Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/6a99dc-9555-46cd-ab2d-14655c03c033/1/zs5uG2uQGL9m3MFUQzmKwS8A2OY.roa
File: zs5uG2uQGL9m3MFUQzmKwS8A2OY.roa (raw, json)
Hash identifier: FDCjvmXpDDfl+5aVttRjE32+Y43AnY6Ob75hL1OGkGs=
Subject key identifier: CE:CE:6E:1B:6B:90:18:BF:66:DC:C1:54:43:39:8A:C1:2F:00:D8:E6
Certificate issuer: /CN=70214e7eacb1d24e211e2f25fee4ad757e6c965d
Certificate serial: 018D64B84C2AECF93F08801DB04F29A6E067
Authority key identifier: 70:21:4E:7E:AC:B1:D2:4E:21:1E:2F:25:FE:E4:AD:75:7E:6C:96:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cCFOfqyx0k4hHi8l_uStdX5sll0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/6a99dc-9555-46cd-ab2d-14655c03c033/1/zs5uG2uQGL9m3MFUQzmKwS8A2OY.roa
Signing time: Thu 01 Feb 2024 12:50:16 +0000
ROA not before: Thu 01 Feb 2024 12:50:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209599
IP address blocks: 213.139.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Feb 2024 05:05:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:64:b8:4c:2a:ec:f9:3f:08:80:1d:b0:4f:29:a6:e0:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70214e7eacb1d24e211e2f25fee4ad757e6c965d
Validity
Not Before: Feb 1 12:50:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cece6e1b6b9018bf66dcc15443398ac12f00d8e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:75:5f:cc:a6:ca:0c:83:dc:80:2f:08:3a:43:
8b:16:0e:1a:64:3a:39:47:65:18:24:2a:b9:36:c1:
36:40:b0:1d:ae:d8:b2:9d:64:a9:07:5b:a9:6f:e5:
fc:09:da:2e:eb:92:91:e5:e5:67:29:e9:be:6e:f1:
c4:58:f7:c9:5d:9d:9e:79:55:d5:11:6b:7a:e7:08:
5d:66:86:69:a9:35:d9:f1:80:cd:fa:65:46:ed:bb:
2c:c8:3f:df:0f:0d:f2:68:83:c4:32:77:96:bc:7e:
2f:99:c9:52:19:df:6b:07:20:eb:d5:6e:d2:d8:e5:
df:31:f6:3d:b4:6b:41:98:00:f4:f2:58:05:15:96:
65:46:ae:75:88:a9:d0:28:75:9c:53:bf:68:9b:55:
44:2c:2c:a4:96:3e:58:99:12:01:fa:f5:4d:29:d6:
f4:1e:17:16:1e:2c:e6:76:d2:82:7f:bc:da:04:f8:
27:25:cb:94:de:e4:45:c5:37:11:4c:17:b6:03:55:
eb:52:6f:ac:87:9d:4e:e9:2e:d5:89:0c:9f:b7:4e:
0b:70:f6:29:5b:df:ed:fd:7b:48:ac:f8:d7:13:70:
10:e5:d6:b8:97:b8:0d:22:6e:97:52:f0:d8:96:e9:
ef:e7:90:64:57:54:33:0b:00:df:a5:5a:a8:dc:96:
d3:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:CE:6E:1B:6B:90:18:BF:66:DC:C1:54:43:39:8A:C1:2F:00:D8:E6
X509v3 Authority Key Identifier:
keyid:70:21:4E:7E:AC:B1:D2:4E:21:1E:2F:25:FE:E4:AD:75:7E:6C:96:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cCFOfqyx0k4hHi8l_uStdX5sll0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/6a99dc-9555-46cd-ab2d-14655c03c033/1/zs5uG2uQGL9m3MFUQzmKwS8A2OY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/6a99dc-9555-46cd-ab2d-14655c03c033/1/cCFOfqyx0k4hHi8l_uStdX5sll0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.250.0/24
