:05:d2:24:db:2d:0e:33:75:ad:e6:48:a4:
95:76:1c:51:71:e2:0d:5d:a2:cc:d0:c6:42:bd:ed:
72:8b:2f:39:6d:a3:30:dd:c3:ea:85:1f:a8:45:f6:
45:5d:9d:32:6c:a8:40:86:f9:a3:52:3b:02:df:3c:
cc:5e:45:c0:f4:2b:b5:33:ea:c1:42:5a:c0:b9:aa:
14:41:e4:79:48:22:ee:47:f9:e8:ca:0f:d0:54:4e:
f4:81:35:4c:39:82:7c:5f:e6:d4:67:2d:88:7a:02:
e3:70:ad:3b:0a:33:b0:1a:0d:bb:48:1c:60:c9:6a:
0d:6e:e4:a0:92:4e:c1:12:17:9e:c2:21:88:c6:ed:
d6:91:fb:86:06:51:69:20:88:cf:73:8e:1a:ee:13:
f1:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:1A:73:FA:A9:16:27:7A:AF:08:53:A0:89:5F:81:9E:27:B0:57:E0
X509v3 Authority Key Identifier:
keyid:49:A9:E8:91:E0:6D:42:27:7D:C4:FB:5F:BD:69:E9:AB:D8:E2:98:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SanokeBtQid9xPtfvWnpq9jimIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/53696f-f973-47fb-8d79-addc6d4bb2e7/1/Zhpz-qkWJ3qvCFOgiV-BniewV-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/53696f-f973-47fb-8d79-addc6d4bb2e7/1/SanokeBtQid9xPtfvWnpq9jimIM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.68.128.0/21
178.22.16.0/21
185.40.200.0/22
193.142.23.0/24
IPv6:
2a00:1f50::/32
Signature Algorithm: sha256WithRSAEncryption
51:42:2d:a4:14:6f:1c:c1:4f:55:2b:53:f5:59:e7:84:35:04:
54:1f:67:cf:f5:7b:8d:4a:13:4a:49:86:fe:11:d0:f1:df:66:
4d:49:85:5a:72:30:4a:61:ef:91:6f:2a:09:d4:58:bd:8d:2c:
a3:2e:aa:ba:17:9f:f0:5c:a8:e8:85:19:66:e7:43:3b:c5:48:
7c:06:f7:ad:af:53:36:50:83:f4:cc:04:0b:94:4b:b9:75:3b:
88:14:d4:e1:11:c8:56:12:10:db:87:7c:64:0a:d0:59:5e:ad:
d1:63:82:22:f5:28:d1:b5:1a:e5:e2:17:7f:1b:99:e3:86:ed:
db:c6:05:ad:4a:6f:4b:52:4d:0c:1c:20:82:b6:81:a1:06:81:
11:db:28:c5:32:7f:4a:73:aa:27:ec:74:2d:90:90:94:88:ea:
2a:8d:81:af:bc:74:0f:05:da:2c:00:c4:b3:91:ed:8f:db:ee:
f6:e4:25:9d:25:25:e8:47:03:8f:20:95:2b:03:6f:dd:7e:76:
e0:c0:76:f7:ba:44:40:6f:b7:1a:d8:d4:93:0c:4d:1f:33:5d:
4d:af:60:d8:0f:bf:5a:fa:25:12:7e:17:e0:66:d8:6b:a4:51:
0c:bf:24:21:3b:6d:e0:ee:69:26:80:6e:47:5c:8f:e2:4f:e6:
f0:c2:36:50
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzKKGSlqPX33yT+FIcjqhGcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5YTllODkxZTA2ZDQyMjc3ZGM0ZmI1ZmJkNjllOWFiZDhl
Mjk4ODMwHhcNMjQwMTAyMTIzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjFhNzNmYWE5MTYyNzdhYWYwODUzYTA4OTVmODE5ZTI3YjA1N2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+qxMOo2lv886hCfISZzy/nE/RHO
aTgA8YTZM/4QzjKXA+k1f9wZ3WGh66dN/HlNnnPJpmlN7PIZkkVGMTpt7VHC70GT
8NxEZDqYl+HH+bWU7fymkrYVs8jncjVGDb5uqCvKCCm08i9TXroF0iTbLQ4zda3m
SKSVdhxRceINXaLM0MZCve1yiy85baMw3cPqhR+oRfZFXZ0ybKhAhvmjUjsC3zzM
XkXA9Cu1M+rBQlrAuaoUQeR5SCLuR/noyg/QVE70gTVMOYJ8X+bUZy2IegLjcK07
CjOwGg27SBxgyWoNbuSgkk7BEheewiGIxu3WkfuGBlFpIIjPc44a7hPxdwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGYac/qpFid6rwhToIlfgZ4nsFfgMB8GA1UdIwQY
MBaAFEmp6JHgbUInfcT7X71p6avY4piDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2Fub2tlQnRRaWQ5eFB0ZnZXbnBxOWppbUlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81MzY5NmYtZjk3My00N2ZiLThkNzkt
YWRkYzZkNGJiMmU3LzEvWmhwei1xa1dKM3F2Q0ZPZ2lWLUJuaWV3Vi1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi81MzY5NmYtZjk3My00N2ZiLThkNzktYWRkYzZkNGJiMmU3
LzEvU2Fub2tlQnRRaWQ5eFB0ZnZXbnBxOWppbUlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDbUSAAwQD
shYQAwQCuSjIAwQAwY4XMA0EAgACMAcDBQAqAB9QMA0GCSqGSIb3DQEBCwUAA4IB
AQBRQi2kFG8cwU9VK1P1WeeENQRUH2fP9XuNShNKSYb+EdDx32ZNSYVacjBKYe+R
byoJ1Fi9jSyjLqq6F5/wXKjohRlm50M7xUh8Bvetr1M2UIP0zAQLlEu5dTuIFNTh
EchWEhDbh3xkCtBZXq3RY4Ii9SjRtRrl4hd/G5njhu3bxgWtSm9LUk0MHCCCtoGh
BoER2yjFMn9Kc6on7HQtkJCUiOoqjYGvvHQPBdosAMSzke2P2+725CWdJSXoRwOP
IJUrA2/dfnbgwHb3ukRAb7ca2NSTDE0fM11Nr2DYD79a+iUSfhfgZthrpFEMvyQh
O23g7mkmgG5HXI/iT+bwwjZQ
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:32:53 2025 by rpki-client