Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/zAq_Fh6fvN_bWF2W2roIwdobyNg.roa
File: zAq_Fh6fvN_bWF2W2roIwdobyNg.roa (raw, json)
Hash identifier: G5w0nWiK7DXCJ6eOokjSavFgwiy9czV4JwCawH4kiaI=
Subject key identifier: CC:0A:BF:16:1E:9F:BC:DF:DB:58:5D:96:DA:BA:08:C1:DA:1B:C8:D8
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019368AF163FE6644B47630EB2BB1CA993D7
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/zAq_Fh6fvN_bWF2W2roIwdobyNg.roa
Signing time: Tue 26 Nov 2024 13:35:25 +0000
ROA not before: Tue 26 Nov 2024 13:35:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397207
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.53/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:68:af:16:3f:e6:64:4b:47:63:0e:b2:bb:1c:a9:93:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Nov 26 13:35:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc0abf161e9fbcdfdb585d96daba08c1da1bc8d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:09:ef:49:59:75:aa:35:14:cf:8c:79:ce:16:
2e:ce:6e:07:6a:39:0d:b0:13:e2:f1:61:b8:11:55:
4d:7f:33:1d:70:fb:bd:5e:8d:fc:ba:d6:72:f9:ae:
07:49:40:6f:39:ff:c6:50:a0:2e:33:d4:e9:ef:c0:
ac:49:2a:a9:67:c5:2e:ac:0e:b8:db:c7:97:92:82:
b8:5f:98:b0:80:21:8a:2f:5c:71:00:27:b9:7d:59:
19:f8:69:83:17:6b:b9:ee:32:46:53:93:70:47:ee:
81:32:bf:a3:a7:56:f2:ca:d6:32:0a:de:4e:75:09:
7f:31:70:23:ff:ca:4f:04:56:61:e1:20:8c:b3:22:
e0:d4:09:05:bb:05:45:24:a5:5b:c0:27:2b:ae:ae:
b5:93:93:3f:7a:4d:f9:ee:7c:2a:13:9a:c3:61:7e:
4f:ed:14:40:95:aa:54:41:34:17:e2:d2:63:96:57:
e6:1d:3f:d1:78:0a:7f:65:18:46:4f:4b:47:68:4d:
91:8e:5b:64:a7:be:f0:ff:6c:e7:ae:c5:d3:7d:0b:
9f:58:82:9d:ee:8c:86:30:fd:c4:23:af:f2:b7:69:
94:4c:68:a8:a4:c4:23:5c:24:78:8c:22:2c:00:e6:
8f:c1:c4:24:08:3d:b8:67:a7:35:c0:06:b5:35:3b:
6b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:0A:BF:16:1E:9F:BC:DF:DB:58:5D:96:DA:BA:08:C1:DA:1B:C8:D8
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/zAq_Fh6fvN_bWF2W2roIwdobyNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.53/32
Signature Algorithm: sha256WithRSAEncryption
41:d3:33:45:ee:91:50:7e:a9:8a:c6:94:91:05:27:13:90:96:
c7:b0:8c:9f:94:26:fe:71:f1:3a:6e:20:c2:9b:51:8c:af:f9:
ab:76:b4:72:ab:c7:6b:5c:07:b0:fc:4e:c3:4b:44:39:8e:27:
81:00:5e:bc:d9:3a:8f:50:ec:56:c0:91:64:e3:0f:10:88:32:
0c:d1:a1:7f:06:e1:a6:ad:e6:f0:4e:c5:10:84:a0:bd:e6:40:
e2:42:bb:23:48:b3:80:0f:ee:66:76:86:92:19:61:79:46:15:
c8:e9:50:2e:2c:68:ca:3e:7c:bb:d4:bf:da:8a:c6:d5:2b:de:
c0:e6:8f:e4:a5:61:c0:03:ff:79:89:18:94:6d:88:df:74:1e:
3f:d1:0d:69:63:f1:96:17:82:43:a6:c9:42:fb:e5:a1:e0:7e:
ad:eb:6b:e6:c3:9c:d1:35:84:76:f6:50:38:22:cb:a2:fc:b9:
2c:4d:8d:9e:58:21:7c:5f:e6:41:54:fe:1f:39:c5:cf:40:ba:
35:d1:34:31:40:9f:fd:77:ee:46:07:3a:ec:fe:e3:84:d1:64:
04:db:23:57:da:a0:59:e4:51:d3:8e:c6:2d:7e:b8:5c:cd:68:
ad:0a:dd:41:8c:34:0e:e0:1c:07:18:77:07:1b:ae:db:3c:8b:
45:a0:fc:18
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZNorxY/5mRLR2MOsrscqZPXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjQxMTI2MTMzNTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzBhYmYxNjFlOWZiY2RmZGI1ODVkOTZkYWJhMDhjMWRhMWJjOGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAnvSVl1qjUUz4x5zhYuzm4HajkN
sBPi8WG4EVVNfzMdcPu9Xo38utZy+a4HSUBvOf/GUKAuM9Tp78CsSSqpZ8UurA64
28eXkoK4X5iwgCGKL1xxACe5fVkZ+GmDF2u57jJGU5NwR+6BMr+jp1byytYyCt5O
dQl/MXAj/8pPBFZh4SCMsyLg1AkFuwVFJKVbwCcrrq61k5M/ek357nwqE5rDYX5P
7RRAlapUQTQX4tJjllfmHT/ReAp/ZRhGT0tHaE2Rjltkp77w/2znrsXTfQufWIKd
7oyGMP3EI6/yt2mUTGiopMQjXCR4jCIsAOaPwcQkCD24Z6c1wAa1NTtrGQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMwKvxYen7zf21hdltq6CMHaG8jYMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvekFxX0ZoNmZ2Tl9iV0YyVzJyb0l3ZG9ieU5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUBURPDHgMF
ALlkADUwDQYJKoZIhvcNAQELBQADggEBAEHTM0XukVB+qYrGlJEFJxOQlsewjJ+U
Jv5x8TpuIMKbUYyv+at2tHKrx2tcB7D8TsNLRDmOJ4EAXrzZOo9Q7FbAkWTjDxCI
MgzRoX8G4aat5vBOxRCEoL3mQOJCuyNIs4AP7mZ2hpIZYXlGFcjpUC4saMo+fLvU
v9qKxtUr3sDmj+SlYcAD/3mJGJRtiN90Hj/RDWlj8ZYXgkOmyUL75aHgfq3ra+bD
nNE1hHb2UDgiy6L8uSxNjZ5YIXxf5kFU/h85xc9AujXRNDFAn/137kYHOuz+44TR
ZATbI1faoFnkUdOOxi1+uFzNaK0K3UGMNA7gHAcYdwcbrts8i0Wg/Bg=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:27:05 2025 by rpki-client