Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/649aeb-78dd-422f-89c6-5538dc0bb099/1/jzECMKdSRhFKJ_oHQ_5JxVBbr1g.roa
File: jzECMKdSRhFKJ_oHQ_5JxVBbr1g.roa (raw, json)
Hash identifier: qNAvclFWhSXUP8HZxM/EqsJIvNefVnE0UAae/sSclBg=
Subject key identifier: 8F:31:02:30:A7:52:46:11:4A:27:FA:07:43:FE:49:C5:50:5B:AF:58
Certificate issuer: /CN=edc22138c0af81c5cbf43a4f8ddd7c8de13c7230
Certificate serial: 018CC5DD3C0BE7C07E6CE0D9382C1CC3A06C
Authority key identifier: ED:C2:21:38:C0:AF:81:C5:CB:F4:3A:4F:8D:DD:7C:8D:E1:3C:72:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7cIhOMCvgcXL9DpPjd18jeE8cjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/649aeb-78dd-422f-89c6-5538dc0bb099/1/jzECMKdSRhFKJ_oHQ_5JxVBbr1g.roa
Signing time: Mon 01 Jan 2024 16:30:59 +0000
ROA not before: Mon 01 Jan 2024 16:30:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202664
IP address blocks: 81.92.240.0/22 maxlen: 24
217.196.64.0/19 maxlen: 20
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:3c:0b:e7:c0:7e:6c:e0:d9:38:2c:1c:c3:a0:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edc22138c0af81c5cbf43a4f8ddd7c8de13c7230
Validity
Not Before: Jan 1 16:30:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f310230a75246114a27fa0743fe49c5505baf58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:94:9b:f8:e9:c3:e3:82:52:40:15:00:c8:eb:
8e:9d:45:bb:11:05:5f:07:e8:66:73:fd:44:c4:bc:
83:a3:26:da:b4:d2:bf:c9:6f:3f:65:80:ac:b2:68:
39:1b:ab:32:96:72:34:73:ee:f8:3e:75:05:2a:77:
26:b6:88:3f:d8:9b:1b:f3:9e:42:3f:7e:18:0e:75:
0d:a0:58:76:1a:63:82:6b:c0:ba:74:a0:4e:66:86:
64:ba:12:03:c8:37:af:ea:3d:88:a5:b8:f9:26:72:
9e:90:8e:ea:13:8f:76:b9:ce:e3:03:6f:ad:95:bd:
c2:04:64:50:d6:81:65:52:bf:7c:ce:db:ec:77:26:
e6:55:8c:43:98:f8:ca:9d:4b:12:8d:0f:96:00:2d:
63:40:28:13:35:53:ac:2c:b6:5b:63:93:78:47:9d:
67:3d:a3:d9:97:80:55:72:31:54:68:f3:64:86:9f:
31:06:d5:17:be:fb:9d:c6:30:0c:95:0b:15:07:45:
35:9d:67:c3:5b:24:e0:ec:d2:69:17:5d:fe:6c:a0:
49:f6:50:e5:2e:99:ef:14:0d:d1:df:2b:7d:a8:42:
1d:43:87:ff:d9:f7:54:f5:70:a8:8f:4f:d5:f7:94:
73:8e:86:b4:6f:2f:d4:c9:33:67:56:b9:97:40:35:
fe:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:31:02:30:A7:52:46:11:4A:27:FA:07:43:FE:49:C5:50:5B:AF:58
X509v3 Authority Key Identifier:
keyid:ED:C2:21:38:C0:AF:81:C5:CB:F4:3A:4F:8D:DD:7C:8D:E1:3C:72:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7cIhOMCvgcXL9DpPjd18jeE8cjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/649aeb-78dd-422f-89c6-5538dc0bb099/1/jzECMKdSRhFKJ_oHQ_5JxVBbr1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/649aeb-78dd-422f-89c6-5538dc0bb099/1/7cIhOMCvgcXL9DpPjd18jeE8cjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.92.240.0/22
