Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ZLKWjU5d19tqWIplVkXSPpur1-I.roa
File: ZLKWjU5d19tqWIplVkXSPpur1-I.roa (raw, json)
Hash identifier: Fm4WhgXmq96bkA7PnPUOwggodIorL8PMq0JNAUTaC4Q=
Subject key identifier: 64:B2:96:8D:4E:5D:D7:DB:6A:58:8A:65:56:45:D2:3E:9B:AB:D7:E2
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FE932BDEAD789BAC540B1A0269D574436
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ZLKWjU5d19tqWIplVkXSPpur1-I.roa
Signing time: Wed 05 Jun 2024 16:19:27 +0000
ROA not before: Wed 05 Jun 2024 16:19:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200017
IP address blocks: 82.152.14.0/24 maxlen: 24
82.153.1.0/24 maxlen: 24
82.153.245.0/24 maxlen: 24
109.176.24.0/24 maxlen: 24
212.38.68.0/24 maxlen: 24
212.38.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Aug 2024 13:43:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e9:32:bd:ea:d7:89:ba:c5:40:b1:a0:26:9d:57:44:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 5 16:19:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64b2968d4e5dd7db6a588a655645d23e9babd7e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:84:f9:53:96:ca:0a:81:93:c4:ac:b3:5c:e1:
3b:3f:7b:38:81:52:c6:a5:a0:83:69:a9:55:90:0c:
9f:c4:0c:1f:c0:c3:0a:13:95:dc:6f:a6:1c:39:a9:
44:e5:da:4f:27:35:e7:b5:fb:af:97:98:6f:91:7e:
e6:56:b5:ed:bd:30:14:92:3b:86:92:2c:47:21:6f:
d0:60:cc:02:84:03:22:61:38:1d:21:47:2b:0d:5b:
d9:2a:20:d3:a4:76:e9:7b:95:8f:8c:02:1e:9a:57:
9b:b2:c7:73:f8:9d:9c:13:30:cf:c7:33:52:bf:26:
f1:ab:91:43:82:a8:fc:ee:be:fc:c7:1a:f5:31:ff:
2e:2c:eb:94:e6:95:a3:47:3e:76:04:3a:e0:b4:7b:
c1:cb:65:74:47:3f:8c:90:76:bb:35:53:11:d7:2b:
12:dd:c6:0a:f7:87:8d:be:07:9f:47:c0:e6:1c:c6:
94:9d:0c:01:f2:d7:38:a5:d8:a6:06:39:87:73:e9:
e0:80:ff:14:3c:05:fa:9b:b0:e9:4f:e1:46:04:a3:
16:36:b1:1e:1a:80:16:64:8a:6d:ed:24:dc:26:6a:
f7:a9:4f:0c:7a:6f:20:41:79:87:91:e5:a4:71:e9:
9f:dc:eb:de:3f:fd:11:d6:d1:51:bf:cd:3a:ef:46:
81:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:B2:96:8D:4E:5D:D7:DB:6A:58:8A:65:56:45:D2:3E:9B:AB:D7:E2
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ZLKWjU5d19tqWIplVkXSPpur1-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.14.0/24
82.153.1.0/24
82.153.245.0/24
109.176.24.0/24
212.38.68.0/24
212.38.74.0/24
Signature Algorithm: sha256WithRSAEncryption
72:1f:ec:94:25:09:55:86:e9:f8:0e:cb:8c:6c:de:e6:d0:d4:
79:7b:d0:4f:d5:24:63:2b:c7:4c:12:7d:8c:27:7d:bb:61:55:
0f:cd:a4:a9:56:e1:3d:33:15:08:ce:7d:47:5e:ce:31:97:0b:
00:16:b3:f6:0d:f7:73:79:5c:dd:ae:e4:32:8b:b3:c0:ee:55:
22:24:4f:8b:0b:94:e2:8c:59:fc:31:26:7c:6c:79:67:dd:33:
7d:00:c1:9b:20:57:18:ac:3f:54:9c:6a:fa:f3:7e:e8:e8:8d:
5b:98:00:81:ad:1e:d5:d4:43:af:07:4f:0c:5a:d0:79:21:33:
5c:2e:25:62:66:2f:17:a8:cd:3f:85:f8:bf:0c:3f:7e:b5:b4:
a9:5c:f9:d2:40:e4:96:da:8e:37:4d:25:c4:25:dc:de:45:a0:
0c:69:88:bc:3e:82:fe:80:ef:fa:d2:5d:68:14:94:7a:c4:f5:
88:21:f1:7b:29:7b:8d:4c:28:0c:7d:dc:90:98:9b:fb:29:5b:
8c:9c:24:7c:62:36:cd:ff:13:cc:dc:f7:5a:11:16:9c:47:3b:
a2:f2:fd:f8:b1:13:b0:eb:09:a0:d0:7a:b5:49:51:31:8f:6b:
33:18:20:c2:50:21:cb:b5:a4:35:a1:d9:d0:77:aa:db:5a:4f:
ca:e2:23:5c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY/pMr3q14m6xUCxoCadV0Q2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjA1MTYxOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGIyOTY4ZDRlNWRkN2RiNmE1ODhhNjU1NjQ1ZDIzZTliYWJkN2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA74T5U5bKCoGTxKyzXOE7P3s4gVLG
paCDaalVkAyfxAwfwMMKE5Xcb6YcOalE5dpPJzXntfuvl5hvkX7mVrXtvTAUkjuG
kixHIW/QYMwChAMiYTgdIUcrDVvZKiDTpHbpe5WPjAIemlebssdz+J2cEzDPxzNS
vybxq5FDgqj87r78xxr1Mf8uLOuU5pWjRz52BDrgtHvBy2V0Rz+MkHa7NVMR1ysS
3cYK94eNvgefR8DmHMaUnQwB8tc4pdimBjmHc+nggP8UPAX6m7DpT+FGBKMWNrEe
GoAWZIpt7STcJmr3qU8Mem8gQXmHkeWkcemf3OveP/0R1tFRv80670aBvwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGSylo1OXdfbaliKZVZF0j6bq9fiMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWkxLV2pVNWQxOXRxV0lwbFZrWFNQcHVyMS1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUpgOAwQA
UpkBAwQAUpn1AwQAbbAYAwQA1CZEAwQA1CZKMA0GCSqGSIb3DQEBCwUAA4IBAQBy
H+yUJQlVhun4DsuMbN7m0NR5e9BP1SRjK8dMEn2MJ327YVUPzaSpVuE9MxUIzn1H
Xs4xlwsAFrP2DfdzeVzdruQyi7PA7lUiJE+LC5TijFn8MSZ8bHln3TN9AMGbIFcY
rD9UnGr6837o6I1bmACBrR7V1EOvB08MWtB5ITNcLiViZi8XqM0/hfi/DD9+tbSp
XPnSQOSW2o43TSXEJdzeRaAMaYi8PoL+gO/60l1oFJR6xPWIIfF7KXuNTCgMfdyQ
mJv7KVuMnCR8YjbN/xPM3PdaERacRzui8v34sROw6wmg0Hq1SVExj2szGCDCUCHL
taQ1odnQd6rbWk/K4iNc
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:12:18 2025 by rpki-client