Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/zfMtOWViSlKPxSz_4PLwI43Ozfs.roa
File: zfMtOWViSlKPxSz_4PLwI43Ozfs.roa (raw, json)
Hash identifier: Xn7IFf0sZtbvniWGaUxUw3HN1if0iWXr14EqbpEg17w=
Subject key identifier: CD:F3:2D:39:65:62:4A:52:8F:C5:2C:FF:E0:F2:F0:23:8D:CE:CD:FB
Certificate issuer: /CN=0a81fe9059f6820bc18ad5802f2f1fca77d254b7
Certificate serial: 01954BCCAEEDFB5A608E6569B57A1556DCBF
Authority key identifier: 0A:81:FE:90:59:F6:82:0B:C1:8A:D5:80:2F:2F:1F:CA:77:D2:54:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/zfMtOWViSlKPxSz_4PLwI43Ozfs.roa
Signing time: Fri 28 Feb 2025 09:04:19 +0000
ROA not before: Fri 28 Feb 2025 09:04:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198560
IP address blocks: 91.236.128.0/24 maxlen: 24
212.7.212.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Mar 2025 11:13:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4b:cc:ae:ed:fb:5a:60:8e:65:69:b5:7a:15:56:dc:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a81fe9059f6820bc18ad5802f2f1fca77d254b7
Validity
Not Before: Feb 28 09:04:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cdf32d3965624a528fc52cffe0f2f0238dcecdfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:be:a2:3e:0c:c6:85:81:f9:68:ae:17:1c:fd:
d9:98:13:b9:e0:fd:f1:f7:af:4f:2e:25:a9:74:96:
62:17:dd:f8:11:16:ea:88:2f:b7:6b:33:ba:76:91:
19:a6:d7:13:b2:aa:3c:c5:32:8e:fe:c8:51:c2:8c:
ac:4a:12:33:63:d9:de:8a:b9:16:91:1d:11:49:a6:
a2:1d:e0:22:48:6b:98:bc:5a:73:7d:89:b6:68:f5:
9c:ad:4c:a3:58:c0:40:f5:bf:39:26:f3:e6:f6:3f:
6f:9a:61:06:1e:0d:dd:60:3a:1d:2c:9f:56:7b:3d:
ed:84:03:ac:7a:8d:ae:78:07:fb:5d:76:18:86:60:
ae:9d:2b:08:a9:9a:74:e2:9b:76:53:ce:38:09:73:
c1:af:1e:8e:08:10:2c:32:9e:af:f6:50:c5:45:3d:
bd:23:7f:bf:34:82:39:9f:02:b6:65:12:18:bd:f6:
5b:c2:5d:ea:1c:80:82:c0:a1:7f:52:f4:0b:17:e4:
7d:94:13:bc:06:28:4c:25:99:f2:b8:97:ae:c3:e6:
c1:13:2e:6a:73:9a:1f:a4:24:99:ad:5b:b0:0e:9f:
f0:fa:6f:1a:e8:e2:7e:1f:a3:6f:77:5e:53:fe:9e:
2d:f7:40:a4:88:75:9e:8c:50:a6:93:cf:cf:5e:48:
7b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:F3:2D:39:65:62:4A:52:8F:C5:2C:FF:E0:F2:F0:23:8D:CE:CD:FB
X509v3 Authority Key Identifier:
keyid:0A:81:FE:90:59:F6:82:0B:C1:8A:D5:80:2F:2F:1F:CA:77:D2:54:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/zfMtOWViSlKPxSz_4PLwI43Ozfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/CoH-kFn2ggvBitWALy8fynfSVLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.128.0/24
212.7.212.0/24
Signature Algorithm: sha256WithRSAEncryption
