Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/c0b106-6bf1-4660-8aff-9cf87ff1ce5b/1/zUF-kW8UOxarhchcPRrvxta4JA0.roa
File: zUF-kW8UOxarhchcPRrvxta4JA0.roa (raw, json)
Hash identifier: XiEs539GkJGslzQJazrmCCrmnV/SotyKUOPk6QXssUs=
Subject key identifier: CD:41:7E:91:6F:14:3B:16:AB:85:C8:5C:3D:1A:EF:C6:D6:B8:24:0D
Certificate issuer: /CN=5e4098f206850488b72cdde8387c3181c63f8cdf
Certificate serial: 0193E2E51403A27BE3EF9C5D6E94DDDA6952
Authority key identifier: 5E:40:98:F2:06:85:04:88:B7:2C:DD:E8:38:7C:31:81:C6:3F:8C:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XkCY8gaFBIi3LN3oOHwxgcY_jN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/c0b106-6bf1-4660-8aff-9cf87ff1ce5b/1/zUF-kW8UOxarhchcPRrvxta4JA0.roa
Signing time: Fri 20 Dec 2024 07:08:03 +0000
ROA not before: Fri 20 Dec 2024 07:08:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215278
IP address blocks: 194.147.72.0/24 maxlen: 24
2001:67c:2d8c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e2:e5:14:03:a2:7b:e3:ef:9c:5d:6e:94:dd:da:69:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e4098f206850488b72cdde8387c3181c63f8cdf
Validity
Not Before: Dec 20 07:08:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd417e916f143b16ab85c85c3d1aefc6d6b8240d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:0b:34:3d:da:5c:f5:33:d1:d7:3a:ce:f3:6a:
11:8b:d7:0f:b3:84:0b:90:d4:f4:f7:9f:ed:2e:a5:
ec:95:69:57:e0:de:5a:39:11:b6:9b:76:65:a1:cb:
24:6f:04:3a:39:18:8b:a3:1c:f4:4b:99:74:db:1a:
8c:bb:60:87:ea:c7:a8:8e:f8:6f:70:e1:c2:78:8e:
0d:b4:4d:c1:c0:8c:9b:7e:34:92:19:8e:ed:67:d0:
28:91:1b:8a:90:7a:f6:dc:ac:27:e6:c5:b9:23:8a:
7a:5d:72:12:e0:09:16:e7:04:c0:e4:24:62:1b:07:
5f:6c:b2:a6:b3:f5:a1:d3:38:be:04:64:7e:d1:e9:
65:1e:6b:8d:f4:33:83:33:20:db:a2:d9:07:76:ad:
aa:6f:e6:1a:5a:86:12:cc:46:28:cd:cc:9f:c6:fa:
39:08:1a:88:d5:36:ee:06:b3:b8:e9:e0:70:78:8a:
0b:0c:31:06:b5:50:5e:63:2a:f3:b9:78:1b:76:88:
28:80:e1:e4:16:30:0f:45:a5:83:be:1a:a5:59:0f:
92:70:c2:18:7b:98:b5:8a:39:4c:52:4a:f5:8a:b0:
93:52:bd:b4:fb:48:3f:b7:f3:01:82:cd:69:08:e0:
b4:eb:ca:1e:e8:c3:12:bb:d2:3d:31:9e:e3:f9:b8:
bb:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:41:7E:91:6F:14:3B:16:AB:85:C8:5C:3D:1A:EF:C6:D6:B8:24:0D
X509v3 Authority Key Identifier:
keyid:5E:40:98:F2:06:85:04:88:B7:2C:DD:E8:38:7C:31:81:C6:3F:8C:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XkCY8gaFBIi3LN3oOHwxgcY_jN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/c0b106-6bf1-4660-8aff-9cf87ff1ce5b/1/zUF-kW8UOxarhchcPRrvxta4JA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/c0b106-6bf1-4660-8aff-9cf87ff1ce5b/1/XkCY8gaFBIi3LN3oOHwxgcY_jN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.72.0/24
