Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/61094a-9469-4299-89f2-bdf6e4294c2e/1/ZOSm1QnYdKKH_MH6YJVSQjWjTMc.roa
File: ZOSm1QnYdKKH_MH6YJVSQjWjTMc.roa (raw, json)
Hash identifier: aeFkzFiAj54krGPCB2F5XDacMd3BRpU18XZ5K4kMJZc=
Subject key identifier: 64:E4:A6:D5:09:D8:74:A2:87:FC:C1:FA:60:95:52:42:35:A3:4C:C7
Certificate issuer: /CN=208de3ad18dd0ae14362d0e84dec043d379cc242
Certificate serial: 018CC492FE15A9FD70EF11A62DE45D545BDE
Authority key identifier: 20:8D:E3:AD:18:DD:0A:E1:43:62:D0:E8:4D:EC:04:3D:37:9C:C2:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/II3jrRjdCuFDYtDoTewEPTecwkI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/61094a-9469-4299-89f2-bdf6e4294c2e/1/ZOSm1QnYdKKH_MH6YJVSQjWjTMc.roa
Signing time: Mon 01 Jan 2024 10:30:16 +0000
ROA not before: Mon 01 Jan 2024 10:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12729
IP address blocks: 212.127.96.0/19 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:fe:15:a9:fd:70:ef:11:a6:2d:e4:5d:54:5b:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=208de3ad18dd0ae14362d0e84dec043d379cc242
Validity
Not Before: Jan 1 10:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64e4a6d509d874a287fcc1fa6095524235a34cc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:58:7a:58:2d:22:c1:8b:5f:81:5f:60:f6:f8:
49:8e:d8:3d:5c:72:26:71:2c:78:06:f7:9e:4e:d6:
22:ea:f5:e0:3d:cf:3e:7c:9b:35:93:b3:f9:02:a0:
a4:38:b8:ab:c4:71:64:d0:74:3e:9a:9d:dd:44:dd:
5b:80:3e:a9:f2:9a:17:4d:0e:7f:df:b8:e8:35:bb:
87:6d:14:8b:bb:0f:65:c2:b7:d7:1b:1a:d4:d1:e8:
13:0b:a0:50:fc:6a:50:75:3a:55:b9:59:79:62:78:
a5:93:56:6d:11:c8:35:be:7b:27:46:65:3c:b8:f3:
74:38:85:a3:2f:dc:a2:0d:76:da:4b:af:6a:6d:8b:
b7:9e:a1:58:90:b4:aa:df:d6:31:d2:7a:42:55:26:
f9:bc:a9:47:55:d7:11:e0:b7:6e:79:ff:16:89:21:
a5:96:c7:db:ea:59:6e:43:4f:7b:e1:d4:01:62:d4:
ba:e3:fc:8c:30:6d:11:d6:e1:bd:3c:5f:24:a9:ea:
5d:e7:77:ab:dc:63:51:1c:e9:ca:65:97:65:b2:cf:
77:77:f1:15:43:f6:42:14:77:79:af:87:0a:7f:ca:
9b:6d:c0:6f:37:14:50:ae:38:9c:cb:86:6e:92:cd:
03:aa:7b:c2:eb:7f:0b:1a:6d:6c:0b:c6:6b:4e:83:
14:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:E4:A6:D5:09:D8:74:A2:87:FC:C1:FA:60:95:52:42:35:A3:4C:C7
X509v3 Authority Key Identifier:
keyid:20:8D:E3:AD:18:DD:0A:E1:43:62:D0:E8:4D:EC:04:3D:37:9C:C2:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/II3jrRjdCuFDYtDoTewEPTecwkI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/61094a-9469-4299-89f2-bdf6e4294c2e/1/ZOSm1QnYdKKH_MH6YJVSQjWjTMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/61094a-9469-4299-89f2-bdf6e4294c2e/1/II3jrRjdCuFDYtDoTewEPTecwkI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.127.96.0/19
