Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/b9aad5-cfe2-4480-ac5e-05c13f890b9c/1/zFZ31_ig_NwoiNvAX_HCKO3AzdY.roa
File: zFZ31_ig_NwoiNvAX_HCKO3AzdY.roa (raw, json)
Hash identifier: wM6Y2pCBbKUYOYpt1nrTBHz83Hfeu25SPkjzTGmyslA=
Subject key identifier: CC:56:77:D7:F8:A0:FC:DC:28:88:DB:C0:5F:F1:C2:28:ED:C0:CD:D6
Certificate issuer: /CN=cd5a535935a4bc786c1dd75b7f1087f13f3e0874
Certificate serial: 018E6B646496E2CFAA0FFE551E29123E4817
Authority key identifier: CD:5A:53:59:35:A4:BC:78:6C:1D:D7:5B:7F:10:87:F1:3F:3E:08:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zVpTWTWkvHhsHddbfxCH8T8-CHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/b9aad5-cfe2-4480-ac5e-05c13f890b9c/1/zFZ31_ig_NwoiNvAX_HCKO3AzdY.roa
Signing time: Sat 23 Mar 2024 12:58:45 +0000
ROA not before: Sat 23 Mar 2024 12:58:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41752
IP address blocks: 195.20.202.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:52:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:6b:64:64:96:e2:cf:aa:0f:fe:55:1e:29:12:3e:48:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5a535935a4bc786c1dd75b7f1087f13f3e0874
Validity
Not Before: Mar 23 12:58:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc5677d7f8a0fcdc2888dbc05ff1c228edc0cdd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d6:0d:1d:cd:b5:11:98:e5:6d:ac:c3:5c:4a:
40:37:f9:3b:13:44:ba:1b:d2:13:2e:5a:c2:45:45:
b2:ce:49:07:a8:8b:8c:11:d9:46:9d:d2:f8:cf:76:
82:ab:a2:52:75:7b:5e:58:55:29:e3:73:57:f4:b2:
ba:31:a9:f7:a3:99:88:5a:91:2a:74:41:f7:23:34:
53:9d:3f:06:41:c7:9f:a7:6e:44:f1:cd:b4:73:b9:
0a:f8:89:c3:aa:cc:a2:e2:53:2c:33:7e:a3:48:04:
6d:3c:ec:e0:5d:6a:1b:ca:c6:23:c4:42:5a:e0:0e:
5b:d2:58:6d:8d:a1:9f:58:32:9e:fa:02:3d:3e:46:
02:35:87:30:39:12:13:c7:6e:cb:54:da:a1:aa:a6:
e7:62:6c:32:a7:95:b9:c0:93:75:e4:2a:71:90:db:
df:e2:4f:0b:e4:92:03:53:64:5c:2c:9e:f3:f1:17:
04:a1:5f:72:cb:01:6a:d5:eb:e6:15:0d:51:60:fb:
57:2e:85:6f:45:6c:08:10:dc:99:f0:3b:b3:ae:f1:
06:eb:54:e0:bf:45:5e:85:32:0b:0d:dc:57:a6:b5:
3e:ca:88:c0:7f:25:de:07:eb:d8:44:40:ad:fe:f3:
9d:98:e9:e2:71:36:86:67:2f:24:5e:00:cb:ff:ed:
12:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:56:77:D7:F8:A0:FC:DC:28:88:DB:C0:5F:F1:C2:28:ED:C0:CD:D6
X509v3 Authority Key Identifier:
keyid:CD:5A:53:59:35:A4:BC:78:6C:1D:D7:5B:7F:10:87:F1:3F:3E:08:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zVpTWTWkvHhsHddbfxCH8T8-CHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/b9aad5-cfe2-4480-ac5e-05c13f890b9c/1/zFZ31_ig_NwoiNvAX_HCKO3AzdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/b9aad5-cfe2-4480-ac5e-05c13f890b9c/1/zVpTWTWkvHhsHddbfxCH8T8-CHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.20.202.0/23
