Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/4d76f5-42ec-453e-8992-d8973acaf41d/1/zVneHLCKNHX2q88jVe0Ad48m0iI.roa
File: zVneHLCKNHX2q88jVe0Ad48m0iI.roa (raw, json)
Hash identifier: TEQ5JwwUKBfuyNltfFDr3RTxDp+5eH3HgJJwTmYe9cY=
Subject key identifier: CD:59:DE:1C:B0:8A:34:75:F6:AB:CF:23:55:ED:00:77:8F:26:D2:22
Certificate issuer: /CN=7afb5441d8ef8e41aa28dd51cdde925943aef7fa
Certificate serial: 0194B19A9A03A11E42DB5E9F1C60F9BA72AE
Authority key identifier: 7A:FB:54:41:D8:EF:8E:41:AA:28:DD:51:CD:DE:92:59:43:AE:F7:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/evtUQdjvjkGqKN1Rzd6SWUOu9_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/4d76f5-42ec-453e-8992-d8973acaf41d/1/zVneHLCKNHX2q88jVe0Ad48m0iI.roa
Signing time: Wed 29 Jan 2025 10:28:06 +0000
ROA not before: Wed 29 Jan 2025 10:28:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 116.199.224.0/21 maxlen: 21
116.199.232.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 30 Jan 2025 10:22:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b1:9a:9a:03:a1:1e:42:db:5e:9f:1c:60:f9:ba:72:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7afb5441d8ef8e41aa28dd51cdde925943aef7fa
Validity
Not Before: Jan 29 10:28:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd59de1cb08a3475f6abcf2355ed00778f26d222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:94:7f:76:e1:2a:f5:2b:8a:f3:c4:2b:49:c1:
1e:30:67:d0:85:03:c6:32:62:21:2e:dc:16:83:38:
13:83:ef:4c:b3:91:ae:3d:1b:cc:60:3f:c5:52:ae:
53:d4:33:0e:21:f0:5c:4e:94:ef:dd:a8:89:f1:15:
01:be:ee:94:79:08:c8:53:b8:4c:41:df:ea:2b:cb:
b9:f8:46:d6:20:f3:c8:db:ed:22:94:33:3b:b4:dd:
e1:86:54:bd:12:1e:e0:46:17:9e:ea:91:2b:e4:8c:
8f:3e:d7:63:90:a6:33:81:48:92:39:4a:b9:f3:98:
33:30:c1:eb:00:cd:82:45:d6:d1:f5:2e:1d:a6:05:
08:d8:34:30:45:d9:e1:30:b0:6c:cf:c0:b6:e5:a3:
ae:d7:fa:9d:40:50:86:4d:5c:93:c1:8c:07:ad:1c:
9c:85:41:1d:04:cf:e3:9a:a2:31:c2:aa:a3:26:d9:
ab:2e:b7:f3:23:84:32:2f:7c:16:eb:a6:6f:ea:47:
40:60:ee:85:9a:4c:d7:2d:e9:18:b4:b4:e0:74:e7:
1d:64:1c:17:94:d4:e0:60:a8:c2:dd:21:e7:e8:ba:
07:78:d6:de:f6:fe:8b:75:aa:2f:64:dc:2d:22:4c:
cc:e1:f5:84:e4:32:51:29:72:f3:3b:a3:bc:c5:ab:
7d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:59:DE:1C:B0:8A:34:75:F6:AB:CF:23:55:ED:00:77:8F:26:D2:22
X509v3 Authority Key Identifier:
keyid:7A:FB:54:41:D8:EF:8E:41:AA:28:DD:51:CD:DE:92:59:43:AE:F7:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/evtUQdjvjkGqKN1Rzd6SWUOu9_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/4d76f5-42ec-453e-8992-d8973acaf41d/1/zVneHLCKNHX2q88jVe0Ad48m0iI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/4d76f5-42ec-453e-8992-d8973acaf41d/1/evtUQdjvjkGqKN1Rzd6SWUOu9_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
