Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/z-G6j4NQgW7sG_v8yWH3I13jVRQ.roa
File: z-G6j4NQgW7sG_v8yWH3I13jVRQ.roa (raw, json)
Hash identifier: 4Ba5Lf1ySw1AFbyAVYhVaN/R5rJEjA5B6cKwrU2sy/o=
Subject key identifier: CF:E1:BA:8F:83:50:81:6E:EC:1B:FB:FC:C9:61:F7:23:5D:E3:55:14
Certificate issuer: /CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Certificate serial: 0192D97503A377883FC0AE672E30AF76F0E4
Authority key identifier: 0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/z-G6j4NQgW7sG_v8yWH3I13jVRQ.roa
Signing time: Tue 29 Oct 2024 18:06:17 +0000
ROA not before: Tue 29 Oct 2024 18:06:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 37.1.208.0/21 maxlen: 21
2a02:c6c1:f::/48 maxlen: 48
2a0f:4b41::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d9:75:03:a3:77:88:3f:c0:ae:67:2e:30:af:76:f0:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Validity
Not Before: Oct 29 18:06:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cfe1ba8f8350816eec1bfbfcc961f7235de35514
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:51:e9:cf:cd:25:cb:79:c5:0d:08:b6:24:e3:
3d:9c:53:97:91:8b:e9:78:19:05:aa:7a:08:ec:2e:
de:c2:36:f1:a0:5c:fd:ed:36:ed:c2:94:b0:65:21:
1a:5b:88:50:e8:14:1c:98:b3:75:6e:f9:52:10:4f:
9c:00:5a:09:66:eb:7f:c5:53:23:4d:8f:d6:19:0a:
ad:8c:8b:84:62:c8:f5:3e:4a:c3:0c:f1:b4:fe:ff:
00:72:73:9e:f3:33:f7:29:ae:e9:59:0f:c5:93:d6:
b6:f9:5c:02:15:11:b9:81:34:f8:6c:3d:18:ce:a4:
c6:1a:00:1b:e1:44:d1:aa:a6:c3:7d:83:85:5a:88:
34:22:8d:b7:3c:a6:c3:82:60:9f:e3:03:74:b0:2e:
7a:71:ad:92:83:b1:bc:a1:30:53:3c:05:12:61:1b:
c5:1b:f3:64:92:b1:fa:b7:87:57:f4:a7:e5:84:c8:
eb:4e:7e:10:ce:d1:1d:f9:c6:4a:e9:d2:a0:c0:57:
f8:88:47:db:6e:3c:2f:0c:fe:b2:d7:ec:7d:a2:26:
f1:f7:1b:55:9d:05:93:97:ea:50:6b:4c:89:79:be:
8d:76:ca:5b:06:fd:2b:5f:60:56:ba:4d:4e:56:aa:
af:11:74:77:8d:81:57:45:99:6f:f9:2c:9c:5f:ad:
1f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:E1:BA:8F:83:50:81:6E:EC:1B:FB:FC:C9:61:F7:23:5D:E3:55:14
X509v3 Authority Key Identifier:
keyid:0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/z-G6j4NQgW7sG_v8yWH3I13jVRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.1.208.0/21
IPv6:
2a02:c6c1:f::/48
2a0f:4b41::/32
Signature Algorithm: sha256WithRSAEncryption
00:31:fa:82:00:0d:12:c9:c0:77:85:b6:c6:38:f7:0e:86:17:
c0:26:a2:a3:7d:62:22:65:8e:0b:33:e5:e1:99:f8:59:cf:f3:
66:93:95:42:20:c9:7a:11:db:ef:a1:d7:9a:17:a7:ca:d2:47:
68:ff:4e:d2:9f:ff:31:77:0a:f7:a1:06:70:cc:3c:69:fa:d7:
c2:fb:1b:52:e3:bc:0a:25:a0:e1:c7:32:9c:a6:91:9d:76:66:
b2:de:c3:0f:80:24:ac:7b:6e:b5:d4:2f:ee:ee:80:8e:c7:d6:
de:c9:ed:3b:b1:94:79:35:95:ec:d8:4d:91:96:d0:cb:c4:88:
38:ce:70:f0:1b:cd:9a:bb:17:69:e6:ed:2f:ba:cf:90:76:54:
1d:99:d0:46:1b:b2:76:b6:65:4a:5a:32:38:03:91:05:8c:51:
da:bb:ab:9d:d1:a0:46:f7:9d:dd:85:a0:27:70:1d:6e:60:87:
0d:9e:f1:30:18:f5:e8:d0:3c:3b:56:0a:e8:9b:06:24:b9:fe:
2b:63:0e:c5:73:54:dd:f1:3c:a1:73:99:42:3a:1b:eb:ee:fd:
41:d8:a7:d3:55:f3:54:51:54:83:cb:42:58:5b:1d:d2:7e:d3:
b0:ab:0f:d5:31:05:8f:2e:c4:f0:04:38:89:be:13:71:50:e6:
91:74:93:b8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZLZdQOjd4g/wK5nLjCvdvDkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjVjYjJmNTkwZDA0MTY1NGY0ZGZkYjYwYTI4ZjlhMTU0
NGY0NDQwHhcNMjQxMDI5MTgwNjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmUxYmE4ZjgzNTA4MTZlZWMxYmZiZmNjOTYxZjcyMzVkZTM1NTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFHpz80ly3nFDQi2JOM9nFOXkYvp
eBkFqnoI7C7ewjbxoFz97TbtwpSwZSEaW4hQ6BQcmLN1bvlSEE+cAFoJZut/xVMj
TY/WGQqtjIuEYsj1PkrDDPG0/v8AcnOe8zP3Ka7pWQ/Fk9a2+VwCFRG5gTT4bD0Y
zqTGGgAb4UTRqqbDfYOFWog0Io23PKbDgmCf4wN0sC56ca2Sg7G8oTBTPAUSYRvF
G/NkkrH6t4dX9KflhMjrTn4QztEd+cZK6dKgwFf4iEfbbjwvDP6y1+x9oibx9xtV
nQWTl+pQa0yJeb6NdspbBv0rX2BWuk1OVqqvEXR3jYFXRZlv+SycX60fpwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFM/huo+DUIFu7Bv7/Mlh9yNd41UUMB8GA1UdIwQY
MBaAFA71yy9ZDQQWVPTf22Cij5oVRPREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmIt
ZWU0MzVkM2NkNTg1LzEvei1HNmo0TlFnVzdzR192OHlXSDNJMTNqVlJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmItZWU0MzVkM2NkNTg1
LzEvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQDJQHQMBYE
AgACMBADBwAqAsbBAA8DBQAqD0tBMA0GCSqGSIb3DQEBCwUAA4IBAQAAMfqCAA0S
ycB3hbbGOPcOhhfAJqKjfWIiZY4LM+XhmfhZz/Nmk5VCIMl6EdvvodeaF6fK0kdo
/07Sn/8xdwr3oQZwzDxp+tfC+xtS47wKJaDhxzKcppGddmay3sMPgCSse2611C/u
7oCOx9beye07sZR5NZXs2E2RltDLxIg4znDwG82auxdp5u0vus+QdlQdmdBGG7J2
tmVKWjI4A5EFjFHau6ud0aBG953dhaAncB1uYIcNnvEwGPXo0Dw7VgromwYkuf4r
Yw7Fc1Td8Tyhc5lCOhvr7v1B2KfTVfNUUVSDy0JYWx3SftOwqw/VMQWPLsTwBDiJ
vhNxUOaRdJO4
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:39:22 2025 by rpki-client