Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/rZkBNPkHXKOqy61K38dw_wgheB4.roa
File: rZkBNPkHXKOqy61K38dw_wgheB4.roa (raw, json)
Hash identifier: ZskCB9DUmH8cs70/QJHecJYcPsOMK/SKrUqAHvIAEdA=
Subject key identifier: AD:99:01:34:F9:07:5C:A3:AA:CB:AD:4A:DF:C7:70:FF:08:21:78:1E
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 019562D76CF8FE9A6955FE77A06A41E900C3
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/rZkBNPkHXKOqy61K38dw_wgheB4.roa
Signing time: Tue 04 Mar 2025 20:27:20 +0000
ROA not before: Tue 04 Mar 2025 20:27:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16125
IP address blocks: 84.32.9.0/24 maxlen: 24
84.32.178.0/23 maxlen: 23
84.32.214.0/24 maxlen: 24
84.32.215.0/24 maxlen: 24
84.32.248.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Mar 2025 11:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:62:d7:6c:f8:fe:9a:69:55:fe:77:a0:6a:41:e9:00:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 4 20:27:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad990134f9075ca3aacbad4adfc770ff0821781e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:d0:eb:05:8b:5f:69:12:67:7c:6e:31:d5:29:
bb:69:d8:16:19:14:c2:e5:0f:74:ea:a6:9f:b8:30:
51:cb:d4:c2:82:27:87:56:92:5f:1f:7d:fe:3a:18:
73:5c:4b:83:6c:36:43:c2:64:79:09:7a:72:38:88:
43:7c:4f:52:d9:cf:37:4b:4e:59:01:9c:01:ef:9b:
8d:d6:66:da:fd:78:aa:01:a4:59:74:96:e2:92:c5:
97:00:6a:fa:d4:63:9a:99:f0:91:e1:92:21:a0:7e:
86:0e:0b:01:95:e5:fc:9c:44:e7:13:dc:6b:32:b2:
34:39:90:97:98:db:de:99:18:b7:c7:9a:34:97:32:
1b:a1:c4:8d:20:0f:2a:49:b6:1c:be:bc:b3:0e:70:
25:b8:bf:70:51:5b:4f:c6:78:01:e3:85:51:4d:6e:
5b:40:21:82:e3:06:46:2a:b3:e5:49:c4:fa:e9:95:
36:52:44:60:8f:12:47:46:de:4d:87:48:b2:91:f2:
94:03:1d:96:18:c4:23:35:a6:44:3b:45:5b:ef:d9:
4b:00:6b:47:f2:52:7a:af:a0:30:71:47:df:d0:24:
08:77:75:92:c6:b2:f8:5f:b9:de:ce:b2:c8:bb:b0:
e5:e2:a3:7b:e7:8a:9d:c1:ce:23:4c:f0:e7:57:43:
d4:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:99:01:34:F9:07:5C:A3:AA:CB:AD:4A:DF:C7:70:FF:08:21:78:1E
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/rZkBNPkHXKOqy61K38dw_wgheB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.9.0/24
84.32.178.0/23
84.32.214.0/23
84.32.248.0/24
88.216.197.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:39:56:02:01:a2:50:ca:33:de:9e:05:07:74:e1:e0:f9:d2:
bc:9a:5a:b1:cb:67:56:cf:c1:66:cb:f1:c8:d3:72:f9:05:94:
23:1e:7b:b9:e2:db:a3:b6:70:0e:0d:e6:6f:da:f3:de:f7:e5:
04:b6:45:6d:26:f8:8c:a9:d2:2c:4b:d5:11:ca:02:fa:2a:85:
fc:fc:24:f2:5d:62:3d:67:35:a1:40:f4:be:cb:e2:a5:f8:c8:
11:cf:db:83:57:e6:a8:9e:2d:eb:a5:fe:e4:57:e2:f1:2a:d2:
82:6c:dc:5e:a3:c2:82:35:0a:73:3c:a4:3d:d2:90:1e:57:f8:
e1:0b:5d:e1:5c:ff:1c:e5:11:17:f4:19:9c:52:3a:07:d4:11:
ad:63:bf:f4:f3:33:a5:a8:be:20:66:ae:be:7c:d9:ac:26:30:
7c:71:9e:2f:fe:76:25:f0:36:f0:84:0d:bb:ae:32:d1:ca:5a:
ac:b1:3b:ef:d2:33:55:75:34:2e:11:50:cc:f4:2c:ef:17:29:
51:a4:da:75:5f:b5:e3:39:db:ce:66:18:98:05:6f:8c:80:cb:
80:aa:64:19:da:f1:33:5a:10:f9:15:07:fc:da:ec:6e:ac:51:
fc:dc:fb:1a:a8:bf:92:d8:55:5a:1a:44:1b:ac:58:58:cf:b4:
a2:c0:26:07
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZVi12z4/pppVf53oGpB6QDDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMzA0MjAyNzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDk5MDEzNGY5MDc1Y2EzYWFjYmFkNGFkZmM3NzBmZjA4MjE3ODFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5NDrBYtfaRJnfG4x1Sm7adgWGRTC
5Q906qafuDBRy9TCgieHVpJfH33+OhhzXEuDbDZDwmR5CXpyOIhDfE9S2c83S05Z
AZwB75uN1mba/XiqAaRZdJbiksWXAGr61GOamfCR4ZIhoH6GDgsBleX8nETnE9xr
MrI0OZCXmNvemRi3x5o0lzIbocSNIA8qSbYcvryzDnAluL9wUVtPxngB44VRTW5b
QCGC4wZGKrPlScT66ZU2UkRgjxJHRt5Nh0iykfKUAx2WGMQjNaZEO0Vb79lLAGtH
8lJ6r6AwcUff0CQId3WSxrL4X7nezrLIu7Dl4qN754qdwc4jTPDnV0PUSQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFK2ZATT5B1yjqsutSt/HcP8IIXgeMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvclprQk5Qa0hYS09xeTYxSzM4ZHdfd2doZUI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVCAJAwQB
VCCyAwQBVCDWAwQAVCD4AwQAWNjFMA0GCSqGSIb3DQEBCwUAA4IBAQCPOVYCAaJQ
yjPengUHdOHg+dK8mlqxy2dWz8Fmy/HI03L5BZQjHnu54tujtnAODeZv2vPe9+UE
tkVtJviMqdIsS9URygL6KoX8/CTyXWI9ZzWhQPS+y+Kl+MgRz9uDV+aoni3rpf7k
V+LxKtKCbNxeo8KCNQpzPKQ90pAeV/jhC13hXP8c5REX9BmcUjoH1BGtY7/08zOl
qL4gZq6+fNmsJjB8cZ4v/nYl8DbwhA27rjLRylqssTvv0jNVdTQuEVDM9CzvFylR
pNp1X7XjOdvOZhiYBW+MgMuAqmQZ2vEzWhD5FQf82uxurFH83PsaqL+S2FVaGkQb
rFhYz7SiwCYH
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:54:44 2025 by rpki-client