Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/172180-8f44-4161-ab7e-020307acbbb9/1/zJp3SNOr_8ddqMK5l2DferSbfas.roa
File: zJp3SNOr_8ddqMK5l2DferSbfas.roa (raw, json)
Hash identifier: X55i4VnhjONf1BomWCuFB3kGbemWBgrv5K0g+AdaITM=
Subject key identifier: CC:9A:77:48:D3:AB:FF:C7:5D:A8:C2:B9:97:60:DF:7A:B4:9B:7D:AB
Certificate issuer: /CN=481699c10b8ff8b91ab90940314ee93b27afdcd6
Certificate serial: 018CC6B78A96ACB2763E2F86518027BD0AB6
Authority key identifier: 48:16:99:C1:0B:8F:F8:B9:1A:B9:09:40:31:4E:E9:3B:27:AF:DC:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SBaZwQuP-LkauQlAMU7pOyev3NY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/172180-8f44-4161-ab7e-020307acbbb9/1/zJp3SNOr_8ddqMK5l2DferSbfas.roa
Signing time: Mon 01 Jan 2024 20:29:26 +0000
ROA not before: Mon 01 Jan 2024 20:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12399
IP address blocks: 185.247.40.0/22 maxlen: 22
212.211.128.0/17 maxlen: 17
212.75.32.0/19 maxlen: 19
2001:a78::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:8a:96:ac:b2:76:3e:2f:86:51:80:27:bd:0a:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=481699c10b8ff8b91ab90940314ee93b27afdcd6
Validity
Not Before: Jan 1 20:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc9a7748d3abffc75da8c2b99760df7ab49b7dab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:9c:01:32:ea:a3:8f:e7:c8:56:0f:79:30:20:
d2:23:35:3d:07:71:6d:1b:38:7f:17:04:c2:63:fa:
4d:58:2d:2b:1b:39:60:18:d5:da:f4:b7:92:35:ec:
76:f9:60:41:8a:b7:fc:cf:d9:5f:43:83:a9:5c:5c:
0b:de:bf:93:68:ea:8c:8c:b2:3b:f0:0c:46:b1:e9:
e9:85:22:c2:15:6e:5a:bc:ee:51:af:aa:31:86:2b:
61:3f:71:ec:19:4a:fa:b7:22:67:4d:54:3f:62:d5:
44:21:32:01:6b:c9:3a:54:1e:b4:44:4d:15:8c:c5:
6d:0c:01:d2:3a:d3:7d:ec:99:50:43:17:34:2f:cc:
57:d0:10:3a:86:95:f0:84:b5:b6:d1:e8:e0:c9:45:
86:f4:1a:3e:ed:68:fd:d5:99:2c:f8:69:ba:8e:d1:
31:87:cd:3e:9b:33:f8:28:4e:36:d4:51:82:8f:35:
a8:75:9f:7f:6a:bd:50:ae:c3:29:fe:bc:5b:ad:08:
52:f2:2a:6e:96:77:2e:5f:89:1a:bd:73:08:35:da:
4c:46:a9:be:38:db:24:0e:9e:a5:98:29:c8:7b:06:
d6:43:88:25:13:d4:43:24:4b:d3:68:42:80:89:6e:
87:3b:b8:6d:b6:52:33:9c:1a:2c:4d:8d:b7:72:ab:
2f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:9A:77:48:D3:AB:FF:C7:5D:A8:C2:B9:97:60:DF:7A:B4:9B:7D:AB
X509v3 Authority Key Identifier:
keyid:48:16:99:C1:0B:8F:F8:B9:1A:B9:09:40:31:4E:E9:3B:27:AF:DC:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SBaZwQuP-LkauQlAMU7pOyev3NY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/172180-8f44-4161-ab7e-020307acbbb9/1/zJp3SNOr_8ddqMK5l2DferSbfas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/172180-8f44-4161-ab7e-020307acbbb9/1/SBaZwQuP-LkauQlAMU7pOyev3NY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.247.40.0/22
