Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/zgKl_pD8f8kRWMsxB8bAtvEaUfQ.roa
File: zgKl_pD8f8kRWMsxB8bAtvEaUfQ.roa (raw, json)
Hash identifier: LYwUgHnbm9jr3TZRnB1GN7nt/d/9uCMdAf4vangupyA=
Subject key identifier: CE:02:A5:FE:90:FC:7F:C9:11:58:CB:31:07:C6:C0:B6:F1:1A:51:F4
Certificate issuer: /CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Certificate serial: 0194236A19708CE942EA23656A519C2C764C
Authority key identifier: 97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/zgKl_pD8f8kRWMsxB8bAtvEaUfQ.roa
Signing time: Wed 01 Jan 2025 19:49:03 +0000
ROA not before: Wed 01 Jan 2025 19:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206119
IP address blocks: 82.206.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Feb 2025 10:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:19:70:8c:e9:42:ea:23:65:6a:51:9c:2c:76:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Validity
Not Before: Jan 1 19:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce02a5fe90fc7fc91158cb3107c6c0b6f11a51f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f2:b9:f2:bf:c9:28:84:d3:7d:7b:b5:2c:9e:
cd:b1:66:a4:e2:55:0b:0e:3e:68:42:c9:fe:e9:59:
73:70:48:16:bf:4a:75:9f:e8:a4:6a:78:68:f7:ce:
18:4d:df:b4:51:01:15:e1:1c:88:7f:5a:e3:88:b9:
21:de:f0:d9:10:f4:7b:47:ec:8e:85:ba:5d:8e:57:
7d:2a:a2:94:03:fe:16:01:4b:bf:b6:3d:7a:8a:0e:
83:1d:06:c2:bd:a6:e3:f9:a4:34:cb:ee:76:86:c3:
94:fa:76:69:c9:45:f4:4f:0a:26:41:11:ca:6e:92:
25:c4:7e:73:f3:c0:22:ad:a7:9a:99:13:be:ce:43:
1d:b5:e6:90:69:4a:d3:a0:9f:3e:67:16:e6:e9:a6:
ec:bf:be:56:bd:8b:82:b4:11:4e:d9:a4:14:3e:36:
70:2b:88:57:58:49:b1:10:e0:f4:f0:26:df:cf:d7:
76:87:e7:ed:b6:d8:5e:98:e6:94:4f:4f:9a:84:82:
9c:ef:11:6d:7c:75:9a:0c:7d:f3:a7:94:27:65:98:
3e:6a:b5:55:42:c6:28:70:1b:e2:39:a2:04:d2:dd:
db:1f:c2:4b:3c:11:66:7a:02:a6:38:45:fe:fa:99:
90:4b:15:59:db:f0:56:9a:6a:98:58:13:8f:2f:01:
43:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:02:A5:FE:90:FC:7F:C9:11:58:CB:31:07:C6:C0:B6:F1:1A:51:F4
X509v3 Authority Key Identifier:
keyid:97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/zgKl_pD8f8kRWMsxB8bAtvEaUfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.72.0/21
Signature Algorithm: sha256WithRSAEncryption
83:de:b0:a4:f1:59:9b:e0:1d:cc:9b:3a:29:70:ec:93:00:63:
be:dd:db:d8:bc:ff:ce:65:55:ad:df:4a:40:4f:0c:13:04:ca:
c2:2b:51:d5:dc:5c:bc:4c:14:c6:79:fd:c9:d7:6e:a8:da:f1:
eb:24:63:8e:8c:25:46:06:ee:a5:c3:d5:41:a7:e9:eb:d4:2f:
15:72:7a:19:df:72:09:dc:25:43:64:57:f3:50:0d:c2:cb:c9:
7b:19:b4:7a:00:a5:d6:b3:f9:d0:28:93:6e:bc:0e:fa:f3:3a:
c9:76:92:2c:9e:8e:92:86:c9:9f:ec:38:9f:0d:a2:fb:f3:2f:
36:94:d8:43:4b:1d:fe:df:43:d7:8f:0c:64:61:21:5a:9b:ca:
bd:8d:9a:1d:ce:92:c2:74:23:9f:18:35:4c:f4:4b:41:f4:e6:
a1:82:22:91:72:9f:05:a1:71:f2:5f:98:8d:9d:f7:37:15:fe:
fd:75:81:27:9e:d9:6b:85:63:ef:ca:78:5b:2c:43:b3:5d:a9:
42:56:9a:0d:86:e3:50:98:0e:c7:29:f8:59:8f:3f:90:43:df:
3e:52:48:9f:89:62:cd:75:fe:32:4a:22:26:32:42:45:45:35:
89:37:72:d2:47:1c:2e:d2:c7:65:ff:4d:b7:69:9a:09:a8:14:
63:68:ad:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjahlwjOlC6iNlalGcLHZMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTkxNDBiNDJkYjZjYjZiZjhjNmRkNDEzNzQ3ZmNmNGE2
ZmQ5YjUwHhcNMjUwMTAxMTk0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTAyYTVmZTkwZmM3ZmM5MTE1OGNiMzEwN2M2YzBiNmYxMWE1MWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPK58r/JKITTfXu1LJ7NsWak4lUL
Dj5oQsn+6VlzcEgWv0p1n+ikanho984YTd+0UQEV4RyIf1rjiLkh3vDZEPR7R+yO
hbpdjld9KqKUA/4WAUu/tj16ig6DHQbCvabj+aQ0y+52hsOU+nZpyUX0TwomQRHK
bpIlxH5z88AiraeamRO+zkMdteaQaUrToJ8+Zxbm6absv75WvYuCtBFO2aQUPjZw
K4hXWEmxEOD08Cbfz9d2h+fttthemOaUT0+ahIKc7xFtfHWaDH3zp5QnZZg+arVV
QsYocBviOaIE0t3bH8JLPBFmegKmOEX++pmQSxVZ2/BWmmqYWBOPLwFDyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM4Cpf6Q/H/JEVjLMQfGwLbxGlH0MB8GA1UdIwQY
MBaAFJeZFAtC22y2v4xt1BN0f89Kb9m1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2Qt
NTk1OTE5YmUwZjUyLzEvemdLbF9wRDhmOGtSV01zeEI4YkF0dkVhVWZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2QtNTk1OTE5YmUwZjUy
LzEvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDUs5IMA0G
CSqGSIb3DQEBCwUAA4IBAQCD3rCk8Vmb4B3MmzopcOyTAGO+3dvYvP/OZVWt30pA
TwwTBMrCK1HV3Fy8TBTGef3J126o2vHrJGOOjCVGBu6lw9VBp+nr1C8VcnoZ33IJ
3CVDZFfzUA3Cy8l7GbR6AKXWs/nQKJNuvA768zrJdpIsno6Shsmf7DifDaL78y82
lNhDSx3+30PXjwxkYSFam8q9jZodzpLCdCOfGDVM9EtB9OahgiKRcp8FoXHyX5iN
nfc3Ff79dYEnntlrhWPvynhbLEOzXalCVpoNhuNQmA7HKfhZjz+QQ98+UkifiWLN
df4ySiImMkJFRTWJN3LSRxwu0sdl/023aZoJqBRjaK14
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:26 2025 by rpki-client