116.199.224.0-116.199.233.255
Signature Algorithm: sha256WithRSAEncryption
49:bd:d8:d4:4f:4a:81:0f:46:63:d6:66:6a:92:57:b2:71:db:
c0:8d:54:55:8c:7b:44:f4:90:c8:82:14:cf:ea:5c:08:c3:00:
94:c3:be:4b:31:64:1b:3e:48:2c:49:4c:79:f0:45:a7:db:03:
4d:e7:14:25:45:f2:06:f2:5c:5c:07:96:08:a5:64:45:2e:28:
d2:b2:87:87:bf:a4:38:b5:ad:93:57:8e:b8:58:a7:2d:9c:6b:
1b:ab:35:88:2e:e2:90:2f:77:83:1a:1f:33:8e:e8:88:ae:19:
bd:c1:1c:a8:b8:8a:9b:8c:aa:81:11:4a:e1:aa:8b:38:dd:b3:
c3:b1:64:99:d3:75:4b:4f:93:08:46:12:68:85:b1:dd:68:4c:
20:6b:8f:10:ac:8f:ab:55:19:69:e2:ae:11:87:28:71:a8:40:
24:8a:36:20:a2:47:92:34:21:15:fc:61:29:9a:5a:34:44:79:
11:82:1b:6c:b1:f3:c4:b8:c1:8a:12:bf:fb:84:d7:d4:5b:3c:
a7:7c:65:72:4c:bf:07:43:23:20:dc:47:33:d8:8f:24:ba:bd:
10:3e:62:04:a2:3a:87:75:a8:c9:08:7e:fc:4f:c3:a4:09:7a:
c6:8b:b2:df:3a:f0:05:f9:16:6e:58:c0:de:ea:ae:48:57:76:
f6:ab:c5:38
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZSxmpoDoR5C216fHGD5unKuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhZmI1NDQxZDhlZjhlNDFhYTI4ZGQ1MWNkZGU5MjU5NDNh
ZWY3ZmEwHhcNMjUwMTI5MTAyODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDU5ZGUxY2IwOGEzNDc1ZjZhYmNmMjM1NWVkMDA3NzhmMjZkMjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZR/duEq9SuK88QrScEeMGfQhQPG
MmIhLtwWgzgTg+9Ms5GuPRvMYD/FUq5T1DMOIfBcTpTv3aiJ8RUBvu6UeQjIU7hM
Qd/qK8u5+EbWIPPI2+0ilDM7tN3hhlS9Eh7gRhee6pEr5IyPPtdjkKYzgUiSOUq5
85gzMMHrAM2CRdbR9S4dpgUI2DQwRdnhMLBsz8C25aOu1/qdQFCGTVyTwYwHrRyc
hUEdBM/jmqIxwqqjJtmrLrfzI4QyL3wW66Zv6kdAYO6FmkzXLekYtLTgdOcdZBwX
lNTgYKjC3SHn6LoHeNbe9v6LdaovZNwtIkzM4fWE5DJRKXLzO6O8xat9XwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFM1Z3hywijR19qvPI1XtAHePJtIiMB8GA1UdIwQY
MBaAFHr7VEHY745BqijdUc3ekllDrvf6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXZ0VVFkanZqa0dxS04xUnpkNlNXVU91OV9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny80ZDc2ZjUtNDJlYy00NTNlLTg5OTIt
ZDg5NzNhY2FmNDFkLzEvelZuZUhMQ0tOSFgycTg4alZlMEFkNDhtMGlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny80ZDc2ZjUtNDJlYy00NTNlLTg5OTItZDg5NzNhY2FmNDFk
LzEvZXZ0VVFkanZqa0dxS04xUnpkNlNXVU91OV9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAV0x+AD
BAF0x+gwDQYJKoZIhvcNAQELBQADggEBAEm92NRPSoEPRmPWZmqSV7Jx28CNVFWM
e0T0kMiCFM/qXAjDAJTDvksxZBs+SCxJTHnwRafbA03nFCVF8gbyXFwHlgilZEUu
KNKyh4e/pDi1rZNXjrhYpy2caxurNYgu4pAvd4MaHzOO6IiuGb3BHKi4ipuMqoER
SuGqizjds8OxZJnTdUtPkwhGEmiFsd1oTCBrjxCsj6tVGWnirhGHKHGoQCSKNiCi
R5I0IRX8YSmaWjREeRGCG2yx88S4wYoSv/uE19RbPKd8ZXJMvwdDIyDcRzPYjyS6
vRA+YgSiOod1qMkIfvxPw6QJesaLst868AX5Fm5YwN7qrkhXdvarxTg=
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:56:22 2025 by rpki-client