Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/f8e8e5-692b-40a9-b32f-394c47ff45ae/1/Zk3X8vaf-Op8d0fB2nE1nsbayuI.roa
File: Zk3X8vaf-Op8d0fB2nE1nsbayuI.roa (raw, json)
Hash identifier: Qp3TGacdtYk0iwxuPwnNeqsDhdHUtzNDCXhRm2mOcNM=
Subject key identifier: 66:4D:D7:F2:F6:9F:F8:EA:7C:77:47:C1:DA:71:35:9E:C6:DA:CA:E2
Certificate issuer: /CN=869ab33046862ab58405e5e927ddf41272dfc714
Certificate serial: 0190BBF85DB5AEB5D6D91CF4C99C419A6FB7
Authority key identifier: 86:9A:B3:30:46:86:2A:B5:84:05:E5:E9:27:DD:F4:12:72:DF:C7:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpqzMEaGKrWEBeXpJ930EnLfxxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/f8e8e5-692b-40a9-b32f-394c47ff45ae/1/Zk3X8vaf-Op8d0fB2nE1nsbayuI.roa
Signing time: Tue 16 Jul 2024 14:35:34 +0000
ROA not before: Tue 16 Jul 2024 14:35:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42274
IP address blocks: 91.192.12.0/22 maxlen: 22
193.111.44.0/24 maxlen: 24
193.111.56.0/22 maxlen: 22
193.111.56.0/24 maxlen: 24
2001:67c:36c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 17 Jul 2024 08:49:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bb:f8:5d:b5:ae:b5:d6:d9:1c:f4:c9:9c:41:9a:6f:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=869ab33046862ab58405e5e927ddf41272dfc714
Validity
Not Before: Jul 16 14:35:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=664dd7f2f69ff8ea7c7747c1da71359ec6dacae2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:00:03:31:87:e8:53:8d:5a:4b:46:ac:25:68:
10:93:15:25:60:24:3f:f8:12:fc:ef:a6:8f:49:14:
d3:0f:86:62:49:3b:b0:49:6e:c4:cc:17:71:dc:c5:
66:7f:f6:02:03:77:7f:85:85:3c:1e:aa:c5:22:7e:
71:0e:4a:f8:36:90:70:fc:be:f8:59:48:c8:46:47:
4e:d8:96:29:4e:31:4c:86:9c:1e:f8:8b:95:ff:c9:
fc:26:69:5b:07:47:ce:02:24:7b:75:c9:ef:97:de:
17:13:1f:7d:6e:36:2a:ef:b5:d7:1f:25:d5:8e:52:
36:31:84:21:9f:57:52:2d:42:87:8f:f6:db:72:7b:
33:ad:62:d0:49:e8:a3:21:59:c6:79:ce:d4:9d:fa:
9a:64:63:c8:5e:56:0f:5d:9d:d6:e6:8b:e2:36:fd:
41:04:12:74:94:e2:8c:60:a3:e4:ab:60:0e:fd:fa:
a5:0b:b5:41:a8:97:89:83:8d:a6:c0:b8:18:ff:59:
d6:8c:2b:91:14:23:ca:05:71:ad:ed:b2:eb:97:a9:
77:58:b6:96:ae:5b:ae:bd:44:d1:1c:43:4a:e4:32:
36:20:6d:45:16:d3:eb:63:87:43:c9:99:e0:62:2a:
99:c4:56:26:53:4c:2c:01:59:4f:e4:30:22:9d:11:
db:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:4D:D7:F2:F6:9F:F8:EA:7C:77:47:C1:DA:71:35:9E:C6:DA:CA:E2
X509v3 Authority Key Identifier:
keyid:86:9A:B3:30:46:86:2A:B5:84:05:E5:E9:27:DD:F4:12:72:DF:C7:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpqzMEaGKrWEBeXpJ930EnLfxxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/f8e8e5-692b-40a9-b32f-394c47ff45ae/1/Zk3X8vaf-Op8d0fB2nE1nsbayuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/f8e8e5-692b-40a9-b32f-394c47ff45ae/1/hpqzMEaGKrWEBeXpJ930EnLfxxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.12.0/22
