Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/zayn3zK_AfA6j50tzRM4z5oqt3U.roa
File: zayn3zK_AfA6j50tzRM4z5oqt3U.roa (raw, json)
Hash identifier: Yr2R/+1CISMT+r75lTpLSsGUyG2QXfD958Ww+gbl8bM=
Subject key identifier: CD:AC:A7:DF:32:BF:01:F0:3A:8F:9D:2D:CD:13:38:CF:9A:2A:B7:75
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019428237B9F53B41FDD106521186E3B1FBC
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/zayn3zK_AfA6j50tzRM4z5oqt3U.roa
Signing time: Thu 02 Jan 2025 17:50:01 +0000
ROA not before: Thu 02 Jan 2025 17:50:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215211
IP address blocks: 217.60.0.0/18 maxlen: 24
2a14:6e40::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 26 Jan 2025 12:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:7b:9f:53:b4:1f:dd:10:65:21:18:6e:3b:1f:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 2 17:50:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cdaca7df32bf01f03a8f9d2dcd1338cf9a2ab775
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:53:32:65:8a:66:c8:fd:02:0e:5b:34:18:c7:
53:ff:5a:33:43:f1:bc:b4:a8:6d:a7:e7:ca:d8:46:
5a:b9:f7:e8:b0:d6:e1:11:a7:2c:11:5e:b5:d0:85:
d9:8c:65:d2:5b:05:ef:3f:28:87:c1:64:3e:6a:2e:
22:96:4f:57:8c:3d:38:4d:c3:e4:0c:e2:08:35:4f:
f7:dd:10:c7:4d:8c:e8:3e:46:2b:95:2d:1b:1f:cf:
67:0c:8f:c7:12:80:54:cb:4b:fa:88:46:58:9d:a8:
01:28:32:ed:ec:d5:2f:e7:cc:bd:9a:d9:6b:6a:1a:
41:34:52:c5:66:77:4b:d2:11:6e:2d:89:e0:2a:b4:
dc:b0:83:e6:0d:89:fd:8b:d5:a5:7e:91:66:84:a8:
e1:6e:42:b6:ef:35:c6:b5:e3:88:62:9f:7c:48:a8:
20:4a:68:17:81:64:0b:71:85:89:ee:bc:6e:be:a4:
64:74:60:b0:67:56:3d:a9:97:72:ae:84:62:bc:8f:
2b:be:52:51:92:98:a1:db:23:9f:b9:12:ee:29:51:
53:13:86:26:7c:0e:d6:ec:f5:cd:9a:87:65:a3:28:
9e:de:c8:4f:78:bf:71:32:41:66:e8:10:b7:ff:29:
14:d7:3e:ab:73:c3:b2:38:3c:0b:0b:42:84:b7:94:
b0:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:AC:A7:DF:32:BF:01:F0:3A:8F:9D:2D:CD:13:38:CF:9A:2A:B7:75
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/zayn3zK_AfA6j50tzRM4z5oqt3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.0.0/18
IPv6:
2a14:6e40::/32
Signature Algorithm: sha256WithRSAEncryption
a6:72:3c:47:43:7f:0e:b1:6a:8a:d3:78:d8:30:df:2e:f3:7f:
44:d9:d9:1b:7d:0e:dc:64:12:19:3e:15:23:7c:cf:f2:96:a1:
82:f0:24:e1:67:52:23:19:e1:7a:08:16:84:b7:50:1e:cb:39:
d5:0f:cd:79:57:e1:f2:61:6a:a8:a4:4f:00:9e:31:d3:16:8b:
a6:06:8f:a3:e1:91:9a:3e:b9:fc:ed:0e:93:69:bd:7b:99:b9:
11:63:4b:e0:82:6a:fe:24:d4:3a:01:07:0f:96:02:bc:b6:de:
14:95:2c:11:57:99:d3:07:35:ff:70:f4:1a:dc:ff:5c:4e:91:
25:ef:40:34:2f:fb:ce:69:9e:1f:7d:90:e7:69:5c:b6:c3:3a:
24:a4:2f:05:a3:b9:13:6b:02:b9:fe:f4:0a:32:92:cd:c1:8f:
dd:6e:0c:ca:3f:45:00:5b:2b:e5:03:61:e6:8d:d5:65:90:b0:
6e:1d:ae:d1:77:4d:e0:1f:fb:99:a9:2f:d7:81:ea:a7:73:90:
62:4c:60:2a:26:dd:4b:1f:06:4c:c1:67:4a:79:0d:ed:ec:b2:
d3:b2:88:f0:0d:39:80:d5:90:fb:7b:03:34:1d:b6:22:0a:cd:
46:d0:10:a0:66:de:76:1e:ba:3d:64:e5:57:a5:1f:19:0a:b2:
8b:0a:dc:fc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQoI3ufU7Qf3RBlIRhuOx+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTAyMTc1MDAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGFjYTdkZjMyYmYwMWYwM2E4ZjlkMmRjZDEzMzhjZjlhMmFiNzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8VMyZYpmyP0CDls0GMdT/1ozQ/G8
tKhtp+fK2EZauffosNbhEacsEV610IXZjGXSWwXvPyiHwWQ+ai4ilk9XjD04TcPk
DOIINU/33RDHTYzoPkYrlS0bH89nDI/HEoBUy0v6iEZYnagBKDLt7NUv58y9mtlr
ahpBNFLFZndL0hFuLYngKrTcsIPmDYn9i9WlfpFmhKjhbkK27zXGteOIYp98SKgg
SmgXgWQLcYWJ7rxuvqRkdGCwZ1Y9qZdyroRivI8rvlJRkpih2yOfuRLuKVFTE4Ym
fA7W7PXNmodloyie3shPeL9xMkFm6BC3/ykU1z6rc8OyODwLC0KEt5SwIQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM2sp98yvwHwOo+dLc0TOM+aKrd1MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvemF5bjN6S19BZkE2ajUwdHpSTTR6NW9xdDNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQG2TwAMA0E
AgACMAcDBQAqFG5AMA0GCSqGSIb3DQEBCwUAA4IBAQCmcjxHQ38OsWqK03jYMN8u
839E2dkbfQ7cZBIZPhUjfM/ylqGC8CThZ1IjGeF6CBaEt1AeyznVD815V+HyYWqo
pE8AnjHTFoumBo+j4ZGaPrn87Q6Tab17mbkRY0vggmr+JNQ6AQcPlgK8tt4UlSwR
V5nTBzX/cPQa3P9cTpEl70A0L/vOaZ4ffZDnaVy2wzokpC8Fo7kTawK5/vQKMpLN
wY/dbgzKP0UAWyvlA2HmjdVlkLBuHa7Rd03gH/uZqS/Xgeqnc5BiTGAqJt1LHwZM
wWdKeQ3t7LLTsojwDTmA1ZD7ewM0HbYiCs1G0BCgZt52Hro9ZOVXpR8ZCrKLCtz8
-----END CERTIFICATE-----
Generated at Wed Feb 5 13:54:57 2025 by rpki-client