Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/zjhp9sRJkZlGX9_ZmzTaUsYlwvo.roa
File: zjhp9sRJkZlGX9_ZmzTaUsYlwvo.roa (raw, json)
Hash identifier: pZJ0et6W/uUDm1S/JW4gqKCMOx1ZwGJ+wg9vz5XCbiI=
Subject key identifier: CE:38:69:F6:C4:49:91:99:46:5F:DF:D9:9B:34:DA:52:C6:25:C2:FA
Certificate issuer: /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial: 018CC8DF90E5D601B90578E60ADBBD289B15
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/zjhp9sRJkZlGX9_ZmzTaUsYlwvo.roa
Signing time: Tue 02 Jan 2024 06:32:23 +0000
ROA not before: Tue 02 Jan 2024 06:32:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35011
IP address blocks: 88.80.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:90:e5:d6:01:b9:05:78:e6:0a:db:bd:28:9b:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Validity
Not Before: Jan 2 06:32:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce3869f6c4499199465fdfd99b34da52c625c2fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:bd:d3:ba:9b:fb:44:ed:02:0a:0e:8f:e9:0a:
52:e9:09:d0:4b:9e:6b:39:ea:77:e0:1a:1f:6d:cb:
c5:54:dc:03:ec:ef:50:74:52:b1:3e:88:74:2d:76:
1f:e4:00:69:47:b6:26:cb:43:92:e0:ae:df:45:f1:
f7:7b:e7:1f:fe:a2:c7:21:85:b5:a0:9a:68:87:64:
4f:b5:9d:42:01:e3:e3:c6:bc:a8:a1:38:6c:90:1b:
e7:6d:36:7a:35:6e:20:41:de:8c:cb:c6:5d:04:3a:
c6:c8:82:27:f5:dd:db:8b:94:9f:24:ac:e4:62:0d:
b4:9d:64:e7:10:7f:31:8e:aa:68:ca:a9:58:51:14:
7f:12:ee:b8:d8:7f:07:81:79:fa:29:68:f8:aa:fd:
c0:35:c2:ca:6c:75:d6:a1:b2:fc:fe:ce:08:97:0d:
c6:1c:64:f2:05:c0:1e:ac:67:ed:0a:29:20:bd:65:
70:62:24:fa:4c:58:c2:72:ac:b2:69:45:6c:ea:c1:
12:03:89:d7:58:7c:62:e9:b4:28:ab:ff:4c:e7:e7:
b8:09:eb:b9:0c:91:5a:d3:d8:73:20:73:06:2d:4f:
9f:3f:d1:0d:13:20:45:dc:b6:04:aa:dd:da:10:5e:
a5:01:75:50:5d:d6:0c:09:f8:bf:6d:39:b0:05:d2:
e2:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:38:69:F6:C4:49:91:99:46:5F:DF:D9:9B:34:DA:52:C6:25:C2:FA
X509v3 Authority Key Identifier:
keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/zjhp9sRJkZlGX9_ZmzTaUsYlwvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.80.129.0/24
Signature Algorithm: sha256WithRSAEncryption
96:20:c2:30:ed:c0:73:59:1b:a8:13:b6:47:cf:c1:94:84:2c:
76:0a:f3:39:86:8d:84:3a:1f:42:39:b9:c4:77:e7:b7:14:4a:
e0:a9:c6:f2:4e:96:95:87:f7:88:3a:53:35:a8:91:c7:20:03:
0b:ec:8a:3a:6f:4f:2b:0c:b9:b2:f0:45:07:5f:3e:8d:17:85:
db:ec:f1:bb:07:c7:e6:3f:a2:b3:b6:e6:0a:6c:ff:6a:8a:fe:
84:ef:3d:8f:76:1f:08:9d:b3:0f:e9:33:74:6e:d1:47:f7:35:
5d:e5:31:8f:2a:a5:f8:4b:c7:4e:6f:4a:80:64:7a:24:a5:88:
53:f7:3f:84:9b:e9:4e:2a:3c:aa:c7:f4:c3:98:d5:a5:40:43:
92:57:28:b5:b2:a3:6f:58:74:0c:09:71:3a:7a:5f:43:5e:f9:
29:d3:87:d9:4f:46:07:be:9f:64:42:b8:40:e5:68:2f:e7:18:
16:0e:22:84:2f:57:36:50:8e:65:3e:59:97:45:18:e8:8a:f2:
12:8f:84:fe:37:25:cd:c1:e3:76:37:1c:48:2e:3a:12:b1:6d:
4a:95:eb:0e:52:5e:12:e6:a9:4e:aa:f6:e9:a5:c2:be:72:c1:
c1:17:d2:12:d3:d7:71:aa:18:79:30:63:38:d0:e7:33:be:7e:
98:08:80:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI35Dl1gG5BXjmCtu9KJsVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjQwMTAyMDYzMjIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTM4NjlmNmM0NDk5MTk5NDY1ZmRmZDk5YjM0ZGE1MmM2MjVjMmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAob3Tupv7RO0CCg6P6QpS6QnQS55r
Oep34BofbcvFVNwD7O9QdFKxPoh0LXYf5ABpR7Ymy0OS4K7fRfH3e+cf/qLHIYW1
oJpoh2RPtZ1CAePjxryooThskBvnbTZ6NW4gQd6My8ZdBDrGyIIn9d3bi5SfJKzk
Yg20nWTnEH8xjqpoyqlYURR/Eu642H8HgXn6KWj4qv3ANcLKbHXWobL8/s4Ilw3G
HGTyBcAerGftCikgvWVwYiT6TFjCcqyyaUVs6sESA4nXWHxi6bQoq/9M5+e4Ceu5
DJFa09hzIHMGLU+fP9ENEyBF3LYEqt3aEF6lAXVQXdYMCfi/bTmwBdLiGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM44afbESZGZRl/f2Zs02lLGJcL6MB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvempocDlzUkprWmxHWDlfWm16VGFVc1lsd3ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWFCBMA0G
CSqGSIb3DQEBCwUAA4IBAQCWIMIw7cBzWRuoE7ZHz8GUhCx2CvM5ho2EOh9CObnE
d+e3FErgqcbyTpaVh/eIOlM1qJHHIAML7Io6b08rDLmy8EUHXz6NF4Xb7PG7B8fm
P6KztuYKbP9qiv6E7z2Pdh8InbMP6TN0btFH9zVd5TGPKqX4S8dOb0qAZHokpYhT
9z+Em+lOKjyqx/TDmNWlQEOSVyi1sqNvWHQMCXE6el9DXvkp04fZT0YHvp9kQrhA
5Wgv5xgWDiKEL1c2UI5lPlmXRRjoivISj4T+NyXNweN2NxxILjoSsW1KlesOUl4S
5qlOqvbppcK+csHBF9IS09dxqhh5MGM40Oczvn6YCIAj
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:44:33 2025 by rpki-client