Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/4444ab-3da3-418b-a105-f2fe0d04bfbf/1/ZyEM52KArNUemSA9APTffn7vyu8.roa
File: ZyEM52KArNUemSA9APTffn7vyu8.roa (raw, json)
Hash identifier: 1gqklIS+a/daL94H7vytgoct0Hcyeqj9P9yWeUq3I3s=
Subject key identifier: 67:21:0C:E7:62:80:AC:D5:1E:99:20:3D:00:F4:DF:7E:7E:EF:CA:EF
Certificate issuer: /CN=ddd9770c307ea3960c8da268a8865a4a9fa634c9
Certificate serial: 019034351E0B257509A4EA39FAC31365B493
Authority key identifier: DD:D9:77:0C:30:7E:A3:96:0C:8D:A2:68:A8:86:5A:4A:9F:A6:34:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3dl3DDB-o5YMjaJoqIZaSp-mNMk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/4444ab-3da3-418b-a105-f2fe0d04bfbf/1/ZyEM52KArNUemSA9APTffn7vyu8.roa
Signing time: Thu 20 Jun 2024 05:53:34 +0000
ROA not before: Thu 20 Jun 2024 05:53:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 193.34.56.0/24 maxlen: 24
193.34.57.0/24 maxlen: 24
193.34.58.0/24 maxlen: 24
193.34.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:34:35:1e:0b:25:75:09:a4:ea:39:fa:c3:13:65:b4:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddd9770c307ea3960c8da268a8865a4a9fa634c9
Validity
Not Before: Jun 20 05:53:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67210ce76280acd51e99203d00f4df7e7eefcaef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:dc:97:6d:ac:fb:e1:a6:92:1b:33:6e:b4:ae:
b6:c8:c6:c2:40:a9:9b:52:41:da:ab:d5:ad:13:35:
01:d4:c5:f0:7d:42:b6:77:49:3a:a0:18:64:e7:e6:
00:fa:92:2e:ab:75:96:eb:d9:9b:49:a6:ff:43:05:
a2:11:4c:60:46:29:93:65:b7:95:9f:c7:ba:f7:69:
bc:4f:60:55:12:61:f2:98:b2:95:06:cd:21:b1:f7:
e0:29:9e:84:01:f3:16:e0:ac:e0:61:c3:15:d9:92:
0a:b4:fb:0a:41:f2:ab:87:c8:27:cb:2e:2d:2a:1c:
b6:e3:3a:51:5e:a1:ff:0d:69:a3:1e:0c:d5:2b:19:
10:9b:6f:42:4a:2f:fe:20:6f:dd:42:2c:3a:83:82:
b3:0c:1d:51:b6:05:94:8a:3b:d8:cf:05:19:8e:4d:
fb:d5:9e:00:6d:f6:ce:7d:25:63:fa:37:80:01:d3:
b2:0d:46:77:ec:be:1d:cf:18:d6:29:c1:24:c4:b4:
62:42:df:6c:b2:f7:2a:0b:fb:78:65:7d:e7:6f:1c:
79:53:16:d2:13:0b:a3:ec:3c:21:0a:c3:e9:ab:f0:
b9:54:9b:64:68:29:20:82:d9:83:61:a7:e6:66:16:
82:58:f8:eb:8f:ad:58:e5:7b:3a:d0:b1:f1:b4:b3:
2b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:21:0C:E7:62:80:AC:D5:1E:99:20:3D:00:F4:DF:7E:7E:EF:CA:EF
X509v3 Authority Key Identifier:
keyid:DD:D9:77:0C:30:7E:A3:96:0C:8D:A2:68:A8:86:5A:4A:9F:A6:34:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3dl3DDB-o5YMjaJoqIZaSp-mNMk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/4444ab-3da3-418b-a105-f2fe0d04bfbf/1/ZyEM52KArNUemSA9APTffn7vyu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/4444ab-3da3-418b-a105-f2fe0d04bfbf/1/3dl3DDB-o5YMjaJoqIZaSp-mNMk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.34.56.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:5d:1c:c1:8a:5c:35:d7:e5:00:fa:a1:5f:ad:ae:2d:60:3e:
