Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/ZbSWgo97EzziBYp6f21i6nZqYY0.roa
File: ZbSWgo97EzziBYp6f21i6nZqYY0.roa (raw, json)
Hash identifier: lJ6SWEgmBAyC7Vrz4hekvwBkf8j2Z5cNYj9gBzeOS0k=
Subject key identifier: 65:B4:96:82:8F:7B:13:3C:E2:05:8A:7A:7F:6D:62:EA:76:6A:61:8D
Certificate issuer: /CN=c12ac9b14fd261a8d2763aad417432bebc49a0d6
Certificate serial: 018ED2D0DB82D84C86DA81579E21D8008D5A
Authority key identifier: C1:2A:C9:B1:4F:D2:61:A8:D2:76:3A:AD:41:74:32:BE:BC:49:A0:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wSrJsU_SYajSdjqtQXQyvrxJoNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/ZbSWgo97EzziBYp6f21i6nZqYY0.roa
Signing time: Fri 12 Apr 2024 14:58:06 +0000
ROA not before: Fri 12 Apr 2024 14:58:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208324
IP address blocks: 45.143.29.0/24 maxlen: 24
45.143.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Dec 2024 09:13:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d2:d0:db:82:d8:4c:86:da:81:57:9e:21:d8:00:8d:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c12ac9b14fd261a8d2763aad417432bebc49a0d6
Validity
Not Before: Apr 12 14:58:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65b496828f7b133ce2058a7a7f6d62ea766a618d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c9:37:ce:1f:6d:c2:e4:e8:b4:9a:59:b8:5a:
0f:a6:79:97:d9:94:8f:25:59:4e:2a:3a:63:f8:15:
d6:14:c0:aa:f1:1f:61:e2:36:4c:1d:94:b5:3a:d8:
1b:b3:1a:75:9b:85:65:5e:57:1d:ca:d6:c1:ac:e5:
1e:e6:f0:01:bd:a0:ac:4c:09:42:39:fd:ea:a3:69:
51:28:15:62:f6:1b:87:3b:15:78:87:e1:3a:f3:5b:
37:a4:69:70:41:29:91:7b:28:bf:ad:13:52:54:3b:
65:d7:be:5c:c3:bb:07:a8:3f:ad:6f:1d:b0:8c:6d:
4b:7f:94:cd:0b:4f:87:c5:c3:d3:30:bf:87:30:cd:
c7:ab:13:82:0e:02:8d:c2:62:29:ce:5c:b6:a7:36:
ac:c4:37:c0:eb:f6:a7:69:7c:87:67:65:a9:f1:89:
9e:da:59:3b:f0:1a:e4:81:0d:b5:e2:db:13:fe:89:
42:9b:6c:65:02:26:6e:57:c3:03:f6:3f:3a:03:13:
8e:81:54:2f:e0:9b:41:dd:1f:91:8b:87:4a:32:08:
5a:30:f5:73:88:af:0f:fb:35:2b:69:ee:73:6f:5e:
94:21:4c:5c:3c:61:e8:c0:7d:7f:8e:21:cd:58:ca:
bc:68:c9:40:3e:d9:ee:a9:2e:a7:a3:c3:e0:31:4c:
ca:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:B4:96:82:8F:7B:13:3C:E2:05:8A:7A:7F:6D:62:EA:76:6A:61:8D
X509v3 Authority Key Identifier:
keyid:C1:2A:C9:B1:4F:D2:61:A8:D2:76:3A:AD:41:74:32:BE:BC:49:A0:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wSrJsU_SYajSdjqtQXQyvrxJoNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/ZbSWgo97EzziBYp6f21i6nZqYY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/wSrJsU_SYajSdjqtQXQyvrxJoNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.29.0/24
