Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/215f47-1ce0-4ee5-aa4a-1272d2ab43d8/1/RzObnI5ThDDw95fe12AobXWghmk.roa
File: RzObnI5ThDDw95fe12AobXWghmk.roa (raw, json)
Hash identifier: 4coNN+1cFAdqubZs4wxUlWyvxr0OFhx8IPP1G8lzthI=
Subject key identifier: 47:33:9B:9C:8E:53:84:30:F0:F7:97:DE:D7:60:28:6D:75:A0:86:69
Certificate issuer: /CN=cc78bfceb41bafefc02f7952e1aa2480e986f037
Certificate serial: 018F098A5D8DD8D93EB12C03E8889C1F7D84
Authority key identifier: CC:78:BF:CE:B4:1B:AF:EF:C0:2F:79:52:E1:AA:24:80:E9:86:F0:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zHi_zrQbr-_AL3lS4aokgOmG8Dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/215f47-1ce0-4ee5-aa4a-1272d2ab43d8/1/RzObnI5ThDDw95fe12AobXWghmk.roa
Signing time: Tue 23 Apr 2024 06:00:13 +0000
ROA not before: Tue 23 Apr 2024 06:00:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50332
IP address blocks: 109.233.136.0/21 maxlen: 21
2a0c:6100::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:49:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:09:8a:5d:8d:d8:d9:3e:b1:2c:03:e8:88:9c:1f:7d:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc78bfceb41bafefc02f7952e1aa2480e986f037
Validity
Not Before: Apr 23 06:00:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47339b9c8e538430f0f797ded760286d75a08669
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ee:af:8c:09:44:7d:28:a6:48:a2:c4:9d:b5:
ce:37:3d:57:16:60:51:c5:0e:79:55:be:3c:b2:ee:
d3:24:95:33:e9:e3:b9:3a:5e:4b:59:98:f5:d5:7d:
32:1e:46:6a:fe:1b:ef:73:cf:9d:1e:a3:d6:07:fa:
67:ee:14:ae:23:08:0d:1c:4c:12:eb:e6:8e:09:b9:
11:33:75:27:a8:1d:65:a3:fc:68:99:c0:0a:e4:d6:
4a:a2:e9:c7:7f:75:97:c4:ce:5c:f2:f2:0f:2d:75:
0e:e8:be:04:a2:d3:a5:71:b3:81:d6:cb:70:ab:a9:
0c:53:0b:43:dc:10:6a:9f:fd:2f:9b:a8:a1:05:dc:
72:66:21:1d:33:8e:a2:59:b3:c3:b7:5a:b4:e2:9d:
61:28:a9:97:2c:bd:e4:4f:02:0f:4f:d3:60:94:36:
01:cc:cc:76:1d:1c:b5:5c:27:4f:07:2e:43:9c:c0:
d2:cd:03:10:3a:16:bf:2f:49:ab:87:bd:e5:02:15:
d2:a8:60:81:f1:96:e7:bb:8d:39:3b:74:6c:e4:fa:
8c:b1:5b:ef:d4:44:a3:89:8d:5a:cd:14:dc:9c:d2:
3d:bd:c4:7c:04:ce:05:c1:92:9b:4f:13:8c:b3:bc:
18:66:c0:e4:73:b8:41:9d:3a:6d:9c:b9:10:bd:06:
87:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:33:9B:9C:8E:53:84:30:F0:F7:97:DE:D7:60:28:6D:75:A0:86:69
X509v3 Authority Key Identifier:
keyid:CC:78:BF:CE:B4:1B:AF:EF:C0:2F:79:52:E1:AA:24:80:E9:86:F0:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zHi_zrQbr-_AL3lS4aokgOmG8Dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/215f47-1ce0-4ee5-aa4a-1272d2ab43d8/1/RzObnI5ThDDw95fe12AobXWghmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/215f47-1ce0-4ee5-aa4a-1272d2ab43d8/1/zHi_zrQbr-_AL3lS4aokgOmG8Dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.233.136.0/21
