Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/1432ce-f5d2-4393-ab23-88a0d5fdcf9b/1/zzhWaylrUD9YtUOqIJt1qJW4ggA.roa
File: zzhWaylrUD9YtUOqIJt1qJW4ggA.roa (raw, json)
Hash identifier: pMN7Rp+1jV7rZoqhvLthK4i25i9XpQDuRe5bzrGFIK0=
Subject key identifier: CF:38:56:6B:29:6B:50:3F:58:B5:43:AA:20:9B:75:A8:95:B8:82:00
Certificate issuer: /CN=b9b5aa9feeb00a5127487f34384077ae7970f81a
Certificate serial: 018CC94AB09F216CCF29E678F96EE49E57C3
Authority key identifier: B9:B5:AA:9F:EE:B0:0A:51:27:48:7F:34:38:40:77:AE:79:70:F8:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ubWqn-6wClEnSH80OEB3rnlw-Bo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/1432ce-f5d2-4393-ab23-88a0d5fdcf9b/1/zzhWaylrUD9YtUOqIJt1qJW4ggA.roa
Signing time: Tue 02 Jan 2024 08:29:24 +0000
ROA not before: Tue 02 Jan 2024 08:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29079
IP address blocks: 217.25.50.0/24 maxlen: 24
217.25.49.0/24 maxlen: 24
217.25.51.0/24 maxlen: 24
217.25.48.0/24 maxlen: 24
217.25.48.0/20 maxlen: 20
217.25.57.0/24 maxlen: 24
217.25.56.0/24 maxlen: 24
217.25.52.0/24 maxlen: 24
217.25.58.0/24 maxlen: 24
217.25.53.0/24 maxlen: 24
217.25.55.0/24 maxlen: 24
217.25.54.0/24 maxlen: 24
217.25.63.0/24 maxlen: 24
217.25.59.0/24 maxlen: 24
217.25.60.0/24 maxlen: 24
217.25.62.0/24 maxlen: 24
217.25.61.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:b0:9f:21:6c:cf:29:e6:78:f9:6e:e4:9e:57:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9b5aa9feeb00a5127487f34384077ae7970f81a
Validity
Not Before: Jan 2 08:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf38566b296b503f58b543aa209b75a895b88200
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f1:ff:fd:bb:c8:61:a5:a1:b7:02:86:d6:34:
21:56:2e:8b:5b:0b:aa:da:ed:37:73:5e:08:9f:ab:
9e:12:ab:dd:fb:4c:88:29:d3:1b:df:f2:fe:17:46:
d5:53:76:68:fb:0e:ff:2c:1b:58:f0:0e:1a:6c:66:
a1:9b:a5:af:3c:30:d3:a0:2c:94:22:22:91:fc:59:
09:a3:76:ee:ac:38:2a:cb:f7:e0:36:6e:9f:2f:61:
86:b8:c8:c0:d4:55:d0:7b:1e:1c:03:94:be:96:8a:
64:9f:b9:4e:5e:91:57:85:20:2b:6d:0a:91:fd:f0:
18:eb:cb:6a:9d:79:fc:1c:bf:94:5a:18:66:c1:81:
e7:09:e0:e6:6c:34:d3:cf:ef:64:37:e2:3b:80:da:
56:14:5e:7b:96:47:ea:81:54:a4:7a:11:af:ae:a2:
93:c2:4a:64:b9:ac:93:a5:19:79:f9:00:a5:3b:4b:
d8:24:5c:f1:64:ae:e4:4e:d6:f6:27:27:46:c3:7f:
4c:36:19:01:72:1d:59:d7:f7:7c:f1:89:36:d1:d9:
e3:24:66:d3:4e:6c:64:a9:42:71:ae:fd:c2:8e:c5:
ab:c6:07:27:63:07:4e:49:75:4f:15:0f:95:ba:ee:
da:ca:19:d8:c9:aa:be:15:e0:c1:5a:85:b4:f6:32:
69:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:38:56:6B:29:6B:50:3F:58:B5:43:AA:20:9B:75:A8:95:B8:82:00
X509v3 Authority Key Identifier:
