Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/ZDqlN2gopXGQsNEfQa6Tm1bBJHo.roa
File: ZDqlN2gopXGQsNEfQa6Tm1bBJHo.roa (raw, json)
Hash identifier: i+dladihq7o+wGzw1aMmCtGPh9clb+fe59JM2Ncm8BU=
Subject key identifier: 64:3A:A5:37:68:28:A5:71:90:B0:D1:1F:41:AE:93:9B:56:C1:24:7A
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 0194244545A5E1B446F7A57381B8E656A7CC
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/ZDqlN2gopXGQsNEfQa6Tm1bBJHo.roa
Signing time: Wed 01 Jan 2025 23:48:27 +0000
ROA not before: Wed 01 Jan 2025 23:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 46.34.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Mar 2025 00:39:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:45:a5:e1:b4:46:f7:a5:73:81:b8:e6:56:a7:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Jan 1 23:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=643aa5376828a57190b0d11f41ae939b56c1247a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:93:5a:02:17:97:5a:06:3e:76:ca:40:cc:a2:
23:96:49:1a:ea:dc:37:47:39:d7:7c:52:31:ac:d6:
b5:4b:f0:64:be:5f:9d:c7:38:86:1a:92:2a:b8:1a:
38:d9:f8:3c:40:21:79:ee:c0:50:81:a9:31:01:46:
c5:30:fb:f4:f9:d5:c4:14:05:81:4f:3b:62:06:98:
e1:21:be:1f:a4:cf:f2:b8:b2:08:eb:53:18:ce:2e:
28:58:d9:cd:99:1f:04:2f:ad:00:e2:65:0a:88:d9:
1e:00:7c:26:a6:d8:39:2b:d5:a7:6a:91:c5:b9:64:
a3:fd:94:be:0b:56:0d:6f:9f:45:f9:73:d8:2e:c3:
fb:d0:2e:6f:0a:11:08:45:e7:50:26:c6:76:26:c2:
b5:1c:9f:04:4f:6f:3f:e5:38:4b:fc:6b:1c:ab:bc:
3e:f3:0f:a5:00:73:01:3a:e2:41:e0:c7:f9:3c:0d:
16:77:1c:b5:66:d2:75:0c:e1:a1:d5:bf:52:76:b9:
d9:5d:52:dc:8b:80:7d:52:1f:d7:7d:08:a9:94:3b:
37:cb:6a:3e:29:8c:f0:8d:67:c3:33:21:d4:d1:27:
11:91:23:33:3a:5c:fe:32:ea:16:02:d0:e6:38:5c:
e4:17:6e:02:b4:85:ef:0a:fa:9a:db:78:c5:77:bc:
00:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:3A:A5:37:68:28:A5:71:90:B0:D1:1F:41:AE:93:9B:56:C1:24:7A
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/ZDqlN2gopXGQsNEfQa6Tm1bBJHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.41.0/24
Signature Algorithm: sha256WithRSAEncryption
61:21:b1:9c:ce:0c:74:96:e6:e7:08:51:93:57:53:43:a1:8d:
dc:48:4f:d4:45:fe:d8:27:85:11:e8:7f:c3:9a:7c:e3:d0:d3:
12:ec:ba:15:6f:a9:4e:29:cb:48:3b:55:21:63:9d:8e:ca:96:
37:46:61:c9:e8:0a:e3:f5:bc:bb:fb:5b:c2:7f:c2:8e:15:0e:
3d:db:34:bd:13:9c:ca:23:31:dd:e1:f0:89:3c:56:69:87:f6:
ae:87:54:4e:09:a9:64:12:f9:08:2b:3d:f4:16:ac:07:57:89:
e5:d9:64:eb:38:74:8b:ca:85:20:4c:b1:07:fc:98:21:be:66:
95:c1:2c:95:c0:a5:59:ba:d7:f6:c0:28:36:60:51:b1:eb:38:
d7:d9:44:e6:d5:32:5a:0f:f4:5c:ad:4b:3e:f2:89:7d:26:e2:
4b:bf:40:26:4c:be:d4:c4:d0:44:4f:8e:9d:d0:45:51:0d:73:
3c:d3:55:b6:51:eb:2b:98:5f:69:46:da:31:ae:6f:86:27:c2:
0e:3c:8d:d0:bc:51:2d:7e:87:de:36:2a:4e:b1:1d:ca:23:06:
30:b1:6c:32:c0:6a:b9:5b:f6:3d:16:7e:9c:1e:3b:5c:50:54:
e5:23:45:9c:8b:11:fd:45:61:06:64:d0:e4:c3:da:ea:bf:47:
fc:95:9d:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRUWl4bRG96VzgbjmVqfMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjUwMTAxMjM0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDNhYTUzNzY4MjhhNTcxOTBiMGQxMWY0MWFlOTM5YjU2YzEyNDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJNaAheXWgY+dspAzKIjlkka6tw3
RznXfFIxrNa1S/Bkvl+dxziGGpIquBo42fg8QCF57sBQgakxAUbFMPv0+dXEFAWB
TztiBpjhIb4fpM/yuLII61MYzi4oWNnNmR8EL60A4mUKiNkeAHwmptg5K9WnapHF
uWSj/ZS+C1YNb59F+XPYLsP70C5vChEIRedQJsZ2JsK1HJ8ET28/5ThL/Gscq7w+
8w+lAHMBOuJB4Mf5PA0Wdxy1ZtJ1DOGh1b9SdrnZXVLci4B9Uh/XfQiplDs3y2o+
KYzwjWfDMyHU0ScRkSMzOlz+MuoWAtDmOFzkF24CtIXvCvqa23jFd7wAqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGQ6pTdoKKVxkLDRH0Guk5tWwSR6MB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvWkRxbE4yZ29wWEdRc05FZlFhNlRtMWJCSkhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiIpMA0G
CSqGSIb3DQEBCwUAA4IBAQBhIbGczgx0lubnCFGTV1NDoY3cSE/URf7YJ4UR6H/D
mnzj0NMS7LoVb6lOKctIO1UhY52OypY3RmHJ6Arj9by7+1vCf8KOFQ492zS9E5zK
IzHd4fCJPFZph/auh1ROCalkEvkIKz30FqwHV4nl2WTrOHSLyoUgTLEH/JghvmaV
wSyVwKVZutf2wCg2YFGx6zjX2UTm1TJaD/RcrUs+8ol9JuJLv0AmTL7UxNBET46d
0EVRDXM801W2UesrmF9pRtoxrm+GJ8IOPI3QvFEtfofeNipOsR3KIwYwsWwywGq5
W/Y9Fn6cHjtcUFTlI0WcixH9RWEGZNDkw9rqv0f8lZ2R
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:40:03 2025 by rpki-client