Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/535bf7-59ac-45f1-bec5-41dd7f3ea7a4/1/SZnE9WPCTICy4Wb6ZbVCFzaMO2A.roa
File: SZnE9WPCTICy4Wb6ZbVCFzaMO2A.roa (raw, json)
Hash identifier: jYymEJr73XjRTJfqfyV8itOHQUFlaSxjDc+5kMVGf/8=
Subject key identifier: 49:99:C4:F5:63:C2:4C:80:B2:E1:66:FA:65:B5:42:17:36:8C:3B:60
Certificate issuer: /CN=44aa813139c06b1dcf1bfe8332b9b801ab3eb302
Certificate serial: 018CF72A688025F41B425492840508C0C58C
Authority key identifier: 44:AA:81:31:39:C0:6B:1D:CF:1B:FE:83:32:B9:B8:01:AB:3E:B3:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RKqBMTnAax3PG_6DMrm4Aas-swI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/535bf7-59ac-45f1-bec5-41dd7f3ea7a4/1/SZnE9WPCTICy4Wb6ZbVCFzaMO2A.roa
Signing time: Thu 11 Jan 2024 06:16:40 +0000
ROA not before: Thu 11 Jan 2024 06:16:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202693
IP address blocks: 80.75.220.0/24 maxlen: 24
2a06:c647::/32 maxlen: 32
2a06:c642::/32 maxlen: 32
2a06:c641::/32 maxlen: 32
2a06:c645::/32 maxlen: 32
2a06:c646::/32 maxlen: 32
2a06:c644::/32 maxlen: 32
2a06:c640::/32 maxlen: 32
2a06:c643::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:47:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f7:2a:68:80:25:f4:1b:42:54:92:84:05:08:c0:c5:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44aa813139c06b1dcf1bfe8332b9b801ab3eb302
Validity
Not Before: Jan 11 06:16:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4999c4f563c24c80b2e166fa65b54217368c3b60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fe:63:9d:b4:b2:c2:b7:9a:6f:57:29:33:31:
37:9f:b1:65:6e:7b:99:49:c7:b6:db:72:e1:a5:86:
63:6e:22:e2:ef:06:c9:8f:6d:2c:5a:2a:e2:0f:bd:
17:5a:f8:f8:35:e0:fc:53:38:b7:f5:5f:1a:56:76:
6c:ad:d2:49:5b:68:a4:61:45:68:b8:3d:34:bf:5d:
52:a5:1e:de:2e:92:ad:6b:51:38:5f:b5:d6:98:29:
12:40:36:6c:18:19:bf:d0:84:1e:d7:a1:40:66:a4:
fd:c4:92:98:1f:a4:31:b6:c9:ec:b7:d2:53:eb:c7:
a0:64:5b:16:89:1b:46:c6:52:9b:1e:e3:d0:d5:4a:
a2:4b:9a:5e:55:46:6d:83:bd:22:25:99:f5:04:8f:
9b:c2:6a:c9:14:06:4a:2f:fc:5d:95:4d:1b:56:6c:
8c:6d:c6:24:f6:ae:48:5b:8d:4c:c2:9c:e5:0d:b8:
ab:fc:c1:44:17:ca:58:3f:d9:c4:b1:d5:8b:ce:e5:
04:61:dd:a6:99:87:27:1d:7c:89:0f:89:ef:bc:7d:
0f:4f:7c:8a:fb:60:15:1f:65:d5:9c:7a:fd:81:bd:
ec:91:df:c5:be:0c:10:9f:b1:b8:24:65:a4:a7:02:
43:e9:47:6e:e4:e9:7e:21:d3:fc:d7:a9:36:3d:ee:
b8:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:99:C4:F5:63:C2:4C:80:B2:E1:66:FA:65:B5:42:17:36:8C:3B:60
X509v3 Authority Key Identifier:
keyid:44:AA:81:31:39:C0:6B:1D:CF:1B:FE:83:32:B9:B8:01:AB:3E:B3:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RKqBMTnAax3PG_6DMrm4Aas-swI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/535bf7-59ac-45f1-bec5-41dd7f3ea7a4/1/SZnE9WPCTICy4Wb6ZbVCFzaMO2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/535bf7-59ac-45f1-bec5-41dd7f3ea7a4/1/RKqBMTnAax3PG_6DMrm4Aas-swI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.75.220.0/24
