Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/qzzU4Nz3TttV1pehQ_-l_pqJzuU.roa
File: qzzU4Nz3TttV1pehQ_-l_pqJzuU.roa (raw, json)
Hash identifier: eTOhN3DpPz+7lV/sZDkWdXmeFt+VP5XpeQqZLvOZQ4E=
Subject key identifier: AB:3C:D4:E0:DC:F7:4E:DB:55:D6:97:A1:43:FF:A5:FE:9A:89:CE:E5
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0193CF51C604938AD9966D076FD9FAD9FEE6
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/qzzU4Nz3TttV1pehQ_-l_pqJzuU.roa
Signing time: Mon 16 Dec 2024 11:54:22 +0000
ROA not before: Mon 16 Dec 2024 11:54:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41745
IP address blocks: 212.192.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:54:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:cf:51:c6:04:93:8a:d9:96:6d:07:6f:d9:fa:d9:fe:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Dec 16 11:54:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab3cd4e0dcf74edb55d697a143ffa5fe9a89cee5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:3f:8d:ff:c0:0f:54:74:c5:03:4f:9c:9a:ad:
52:1e:ae:92:37:6f:b7:a4:f2:15:de:33:57:aa:c6:
95:f9:37:a2:d7:99:2b:d0:fb:f9:5f:79:7d:7b:d4:
82:d2:a6:5e:e1:8a:1c:39:4c:fb:63:e6:74:c4:45:
0d:ec:b4:94:00:98:e1:1c:59:73:34:c8:0c:b2:ed:
4f:f1:34:c5:8a:14:f4:c8:1e:67:d9:4c:d0:18:63:
4f:f5:de:73:50:23:92:cf:9e:62:ae:30:3f:5e:74:
b4:94:49:f4:92:74:5f:27:85:04:5e:b9:fd:5a:e0:
43:80:b9:17:e0:85:13:f9:fb:c8:90:45:58:9e:e6:
f4:bf:5b:c0:39:d2:b8:37:cb:5e:f2:a5:75:d7:a9:
8e:12:8a:ba:6e:ff:93:7a:1e:d6:0e:80:52:c8:80:
dc:95:01:e4:6c:5e:e1:3d:b8:95:69:04:f3:66:fe:
3a:bb:a7:d2:90:9a:47:5e:5b:2c:4c:4b:75:c7:9f:
09:be:91:bb:23:a8:26:fc:48:12:ea:45:f0:31:b9:
0e:37:a2:f6:a0:6b:0c:fb:ac:a5:d3:c8:ce:0c:72:
31:f7:eb:dd:18:ef:a1:13:53:f5:c4:33:c4:7d:9e:
ae:86:ed:13:24:e9:1e:0c:ee:57:62:35:7e:81:f9:
60:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:3C:D4:E0:DC:F7:4E:DB:55:D6:97:A1:43:FF:A5:FE:9A:89:CE:E5
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/qzzU4Nz3TttV1pehQ_-l_pqJzuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.192.9.0/24
Signature Algorithm: sha256WithRSAEncryption
70:3d:17:5a:c0:61:03:28:35:ff:26:b7:d9:35:d2:83:53:21:
35:ba:d9:d4:84:11:5c:6c:2b:d8:5d:cd:36:d6:f4:80:c4:2a:
e5:e8:25:56:7a:57:75:3b:a3:bf:1e:c7:3e:cd:4b:e2:ff:0b:
c1:29:8c:87:c0:75:56:9f:42:5d:0e:87:4e:a4:bc:58:c8:5e:
db:ec:a3:58:85:7e:f0:4f:54:bc:86:c8:64:63:5f:71:84:7a:
0a:c6:3c:c6:eb:88:73:ff:bb:a1:3c:02:0c:02:08:35:c1:0e:
b6:4b:b3:d6:bf:a7:00:60:f4:0b:c1:6c:04:8a:7e:ff:bf:8f:
24:00:0e:c8:86:47:ce:87:7c:ea:c7:ca:66:06:a9:cb:5f:da:
cd:33:5a:02:68:ef:be:8b:7a:22:87:83:a2:88:32:c8:ee:b4:
1a:65:1c:41:e7:b4:06:34:fd:37:3b:90:52:6f:1f:fd:aa:fa:
59:8e:b3:68:5f:f0:03:ae:0b:f4:76:b0:32:c9:dd:66:1d:77:
15:d3:b9:ac:a7:99:cc:ca:1c:48:9b:88:2f:f2:b3:01:77:14:
cc:1d:b8:45:1f:d1:18:53:41:78:99:df:fc:90:14:3f:32:0c:
58:39:9d:8d:56:96:3b:70:97:cb:d0:e3:d1:2a:b5:b3:45:4e:
a7:c9:e9:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPPUcYEk4rZlm0Hb9n62f7mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQxMjE2MTE1NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjNjZDRlMGRjZjc0ZWRiNTVkNjk3YTE0M2ZmYTVmZTlhODljZWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuT+N/8APVHTFA0+cmq1SHq6SN2+3
pPIV3jNXqsaV+Tei15kr0Pv5X3l9e9SC0qZe4YocOUz7Y+Z0xEUN7LSUAJjhHFlz
NMgMsu1P8TTFihT0yB5n2UzQGGNP9d5zUCOSz55irjA/XnS0lEn0knRfJ4UEXrn9
WuBDgLkX4IUT+fvIkEVYnub0v1vAOdK4N8te8qV116mOEoq6bv+Teh7WDoBSyIDc
lQHkbF7hPbiVaQTzZv46u6fSkJpHXlssTEt1x58JvpG7I6gm/EgS6kXwMbkON6L2
oGsM+6yl08jODHIx9+vdGO+hE1P1xDPEfZ6uhu0TJOkeDO5XYjV+gflgFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKs81ODc907bVdaXoUP/pf6aic7lMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvcXp6VTROejNUdHRWMXBlaFFfLWxfcHFKenVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1MAJMA0G
CSqGSIb3DQEBCwUAA4IBAQBwPRdawGEDKDX/JrfZNdKDUyE1utnUhBFcbCvYXc02
1vSAxCrl6CVWeld1O6O/Hsc+zUvi/wvBKYyHwHVWn0JdDodOpLxYyF7b7KNYhX7w
T1S8hshkY19xhHoKxjzG64hz/7uhPAIMAgg1wQ62S7PWv6cAYPQLwWwEin7/v48k
AA7IhkfOh3zqx8pmBqnLX9rNM1oCaO++i3oih4OiiDLI7rQaZRxB57QGNP03O5BS
bx/9qvpZjrNoX/ADrgv0drAyyd1mHXcV07msp5nMyhxIm4gv8rMBdxTMHbhFH9EY
U0F4md/8kBQ/MgxYOZ2NVpY7cJfL0OPRKrWzRU6nyelq
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:41:17 2025 by rpki-client