Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Z0EwM2nryeUukAMtZWRiyPatL4s.roa
File: Z0EwM2nryeUukAMtZWRiyPatL4s.roa (raw, json)
Hash identifier: 6eG4Vm3EcA+s0yNN6jjUWsja9o+OvwIxKWYyu+Safp0=
Subject key identifier: 67:41:30:33:69:EB:C9:E5:2E:90:03:2D:65:64:62:C8:F6:AD:2F:8B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0191469C17D7D339F240C57822C023947494
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Z0EwM2nryeUukAMtZWRiyPatL4s.roa
Signing time: Mon 12 Aug 2024 12:42:00 +0000
ROA not before: Mon 12 Aug 2024 12:42:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214542
IP address blocks: 82.153.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Aug 2024 14:08:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:46:9c:17:d7:d3:39:f2:40:c5:78:22:c0:23:94:74:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 12 12:42:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6741303369ebc9e52e90032d656462c8f6ad2f8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:66:c4:22:16:f2:1b:75:85:ec:33:10:df:1f:
9b:88:62:aa:0c:8e:a3:bd:ea:ee:ad:39:cc:f0:60:
c8:f5:16:92:d8:87:b2:27:37:b4:ce:37:bf:dc:e7:
86:76:c9:20:4f:f3:08:c3:86:9f:da:d2:c4:3b:b0:
3d:0a:db:0e:66:ac:f3:95:66:7a:e3:ad:5c:ab:ab:
14:e6:dd:4d:cc:d2:c3:14:8b:ae:63:c6:9e:b9:fb:
cf:15:18:58:83:be:f1:38:ce:91:46:81:09:4b:71:
80:a2:3c:85:5f:8c:25:36:10:33:d4:87:9e:a9:7f:
d1:b2:c0:e8:5b:ca:fb:88:43:4b:f5:7a:e7:da:e1:
c9:31:76:33:d1:91:4c:01:7b:8f:cf:f7:5d:28:14:
bc:dd:25:e3:62:fe:33:4d:2a:23:ff:c8:45:54:9f:
47:e5:3d:95:45:00:84:9b:96:e4:64:61:cf:20:5e:
c5:d5:5d:2e:49:16:67:18:26:bc:e3:92:32:2e:b4:
cd:42:e4:39:45:2e:c2:54:97:14:18:bd:06:1e:6e:
db:19:d0:b0:b3:ac:3a:2f:1a:41:33:e5:b1:b4:33:
f7:ff:4b:60:05:33:65:e7:a5:13:fc:2d:50:1a:2f:
17:f0:0e:e2:65:93:64:f0:55:ee:cd:35:20:1a:fa:
37:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:41:30:33:69:EB:C9:E5:2E:90:03:2D:65:64:62:C8:F6:AD:2F:8B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Z0EwM2nryeUukAMtZWRiyPatL4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.205.0/24
Signature Algorithm: sha256WithRSAEncryption
21:69:7a:f6:52:75:57:fb:f2:bc:92:ff:55:d4:cc:87:a7:fc:
f8:5f:56:7c:60:6f:2f:0c:e6:88:23:09:b0:89:45:a6:b7:ff:
88:42:99:64:a1:e2:71:b7:ac:72:20:af:ac:76:f7:c3:25:93:
59:8b:25:53:46:58:55:c9:20:ac:b8:0e:7b:9c:90:26:f8:fb:
8a:ae:86:1a:8a:dd:ee:14:8e:82:e4:b6:27:6b:1c:cf:c4:e7:
8e:9e:78:81:6d:5f:67:02:24:a0:63:11:8c:6c:53:01:9f:8b:
cf:69:fd:b0:09:8c:47:e1:4f:9c:dd:91:6e:92:92:ea:eb:bd:
ab:5f:fc:76:6a:ba:63:c3:96:05:f9:49:e6:02:63:f4:88:84:
98:5e:2c:8a:7e:9e:9a:0c:d0:14:4f:33:2d:fb:91:1b:ac:6d:
b7:bd:2b:06:d6:ff:d6:78:39:73:46:01:34:a0:85:f6:21:5c:
df:76:3f:bd:f1:2a:a6:11:e6:d9:a7:1f:2d:b6:f7:57:ed:9c:
d6:d1:3f:3b:3b:26:31:25:42:67:f1:cb:7b:50:5f:78:47:30:
44:9c:9a:f2:23:5e:70:c9:af:75:62:b9:4b:c0:93:6c:28:58:
8a:bd:a9:70:a6:8d:bf:6a:ee:85:9f:ca:73:30:e5:7a:d6:07:
57:bc:d1:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFGnBfX0znyQMV4IsAjlHSUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwODEyMTI0MjAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzQxMzAzMzY5ZWJjOWU1MmU5MDAzMmQ2NTY0NjJjOGY2YWQyZjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumbEIhbyG3WF7DMQ3x+biGKqDI6j
verurTnM8GDI9RaS2IeyJze0zje/3OeGdskgT/MIw4af2tLEO7A9CtsOZqzzlWZ6
461cq6sU5t1NzNLDFIuuY8aeufvPFRhYg77xOM6RRoEJS3GAojyFX4wlNhAz1Iee
qX/RssDoW8r7iENL9Xrn2uHJMXYz0ZFMAXuPz/ddKBS83SXjYv4zTSoj/8hFVJ9H
5T2VRQCEm5bkZGHPIF7F1V0uSRZnGCa845IyLrTNQuQ5RS7CVJcUGL0GHm7bGdCw
s6w6LxpBM+WxtDP3/0tgBTNl56UT/C1QGi8X8A7iZZNk8FXuzTUgGvo3QQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGdBMDNp68nlLpADLWVkYsj2rS+LMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWjBFd00ybnJ5ZVV1a0FNdFpXUml5UGF0TDRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpnNMA0G
CSqGSIb3DQEBCwUAA4IBAQAhaXr2UnVX+/K8kv9V1MyHp/z4X1Z8YG8vDOaIIwmw
iUWmt/+IQplkoeJxt6xyIK+sdvfDJZNZiyVTRlhVySCsuA57nJAm+PuKroYait3u
FI6C5LYnaxzPxOeOnniBbV9nAiSgYxGMbFMBn4vPaf2wCYxH4U+c3ZFukpLq672r
X/x2arpjw5YF+UnmAmP0iISYXiyKfp6aDNAUTzMt+5EbrG23vSsG1v/WeDlzRgE0
oIX2IVzfdj+98SqmEebZpx8ttvdX7ZzW0T87OyYxJUJn8ct7UF94RzBEnJryI15w
ya91YrlLwJNsKFiKvalwpo2/au6Fn8pzMOV61gdXvNEU
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:19:48 2025 by rpki-client