keyid:B9:B5:AA:9F:EE:B0:0A:51:27:48:7F:34:38:40:77:AE:79:70:F8:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubWqn-6wClEnSH80OEB3rnlw-Bo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/1432ce-f5d2-4393-ab23-88a0d5fdcf9b/1/zzhWaylrUD9YtUOqIJt1qJW4ggA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/1432ce-f5d2-4393-ab23-88a0d5fdcf9b/1/ubWqn-6wClEnSH80OEB3rnlw-Bo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.25.48.0/20
Signature Algorithm: sha256WithRSAEncryption
a5:8f:37:6f:45:bb:ad:e3:ae:36:2f:cc:e8:64:7f:50:91:a0:
b8:33:4e:7d:82:34:c5:eb:fe:6b:92:c2:3c:7d:25:41:2f:d1:
11:ff:82:8a:45:14:62:1b:e1:38:16:ec:c4:fe:80:fd:bc:57:
08:1d:37:ed:27:ef:48:fb:e3:30:b0:40:eb:8d:3b:70:76:7e:
b6:f7:b6:a1:29:f4:61:4f:3c:c1:53:2f:bd:3c:45:80:77:41:
21:7a:6d:95:2f:89:c1:0e:86:c3:68:e3:a9:1a:6f:6e:b6:61:
3b:41:0a:5e:f8:0b:05:5b:de:b2:9e:95:ec:af:87:58:b7:7f:
94:bb:f6:00:82:80:64:b7:d6:61:6d:ba:c5:9c:8b:95:a5:2b:
34:78:9c:6e:75:e1:e3:57:f2:93:9b:77:84:3f:0b:25:b3:cf:
a9:5b:17:88:18:d4:4a:b7:9e:54:16:cc:2c:bf:97:2a:9d:32:
01:d2:4a:65:7b:88:b0:a9:8f:c0:94:1b:2c:fa:47:05:42:7e:
6c:2f:7b:d0:52:ca:ba:7f:ba:0c:1f:15:c3:99:22:a2:35:48:
77:6c:a1:78:db:f3:82:c4:89:ce:d6:0e:34:50:8f:f9:02:2e:
76:a5:ca:c9:c6:75:67:73:f7:78:49:cb:8d:1c:1b:e4:da:ee:
40:6c:4f:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJSrCfIWzPKeZ4+W7knlfDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YjVhYTlmZWViMDBhNTEyNzQ4N2YzNDM4NDA3N2FlNzk3
MGY4MWEwHhcNMjQwMTAyMDgyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjM4NTY2YjI5NmI1MDNmNThiNTQzYWEyMDliNzVhODk1Yjg4MjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPH//bvIYaWhtwKG1jQhVi6LWwuq
2u03c14In6ueEqvd+0yIKdMb3/L+F0bVU3Zo+w7/LBtY8A4abGahm6WvPDDToCyU
IiKR/FkJo3burDgqy/fgNm6fL2GGuMjA1FXQex4cA5S+lopkn7lOXpFXhSArbQqR
/fAY68tqnXn8HL+UWhhmwYHnCeDmbDTTz+9kN+I7gNpWFF57lkfqgVSkehGvrqKT
wkpkuayTpRl5+QClO0vYJFzxZK7kTtb2JydGw39MNhkBch1Z1/d88Yk20dnjJGbT
TmxkqUJxrv3CjsWrxgcnYwdOSXVPFQ+Vuu7ayhnYyaq+FeDBWoW09jJpPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM84Vmspa1A/WLVDqiCbdaiVuIIAMB8GA1UdIwQY
MBaAFLm1qp/usApRJ0h/NDhAd655cPgaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWJXcW4tNndDbEVuU0g4ME9FQjNybmx3LUJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xNDMyY2UtZjVkMi00MzkzLWFiMjMt
ODhhMGQ1ZmRjZjliLzEvenpoV2F5bHJVRDlZdFVPcUlKdDFxSlc0Z2dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8xNDMyY2UtZjVkMi00MzkzLWFiMjMtODhhMGQ1ZmRjZjli
LzEvdWJXcW4tNndDbEVuU0g4ME9FQjNybmx3LUJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2RkwMA0G
CSqGSIb3DQEBCwUAA4IBAQCljzdvRbut4642L8zoZH9QkaC4M059gjTF6/5rksI8
fSVBL9ER/4KKRRRiG+E4FuzE/oD9vFcIHTftJ+9I++MwsEDrjTtwdn6297ahKfRh
TzzBUy+9PEWAd0Ehem2VL4nBDobDaOOpGm9utmE7QQpe+AsFW96ynpXsr4dYt3+U
u/YAgoBkt9ZhbbrFnIuVpSs0eJxudeHjV/KTm3eEPwsls8+pWxeIGNRKt55UFsws
v5cqnTIB0kple4iwqY/AlBss+kcFQn5sL3vQUsq6f7oMHxXDmSKiNUh3bKF42/OC
xInO1g40UI/5Ai52pcrJxnVnc/d4ScuNHBvk2u5AbE+X
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:01:13 2025 by rpki-client