IPv6:
2a06:c640::/29
Signature Algorithm: sha256WithRSAEncryption
18:60:0b:c4:77:27:8c:76:3f:e5:07:66:7b:84:09:51:e8:bc:
97:81:b6:a2:d3:67:71:4a:75:2c:96:ff:f8:74:ad:c5:d7:31:
32:b7:83:29:84:4a:9b:67:bd:a7:10:20:b7:c7:71:1e:0b:66:
77:16:29:90:42:de:96:80:42:a9:c9:e4:93:96:36:36:d6:b7:
27:ac:28:97:c9:5b:f3:1b:68:47:8f:f3:25:1c:27:32:24:b6:
86:75:85:db:05:ae:41:d4:b8:36:53:a4:c2:d6:73:51:61:8e:
0d:8c:6c:cb:cb:f5:65:1c:e7:8b:02:c7:5c:2c:82:ee:1c:24:
44:09:da:05:6c:5d:bd:56:52:94:d7:ac:b9:8e:cf:e7:e2:8b:
8e:72:9d:35:5f:29:b5:64:fb:a0:5c:c5:62:95:c9:52:ac:96:
af:31:f9:94:1b:6b:67:a5:41:39:01:4f:41:e2:5a:92:91:0c:
81:d3:9f:78:c6:62:ea:92:13:c8:cf:63:71:36:6a:11:a3:10:
e0:39:e1:27:8d:46:43:0b:f2:3c:a4:6d:4d:7d:ef:5f:5e:85:
94:f1:dc:2e:33:1e:f8:3a:66:24:c5:b9:03:5a:5d:8c:ec:b3:
e4:09:f7:fd:47:d0:d6:22:61:b1:3e:36:10:6d:f6:ce:01:1c:
ae:91:76:13
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYz3KmiAJfQbQlSShAUIwMWMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YWE4MTMxMzljMDZiMWRjZjFiZmU4MzMyYjliODAxYWIz
ZWIzMDIwHhcNMjQwMTExMDYxNjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTk5YzRmNTYzYzI0YzgwYjJlMTY2ZmE2NWI1NDIxNzM2OGMzYjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/5jnbSywreab1cpMzE3n7FlbnuZ
Sce223LhpYZjbiLi7wbJj20sWiriD70XWvj4NeD8Uzi39V8aVnZsrdJJW2ikYUVo
uD00v11SpR7eLpKta1E4X7XWmCkSQDZsGBm/0IQe16FAZqT9xJKYH6Qxtsnst9JT
68egZFsWiRtGxlKbHuPQ1UqiS5peVUZtg70iJZn1BI+bwmrJFAZKL/xdlU0bVmyM
bcYk9q5IW41MwpzlDbir/MFEF8pYP9nEsdWLzuUEYd2mmYcnHXyJD4nvvH0PT3yK
+2AVH2XVnHr9gb3skd/FvgwQn7G4JGWkpwJD6Udu5Ol+IdP816k2Pe642QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEmZxPVjwkyAsuFm+mW1Qhc2jDtgMB8GA1UdIwQY
MBaAFESqgTE5wGsdzxv+gzK5uAGrPrMCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUktxQk1UbkFheDNQR182RE1ybTRBYXMtc3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy81MzViZjctNTlhYy00NWYxLWJlYzUt
NDFkZDdmM2VhN2E0LzEvU1puRTlXUENUSUN5NFdiNlpiVkNGemFNTzJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy81MzViZjctNTlhYy00NWYxLWJlYzUtNDFkZDdmM2VhN2E0
LzEvUktxQk1UbkFheDNQR182RE1ybTRBYXMtc3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAUEvcMA0E
AgACMAcDBQMqBsZAMA0GCSqGSIb3DQEBCwUAA4IBAQAYYAvEdyeMdj/lB2Z7hAlR
6LyXgbai02dxSnUslv/4dK3F1zEyt4MphEqbZ72nECC3x3EeC2Z3FimQQt6WgEKp
yeSTljY21rcnrCiXyVvzG2hHj/MlHCcyJLaGdYXbBa5B1Lg2U6TC1nNRYY4NjGzL
y/VlHOeLAsdcLILuHCRECdoFbF29VlKU16y5js/n4ouOcp01Xym1ZPugXMVilclS
rJavMfmUG2tnpUE5AU9B4lqSkQyB0594xmLqkhPIz2NxNmoRoxDgOeEnjUZDC/I8
pG1Nfe9fXoWU8dwuMx74OmYkxbkDWl2M7LPkCff9R9DWImGxPjYQbfbOARyukXYT
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:31:30 2025 by rpki-client