Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/PZoFtIzZ8ZVm4oP5HkVTaJjH3Ts.roa
File: PZoFtIzZ8ZVm4oP5HkVTaJjH3Ts.roa (raw, json)
Hash identifier: jsw/QE01H+QXkF9AwZ+rJo9OzcIutemBBR3xgFxYMbQ=
Subject key identifier: 3D:9A:05:B4:8C:D9:F1:95:66:E2:83:F9:1E:45:53:68:98:C7:DD:3B
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 018F9B834E07BF15F72E8197A438F68E01B0
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/PZoFtIzZ8ZVm4oP5HkVTaJjH3Ts.roa
Signing time: Tue 21 May 2024 14:17:04 +0000
ROA not before: Tue 21 May 2024 14:17:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211895
IP address blocks: 85.204.127.0/24 maxlen: 24
89.33.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9b:83:4e:07:bf:15:f7:2e:81:97:a4:38:f6:8e:01:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: May 21 14:17:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d9a05b48cd9f19566e283f91e45536898c7dd3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:6d:7e:a4:c9:cf:36:a5:bc:01:87:ea:ea:2c:
ec:ef:38:2a:50:e6:fc:8f:08:8b:a8:93:2a:3e:87:
d9:e7:fe:3e:8d:0a:58:3e:6f:56:3a:8d:88:95:18:
d4:76:0b:10:8e:1b:15:36:5a:a8:ea:77:52:0b:78:
b6:88:33:87:ff:93:ad:6a:c4:b3:56:73:4d:03:ac:
2e:f8:bd:2a:61:51:b2:44:73:25:c8:d8:6e:aa:f5:
d7:d0:53:72:32:f2:93:44:5b:a9:76:d0:1a:bf:5a:
75:6c:29:f6:9b:ba:1f:04:53:8e:a8:c4:51:39:88:
5e:01:68:1f:2f:84:eb:f1:a3:ad:cf:26:52:7a:b0:
58:90:ef:6d:f3:e9:1e:45:d6:2f:41:c5:71:12:f5:
93:4a:9c:00:4b:18:de:b4:44:29:78:97:23:00:e6:
f2:6c:52:be:69:02:9c:6c:c7:f1:30:d6:57:77:09:
6d:f1:a4:96:87:78:a4:c8:2c:43:78:ce:f2:8b:cf:
97:87:bc:50:a6:2e:72:fb:79:b8:0e:db:a7:d7:03:
69:a2:21:1d:30:42:5f:5c:6f:32:89:7d:50:4c:8c:
72:85:bc:e6:a4:c0:50:3e:52:42:77:8e:eb:52:94:
8c:28:a9:a7:22:c0:00:a1:f4:c4:95:88:d4:d9:f0:
c5:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:9A:05:B4:8C:D9:F1:95:66:E2:83:F9:1E:45:53:68:98:C7:DD:3B
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/PZoFtIzZ8ZVm4oP5HkVTaJjH3Ts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.127.0/24
89.33.163.0/24
Signature Algorithm: sha256WithRSAEncryption
75:60:98:eb:18:e5:19:a4:f8:56:70:e4:7c:69:0d:e6:9a:14:
8a:1d:7a:ea:35:62:bb:38:83:a9:db:a4:46:cb:c6:fd:a5:61:
dc:82:9e:ff:8c:24:cc:64:df:34:12:50:de:3d:d4:95:ab:25:
60:38:49:1d:54:7b:39:c3:7f:21:f3:1e:cb:0e:53:b1:b0:dc:
86:1c:6e:ab:c8:98:23:87:42:99:7d:d0:03:f6:1f:ff:51:77:
1e:99:37:a4:8f:a5:f1:c3:91:26:44:44:a8:11:e7:a6:a9:14:
cf:cb:22:3a:5c:8a:8c:01:7f:7a:23:ee:27:83:d1:19:61:40:
ba:7a:8f:45:78:59:60:71:16:ca:cf:ff:f6:94:13:5a:71:79:
51:dc:ef:8b:4d:3f:5d:0f:09:07:38:56:e3:ee:5a:af:62:f1:
7b:7b:95:5c:f9:bb:3e:8b:53:96:39:41:6d:30:84:06:78:95:
63:2b:bb:83:17:11:40:cb:b7:09:d3:53:e1:f4:d4:21:dd:0c:
75:af:cf:b4:09:28:ca:bd:8a:75:18:cd:3e:6d:93:12:8f:8d:
45:3d:f0:69:62:be:04:f0:30:1b:ca:af:1c:bc:9a:0d:6a:0b:
a7:0d:fa:c3:9f:c8:6c:85:d8:17:55:90:75:65:c0:1c:6d:ff:
41:8d:00:3d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+bg04HvxX3LoGXpDj2jgGwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjQwNTIxMTQxNzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDlhMDViNDhjZDlmMTk1NjZlMjgzZjkxZTQ1NTM2ODk4YzdkZDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArG1+pMnPNqW8AYfq6izs7zgqUOb8
jwiLqJMqPofZ5/4+jQpYPm9WOo2IlRjUdgsQjhsVNlqo6ndSC3i2iDOH/5OtasSz
VnNNA6wu+L0qYVGyRHMlyNhuqvXX0FNyMvKTRFupdtAav1p1bCn2m7ofBFOOqMRR
OYheAWgfL4Tr8aOtzyZSerBYkO9t8+keRdYvQcVxEvWTSpwASxjetEQpeJcjAOby
bFK+aQKcbMfxMNZXdwlt8aSWh3ikyCxDeM7yi8+Xh7xQpi5y+3m4Dtun1wNpoiEd
MEJfXG8yiX1QTIxyhbzmpMBQPlJCd47rUpSMKKmnIsAAofTElYjU2fDFhwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD2aBbSM2fGVZuKD+R5FU2iYx907MB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvUFpvRnRJelo4WlZtNG9QNUhrVlRhSmpIM1RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVcx/AwQA
WSGjMA0GCSqGSIb3DQEBCwUAA4IBAQB1YJjrGOUZpPhWcOR8aQ3mmhSKHXrqNWK7
OIOp26RGy8b9pWHcgp7/jCTMZN80ElDePdSVqyVgOEkdVHs5w38h8x7LDlOxsNyG
HG6ryJgjh0KZfdAD9h//UXcemTekj6Xxw5EmRESoEeemqRTPyyI6XIqMAX96I+4n
g9EZYUC6eo9FeFlgcRbKz//2lBNacXlR3O+LTT9dDwkHOFbj7lqvYvF7e5Vc+bs+
i1OWOUFtMIQGeJVjK7uDFxFAy7cJ01Ph9NQh3Qx1r8+0CSjKvYp1GM0+bZMSj41F
PfBpYr4E8DAbyq8cvJoNagunDfrDn8hshdgXVZB1ZcAcbf9BjQA9
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:33:12 2025 by rpki-client