212.75.32.0/19
212.211.128.0/17
IPv6:
2001:a78::/29
Signature Algorithm: sha256WithRSAEncryption
25:ae:e4:2f:02:2e:a8:53:eb:c1:fe:d5:73:09:6d:9e:81:39:
d0:73:55:07:6c:a0:27:84:fc:cb:6a:e6:3a:4e:d4:68:dd:02:
0f:89:ba:57:66:5e:c0:7b:58:e2:78:0e:81:16:39:15:54:6b:
ed:e7:02:c4:dc:73:1c:fc:48:91:b4:d5:d4:9e:28:06:98:f3:
44:77:3b:50:cb:04:21:04:ab:2f:f5:de:3c:12:4f:2e:7a:8c:
a4:43:af:bf:90:63:5f:2c:3a:34:88:af:f8:c9:81:56:6d:85:
71:96:dd:0c:91:ad:f7:d8:98:a3:3c:ea:8b:f9:d8:81:b5:e3:
45:9e:66:af:3a:93:80:c2:11:a2:57:03:b1:03:69:27:4e:fb:
d1:9c:73:ae:a5:fe:c3:ac:ea:fc:1f:72:0c:98:e0:1a:14:7c:
77:50:97:ef:bb:42:44:3d:1e:a8:88:42:49:9e:7a:17:4c:2e:
0f:71:d9:d2:fe:3a:cc:39:ba:ac:8f:e4:3e:f7:90:6b:c6:03:
c0:b3:64:a1:b9:02:e5:5d:30:4f:2c:c3:fb:54:02:f5:51:0e:
2c:e5:0f:13:b9:36:19:e8:bc:09:c9:f3:3e:ef:cc:96:9b:28:
6b:68:df:ab:38:f3:df:be:f4:fc:b9:d6:5b:c0:6b:79:51:ea:
9b:4f:f2:56
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzGt4qWrLJ2Pi+GUYAnvQq2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MTY5OWMxMGI4ZmY4YjkxYWI5MDk0MDMxNGVlOTNiMjdh
ZmRjZDYwHhcNMjQwMTAxMjAyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzlhNzc0OGQzYWJmZmM3NWRhOGMyYjk5NzYwZGY3YWI0OWI3ZGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZwBMuqjj+fIVg95MCDSIzU9B3Ft
Gzh/FwTCY/pNWC0rGzlgGNXa9LeSNex2+WBBirf8z9lfQ4OpXFwL3r+TaOqMjLI7
8AxGsenphSLCFW5avO5Rr6oxhithP3HsGUr6tyJnTVQ/YtVEITIBa8k6VB60RE0V
jMVtDAHSOtN97JlQQxc0L8xX0BA6hpXwhLW20ejgyUWG9Bo+7Wj91Zks+Gm6jtEx
h80+mzP4KE421FGCjzWodZ9/ar1QrsMp/rxbrQhS8ipulncuX4kavXMINdpMRqm+
ONskDp6lmCnIewbWQ4glE9RDJEvTaEKAiW6HO7httlIznBosTY23cqsvZwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMyad0jTq//HXajCuZdg33q0m32rMB8GA1UdIwQY
MBaAFEgWmcELj/i5GrkJQDFO6Tsnr9zWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0JhWndRdVAtTGthdVFsQU1VN3BPeWV2M05ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8xNzIxODAtOGY0NC00MTYxLWFiN2Ut
MDIwMzA3YWNiYmI5LzEvekpwM1NOT3JfOGRkcU1LNWwyRGZlclNiZmFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8xNzIxODAtOGY0NC00MTYxLWFiN2UtMDIwMzA3YWNiYmI5
LzEvU0JhWndRdVAtTGthdVFsQU1VN3BPeWV2M05ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCufcoAwQF
1EsgAwQH1NOAMA0EAgACMAcDBQMgAQp4MA0GCSqGSIb3DQEBCwUAA4IBAQAlruQv
Ai6oU+vB/tVzCW2egTnQc1UHbKAnhPzLauY6TtRo3QIPibpXZl7Ae1jieA6BFjkV
VGvt5wLE3HMc/EiRtNXUnigGmPNEdztQywQhBKsv9d48Ek8ueoykQ6+/kGNfLDo0
iK/4yYFWbYVxlt0Mka332JijPOqL+diBteNFnmavOpOAwhGiVwOxA2knTvvRnHOu
pf7DrOr8H3IMmOAaFHx3UJfvu0JEPR6oiEJJnnoXTC4PcdnS/jrMObqsj+Q+95Br
xgPAs2ShuQLlXTBPLMP7VAL1UQ4s5Q8TuTYZ6LwJyfM+78yWmyhraN+rOPPfvvT8
udZbwGt5UeqbT/JW
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:23 2025 by rpki-client