Signature Algorithm: sha256WithRSAEncryption
31:05:d7:45:54:3d:86:4f:3c:11:22:35:4e:99:5d:47:e8:e3:
e1:46:47:c2:99:06:99:ca:b4:b6:fe:5a:aa:48:6e:e9:71:80:
f2:dd:14:3a:97:f7:59:9f:ec:1d:ea:35:15:ef:57:8d:e8:1d:
b1:0b:a0:72:ea:9d:c9:5b:95:e2:51:bc:dd:6a:d2:e9:b3:7a:
67:ae:da:15:a0:9c:1c:29:7f:2c:8f:bf:c0:57:6d:bb:c8:85:
ac:b6:81:d8:fd:1a:c2:cf:54:57:9c:e6:f4:9d:4d:eb:eb:d5:
fc:49:6d:eb:88:b3:7e:51:d1:a7:ae:ec:a7:e2:61:64:93:f8:
5b:cf:a4:a0:65:c3:ba:4f:61:60:c0:41:be:e7:2b:fd:f6:22:
61:f7:59:82:98:94:57:b2:76:91:ab:bb:2e:46:82:3d:22:da:
05:db:d8:6b:a8:ea:5e:96:c6:0d:e5:8f:63:86:41:8b:d8:b6:
33:ce:ce:0c:41:f1:f2:a2:25:99:ff:8a:ff:1a:a5:ee:1d:0b:
35:10:4f:98:12:81:41:37:56:9a:88:75:65:30:f1:80:ac:da:
8d:7d:d6:85:f4:75:ed:12:c6:27:e4:34:b3:f9:69:35:53:e4:
6c:e5:92:ef:0a:e1:bd:04:e9:a6:d1:8e:32:87:2b:70:00:99:
c6:03:41:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1kuEwq7Pk/CIAdsE8ppuBnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMjE0ZTdlYWNiMWQyNGUyMTFlMmYyNWZlZTRhZDc1N2U2
Yzk2NWQwHhcNMjQwMjAxMTI1MDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWNlNmUxYjZiOTAxOGJmNjZkY2MxNTQ0MzM5OGFjMTJmMDBkOGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3VfzKbKDIPcgC8IOkOLFg4aZDo5
R2UYJCq5NsE2QLAdrtiynWSpB1upb+X8Cdou65KR5eVnKem+bvHEWPfJXZ2eeVXV
EWt65whdZoZpqTXZ8YDN+mVG7bssyD/fDw3yaIPEMneWvH4vmclSGd9rByDr1W7S
2OXfMfY9tGtBmAD08lgFFZZlRq51iKnQKHWcU79om1VELCyklj5YmRIB+vVNKdb0
HhcWHizmdtKCf7zaBPgnJcuU3uRFxTcRTBe2A1XrUm+sh51O6S7ViQyft04LcPYp
W9/t/XtIrPjXE3AQ5da4l7gNIm6XUvDYlunv55BkV1QzCwDfpVqo3JbTkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM7ObhtrkBi/ZtzBVEM5isEvANjmMB8GA1UdIwQY
MBaAFHAhTn6ssdJOIR4vJf7krXV+bJZdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0NGT2ZxeXgwazRoSGk4bF91U3RkWDVzbGwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC82YTk5ZGMtOTU1NS00NmNkLWFiMmQt
MTQ2NTVjMDNjMDMzLzEvenM1dUcydVFHTDltM01GVVF6bUt3UzhBMk9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC82YTk5ZGMtOTU1NS00NmNkLWFiMmQtMTQ2NTVjMDNjMDMz
LzEvY0NGT2ZxeXgwazRoSGk4bF91U3RkWDVzbGwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1Yv6MA0G
CSqGSIb3DQEBCwUAA4IBAQAxBddFVD2GTzwRIjVOmV1H6OPhRkfCmQaZyrS2/lqq
SG7pcYDy3RQ6l/dZn+wd6jUV71eN6B2xC6By6p3JW5XiUbzdatLps3pnrtoVoJwc
KX8sj7/AV227yIWstoHY/RrCz1RXnOb0nU3r69X8SW3riLN+UdGnruyn4mFkk/hb
z6SgZcO6T2FgwEG+5yv99iJh91mCmJRXsnaRq7suRoI9ItoF29hrqOpelsYN5Y9j
hkGL2LYzzs4MQfHyoiWZ/4r/GqXuHQs1EE+YEoFBN1aaiHVlMPGArNqNfdaF9HXt
EsYn5DSz+Wk1U+Rs5ZLvCuG9BOmm0Y4yhytwAJnGA0GJ
-----END CERTIFICATE-----
Generated at Fri Jun 13 07:21:36 2025 by rpki-client