Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/3394c0-4587-444e-9a25-00ecf0c4d0ef/1/zKdtXdA3P4mPzYAJYXga4bpINno.roa
File: zKdtXdA3P4mPzYAJYXga4bpINno.roa (raw, json)
Hash identifier: SJmOnVNR87sveOqNgIka7tZMseeHDuW8WC+UQYwZr64=
Subject key identifier: CC:A7:6D:5D:D0:37:3F:89:8F:CD:80:09:61:78:1A:E1:BA:48:36:7A
Certificate issuer: /CN=53bbbbaa3ee24c7ad9b2c60432e14eda3849b5e2
Certificate serial: 019590E08C24C05F73A232A6DA29F338266A
Authority key identifier: 53:BB:BB:AA:3E:E2:4C:7A:D9:B2:C6:04:32:E1:4E:DA:38:49:B5:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7u7qj7iTHrZssYEMuFO2jhJteI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/3394c0-4587-444e-9a25-00ecf0c4d0ef/1/zKdtXdA3P4mPzYAJYXga4bpINno.roa
Signing time: Thu 13 Mar 2025 18:59:49 +0000
ROA not before: Thu 13 Mar 2025 18:59:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8208
IP address blocks: 212.29.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Mar 2025 18:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:90:e0:8c:24:c0:5f:73:a2:32:a6:da:29:f3:38:26:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53bbbbaa3ee24c7ad9b2c60432e14eda3849b5e2
Validity
Not Before: Mar 13 18:59:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cca76d5dd0373f898fcd800961781ae1ba48367a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e9:61:b4:03:e2:ca:08:e7:e7:22:c5:57:5d:
8d:f6:f8:80:b2:8e:08:5c:6f:f0:1e:fd:75:94:cc:
45:51:a3:24:c2:2c:31:a5:0a:75:ae:4e:a0:be:d2:
9b:a8:97:0a:ab:06:52:60:27:c0:cb:a1:2f:ac:d1:
7a:ba:8e:23:df:d2:b1:48:fa:12:d6:2c:e4:8e:f3:
8f:a7:79:07:b1:75:74:01:86:e2:8f:34:c4:2c:1c:
ff:e1:b4:cf:2f:77:71:21:8d:47:b2:f4:83:19:32:
37:e3:2a:a4:a8:59:ba:c2:0b:1e:78:0e:18:4e:68:
2e:d2:d3:85:64:c8:b9:ee:07:90:69:f1:26:56:a8:
24:58:98:cb:d4:f0:63:60:33:c6:8c:39:20:b7:d9:
fc:b9:20:06:75:be:0b:a6:0c:3e:24:6a:6c:d3:4d:
a7:a2:05:df:38:bf:04:4a:a1:d2:43:5a:36:8b:2c:
76:5f:35:c8:2c:d7:6f:00:eb:85:17:5f:df:08:46:
46:e4:de:0d:f8:46:ae:83:d8:62:65:67:96:74:9e:
58:9b:96:9e:f7:5b:95:d4:7f:57:a2:17:35:71:89:
a1:7b:33:7c:69:e2:73:f0:e1:8a:cf:1d:1a:4a:99:
58:1f:bc:bc:53:3f:68:b0:32:ff:b4:32:f3:44:66:
56:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:A7:6D:5D:D0:37:3F:89:8F:CD:80:09:61:78:1A:E1:BA:48:36:7A
X509v3 Authority Key Identifier:
keyid:53:BB:BB:AA:3E:E2:4C:7A:D9:B2:C6:04:32:E1:4E:DA:38:49:B5:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7u7qj7iTHrZssYEMuFO2jhJteI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/3394c0-4587-444e-9a25-00ecf0c4d0ef/1/zKdtXdA3P4mPzYAJYXga4bpINno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/3394c0-4587-444e-9a25-00ecf0c4d0ef/1/U7u7qj7iTHrZssYEMuFO2jhJteI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.29.28.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:68:cb:ba:cc:33:bc:39:3b:29:89:6b:64:37:5e:df:dd:49:
