Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4zIL4w3PXcn3wTykVnItpduA5BE.roa
File: 4zIL4w3PXcn3wTykVnItpduA5BE.roa (raw, json)
Hash identifier: XdWw9UiUzh20CaRkGawJlYk6KqDmIbW462Fk0we7dPc=
Subject key identifier: E3:32:0B:E3:0D:CF:5D:C9:F7:C1:3C:A4:56:72:2D:A5:DB:80:E4:11
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019421442C6E0134925A2F1C456DE1F79475
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4zIL4w3PXcn3wTykVnItpduA5BE.roa
Signing time: Wed 01 Jan 2025 09:48:23 +0000
ROA not before: Wed 01 Jan 2025 09:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215224
IP address blocks: 217.145.78.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Jan 2025 08:37:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:2c:6e:01:34:92:5a:2f:1c:45:6d:e1:f7:94:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3320be30dcf5dc9f7c13ca456722da5db80e411
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b6:ab:b5:b9:a6:8a:3f:bd:11:16:3b:6b:80:
df:1d:b1:fa:f4:ad:bd:74:b0:ca:c8:2c:d9:d4:1b:
8b:84:1d:92:b2:96:4f:d3:dd:d3:2a:55:f7:ed:10:
3f:24:e9:ff:8f:a4:c5:f1:ea:78:dd:63:f4:d4:78:
af:6a:21:68:c5:21:ff:88:3d:a9:66:f4:f6:7b:f1:
b9:f0:b3:b9:e6:eb:9e:30:f6:d3:04:f7:b4:40:2d:
f2:c3:6c:4d:79:0d:63:42:34:1a:6e:c3:5b:63:33:
3a:89:ff:a7:b2:21:79:d3:f7:3f:a6:77:8a:9d:f6:
c5:b3:58:ef:12:90:61:98:17:b3:e1:16:ce:44:04:
ac:d9:83:97:9f:00:2b:b3:1f:52:62:0c:20:6e:46:
3a:16:b8:9f:7d:b2:08:8b:0e:8e:39:1f:91:1e:94:
2d:70:95:6d:65:ab:95:d3:f8:e7:06:08:60:4e:be:
11:f0:80:ab:7c:7a:43:df:6d:4e:14:9d:6b:e5:38:
0c:ca:31:4d:96:c0:d5:8c:fc:6d:a1:92:b4:6b:97:
9a:ac:6d:be:58:20:bb:48:11:9a:48:66:b5:25:67:
33:b9:55:9f:d6:44:03:8f:d9:f5:f7:96:db:8c:e3:
39:7a:64:79:3a:66:56:14:91:e8:49:5c:96:af:5a:
ff:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:32:0B:E3:0D:CF:5D:C9:F7:C1:3C:A4:56:72:2D:A5:DB:80:E4:11
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4zIL4w3PXcn3wTykVnItpduA5BE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.145.78.0/24
Signature Algorithm: sha256WithRSAEncryption
85:9c:bd:68:74:30:23:9d:a9:01:85:4f:88:6d:cc:dd:48:58:
d7:c4:b8:b0:69:a7:e8:68:20:a3:46:ff:39:a1:ef:40:6d:56:
de:c4:a3:a3:c2:18:59:ef:a5:7f:ca:ea:5f:49:2c:4d:ae:c1:
97:15:37:cb:fa:86:0e:6f:96:0d:c0:06:6f:79:c2:26:9d:d9:
06:5f:de:0d:29:bc:58:db:d7:3c:cc:6a:64:0a:c3:3f:fa:b9:
16:2b:28:ea:c1:69:6e:bc:a6:33:a1:2a:91:8c:60:27:cc:69:
1e:54:31:ab:5c:3a:c9:60:d1:71:65:02:00:77:8a:d2:32:69:
75:fb:80:1b:4a:4d:20:1c:e7:4b:ac:93:80:55:43:8d:50:49:
26:72:d1:55:45:4b:a6:b5:de:bc:67:6c:e2:b5:da:77:44:36:
0e:59:01:0f:85:0d:a9:f4:55:eb:36:d0:40:64:87:aa:11:96:
21:31:87:14:be:7b:79:da:b3:29:8a:c1:b7:2f:13:4d:ab:e3:
dd:01:fa:3f:71:56:72:7e:df:71:59:5d:c3:2e:1c:7f:fb:ba:
4b:7f:ac:ab:7f:cb:e5:a5:44:6a:4f:e4:6e:5b:66:7a:14:4f:
da:1a:f0:2e:76:ee:58:dd:3e:15:dd:51:21:df:ed:73:1f:0a:
8f:7f:c5:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRCxuATSSWi8cRW3h95R1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzMyMGJlMzBkY2Y1ZGM5ZjdjMTNjYTQ1NjcyMmRhNWRiODBlNDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrartbmmij+9ERY7a4DfHbH69K29
dLDKyCzZ1BuLhB2SspZP093TKlX37RA/JOn/j6TF8ep43WP01HivaiFoxSH/iD2p
ZvT2e/G58LO55uueMPbTBPe0QC3yw2xNeQ1jQjQabsNbYzM6if+nsiF50/c/pneK
nfbFs1jvEpBhmBez4RbORASs2YOXnwArsx9SYgwgbkY6FriffbIIiw6OOR+RHpQt
cJVtZauV0/jnBghgTr4R8ICrfHpD321OFJ1r5TgMyjFNlsDVjPxtoZK0a5earG2+
WCC7SBGaSGa1JWczuVWf1kQDj9n195bbjOM5emR5OmZWFJHoSVyWr1r/bQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOMyC+MNz13J98E8pFZyLaXbgOQRMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNHpJTDR3M1BYY24zd1R5a1ZuSXRwZHVBNUJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZFOMA0G
CSqGSIb3DQEBCwUAA4IBAQCFnL1odDAjnakBhU+IbczdSFjXxLiwaafoaCCjRv85
oe9AbVbexKOjwhhZ76V/yupfSSxNrsGXFTfL+oYOb5YNwAZvecImndkGX94NKbxY
29c8zGpkCsM/+rkWKyjqwWluvKYzoSqRjGAnzGkeVDGrXDrJYNFxZQIAd4rSMml1
+4AbSk0gHOdLrJOAVUONUEkmctFVRUumtd68Z2zitdp3RDYOWQEPhQ2p9FXrNtBA
ZIeqEZYhMYcUvnt52rMpisG3LxNNq+PdAfo/cVZyft9xWV3DLhx/+7pLf6yrf8vl
pURqT+RuW2Z6FE/aGvAudu5Y3T4V3VEh3+1zHwqPf8Uu
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:18:17 2025 by rpki-client