45.143.31.0/24
Signature Algorithm: sha256WithRSAEncryption
40:7b:55:78:92:89:bd:37:d2:92:1c:70:f8:53:ec:32:fe:e4:
56:4a:e7:b3:ca:29:ae:3d:ec:72:2f:82:56:1e:df:20:db:25:
1a:d9:56:93:34:f0:c7:2d:1d:9e:d2:aa:85:d7:66:35:e3:3e:
1d:61:e5:b4:21:a8:fa:54:ea:57:9b:6d:7f:73:a7:1f:4c:e0:
d9:c9:18:80:77:dd:f9:25:ae:a9:92:84:41:82:b5:e1:0d:9d:
a7:76:f7:10:fd:cd:75:b5:be:ea:24:aa:7b:95:90:25:fd:24:
dd:5d:5a:ec:46:2a:77:59:6e:70:43:8b:8b:85:5b:3f:5e:5c:
6e:70:b7:2b:1d:c8:c7:88:83:c4:82:35:75:bf:db:78:a3:11:
4c:91:1e:bd:bb:24:2c:82:96:ba:d7:e1:ed:cd:d4:ad:fd:de:
52:cd:8c:9b:99:48:3c:ff:9d:ed:9f:fc:f7:65:fe:7f:2e:a2:
0a:44:e4:a2:63:ca:79:4a:df:fa:06:59:25:f5:c1:98:03:2f:
11:42:0d:cf:0b:64:c5:0e:32:c9:e6:d4:eb:bc:b8:b6:75:a7:
83:2c:e0:4b:2b:4d:da:70:6f:9f:85:d3:22:ff:43:73:45:06:
db:ef:ae:02:3c:ab:4c:eb:33:3f:a1:4a:13:36:eb:1a:e0:f8:
ba:32:c8:36
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7S0NuC2EyG2oFXniHYAI1aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMmFjOWIxNGZkMjYxYThkMjc2M2FhZDQxNzQzMmJlYmM0
OWEwZDYwHhcNMjQwNDEyMTQ1ODA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWI0OTY4MjhmN2IxMzNjZTIwNThhN2E3ZjZkNjJlYTc2NmE2MThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8k3zh9twuTotJpZuFoPpnmX2ZSP
JVlOKjpj+BXWFMCq8R9h4jZMHZS1Otgbsxp1m4VlXlcdytbBrOUe5vABvaCsTAlC
Of3qo2lRKBVi9huHOxV4h+E681s3pGlwQSmReyi/rRNSVDtl175cw7sHqD+tbx2w
jG1Lf5TNC0+HxcPTML+HMM3HqxOCDgKNwmIpzly2pzasxDfA6/anaXyHZ2Wp8Yme
2lk78BrkgQ214tsT/olCm2xlAiZuV8MD9j86AxOOgVQv4JtB3R+Ri4dKMghaMPVz
iK8P+zUrae5zb16UIUxcPGHowH1/jiHNWMq8aMlAPtnuqS6no8PgMUzKawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGW0loKPexM84gWKen9tYup2amGNMB8GA1UdIwQY
MBaAFMEqybFP0mGo0nY6rUF0Mr68SaDWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1NySnNVX1NZYWpTZGpxdFFYUXl2cnhKb05ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS83MDExZGQtYzJkOS00MzQxLTkyMzYt
MjE2N2NmMDFjZjRhLzEvWmJTV2dvOTdFenppQllwNmYyMWk2blpxWVkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS83MDExZGQtYzJkOS00MzQxLTkyMzYtMjE2N2NmMDFjZjRh
LzEvd1NySnNVX1NZYWpTZGpxdFFYUXl2cnhKb05ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALY8dAwQA
LY8fMA0GCSqGSIb3DQEBCwUAA4IBAQBAe1V4kom9N9KSHHD4U+wy/uRWSuezyimu
PexyL4JWHt8g2yUa2VaTNPDHLR2e0qqF12Y14z4dYeW0Iaj6VOpXm21/c6cfTODZ
yRiAd935Ja6pkoRBgrXhDZ2ndvcQ/c11tb7qJKp7lZAl/STdXVrsRip3WW5wQ4uL
hVs/XlxucLcrHcjHiIPEgjV1v9t4oxFMkR69uyQsgpa61+HtzdSt/d5SzYybmUg8
/53tn/z3Zf5/LqIKROSiY8p5St/6Blkl9cGYAy8RQg3PC2TFDjLJ5tTrvLi2daeD
LOBLK03acG+fhdMi/0NzRQbb764CPKtM6zM/oUoTNusa4Pi6Msg2
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:26:50 2025 by rpki-client