52:1a:28:cf:45:bc:29:1a:94:08:e0:8d:ce:7a:ad:e0:17:cc:
40:26:a0:72:70:0a:29:93:db:ba:db:b0:5f:c2:42:d4:f9:f3:
1b:b9:ac:c4:08:8d:92:b7:3a:48:d9:e6:f4:97:c0:af:26:8d:
d7:18:c7:7c:ae:fa:c4:c3:6d:9a:e9:ec:1a:c4:48:2a:a5:6d:
06:6b:16:27:fa:19:84:b9:1a:b3:08:27:78:ab:23:d8:46:1e:
ac:f4:0c:75:fb:e3:8a:bd:d9:68:00:48:3f:48:9c:6d:35:0a:
3d:a8:be:7d:b2:09:d4:25:41:e3:fe:fc:62:fa:51:fb:c6:86:
84:18:cc:13:84:19:cb:13:2d:76:82:63:f6:03:dd:89:b0:1f:
d7:20:1c:49:bb:d7:e4:c9:76:11:6c:1b:33:46:9c:cc:ee:63:
dd:cc:05:0d:92:12:3b:cb:43:43:26:00:b4:39:1d:12:f3:cb:
53:f5:8c:0b:96:0f:ee:c9:95:50:3e:fb:dd:d1:91:28:5c:98:
32:88:80:95:1f:18:bf:3e:a9:ca:f7:05:71:e3:a5:15:f4:82:
0b:e5:b9:71:cb:5e:bc:d4:4f:8b:40:12:68:64:16:95:bb:7b:
ae:f0:1f:28:1a:31:1b:27:74:4f:96:b6:f1:33:4f:7f:0b:fe:
a7:b6:87:73
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZVLzK7t+1pgjmVptXoVVty/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhODFmZTkwNTlmNjgyMGJjMThhZDU4MDJmMmYxZmNhNzdk
MjU0YjcwHhcNMjUwMjI4MDkwNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGYzMmQzOTY1NjI0YTUyOGZjNTJjZmZlMGYyZjAyMzhkY2VjZGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0b6iPgzGhYH5aK4XHP3ZmBO54P3x
969PLiWpdJZiF934ERbqiC+3azO6dpEZptcTsqo8xTKO/shRwoysShIzY9neirkW
kR0RSaaiHeAiSGuYvFpzfYm2aPWcrUyjWMBA9b85JvPm9j9vmmEGHg3dYDodLJ9W
ez3thAOseo2ueAf7XXYYhmCunSsIqZp04pt2U844CXPBrx6OCBAsMp6v9lDFRT29
I3+/NII5nwK2ZRIYvfZbwl3qHICCwKF/UvQLF+R9lBO8BihMJZnyuJeuw+bBEy5q
c5ofpCSZrVuwDp/w+m8a6OJ+H6Nvd15T/p4t90CkiHWejFCmk8/PXkh7GQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM3zLTllYkpSj8Us/+Dy8CONzs37MB8GA1UdIwQY
MBaAFAqB/pBZ9oILwYrVgC8vH8p30lS3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ29ILWtGbjJnZ3ZCaXRXQUx5OGZ5bmZTVkxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC80OTg0ZGYtNmRiMi00ZTBhLTkxZjgt
YmYwNWFjYzgyYmQxLzEvemZNdE9XVmlTbEtQeFN6XzRQTHdJNDNPemZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC80OTg0ZGYtNmRiMi00ZTBhLTkxZjgtYmYwNWFjYzgyYmQx
LzEvQ29ILWtGbjJnZ3ZCaXRXQUx5OGZ5bmZTVkxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+yAAwQA
1AfUMA0GCSqGSIb3DQEBCwUAA4IBAQBSGijPRbwpGpQI4I3Oeq3gF8xAJqBycAop
k9u627BfwkLU+fMbuazECI2StzpI2eb0l8CvJo3XGMd8rvrEw22a6ewaxEgqpW0G
axYn+hmEuRqzCCd4qyPYRh6s9Ax1++OKvdloAEg/SJxtNQo9qL59sgnUJUHj/vxi
+lH7xoaEGMwThBnLEy12gmP2A92JsB/XIBxJu9fkyXYRbBszRpzM7mPdzAUNkhI7
y0NDJgC0OR0S88tT9YwLlg/uyZVQPvvd0ZEoXJgyiICVHxi/PqnK9wVx46UV9IIL
5blxy1681E+LQBJoZBaVu3uu8B8oGjEbJ3RPlrbxM09/C/6ntodz
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:54:31 2025 by rpki-client