Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ZM7U31lbH2oyWKXKhJNEQvItB7Q.roa
File: ZM7U31lbH2oyWKXKhJNEQvItB7Q.roa (raw, json)
Hash identifier: IkDBQKk/OMYPGsNWSxQoExjG29UQQiekhUIAV+7kv1o=
Subject key identifier: 64:CE:D4:DF:59:5B:1F:6A:32:58:A5:CA:84:93:44:42:F2:2D:07:B4
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01957B5FF2B69F621166BA784CE98EAF2399
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ZM7U31lbH2oyWKXKhJNEQvItB7Q.roa
Signing time: Sun 09 Mar 2025 14:47:20 +0000
ROA not before: Sun 09 Mar 2025 14:47:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 82.153.216.0/24 maxlen: 24
82.153.217.0/24 maxlen: 24
82.153.218.0/24 maxlen: 24
82.153.219.0/24 maxlen: 24
89.213.0.0/22 maxlen: 24
194.105.76.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Apr 2025 14:10:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7b:5f:f2:b6:9f:62:11:66:ba:78:4c:e9:8e:af:23:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 9 14:47:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64ced4df595b1f6a3258a5ca84934442f22d07b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:23:31:11:0b:c7:31:b6:27:f5:eb:6f:e5:3f:
e5:14:b3:2c:10:6f:fd:71:6d:81:36:21:91:9f:a6:
3d:a4:1d:0f:d2:62:bc:2d:ab:b7:46:78:bf:17:88:
f6:d2:f2:9b:bb:f0:fe:1e:4d:57:b9:57:eb:18:30:
35:71:e0:97:bd:9b:85:19:03:e3:7b:5d:16:8a:b1:
f6:40:6f:10:f9:0d:7d:dd:78:9b:fc:56:2b:8a:20:
31:c1:dc:df:96:7a:4e:78:45:b3:c3:df:ac:59:69:
10:46:46:a2:0b:2a:9d:eb:25:9b:bb:65:08:17:a7:
9a:05:4b:d9:c8:bc:d8:98:2c:8b:bb:b0:ec:8a:9f:
6f:10:8c:5f:18:25:f2:28:ac:fb:dd:f7:2d:4a:85:
6e:af:34:e0:e9:28:13:c8:d2:58:69:26:d6:28:fe:
4a:a0:6d:d3:e8:43:d5:a8:94:c6:cb:a1:b1:c8:90:
61:f0:a0:62:1e:45:8f:4b:d2:a2:c1:eb:e3:38:85:
b4:d7:3b:e1:dd:8a:f3:4b:8a:0a:56:df:ab:ad:94:
3e:65:a3:b2:6d:ac:41:22:19:87:ee:22:16:d9:6a:
cf:5a:83:ab:fc:a0:16:47:a6:cf:db:bf:2f:f8:dd:
4a:f9:8d:63:bb:75:98:ab:7f:fe:1d:1a:be:e4:e4:
6a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:CE:D4:DF:59:5B:1F:6A:32:58:A5:CA:84:93:44:42:F2:2D:07:B4
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ZM7U31lbH2oyWKXKhJNEQvItB7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.216.0/22
89.213.0.0/22
194.105.76.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:18:bb:3d:3b:cf:f6:eb:b6:98:47:8d:74:0e:e0:d6:26:79:
10:0b:90:bf:c9:37:c4:78:f0:f4:ce:c6:82:10:f0:12:0a:c8:
f7:75:69:91:13:18:84:23:55:67:17:c5:28:d9:84:d7:11:18:
e7:c9:ae:71:34:44:8a:0c:69:9e:2e:69:18:ff:c9:be:84:52:
36:19:ea:9d:2a:ac:af:a6:23:df:2f:0a:3c:c7:8d:e6:dc:2d:
1f:07:3e:6e:3b:9b:7d:e4:b0:ff:84:8e:04:31:8d:8e:cf:aa:
87:6c:78:70:16:f9:55:53:7a:d1:af:9e:a9:56:be:7b:22:f4:
77:5d:8e:0e:eb:47:b2:10:37:35:4b:90:c8:8f:d9:75:96:53:
a7:25:17:4f:4a:5d:61:91:ba:08:a1:87:88:c7:19:56:84:43:
89:f6:1b:6e:4f:b7:36:ad:6f:4d:b9:4f:7a:73:8f:2b:33:73:
83:ca:57:34:f3:56:1f:bd:a0:1d:9e:af:35:24:83:8b:1c:f9:
ad:ca:14:12:df:47:b4:27:30:cf:44:27:b9:79:03:48:13:b3:
ed:28:bd:54:7b:4d:60:43:38:1d:29:c8:5e:d2:c6:47:71:cc:
e2:34:69:ce:71:ac:e1:58:bb:1a:1e:a6:0d:e1:fa:28:08:8e:
48:7b:a7:f9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZV7X/K2n2IRZrp4TOmOryOZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMzA5MTQ0NzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGNlZDRkZjU5NWIxZjZhMzI1OGE1Y2E4NDkzNDQ0MmYyMmQwN2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSMxEQvHMbYn9etv5T/lFLMsEG/9
cW2BNiGRn6Y9pB0P0mK8Lau3Rni/F4j20vKbu/D+Hk1XuVfrGDA1ceCXvZuFGQPj
e10WirH2QG8Q+Q193Xib/FYriiAxwdzflnpOeEWzw9+sWWkQRkaiCyqd6yWbu2UI
F6eaBUvZyLzYmCyLu7Dsip9vEIxfGCXyKKz73fctSoVurzTg6SgTyNJYaSbWKP5K
oG3T6EPVqJTGy6GxyJBh8KBiHkWPS9KiwevjOIW01zvh3YrzS4oKVt+rrZQ+ZaOy
baxBIhmH7iIW2WrPWoOr/KAWR6bP278v+N1K+Y1ju3WYq3/+HRq+5ORqOwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGTO1N9ZWx9qMlilyoSTRELyLQe0MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWk03VTMxbGJIMm95V0tYS2hKTkVRdkl0QjdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCUpnYAwQC
WdUAAwQCwmlMMA0GCSqGSIb3DQEBCwUAA4IBAQCPGLs9O8/267aYR410DuDWJnkQ
C5C/yTfEePD0zsaCEPASCsj3dWmRExiEI1VnF8Uo2YTXERjnya5xNESKDGmeLmkY
/8m+hFI2GeqdKqyvpiPfLwo8x43m3C0fBz5uO5t95LD/hI4EMY2Oz6qHbHhwFvlV
U3rRr56pVr57IvR3XY4O60eyEDc1S5DIj9l1llOnJRdPSl1hkboIoYeIxxlWhEOJ
9htuT7c2rW9NuU96c48rM3ODylc081YfvaAdnq81JIOLHPmtyhQS30e0JzDPRCe5
eQNIE7PtKL1Ue01gQzgdKche0sZHccziNGnOcazhWLsaHqYN4fooCI5Ie6f5
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:37:04 2025 by rpki-client