IPv6:
2001:67c:2d8c::/48
Signature Algorithm: sha256WithRSAEncryption
2e:66:d0:6f:7c:45:85:f1:12:aa:73:8d:31:ad:6b:bf:04:6f:
a2:0f:e8:4a:62:e9:c0:7d:52:72:ba:e0:4a:d6:80:a1:c3:0e:
8f:fe:6f:65:f9:57:06:86:89:a1:da:fc:40:88:c5:9d:43:83:
11:fe:15:09:9b:2d:22:76:ad:ed:80:18:2d:aa:12:af:46:eb:
ee:d4:7e:78:4e:e0:18:66:c9:60:ae:be:1a:21:76:98:cd:c6:
01:fa:55:58:cb:da:42:31:a1:18:52:3b:b8:e8:54:2d:eb:d5:
9f:d1:dc:95:01:87:a5:0c:14:f3:95:96:45:26:cc:ca:84:c3:
74:98:f1:2e:9b:2e:25:8d:08:2e:61:35:63:ad:09:09:9f:5d:
72:48:59:25:f3:f0:cf:2d:ea:ac:58:cd:ab:01:69:02:8d:33:
63:a7:6c:40:ca:c0:84:c6:df:27:e3:96:46:0f:3d:b9:ca:dd:
38:c5:93:6c:b1:f2:eb:f9:98:e5:35:8f:41:06:4a:c9:17:35:
6d:5e:ac:21:78:2f:82:57:27:4f:f7:cd:42:d1:a8:15:9a:e1:
30:2e:33:51:5e:92:97:5e:d2:56:28:ee:c3:df:54:e4:62:b9:
5f:eb:72:84:41:48:54:b3:1b:1a:f6:f1:08:c2:b5:4d:76:98:
99:a1:b3:24
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZPi5RQDonvj75xdbpTd2mlSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNDA5OGYyMDY4NTA0ODhiNzJjZGRlODM4N2MzMTgxYzYz
ZjhjZGYwHhcNMjQxMjIwMDcwODAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDQxN2U5MTZmMTQzYjE2YWI4NWM4NWMzZDFhZWZjNmQ2YjgyNDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Qs0Pdpc9TPR1zrO82oRi9cPs4QL
kNT095/tLqXslWlX4N5aORG2m3ZlocskbwQ6ORiLoxz0S5l02xqMu2CH6seojvhv
cOHCeI4NtE3BwIybfjSSGY7tZ9AokRuKkHr23Kwn5sW5I4p6XXIS4AkW5wTA5CRi
GwdfbLKms/Wh0zi+BGR+0ellHmuN9DODMyDbotkHdq2qb+YaWoYSzEYozcyfxvo5
CBqI1TbuBrO46eBweIoLDDEGtVBeYyrzuXgbdogogOHkFjAPRaWDvhqlWQ+ScMIY
e5i1ijlMUkr1irCTUr20+0g/t/MBgs1pCOC068oe6MMSu9I9MZ7j+bi7UwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM1BfpFvFDsWq4XIXD0a78bWuCQNMB8GA1UdIwQY
MBaAFF5AmPIGhQSItyzd6Dh8MYHGP4zfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGtDWThnYUZCSWkzTE4zb09Id3hnY1lfak44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9jMGIxMDYtNmJmMS00NjYwLThhZmYt
OWNmODdmZjFjZTViLzEvelVGLWtXOFVPeGFyaGNoY1BScnZ4dGE0SkEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9jMGIxMDYtNmJmMS00NjYwLThhZmYtOWNmODdmZjFjZTVi
LzEvWGtDWThnYUZCSWkzTE4zb09Id3hnY1lfak44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwpNIMA8E
AgACMAkDBwAgAQZ8LYwwDQYJKoZIhvcNAQELBQADggEBAC5m0G98RYXxEqpzjTGt
a78Eb6IP6Epi6cB9UnK64ErWgKHDDo/+b2X5VwaGiaHa/ECIxZ1DgxH+FQmbLSJ2
re2AGC2qEq9G6+7UfnhO4BhmyWCuvhohdpjNxgH6VVjL2kIxoRhSO7joVC3r1Z/R
3JUBh6UMFPOVlkUmzMqEw3SY8S6bLiWNCC5hNWOtCQmfXXJIWSXz8M8t6qxYzasB
aQKNM2OnbEDKwITG3yfjlkYPPbnK3TjFk2yx8uv5mOU1j0EGSskXNW1erCF4L4JX
J0/3zULRqBWa4TAuM1Fekpde0lYo7sPfVORiuV/rcoRBSFSzGxr28QjCtU12mJmh
syQ=
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:57:56 2025 by rpki-client