Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/zArTgN5qMMJwi-ZdIuBzDvZKDZU.roa
File: zArTgN5qMMJwi-ZdIuBzDvZKDZU.roa (raw, json)
Hash identifier: AwvypEdItm7r8wsOIodILueEdApbWjmrelMRX5BtEuk=
Subject key identifier: CC:0A:D3:80:DE:6A:30:C2:70:8B:E6:5D:22:E0:73:0E:F6:4A:0D:95
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 0194274767E2B752491C5B5CFBB37E51287B
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/zArTgN5qMMJwi-ZdIuBzDvZKDZU.roa
Signing time: Thu 02 Jan 2025 13:49:38 +0000
ROA not before: Thu 02 Jan 2025 13:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 217.25.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Jan 2025 12:33:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:67:e2:b7:52:49:1c:5b:5c:fb:b3:7e:51:28:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Jan 2 13:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc0ad380de6a30c2708be65d22e0730ef64a0d95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:4f:7d:34:fc:22:fb:42:fc:e2:49:3f:ce:b1:
93:ed:77:34:e0:0b:44:f2:c7:6a:5a:ec:78:bc:50:
a5:51:4b:3e:d8:ad:ca:8d:9a:02:1f:46:8a:07:a4:
99:62:11:4d:ac:4d:6d:e9:9d:ef:09:08:28:cc:d2:
00:03:ae:ca:61:6b:f0:c5:e5:16:83:23:7a:97:23:
d9:a3:5d:d8:f9:39:43:ef:ff:65:be:0e:f5:ea:03:
88:00:88:29:80:66:63:3c:e1:34:68:21:f7:d7:4e:
bd:d5:3d:ae:b3:31:a0:7b:31:5a:42:8c:03:ce:55:
83:d2:12:7f:f7:c1:90:e4:6a:c9:52:10:73:0a:dc:
1c:9a:62:83:17:82:d5:2c:35:3e:07:be:41:32:32:
40:c7:a3:2d:75:68:b7:eb:22:7f:cd:8b:ad:27:99:
cb:11:d2:4c:4b:01:73:8d:f7:42:f5:ba:b0:31:f1:
38:ec:1d:a7:26:83:b5:35:29:77:af:83:8a:7d:05:
8b:53:c9:94:16:83:fe:3c:d4:c7:9f:73:59:f9:64:
51:5d:ff:82:d5:d8:cf:a1:0b:ec:a1:d1:8e:31:ad:
d1:f5:ce:c8:3d:87:e6:4d:20:0f:a2:6a:62:8e:c4:
ec:d6:1f:36:dd:f7:c8:97:10:ea:c8:39:09:9f:5b:
ca:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:0A:D3:80:DE:6A:30:C2:70:8B:E6:5D:22:E0:73:0E:F6:4A:0D:95
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/zArTgN5qMMJwi-ZdIuBzDvZKDZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.25.12.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:5a:29:24:54:1a:c8:84:f8:6a:f7:18:fe:2d:0a:b5:4b:df:
fe:0f:e7:dd:43:02:55:24:51:12:53:f3:12:06:f4:c9:02:fa:
c1:54:c9:9d:86:2b:e9:78:10:ce:51:88:15:78:2f:01:49:0c:
25:02:d1:8c:47:d9:35:9f:e8:14:2e:2e:da:4a:42:a4:a3:f7:
05:de:49:a1:f4:b2:b3:17:6e:7c:cf:26:c3:8e:0a:66:1c:28:
aa:30:fe:0b:36:df:21:e0:93:12:55:94:06:bd:ad:9d:68:1d:
07:cc:32:71:e3:c8:bf:53:aa:9c:66:c7:6b:97:14:58:82:7b:
f3:a8:03:d6:e5:24:77:93:d2:26:1b:c5:6d:9f:fb:e7:1f:dd:
a7:74:e3:67:56:bb:de:44:6c:bf:78:db:34:75:97:df:99:d2:
93:81:7c:00:6c:7b:d9:d1:aa:d4:30:21:4e:c3:f5:ee:da:fc:
1a:c8:e0:4c:b5:15:d2:9e:b0:19:5e:0a:a4:0b:28:0d:ff:78:
50:99:b6:ce:86:51:2d:8e:3b:c0:04:12:4d:01:b9:6f:4d:6f:
62:91:0a:c5:5d:e7:88:76:c3:a7:ca:f3:b3:89:cb:8e:48:c8:
4c:20:d3:9d:c0:5b:ca:cf:12:da:47:5e:b7:e2:16:37:53:59:
ee:e7:77:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR2fit1JJHFtc+7N+USh7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjUwMTAyMTM0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzBhZDM4MGRlNmEzMGMyNzA4YmU2NWQyMmUwNzMwZWY2NGEwZDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxU99NPwi+0L84kk/zrGT7Xc04AtE
8sdqWux4vFClUUs+2K3KjZoCH0aKB6SZYhFNrE1t6Z3vCQgozNIAA67KYWvwxeUW
gyN6lyPZo13Y+TlD7/9lvg716gOIAIgpgGZjPOE0aCH310691T2uszGgezFaQowD
zlWD0hJ/98GQ5GrJUhBzCtwcmmKDF4LVLDU+B75BMjJAx6MtdWi36yJ/zYutJ5nL
EdJMSwFzjfdC9bqwMfE47B2nJoO1NSl3r4OKfQWLU8mUFoP+PNTHn3NZ+WRRXf+C
1djPoQvsodGOMa3R9c7IPYfmTSAPompijsTs1h823ffIlxDqyDkJn1vKuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMwK04DeajDCcIvmXSLgcw72Sg2VMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvekFyVGdONXFNTUp3aS1aZEl1QnpEdlpLRFpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RkMMA0G
CSqGSIb3DQEBCwUAA4IBAQBNWikkVBrIhPhq9xj+LQq1S9/+D+fdQwJVJFESU/MS
BvTJAvrBVMmdhivpeBDOUYgVeC8BSQwlAtGMR9k1n+gULi7aSkKko/cF3kmh9LKz
F258zybDjgpmHCiqMP4LNt8h4JMSVZQGva2daB0HzDJx48i/U6qcZsdrlxRYgnvz
qAPW5SR3k9ImG8Vtn/vnH92ndONnVrveRGy/eNs0dZffmdKTgXwAbHvZ0arUMCFO
w/Xu2vwayOBMtRXSnrAZXgqkCygN/3hQmbbOhlEtjjvABBJNAblvTW9ikQrFXeeI
dsOnyvOzicuOSMhMINOdwFvKzxLaR1634hY3U1nu53fl
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:04:56 2025 by rpki-client