217.196.64.0/19
Signature Algorithm: sha256WithRSAEncryption
6c:c8:d5:86:15:96:bb:9e:1a:ab:f4:66:2d:a3:21:ac:bf:0b:
17:8a:28:8e:2d:68:da:14:d2:ec:36:fb:cd:dd:b8:fc:95:7f:
8d:30:83:32:f4:42:da:1c:1c:b1:8e:e0:42:b6:a9:cb:13:88:
b4:ea:ab:a3:3b:1b:74:e5:41:4e:bb:4f:41:a5:66:e9:1e:33:
48:0a:13:df:0a:0a:bb:fc:1f:2c:31:ff:e7:3a:0b:52:1c:f7:
92:20:26:71:9b:6b:33:c4:4d:07:a5:42:bb:39:f3:f3:91:58:
68:6d:ff:c3:51:56:65:87:34:c8:ca:f6:b3:06:82:43:09:03:
38:4e:b0:8b:7e:3a:b8:95:c4:17:4e:30:2b:33:9b:ea:cf:0b:
e6:9d:fa:b8:63:11:10:29:cd:b7:6b:3b:58:cb:56:5c:d5:68:
fd:cd:0e:25:f5:7b:8d:ea:90:e5:d8:17:83:7e:51:45:ec:a6:
fe:5d:12:d3:91:8a:cb:c6:c4:0b:6e:87:77:fa:8e:62:e5:25:
e8:fc:08:53:a9:33:59:96:98:40:65:37:5d:7c:fc:a2:d9:94:
b2:d7:5a:68:41:e6:8f:79:7e:1d:6d:57:0f:cf:07:66:3b:32:
bd:8d:07:93:4b:8d:f8:45:28:5a:a7:a3:06:31:ea:a9:e7:d9:
09:d8:25:2e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3TwL58B+bODZOCwcw6BsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYzIyMTM4YzBhZjgxYzVjYmY0M2E0ZjhkZGQ3YzhkZTEz
YzcyMzAwHhcNMjQwMTAxMTYzMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjMxMDIzMGE3NTI0NjExNGEyN2ZhMDc0M2ZlNDljNTUwNWJhZjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ZSb+OnD44JSQBUAyOuOnUW7EQVf
B+hmc/1ExLyDoybatNK/yW8/ZYCssmg5G6sylnI0c+74PnUFKncmtog/2Jsb855C
P34YDnUNoFh2GmOCa8C6dKBOZoZkuhIDyDev6j2Ipbj5JnKekI7qE492uc7jA2+t
lb3CBGRQ1oFlUr98ztvsdybmVYxDmPjKnUsSjQ+WAC1jQCgTNVOsLLZbY5N4R51n
PaPZl4BVcjFUaPNkhp8xBtUXvvudxjAMlQsVB0U1nWfDWyTg7NJpF13+bKBJ9lDl
LpnvFA3R3yt9qEIdQ4f/2fdU9XCoj0/V95Rzjoa0by/UyTNnVrmXQDX+sQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI8xAjCnUkYRSif6B0P+ScVQW69YMB8GA1UdIwQY
MBaAFO3CITjAr4HFy/Q6T43dfI3hPHIwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2NJaE9NQ3ZnY1hMOURwUGpkMThqZUU4Y2pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82NDlhZWItNzhkZC00MjJmLTg5YzYt
NTUzOGRjMGJiMDk5LzEvanpFQ01LZFNSaEZLSl9vSFFfNUp4VkJicjFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82NDlhZWItNzhkZC00MjJmLTg5YzYtNTUzOGRjMGJiMDk5
LzEvN2NJaE9NQ3ZnY1hMOURwUGpkMThqZUU4Y2pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCUVzwAwQF
2cRAMA0GCSqGSIb3DQEBCwUAA4IBAQBsyNWGFZa7nhqr9GYtoyGsvwsXiiiOLWja
FNLsNvvN3bj8lX+NMIMy9ELaHByxjuBCtqnLE4i06qujOxt05UFOu09BpWbpHjNI
ChPfCgq7/B8sMf/nOgtSHPeSICZxm2szxE0HpUK7OfPzkVhobf/DUVZlhzTIyvaz
BoJDCQM4TrCLfjq4lcQXTjArM5vqzwvmnfq4YxEQKc23aztYy1Zc1Wj9zQ4l9XuN
6pDl2BeDflFF7Kb+XRLTkYrLxsQLbod3+o5i5SXo/AhTqTNZlphAZTddfPyi2ZSy
11poQeaPeX4dbVcPzwdmOzK9jQeTS434RShap6MGMeqp59kJ2CUu
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:12 2025 by rpki-client