Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/zDFZ5J8dx_A2-BjC5Hp4qSyB47M.roa
File: zDFZ5J8dx_A2-BjC5Hp4qSyB47M.roa (raw, json)
Hash identifier: 7Zb/cfZZNYH11Lsb+ccnojkNgLWWDKkyI9+tZb75p6E=
Subject key identifier: CC:31:59:E4:9F:1D:C7:F0:36:F8:18:C2:E4:7A:78:A9:2C:81:E3:B3
Certificate issuer: /CN=3919f2ad91584baff0467447bac8fb978d1f9dd3
Certificate serial: 0194258E44D7A26AD46576DA1D414B7FE466
Authority key identifier: 39:19:F2:AD:91:58:4B:AF:F0:46:74:47:BA:C8:FB:97:8D:1F:9D:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ORnyrZFYS6_wRnRHusj7l40fndM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/zDFZ5J8dx_A2-BjC5Hp4qSyB47M.roa
Signing time: Thu 02 Jan 2025 05:47:48 +0000
ROA not before: Thu 02 Jan 2025 05:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39298
IP address blocks: 213.143.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Jan 2025 10:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:44:d7:a2:6a:d4:65:76:da:1d:41:4b:7f:e4:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3919f2ad91584baff0467447bac8fb978d1f9dd3
Validity
Not Before: Jan 2 05:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc3159e49f1dc7f036f818c2e47a78a92c81e3b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:86:6a:95:f8:2b:b6:d3:44:d1:e8:7d:19:6c:
d7:23:d8:3a:03:d0:c0:68:2b:70:db:e6:a2:37:bf:
c8:f3:b3:8f:74:5e:3a:26:4b:b8:e2:d3:62:31:e7:
1b:32:50:ad:d4:3f:cb:72:3c:7b:fb:e0:1f:94:bd:
c3:3a:7e:38:3e:20:ed:c1:1e:e9:09:55:3a:29:8a:
3a:4d:93:08:21:2b:6f:5f:69:95:0e:29:6f:49:87:
be:6d:90:14:b6:a6:fd:b1:b8:17:57:5c:7e:8f:ed:
d8:39:71:37:ed:81:3f:00:e4:b2:26:b6:ff:18:c3:
69:77:43:bd:89:19:c3:dc:5d:b4:ee:4a:20:2f:50:
f4:6d:ea:a0:21:1e:80:2f:0f:e7:f7:0d:c3:0d:ed:
1e:84:7e:7d:ef:6f:1a:11:48:5f:d4:97:26:d7:53:
8f:bb:f8:62:89:12:01:f2:3c:be:c3:e6:dc:88:43:
8c:f5:01:42:f3:72:e5:65:9c:2d:5d:68:53:86:9f:
55:12:63:10:4a:09:0a:d2:6d:42:30:ba:5c:ef:37:
76:ac:d5:3d:51:30:cd:97:c4:53:81:88:4c:44:9b:
75:a6:3c:8e:bd:44:ae:ef:7b:72:f9:df:6c:97:0d:
b4:e3:e1:6a:ac:93:d1:80:07:9d:34:bb:aa:ab:e5:
2d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:31:59:E4:9F:1D:C7:F0:36:F8:18:C2:E4:7A:78:A9:2C:81:E3:B3
X509v3 Authority Key Identifier:
keyid:39:19:F2:AD:91:58:4B:AF:F0:46:74:47:BA:C8:FB:97:8D:1F:9D:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ORnyrZFYS6_wRnRHusj7l40fndM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/zDFZ5J8dx_A2-BjC5Hp4qSyB47M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/ORnyrZFYS6_wRnRHusj7l40fndM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.143.251.0/24