Signature Algorithm: sha256WithRSAEncryption
43:79:92:0c:b5:23:16:97:f5:8c:53:fc:28:3a:1b:92:28:23:
05:0e:d1:bb:85:e8:bf:8c:d2:1f:4e:5b:94:c6:ee:b9:f6:06:
41:86:00:eb:cf:12:a2:2e:b1:08:47:bd:8e:a5:4c:e8:08:d2:
33:94:bc:13:b6:f2:56:6c:c2:dd:dc:e0:1d:e0:46:59:eb:e2:
75:ff:bf:d4:1d:49:03:b0:cd:43:c0:0d:41:db:32:b0:4a:e0:
f9:b5:73:1a:b8:3c:c8:36:64:9b:0f:3f:90:d7:49:cc:1c:59:
0a:6e:97:38:3b:d3:f8:71:46:00:69:dd:9e:fb:16:7d:22:c5:
9b:d0:26:d1:23:2d:bb:d6:38:18:4b:d6:c0:bd:3f:c8:2c:94:
f5:90:52:f9:64:fd:2a:6e:ae:40:91:6e:6e:37:04:0f:66:c1:
b9:0c:9f:d7:fc:8d:59:1a:a5:b1:de:cb:66:28:f0:83:58:9f:
9f:1f:e1:d8:93:1a:9d:1d:59:f3:5a:5d:71:79:9b:ca:33:f5:
ea:79:05:99:bf:bc:a9:5d:ff:9b:1b:65:55:ae:28:5a:cb:e3:
81:eb:e5:e7:c6:bc:5e:70:51:a0:0b:f7:9e:3d:ca:39:8a:57:
8a:ac:9b:fd:74:25:2b:c6:da:fc:0a:8e:b3:49:6c:fb:f3:da:
59:6d:77:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5rZGSW4s+qD/5VHikSPkgXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWE1MzU5MzVhNGJjNzg2YzFkZDc1YjdmMTA4N2YxM2Yz
ZTA4NzQwHhcNMjQwMzIzMTI1ODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzU2NzdkN2Y4YTBmY2RjMjg4OGRiYzA1ZmYxYzIyOGVkYzBjZGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtYNHc21EZjlbazDXEpAN/k7E0S6
G9ITLlrCRUWyzkkHqIuMEdlGndL4z3aCq6JSdXteWFUp43NX9LK6Man3o5mIWpEq
dEH3IzRTnT8GQcefp25E8c20c7kK+InDqsyi4lMsM36jSARtPOzgXWobysYjxEJa
4A5b0lhtjaGfWDKe+gI9PkYCNYcwORITx27LVNqhqqbnYmwyp5W5wJN15CpxkNvf
4k8L5JIDU2RcLJ7z8RcEoV9yywFq1evmFQ1RYPtXLoVvRWwIENyZ8DuzrvEG61Tg
v0VehTILDdxXprU+yojAfyXeB+vYRECt/vOdmOnicTaGZy8kXgDL/+0SGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMxWd9f4oPzcKIjbwF/xwijtwM3WMB8GA1UdIwQY
MBaAFM1aU1k1pLx4bB3XW38Qh/E/Pgh0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelZwVFdUV2t2SGhzSGRkYmZ4Q0g4VDgtQ0hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iOWFhZDUtY2ZlMi00NDgwLWFjNWUt
MDVjMTNmODkwYjljLzEvekZaMzFfaWdfTndvaU52QVhfSENLTzNBemRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iOWFhZDUtY2ZlMi00NDgwLWFjNWUtMDVjMTNmODkwYjlj
LzEvelZwVFdUV2t2SGhzSGRkYmZ4Q0g4VDgtQ0hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwxTKMA0G
CSqGSIb3DQEBCwUAA4IBAQBDeZIMtSMWl/WMU/woOhuSKCMFDtG7hei/jNIfTluU
xu659gZBhgDrzxKiLrEIR72OpUzoCNIzlLwTtvJWbMLd3OAd4EZZ6+J1/7/UHUkD
sM1DwA1B2zKwSuD5tXMauDzINmSbDz+Q10nMHFkKbpc4O9P4cUYAad2e+xZ9IsWb
0CbRIy271jgYS9bAvT/ILJT1kFL5ZP0qbq5AkW5uNwQPZsG5DJ/X/I1ZGqWx3stm
KPCDWJ+fH+HYkxqdHVnzWl1xeZvKM/XqeQWZv7ypXf+bG2VVrihay+OB6+Xnxrxe
cFGgC/eePco5ileKrJv9dCUrxtr8Co6zSWz789pZbXf1
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:33 2025 by rpki-client