Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/e080b6-4e09-42d8-b91c-b2798c1a0327/1/ZElqq3ql-fAEyC8CIwYiEoBTkP8.roa
File: ZElqq3ql-fAEyC8CIwYiEoBTkP8.roa (raw, json)
Hash identifier: C7seJ4sQ/0LKzpr9jP7MVn7dKKhnn5BtYNXsMrPlXro=
Subject key identifier: 64:49:6A:AB:7A:A5:F9:F0:04:C8:2F:02:23:06:22:12:80:53:90:FF
Certificate issuer: /CN=4f2112cbf6dcc8dd3444e4eced284457310f70d2
Certificate serial: 0191DC66C7A725875F10E3AC2660319FDF9B
Authority key identifier: 4F:21:12:CB:F6:DC:C8:DD:34:44:E4:EC:ED:28:44:57:31:0F:70:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TyESy_bcyN00ROTs7ShEVzEPcNI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/e080b6-4e09-42d8-b91c-b2798c1a0327/1/ZElqq3ql-fAEyC8CIwYiEoBTkP8.roa
Signing time: Tue 10 Sep 2024 14:46:48 +0000
ROA not before: Tue 10 Sep 2024 14:46:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205975
IP address blocks: 80.79.48.0/20 maxlen: 24
147.189.155.0/24 maxlen: 24
176.10.0.0/20 maxlen: 24
212.46.58.0/24 maxlen: 24
2a12:f40::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:dc:66:c7:a7:25:87:5f:10:e3:ac:26:60:31:9f:df:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f2112cbf6dcc8dd3444e4eced284457310f70d2
Validity
Not Before: Sep 10 14:46:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64496aab7aa5f9f004c82f0223062212805390ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:91:55:9c:97:c9:b4:a1:f1:bf:2b:11:8a:86:
0f:e1:f9:bb:ec:06:37:29:05:5e:f7:df:76:92:f7:
01:bc:86:3e:cc:55:88:7d:8c:4e:6d:8d:ef:60:32:
9e:d0:3c:6b:d2:aa:32:39:ca:13:81:87:de:d0:0a:
25:09:34:a3:34:48:aa:2d:36:93:3f:5e:39:7a:9a:
36:35:36:b4:8e:43:3b:39:0d:b3:e7:0e:e0:bb:23:
04:8b:bf:7d:f4:17:6f:17:ad:fa:94:c5:b1:bd:43:
51:8a:d0:01:59:61:cd:ac:18:e8:9d:29:0a:98:d1:
03:40:01:8f:b9:07:f7:e9:a9:26:5a:a5:98:44:52:
6c:75:3c:4b:4c:ce:46:0b:f1:23:67:bc:48:c6:64:
cc:15:aa:a2:47:43:27:5b:49:9e:c7:25:e6:31:db:
9a:ad:4e:25:b1:18:de:47:2d:fb:52:a1:81:21:f2:
db:4f:89:81:ab:e8:dd:08:53:d8:2f:66:80:7a:7a:
66:e6:4f:d6:cc:a6:a1:09:63:32:c5:f8:80:6d:f6:
91:72:54:ca:35:1c:e0:89:4d:37:c1:67:8d:aa:a7:
2f:27:e9:0c:f0:6e:07:79:29:97:58:95:cf:b7:66:
e9:c3:36:94:08:40:a3:56:f0:85:b6:c4:5e:38:f3:
13:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:49:6A:AB:7A:A5:F9:F0:04:C8:2F:02:23:06:22:12:80:53:90:FF
X509v3 Authority Key Identifier:
keyid:4F:21:12:CB:F6:DC:C8:DD:34:44:E4:EC:ED:28:44:57:31:0F:70:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TyESy_bcyN00ROTs7ShEVzEPcNI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/e080b6-4e09-42d8-b91c-b2798c1a0327/1/ZElqq3ql-fAEyC8CIwYiEoBTkP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/e080b6-4e09-42d8-b91c-b2798c1a0327/1/TyESy_bcyN00ROTs7ShEVzEPcNI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.79.48.0/20
