Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/zTKkKULM4trrdCohIokJNHeAfpA.roa
File: zTKkKULM4trrdCohIokJNHeAfpA.roa (raw, json)
Hash identifier: 1iF9zDksOjWsBqLQWZjddPY96fUbUmQVMB+/gX0wRek=
Subject key identifier: CD:32:A4:29:42:CC:E2:DA:EB:74:2A:21:22:89:09:34:77:80:7E:90
Certificate issuer: /CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Certificate serial: 019408DF4B30CA89C08516B9FBD1B81CEBEC
Authority key identifier: 6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/zTKkKULM4trrdCohIokJNHeAfpA.roa
Signing time: Fri 27 Dec 2024 16:07:18 +0000
ROA not before: Fri 27 Dec 2024 16:07:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199785
IP address blocks: 91.209.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:53:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:08:df:4b:30:ca:89:c0:85:16:b9:fb:d1:b8:1c:eb:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Validity
Not Before: Dec 27 16:07:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd32a42942cce2daeb742a212289093477807e90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:17:67:9e:2c:3c:f6:56:8c:e7:21:6f:77:0e:
24:ec:d9:ce:04:6a:dd:7d:a6:ea:d2:74:58:7f:de:
6e:88:c5:1d:cc:51:95:dd:d8:00:7e:9f:cd:c1:85:
43:d7:6a:11:c1:06:56:36:32:25:ed:a0:20:71:cc:
07:45:a9:3a:b1:f5:32:53:30:53:df:12:04:64:c8:
60:38:32:25:02:05:51:f0:e1:a4:62:fc:04:b5:99:
98:83:f6:dd:88:07:ee:b5:8c:d6:48:15:ab:62:d9:
29:58:0d:89:1d:d7:23:1f:6e:78:ce:e8:23:ca:03:
b9:ad:1b:60:75:75:53:8e:89:b1:d5:85:92:c7:ad:
df:9d:8e:df:3c:f7:13:24:5b:aa:7e:2c:09:4d:42:
51:42:30:c0:bb:4a:50:36:cf:23:75:e7:5c:52:01:
84:1a:e8:f2:4c:b9:63:1d:9f:05:50:41:42:32:e9:
03:aa:e6:3d:8f:35:11:1b:53:14:47:56:a6:04:bc:
0a:67:5c:fc:96:27:88:ff:01:4f:58:9e:25:28:a3:
38:65:20:ab:6a:a0:3d:fb:5e:2c:fe:d5:e9:28:c4:
2d:f3:dc:75:9e:94:72:ac:30:8d:33:eb:63:69:22:
34:4f:eb:2a:fa:f9:83:c3:1d:13:c8:80:48:b0:fd:
30:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:32:A4:29:42:CC:E2:DA:EB:74:2A:21:22:89:09:34:77:80:7E:90
X509v3 Authority Key Identifier:
keyid:6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/zTKkKULM4trrdCohIokJNHeAfpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/bQiM7yjgKvfQDyl4FsVfjjxD1TU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.135.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:59:fd:5a:e2:33:a0:75:76:9e:27:73:92:8e:ca:cc:15:29:
fa:60:67:31:4d:bf:24:44:94:ff:7f:24:78:96:c8:aa:65:da:
a9:12:56:c8:a7:93:84:d7:94:4e:51:04:14:d8:bc:3f:b1:7b:
d4:a2:0b:f4:79:60:63:64:ab:95:82:39:f7:5f:11:9a:72:32:
1a:b1:0b:32:82:22:a5:39:9f:87:b8:f5:b6:c4:01:a6:a6:2e:
31:4f:9e:fc:ea:52:ab:ff:8f:72:e0:48:88:8b:a6:df:ba:3e:
7f:32:35:f6:0d:b6:96:fb:cd:3d:8b:4f:2d:c9:3e:d2:82:31:
ad:e9:7a:9f:d5:ac:bc:6e:6f:a7:77:6f:bb:24:88:64:36:9b:
61:c7:57:e7:84:da:45:fd:f3:04:dd:db:fe:7f:58:0d:2c:cd:
04:72:4c:d5:db:d3:fa:12:dc:77:22:f6:18:ea:a3:7c:93:9a:
7e:39:dd:9d:32:6d:b6:60:84:64:18:62:c1:a6:b4:f0:8b:72:
c6:b8:bd:13:c7:1a:b6:f6:ec:aa:91:ca:57:1a:e9:7d:9d:c5:
24:28:f4:15:b0:f5:e1:22:2c:23:bb:78:1a:7b:24:19:ae:ab:
1a:f9:3a:e6:c6:92:68:ee:8a:6a:76:01:7d:44:38:fc:7c:de:
e9:36:4e:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQI30swyonAhRa5+9G4HOvsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDg4Y2VmMjhlMDJhZjdkMDBmMjk3ODE2YzU1ZjhlM2M0
M2Q1MzUwHhcNMjQxMjI3MTYwNzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDMyYTQyOTQyY2NlMmRhZWI3NDJhMjEyMjg5MDkzNDc3ODA3ZTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxdnniw89laM5yFvdw4k7NnOBGrd
fabq0nRYf95uiMUdzFGV3dgAfp/NwYVD12oRwQZWNjIl7aAgccwHRak6sfUyUzBT
3xIEZMhgODIlAgVR8OGkYvwEtZmYg/bdiAfutYzWSBWrYtkpWA2JHdcjH254zugj
ygO5rRtgdXVTjomx1YWSx63fnY7fPPcTJFuqfiwJTUJRQjDAu0pQNs8jdedcUgGE
GujyTLljHZ8FUEFCMukDquY9jzURG1MUR1amBLwKZ1z8lieI/wFPWJ4lKKM4ZSCr
aqA9+14s/tXpKMQt89x1npRyrDCNM+tjaSI0T+sq+vmDwx0TyIBIsP0wUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM0ypClCzOLa63QqISKJCTR3gH6QMB8GA1UdIwQY
MBaAFG0IjO8o4Cr30A8peBbFX448Q9U1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYt
ZmVlOGVhZjczYjBkLzEvelRLa0tVTE00dHJyZENvaElva0pOSGVBZnBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYtZmVlOGVhZjczYjBk
LzEvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9GHMA0G
CSqGSIb3DQEBCwUAA4IBAQC2Wf1a4jOgdXaeJ3OSjsrMFSn6YGcxTb8kRJT/fyR4
lsiqZdqpElbIp5OE15ROUQQU2Lw/sXvUogv0eWBjZKuVgjn3XxGacjIasQsygiKl
OZ+HuPW2xAGmpi4xT5786lKr/49y4EiIi6bfuj5/MjX2DbaW+809i08tyT7SgjGt
6Xqf1ay8bm+nd2+7JIhkNpthx1fnhNpF/fME3dv+f1gNLM0EckzV29P6Etx3IvYY
6qN8k5p+Od2dMm22YIRkGGLBprTwi3LGuL0Txxq29uyqkcpXGul9ncUkKPQVsPXh
Iiwju3gaeyQZrqsa+TrmxpJo7opqdgF9RDj8fN7pNk7e
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:38:51 2025 by rpki-client