Signature Algorithm: sha256WithRSAEncryption
38:1e:85:81:30:3d:7b:c8:d1:9f:62:49:fc:da:73:ce:df:7d:
41:80:0d:05:29:c7:5d:24:2d:99:46:4a:70:fc:aa:6c:41:0f:
f2:71:4b:3d:7f:3f:91:45:d9:f5:2a:5b:d6:ca:12:ce:53:cd:
0f:e0:66:e3:32:84:c4:bb:7e:a8:ca:70:a0:d5:54:b6:ca:0b:
97:f8:fb:86:8d:49:e4:46:f1:6a:85:5b:a0:fc:d0:e2:fd:a5:
71:58:d5:46:78:7f:d8:f3:a3:7a:45:dd:1c:3a:fd:f2:c1:91:
53:31:bb:53:d5:56:37:d0:29:7c:90:bf:ec:c1:70:96:16:d2:
04:34:58:c8:94:5d:df:c0:78:8c:62:95:32:b8:6e:81:7e:8a:
2a:03:49:96:d6:c8:dc:f0:e0:61:c5:20:12:67:ca:6d:71:50:
6c:da:65:d4:14:b9:24:29:9e:28:c4:61:aa:3d:b5:ff:fe:92:
0b:79:b3:fc:19:e3:83:ea:95:b5:ea:04:1f:e8:51:1c:bc:b4:
bd:db:9e:47:15:e3:6e:0a:88:c7:24:b2:4b:e3:5a:3f:89:b2:
1f:73:6f:e3:92:7a:64:e0:93:2d:dc:e3:be:8a:e3:f5:b5:8a:
0e:46:ea:4e:fb:52:92:a6:b4:3d:94:28:7c:79:fe:8b:0d:57:
1d:b7:2d:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQljkTXomrUZXbaHUFLf+RmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MTlmMmFkOTE1ODRiYWZmMDQ2NzQ0N2JhYzhmYjk3OGQx
ZjlkZDMwHhcNMjUwMTAyMDU0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzMxNTllNDlmMWRjN2YwMzZmODE4YzJlNDdhNzhhOTJjODFlM2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4ZqlfgrttNE0eh9GWzXI9g6A9DA
aCtw2+aiN7/I87OPdF46Jku44tNiMecbMlCt1D/Lcjx7++AflL3DOn44PiDtwR7p
CVU6KYo6TZMIIStvX2mVDilvSYe+bZAUtqb9sbgXV1x+j+3YOXE37YE/AOSyJrb/
GMNpd0O9iRnD3F207kogL1D0beqgIR6ALw/n9w3DDe0ehH59728aEUhf1Jcm11OP
u/hiiRIB8jy+w+bciEOM9QFC83LlZZwtXWhThp9VEmMQSgkK0m1CMLpc7zd2rNU9
UTDNl8RTgYhMRJt1pjyOvUSu73ty+d9slw204+FqrJPRgAedNLuqq+UtqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMwxWeSfHcfwNvgYwuR6eKksgeOzMB8GA1UdIwQY
MBaAFDkZ8q2RWEuv8EZ0R7rI+5eNH53TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1JueXJaRllTNl93Um5SSHVzajdsNDBmbmRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85MTE4ZTItYWU3NC00YzI0LWE3NzUt
MzJhYTY3MzFjMjkxLzEvekRGWjVKOGR4X0EyLUJqQzVIcDRxU3lCNDdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85MTE4ZTItYWU3NC00YzI0LWE3NzUtMzJhYTY3MzFjMjkx
LzEvT1JueXJaRllTNl93Um5SSHVzajdsNDBmbmRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1Y/7MA0G
CSqGSIb3DQEBCwUAA4IBAQA4HoWBMD17yNGfYkn82nPO331BgA0FKcddJC2ZRkpw
/KpsQQ/ycUs9fz+RRdn1KlvWyhLOU80P4GbjMoTEu36oynCg1VS2yguX+PuGjUnk
RvFqhVug/NDi/aVxWNVGeH/Y86N6Rd0cOv3ywZFTMbtT1VY30Cl8kL/swXCWFtIE
NFjIlF3fwHiMYpUyuG6BfooqA0mW1sjc8OBhxSASZ8ptcVBs2mXUFLkkKZ4oxGGq
PbX//pILebP8GeOD6pW16gQf6FEcvLS9255HFeNuCojHJLJL41o/ibIfc2/jknpk
4JMt3OO+iuP1tYoORupO+1KSprQ9lCh8ef6LDVcdty2K
-----END CERTIFICATE-----
Generated at Fri Apr 18 15:28:49 2025 by rpki-client