147.189.155.0/24
176.10.0.0/20
212.46.58.0/24
IPv6:
2a12:f40::/29
Signature Algorithm: sha256WithRSAEncryption
16:8b:00:b5:dc:33:5b:5c:76:d5:f8:74:12:af:70:ef:a0:c6:
e8:c6:d9:bf:1d:44:fb:f0:97:fd:b4:58:dc:44:22:7c:55:88:
2f:28:77:86:30:22:b4:c8:8d:63:10:9b:27:2c:2e:e8:66:d9:
53:d6:b3:d9:08:12:24:0e:8a:b4:3f:0a:cf:bb:3b:3e:17:7b:
a9:de:27:e8:b3:46:d4:d9:4c:f1:dd:55:26:36:50:c0:06:e0:
b3:4a:af:0a:9f:14:05:df:5d:3f:7a:41:30:65:a6:58:8b:83:
86:96:91:93:a7:ec:23:cc:ff:40:de:eb:dc:08:16:30:f9:57:
1d:fa:14:ce:c2:0a:10:e0:c2:5a:57:3a:80:bf:6c:93:f0:29:
45:58:40:59:ce:cb:ce:cb:38:52:82:1a:fc:bb:6f:29:12:c8:
9b:c6:7a:95:41:19:03:73:39:0d:97:f0:30:5e:06:64:53:1b:
e0:cd:f1:84:87:54:98:79:1e:b4:8e:44:73:1a:19:0c:bf:7d:
de:83:68:db:ad:36:3f:fe:95:60:4e:3d:94:30:f7:01:4b:c3:
5a:66:5d:f1:4e:88:6e:df:71:24:03:d0:db:c4:d6:78:29:32:
ee:64:4e:21:5b:ba:8a:76:56:9f:70:a5:9e:27:9a:56:22:7c:
d1:10:dc:70
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZHcZsenJYdfEOOsJmAxn9+bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMjExMmNiZjZkY2M4ZGQzNDQ0ZTRlY2VkMjg0NDU3MzEw
ZjcwZDIwHhcNMjQwOTEwMTQ0NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDQ5NmFhYjdhYTVmOWYwMDRjODJmMDIyMzA2MjIxMjgwNTM5MGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5FVnJfJtKHxvysRioYP4fm77AY3
KQVe9992kvcBvIY+zFWIfYxObY3vYDKe0Dxr0qoyOcoTgYfe0AolCTSjNEiqLTaT
P145epo2NTa0jkM7OQ2z5w7guyMEi7999BdvF636lMWxvUNRitABWWHNrBjonSkK
mNEDQAGPuQf36akmWqWYRFJsdTxLTM5GC/EjZ7xIxmTMFaqiR0MnW0mexyXmMdua
rU4lsRjeRy37UqGBIfLbT4mBq+jdCFPYL2aAenpm5k/WzKahCWMyxfiAbfaRclTK
NRzgiU03wWeNqqcvJ+kM8G4HeSmXWJXPt2bpwzaUCECjVvCFtsReOPMTsQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGRJaqt6pfnwBMgvAiMGIhKAU5D/MB8GA1UdIwQY
MBaAFE8hEsv23MjdNETk7O0oRFcxD3DSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHlFU3lfYmN5TjAwUk9UczdTaEVWekVQY05JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9lMDgwYjYtNGUwOS00MmQ4LWI5MWMt
YjI3OThjMWEwMzI3LzEvWkVscXEzcWwtZkFFeUM4Q0l3WWlFb0JUa1A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9lMDgwYjYtNGUwOS00MmQ4LWI5MWMtYjI3OThjMWEwMzI3
LzEvVHlFU3lfYmN5TjAwUk9UczdTaEVWekVQY05JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUE8wAwQA
k72bAwQEsAoAAwQA1C46MA0EAgACMAcDBQMqEg9AMA0GCSqGSIb3DQEBCwUAA4IB
AQAWiwC13DNbXHbV+HQSr3DvoMboxtm/HUT78Jf9tFjcRCJ8VYgvKHeGMCK0yI1j
EJsnLC7oZtlT1rPZCBIkDoq0PwrPuzs+F3up3ifos0bU2Uzx3VUmNlDABuCzSq8K
nxQF310/ekEwZaZYi4OGlpGTp+wjzP9A3uvcCBYw+Vcd+hTOwgoQ4MJaVzqAv2yT
8ClFWEBZzsvOyzhSghr8u28pEsibxnqVQRkDczkNl/AwXgZkUxvgzfGEh1SYeR60
jkRzGhkMv33eg2jbrTY//pVgTj2UMPcBS8NaZl3xTohu33EkA9DbxNZ4KTLuZE4h
W7qKdlafcKWeJ5pWInzRENxw
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:39 2025 by rpki-client