5e:cd:4d:b4:0c:17:11:ff:52:6f:01:3c:a3:af:3c:3c:54:40:
42:64:e2:68:4a:c8:5f:4a:59:21:7d:67:d5:82:aa:86:13:6f:
b9:69:08:0c:0c:0b:57:fe:94:d0:f6:e1:32:ff:83:bb:36:e5:
01:c8:81:f1:b4:86:7b:39:d2:46:0c:52:8c:ef:b5:95:b1:56:
57:4f:cb:c3:6a:45:61:a9:8c:35:f6:ae:16:a2:20:b2:3f:fb:
d9:7b:69:2a:0b:c3:eb:7f:7c:f7:84:8e:28:03:4e:e6:33:f7:
c0:04:6f:45:3e:55:f0:5a:f0:51:e9:65:75:d5:ff:b5:8d:d5:
72:7a:da:be:0a:87:2a:b2:f2:cf:5f:36:29:15:53:b0:6a:c3:
df:26:4f:63:60:71:4a:4b:55:47:44:59:ee:ab:ea:1b:ea:11:
ba:6b:51:28:0f:92:ac:4a:06:65:f3:af:3f:8d:63:22:59:be:
89:24:01:16:c2:d3:16:52:97:59:4d:a9:1b:2e:fb:bd:5a:e4:
99:9a:9f:f1:bd:17:b9:d6:bb:b8:cc:e1:e6:03:de:57:ff:8b:
99:02:a9:50:4f:b8:c5:ac:3e:44:57:9d:1c:0a:44:26:67:00:
29:3a:65:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZA0NR4LJXUJpOo5+sMTZbSTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZDk3NzBjMzA3ZWEzOTYwYzhkYTI2OGE4ODY1YTRhOWZh
NjM0YzkwHhcNMjQwNjIwMDU1MzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzIxMGNlNzYyODBhY2Q1MWU5OTIwM2QwMGY0ZGY3ZTdlZWZjYWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3NyXbaz74aaSGzNutK62yMbCQKmb
UkHaq9WtEzUB1MXwfUK2d0k6oBhk5+YA+pIuq3WW69mbSab/QwWiEUxgRimTZbeV
n8e692m8T2BVEmHymLKVBs0hsffgKZ6EAfMW4KzgYcMV2ZIKtPsKQfKrh8gnyy4t
Khy24zpRXqH/DWmjHgzVKxkQm29CSi/+IG/dQiw6g4KzDB1RtgWUijvYzwUZjk37
1Z4AbfbOfSVj+jeAAdOyDUZ37L4dzxjWKcEkxLRiQt9ssvcqC/t4ZX3nbxx5UxbS
Ewuj7DwhCsPpq/C5VJtkaCkggtmDYafmZhaCWPjrj61Y5Xs60LHxtLMrUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGchDOdigKzVHpkgPQD0335+78rvMB8GA1UdIwQY
MBaAFN3ZdwwwfqOWDI2iaKiGWkqfpjTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2RsM0REQi1vNVlNamFKb3FJWmFTcC1tTk1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My80NDQ0YWItM2RhMy00MThiLWExMDUt
ZjJmZTBkMDRiZmJmLzEvWnlFTTUyS0FyTlVlbVNBOUFQVGZmbjd2eXU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My80NDQ0YWItM2RhMy00MThiLWExMDUtZjJmZTBkMDRiZmJm
LzEvM2RsM0REQi1vNVlNamFKb3FJWmFTcC1tTk1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwSI4MA0G
CSqGSIb3DQEBCwUAA4IBAQA6XRzBilw11+UA+qFfra4tYD5ezU20DBcR/1JvATyj
rzw8VEBCZOJoSshfSlkhfWfVgqqGE2+5aQgMDAtX/pTQ9uEy/4O7NuUByIHxtIZ7
OdJGDFKM77WVsVZXT8vDakVhqYw19q4WoiCyP/vZe2kqC8Prf3z3hI4oA07mM/fA
BG9FPlXwWvBR6WV11f+1jdVyetq+CocqsvLPXzYpFVOwasPfJk9jYHFKS1VHRFnu
q+ob6hG6a1EoD5KsSgZl868/jWMiWb6JJAEWwtMWUpdZTakbLvu9WuSZmp/xvRe5
1ru4zOHmA95X/4uZAqlQT7jFrD5EV50cCkQmZwApOmWo
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:28:24 2025 by rpki-client