Signature Algorithm: sha256WithRSAEncryption
3b:38:9c:16:8a:c1:b4:d0:5a:0c:bb:ae:1d:5d:db:27:1b:00:
5a:58:17:4a:6c:b9:e0:af:df:c6:01:85:e8:99:1d:74:26:1b:
b4:3d:ec:f5:56:59:ab:0d:fe:17:85:bb:ce:34:da:1f:0e:cf:
41:ad:90:e9:cc:0e:3e:7f:b3:4c:59:01:1f:2d:3b:4b:42:00:
d4:39:4b:30:f4:4d:2c:65:8a:05:2a:b4:4b:52:3c:b9:54:9e:
5a:51:3a:73:d5:f0:7d:d3:8a:d2:9d:f8:4e:0b:73:6b:50:64:
44:57:32:10:48:04:fb:e7:22:46:17:4e:0a:fc:49:a1:c7:19:
6b:ee:d8:5b:3a:29:6e:a1:b7:ea:8e:6e:89:4b:c4:8c:cf:e9:
67:0e:56:c7:80:e6:7b:7e:d1:7e:ad:6c:55:6b:dd:53:03:45:
5d:ab:cc:cd:c6:7b:f6:fd:80:15:8d:8f:07:ce:97:1c:02:4d:
89:bd:7a:35:52:de:13:57:48:ea:33:22:fd:7a:93:2d:62:7e:
f7:b1:92:b5:d5:8c:b0:e4:bc:37:fe:db:8d:a3:f1:95:ab:2f:
ef:a0:e9:85:0b:42:02:fa:2f:8a:69:b7:e2:3d:eb:20:d3:2a:
1e:25:8c:ad:1b:e8:b6:39:a9:d1:6e:1d:00:a8:fc:9e:6e:1d:
5f:b9:25:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkv4Vqf1w7xGmLeRdVFveMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwOGRlM2FkMThkZDBhZTE0MzYyZDBlODRkZWMwNDNkMzc5
Y2MyNDIwHhcNMjQwMTAxMTAzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGU0YTZkNTA5ZDg3NGEyODdmY2MxZmE2MDk1NTI0MjM1YTM0Y2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1h6WC0iwYtfgV9g9vhJjtg9XHIm
cSx4BveeTtYi6vXgPc8+fJs1k7P5AqCkOLirxHFk0HQ+mp3dRN1bgD6p8poXTQ5/
37joNbuHbRSLuw9lwrfXGxrU0egTC6BQ/GpQdTpVuVl5Ynilk1ZtEcg1vnsnRmU8
uPN0OIWjL9yiDXbaS69qbYu3nqFYkLSq39Yx0npCVSb5vKlHVdcR4Lduef8WiSGl
lsfb6lluQ0974dQBYtS64/yMMG0R1uG9PF8kqepd53er3GNRHOnKZZdlss93d/EV
Q/ZCFHd5r4cKf8qbbcBvNxRQrjicy4Zuks0DqnvC638LGm1sC8ZrToMUlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGTkptUJ2HSih/zB+mCVUkI1o0zHMB8GA1UdIwQY
MBaAFCCN460Y3QrhQ2LQ6E3sBD03nMJCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUkzanJSamRDdUZEWXREb1Rld0VQVGVjd2tJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS82MTA5NGEtOTQ2OS00Mjk5LTg5ZjIt
YmRmNmU0Mjk0YzJlLzEvWk9TbTFRbllkS0tIX01INllKVlNRaldqVE1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS82MTA5NGEtOTQ2OS00Mjk5LTg5ZjItYmRmNmU0Mjk0YzJl
LzEvSUkzanJSamRDdUZEWXREb1Rld0VQVGVjd2tJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1H9gMA0G
CSqGSIb3DQEBCwUAA4IBAQA7OJwWisG00FoMu64dXdsnGwBaWBdKbLngr9/GAYXo
mR10Jhu0Pez1VlmrDf4XhbvONNofDs9BrZDpzA4+f7NMWQEfLTtLQgDUOUsw9E0s
ZYoFKrRLUjy5VJ5aUTpz1fB904rSnfhOC3NrUGREVzIQSAT75yJGF04K/Emhxxlr
7thbOiluobfqjm6JS8SMz+lnDlbHgOZ7ftF+rWxVa91TA0Vdq8zNxnv2/YAVjY8H
zpccAk2JvXo1Ut4TV0jqMyL9epMtYn73sZK11Yyw5Lw3/tuNo/GVqy/voOmFC0IC
+i+KabfiPesg0yoeJYytG+i2OanRbh0AqPyebh1fuSVN
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:32:07 2025 by rpki-client