IPv6:
2a0c:6100::/29
Signature Algorithm: sha256WithRSAEncryption
1f:31:3a:ad:6d:ec:14:81:e4:13:ef:cf:bd:d8:5e:49:19:5a:
44:2e:98:a3:f8:cc:e3:5e:3b:8c:2b:96:a6:49:97:07:26:30:
81:ed:b3:47:f3:5d:98:69:7d:aa:93:d9:13:24:00:75:11:9d:
18:bc:a6:a6:af:43:f5:ee:73:61:b8:21:33:b4:4f:1c:3f:32:
86:58:f3:cf:d8:d5:86:ba:69:55:e1:6e:29:d6:18:08:bd:69:
b1:d6:3c:2d:5a:89:ca:26:e3:69:64:16:60:24:41:d1:93:e7:
4d:5a:e4:92:f4:7a:8f:25:bf:e4:7c:4c:81:c7:b2:ad:ea:cb:
d1:bc:41:b3:3f:1d:7c:72:68:2f:2b:27:8f:91:65:15:dc:18:
f1:d1:d6:7d:8a:aa:c9:25:ad:15:a2:44:0a:60:0d:7d:54:e7:
e0:3a:65:30:ec:55:64:28:7c:a0:08:e1:6a:e3:f9:04:90:77:
6e:c3:33:20:83:a4:ac:9e:10:d0:f8:86:f2:eb:44:dd:44:4b:
60:7c:0a:8c:28:7b:94:24:05:ca:fc:a0:da:d2:ff:d0:d2:fe:
36:23:62:af:32:51:b1:e4:5c:f8:92:4b:a4:56:39:d2:a0:28:
2e:0e:38:8c:43:c8:13:b2:f6:0d:a8:76:62:5b:99:f9:bb:9d:
6d:1e:de:42
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY8Jil2N2Nk+sSwD6IicH32EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNzhiZmNlYjQxYmFmZWZjMDJmNzk1MmUxYWEyNDgwZTk4
NmYwMzcwHhcNMjQwNDIzMDYwMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzMzOWI5YzhlNTM4NDMwZjBmNzk3ZGVkNzYwMjg2ZDc1YTA4NjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArO6vjAlEfSimSKLEnbXONz1XFmBR
xQ55Vb48su7TJJUz6eO5Ol5LWZj11X0yHkZq/hvvc8+dHqPWB/pn7hSuIwgNHEwS
6+aOCbkRM3UnqB1lo/xomcAK5NZKounHf3WXxM5c8vIPLXUO6L4EotOlcbOB1stw
q6kMUwtD3BBqn/0vm6ihBdxyZiEdM46iWbPDt1q04p1hKKmXLL3kTwIPT9NglDYB
zMx2HRy1XCdPBy5DnMDSzQMQOha/L0mrh73lAhXSqGCB8Zbnu405O3Rs5PqMsVvv
1ESjiY1azRTcnNI9vcR8BM4FwZKbTxOMs7wYZsDkc7hBnTptnLkQvQaHbQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEczm5yOU4Qw8PeX3tdgKG11oIZpMB8GA1UdIwQY
MBaAFMx4v860G6/vwC95UuGqJIDphvA3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekhpX3pyUWJyLV9BTDNsUzRhb2tnT21HOERjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMTVmNDctMWNlMC00ZWU1LWFhNGEt
MTI3MmQyYWI0M2Q4LzEvUnpPYm5JNVRoRER3OTVmZTEyQW9iWFdnaG1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMTVmNDctMWNlMC00ZWU1LWFhNGEtMTI3MmQyYWI0M2Q4
LzEvekhpX3pyUWJyLV9BTDNsUzRhb2tnT21HOERjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDbemIMA0E
AgACMAcDBQMqDGEAMA0GCSqGSIb3DQEBCwUAA4IBAQAfMTqtbewUgeQT78+92F5J
GVpELpij+MzjXjuMK5amSZcHJjCB7bNH812YaX2qk9kTJAB1EZ0YvKamr0P17nNh
uCEztE8cPzKGWPPP2NWGumlV4W4p1hgIvWmx1jwtWonKJuNpZBZgJEHRk+dNWuSS
9HqPJb/kfEyBx7Kt6svRvEGzPx18cmgvKyePkWUV3Bjx0dZ9iqrJJa0VokQKYA19
VOfgOmUw7FVkKHygCOFq4/kEkHduwzMgg6SsnhDQ+Iby60TdREtgfAqMKHuUJAXK
/KDa0v/Q0v42I2KvMlGx5Fz4kkukVjnSoCguDjiMQ8gTsvYNqHZiW5n5u51tHt5C
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:05 2025 by rpki-client