17:ca:56:44:c1:2a:51:99:a6:55:45:e1:ca:a5:e0:f6:e6:e2:
fd:bd:e2:d4:86:88:fb:23:38:66:5e:72:e2:10:89:cf:c4:a9:
bf:09:d0:ae:1f:07:18:12:02:d5:38:18:fc:28:e9:f7:29:52:
74:a5:9d:0a:f2:a5:31:88:2c:a5:84:4c:6a:d7:1a:58:a6:cb:
b0:3e:e8:ea:ec:8c:ca:b5:b0:7b:10:f7:fa:ae:2f:90:0c:9c:
96:0a:d4:3a:51:d1:20:16:38:95:f2:d0:fc:08:3e:13:9e:fb:
f8:14:36:98:39:64:73:8b:ab:49:24:6e:34:47:39:fb:24:d0:
8d:2d:04:0a:8b:fb:de:38:d9:70:6e:70:24:1c:9e:27:40:f2:
58:6e:90:4d:0a:6a:6b:82:66:23:fb:89:c2:6c:52:23:dd:84:
6c:c6:70:97:ab:56:47:2f:6e:16:7a:76:09:18:ff:81:4d:c7:
41:89:3e:16:46:77:f4:a3:2e:bd:c9:48:b2:d0:91:92:9e:d3:
6a:8c:16:de:b6:7f:e9:a5:9e:d6:be:4f:d2:34:78:8f:aa:41:
03:3c:76:eb:d3:04:13:f6:a2:54:08:be:bc:63:5d:69:e8:aa:
6c:c3:b7:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWQ4IwkwF9zojKm2inzOCZqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYmJiYmFhM2VlMjRjN2FkOWIyYzYwNDMyZTE0ZWRhMzg0
OWI1ZTIwHhcNMjUwMzEzMTg1OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2E3NmQ1ZGQwMzczZjg5OGZjZDgwMDk2MTc4MWFlMWJhNDgzNjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+lhtAPiygjn5yLFV12N9viAso4I
XG/wHv11lMxFUaMkwiwxpQp1rk6gvtKbqJcKqwZSYCfAy6EvrNF6uo4j39KxSPoS
1izkjvOPp3kHsXV0AYbijzTELBz/4bTPL3dxIY1HsvSDGTI34yqkqFm6wgseeA4Y
Tmgu0tOFZMi57geQafEmVqgkWJjL1PBjYDPGjDkgt9n8uSAGdb4Lpgw+JGps002n
ogXfOL8ESqHSQ1o2iyx2XzXILNdvAOuFF1/fCEZG5N4N+Eaug9hiZWeWdJ5Ym5ae
91uV1H9Xohc1cYmhezN8aeJz8OGKzx0aSplYH7y8Uz9osDL/tDLzRGZW5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMynbV3QNz+Jj82ACWF4GuG6SDZ6MB8GA1UdIwQY
MBaAFFO7u6o+4kx62bLGBDLhTto4SbXiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTd1N3FqN2lUSHJac3NZRU11Rk8yamhKdGVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8zMzk0YzAtNDU4Ny00NDRlLTlhMjUt
MDBlY2YwYzRkMGVmLzEvektkdFhkQTNQNG1QellBSllYZ2E0YnBJTm5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8zMzk0YzAtNDU4Ny00NDRlLTlhMjUtMDBlY2YwYzRkMGVm
LzEvVTd1N3FqN2lUSHJac3NZRU11Rk8yamhKdGVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1B0cMA0G
CSqGSIb3DQEBCwUAA4IBAQCNaMu6zDO8OTspiWtkN17f3UkXylZEwSpRmaZVReHK
peD25uL9veLUhoj7IzhmXnLiEInPxKm/CdCuHwcYEgLVOBj8KOn3KVJ0pZ0K8qUx
iCylhExq1xpYpsuwPujq7IzKtbB7EPf6ri+QDJyWCtQ6UdEgFjiV8tD8CD4Tnvv4
FDaYOWRzi6tJJG40Rzn7JNCNLQQKi/veONlwbnAkHJ4nQPJYbpBNCmprgmYj+4nC
bFIj3YRsxnCXq1ZHL24WenYJGP+BTcdBiT4WRnf0oy69yUiy0JGSntNqjBbetn/p
pZ7Wvk/SNHiPqkEDPHbr0wQT9qJUCL68Y11p6Kpsw7fl
-----END CERTIFICATE-----
Generated at Fri Apr 25 15:56:59 2025 by rpki-client