Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ZWXW2TsDNMFPbqw_l3gTi-lPu5I.roa
File: ZWXW2TsDNMFPbqw_l3gTi-lPu5I.roa (raw, json)
Hash identifier: Jzts2nw5HFAw7XjM9KYbbZaq3evllfyWRoey9s9h/Ss=
Subject key identifier: 65:65:D6:D9:3B:03:34:C1:4F:6E:AC:3F:97:78:13:8B:E9:4F:BB:92
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FB93BEBA2312412E67DED752DAF729505
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ZWXW2TsDNMFPbqw_l3gTi-lPu5I.roa
Signing time: Mon 27 May 2024 08:47:42 +0000
ROA not before: Mon 27 May 2024 08:47:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 82.152.52.0/23 maxlen: 24
82.152.55.0/24 maxlen: 24
109.176.25.0/24 maxlen: 24
109.176.27.0/24 maxlen: 24
213.210.40.0/23 maxlen: 24
213.210.48.0/23 maxlen: 24
213.218.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 May 2024 07:59:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b9:3b:eb:a2:31:24:12:e6:7d:ed:75:2d:af:72:95:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 27 08:47:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6565d6d93b0334c14f6eac3f9778138be94fbb92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8a:04:4c:72:21:89:78:4e:f6:e2:bc:3f:87:
04:50:47:f3:1a:fa:d6:4b:f4:4a:29:03:62:8d:63:
fa:56:45:9e:8c:fe:ce:d6:42:4b:b9:7b:f5:7c:79:
c7:bb:e8:1f:40:19:44:03:bf:23:b3:bc:72:5b:cf:
33:f4:81:99:f6:d5:bb:c4:22:4d:fc:da:c1:14:4f:
03:52:74:96:f3:1c:34:7f:30:5f:10:a5:1a:d4:b6:
52:37:bb:ad:29:64:ad:85:93:16:7b:a1:22:32:fd:
27:a1:05:9e:3b:f4:ef:ad:12:f7:fa:f7:56:8f:f9:
46:3c:6a:e9:31:42:f2:cc:63:da:37:39:57:2c:b9:
b5:6d:7d:ed:56:69:85:b3:de:56:5f:48:ef:cd:07:
cb:d1:6f:32:0a:28:02:cb:b9:3c:0a:c0:d5:28:b7:
0c:a6:04:ca:f6:89:46:55:76:96:4b:66:14:e5:96:
f8:12:6d:65:b7:48:52:4f:e0:05:18:3c:7d:6d:73:
91:43:2a:21:be:6c:62:6f:45:ab:9c:f7:68:64:70:
da:ec:73:e3:3e:5c:28:c6:17:11:5d:f9:52:4d:6f:
d6:f1:d9:cf:00:70:bc:05:65:2b:0c:8d:1f:87:97:
db:32:db:7b:d5:1d:06:e0:17:f3:c9:69:9a:27:0a:
fe:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:65:D6:D9:3B:03:34:C1:4F:6E:AC:3F:97:78:13:8B:E9:4F:BB:92
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ZWXW2TsDNMFPbqw_l3gTi-lPu5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.52.0/23
82.152.55.0/24
109.176.25.0/24
109.176.27.0/24
213.210.40.0/23
213.210.48.0/23
213.218.226.0/24
Signature Algorithm: sha256WithRSAEncryption
04:48:ef:e2:54:ee:09:83:44:d3:66:18:1a:32:f6:e9:31:9b:
1b:5b:2e:9f:7a:f9:51:2a:72:c3:9d:db:7c:6d:fa:1c:6d:95:
aa:5d:d6:68:11:ee:0a:50:dd:1d:d4:72:5b:11:dd:74:10:20:
e7:cf:17:30:9f:43:81:cb:7a:c3:81:dc:a2:5e:be:7a:1b:06:
42:70:a9:71:0d:b1:2f:8c:20:57:6a:85:98:26:11:05:40:50:
e5:3b:cf:05:0e:95:2b:b5:81:29:85:02:d0:83:b8:db:43:bf:
58:0f:db:49:d3:2a:fd:16:a5:fc:06:5c:15:5d:77:f5:e3:a0:
ae:0f:83:d9:c9:ff:d1:e7:5d:72:f2:88:92:1b:1e:68:ff:8b:
19:3e:3d:d1:d2:a3:e0:5a:b6:0f:6d:1b:00:f5:61:71:be:34:
2a:ba:44:a8:f9:2a:0a:29:7c:1f:a4:a7:b1:65:de:1c:2d:2e:
59:c8:c5:2c:27:8e:ae:f3:c2:dc:17:7f:a3:5a:1e:3f:f5:a5:
4c:b2:78:8e:d5:c7:24:9e:dc:d0:20:d8:d4:83:77:93:7f:25:
13:9d:ed:c7:7b:53:7b:92:48:a4:ba:fb:7a:ba:c7:58:03:da:
7a:76:8e:37:23:9d:0a:8e:77:0f:a6:48:31:c6:a1:ea:fe:17:
c6:92:cc:fd
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY+5O+uiMSQS5n3tdS2vcpUFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTI3MDg0NzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTY1ZDZkOTNiMDMzNGMxNGY2ZWFjM2Y5Nzc4MTM4YmU5NGZiYjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvooETHIhiXhO9uK8P4cEUEfzGvrW
S/RKKQNijWP6VkWejP7O1kJLuXv1fHnHu+gfQBlEA78js7xyW88z9IGZ9tW7xCJN
/NrBFE8DUnSW8xw0fzBfEKUa1LZSN7utKWSthZMWe6EiMv0noQWeO/TvrRL3+vdW
j/lGPGrpMULyzGPaNzlXLLm1bX3tVmmFs95WX0jvzQfL0W8yCigCy7k8CsDVKLcM
pgTK9olGVXaWS2YU5Zb4Em1lt0hST+AFGDx9bXORQyohvmxib0WrnPdoZHDa7HPj
PlwoxhcRXflSTW/W8dnPAHC8BWUrDI0fh5fbMtt71R0G4BfzyWmaJwr+RQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGVl1tk7AzTBT26sP5d4E4vpT7uSMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWldYVzJUc0ROTUZQYnF3X2wzZ1RpLWxQdTVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBUpg0AwQA
Upg3AwQAbbAZAwQAbbAbAwQB1dIoAwQB1dIwAwQA1driMA0GCSqGSIb3DQEBCwUA
A4IBAQAESO/iVO4Jg0TTZhgaMvbpMZsbWy6fevlRKnLDndt8bfocbZWqXdZoEe4K
UN0d1HJbEd10ECDnzxcwn0OBy3rDgdyiXr56GwZCcKlxDbEvjCBXaoWYJhEFQFDl
O88FDpUrtYEphQLQg7jbQ79YD9tJ0yr9FqX8BlwVXXf146CuD4PZyf/R511y8oiS
Gx5o/4sZPj3R0qPgWrYPbRsA9WFxvjQqukSo+SoKKXwfpKexZd4cLS5ZyMUsJ46u
88LcF3+jWh4/9aVMsniO1cckntzQINjUg3eTfyUTne3He1N7kkikuvt6usdYA9p6
do43I50KjncPpkgxxqHq/hfGksz9
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:24:19 2025 by rpki-client