193.111.44.0/24
193.111.56.0/22
IPv6:
2001:67c:36c::/48
Signature Algorithm: sha256WithRSAEncryption
ac:46:c5:3c:9e:52:a9:00:6a:e9:8e:9d:ab:a7:06:28:ce:55:
18:43:6a:4c:55:db:21:b6:5e:96:88:72:8c:b9:82:21:6c:35:
5f:c5:fd:0c:48:50:e1:e2:87:e8:05:29:81:64:b8:5a:ad:a1:
d2:b5:18:16:44:a4:79:3e:7d:e6:bf:71:9f:d2:f0:86:cf:81:
55:5d:15:4f:b6:df:65:33:27:f9:7f:89:47:6e:05:72:5c:a6:
4b:7f:b3:7f:6b:20:70:e4:9d:f3:6d:bc:2b:eb:5b:ba:6d:74:
cb:1d:95:e8:46:0c:5d:ef:76:e3:37:5f:e9:49:56:2a:7d:8a:
94:0f:bc:e7:78:f4:e2:5b:5a:bf:2a:ee:06:fe:5c:1e:31:d9:
99:99:c9:7f:b0:d0:69:bb:ac:0f:3a:1f:68:cd:d8:f7:06:8b:
1e:91:39:28:91:1b:c5:40:73:da:a5:bd:8e:81:ec:1a:5e:9f:
71:79:84:1f:3a:b6:66:78:f8:cd:87:58:59:e8:e6:42:59:2e:
5a:a1:54:bf:4d:d4:7e:03:75:a6:35:2b:52:62:43:79:79:50:
57:e8:6d:0c:0f:90:1c:08:99:cb:3a:32:c7:16:2b:bc:78:37:
5f:f3:0c:63:3a:e1:87:c3:bf:e4:07:26:f3:b9:fc:35:bf:83:
a7:15:c4:35
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZC7+F21rrXW2Rz0yZxBmm+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OWFiMzMwNDY4NjJhYjU4NDA1ZTVlOTI3ZGRmNDEyNzJk
ZmM3MTQwHhcNMjQwNzE2MTQzNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjRkZDdmMmY2OWZmOGVhN2M3NzQ3YzFkYTcxMzU5ZWM2ZGFjYWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwADMYfoU41aS0asJWgQkxUlYCQ/
+BL876aPSRTTD4ZiSTuwSW7EzBdx3MVmf/YCA3d/hYU8HqrFIn5xDkr4NpBw/L74
WUjIRkdO2JYpTjFMhpwe+IuV/8n8JmlbB0fOAiR7dcnvl94XEx99bjYq77XXHyXV
jlI2MYQhn1dSLUKHj/bbcnszrWLQSeijIVnGec7UnfqaZGPIXlYPXZ3W5oviNv1B
BBJ0lOKMYKPkq2AO/fqlC7VBqJeJg42mwLgY/1nWjCuRFCPKBXGt7bLrl6l3WLaW
rluuvUTRHENK5DI2IG1FFtPrY4dDyZngYiqZxFYmU0wsAVlP5DAinRHbwQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFGZN1/L2n/jqfHdHwdpxNZ7G2sriMB8GA1UdIwQY
MBaAFIaaszBGhiq1hAXl6Sfd9BJy38cUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBxek1FYUdLcldFQmVYcEo5MzBFbkxmeHhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9mOGU4ZTUtNjkyYi00MGE5LWIzMmYt
Mzk0YzQ3ZmY0NWFlLzEvWmszWDh2YWYtT3A4ZDBmQjJuRTFuc2JheXVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9mOGU4ZTUtNjkyYi00MGE5LWIzMmYtMzk0YzQ3ZmY0NWFl
LzEvaHBxek1FYUdLcldFQmVYcEo5MzBFbkxmeHhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQCW8AMAwQA
wW8sAwQCwW84MA8EAgACMAkDBwAgAQZ8A2wwDQYJKoZIhvcNAQELBQADggEBAKxG
xTyeUqkAaumOnaunBijOVRhDakxV2yG2XpaIcoy5giFsNV/F/QxIUOHih+gFKYFk
uFqtodK1GBZEpHk+fea/cZ/S8IbPgVVdFU+232UzJ/l/iUduBXJcpkt/s39rIHDk
nfNtvCvrW7ptdMsdlehGDF3vduM3X+lJVip9ipQPvOd49OJbWr8q7gb+XB4x2ZmZ
yX+w0Gm7rA86H2jN2PcGix6ROSiRG8VAc9qlvY6B7Bpen3F5hB86tmZ4+M2HWFno
5kJZLlqhVL9N1H4DdaY1K1JiQ3l5UFfobQwPkBwImcs6MscWK7x4N1/zDGM64YfD
v+QHJvO5/DW/g6cVxDU=
-----END CERTIFICATE-----
Generated at Sat Apr 19 02:26:41 2025 by rpki-client