Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/pZilXVq1mWhjphG-MP1Rxa-CqUM.roa
File: pZilXVq1mWhjphG-MP1Rxa-CqUM.roa (raw, json)
Hash identifier: R2V7poeEM67n096SYWLOjKDFoayfKgWBZ6r6xH+ktZg=
Subject key identifier: A5:98:A5:5D:5A:B5:99:68:63:A6:11:BE:30:FD:51:C5:AF:82:A9:43
Certificate issuer: /CN=afb4e04a0ed344112c1853cab09f52e1cd9abaf2
Certificate serial: 018CC3B6A8350470AE6CBC78BAA7286F69B1
Authority key identifier: AF:B4:E0:4A:0E:D3:44:11:2C:18:53:CA:B0:9F:52:E1:CD:9A:BA:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r7TgSg7TRBEsGFPKsJ9S4c2auvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/pZilXVq1mWhjphG-MP1Rxa-CqUM.roa
Signing time: Mon 01 Jan 2024 06:29:36 +0000
ROA not before: Mon 01 Jan 2024 06:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213205
IP address blocks: 81.163.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 May 2024 21:52:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:a8:35:04:70:ae:6c:bc:78:ba:a7:28:6f:69:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afb4e04a0ed344112c1853cab09f52e1cd9abaf2
Validity
Not Before: Jan 1 06:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a598a55d5ab5996863a611be30fd51c5af82a943
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e9:b4:c3:9d:a5:51:e8:75:4b:75:4d:40:3e:
c8:21:24:4e:30:fa:50:9e:48:60:f5:9b:2b:c0:14:
2e:9b:14:7b:63:0c:f1:00:34:a3:9e:a3:44:68:d8:
70:e4:63:b9:01:f6:9a:68:ee:98:65:ad:27:a1:69:
88:43:ad:71:fd:62:e0:1f:32:65:3f:c8:1e:40:34:
85:65:70:6f:82:e4:11:06:24:ea:8b:44:81:d8:08:
13:51:38:fd:6c:03:e1:ee:87:f4:2b:3a:86:54:74:
28:13:37:1c:cf:13:23:46:30:98:52:b7:36:46:fd:
60:7b:f4:24:c8:04:27:91:90:c4:33:e2:e6:c6:d2:
42:d2:f4:67:46:4e:fc:84:18:ea:4d:b0:c9:ec:d9:
3e:01:f7:cf:50:e0:26:fe:39:2d:06:e6:dc:f0:ff:
bc:53:9b:d4:a7:15:cc:e6:3b:41:42:2c:98:7e:da:
63:32:b4:9e:cd:5b:60:8f:30:32:27:88:43:50:fa:
3d:ba:5e:0c:75:2f:51:45:7d:cd:ae:73:87:eb:52:
6f:f8:60:fd:ec:4f:e0:4f:20:26:f2:dc:98:8f:92:
8b:10:11:eb:b2:b0:48:12:bb:4f:20:78:cb:34:96:
5e:67:4e:ba:74:96:bb:3c:8f:4a:79:ce:0c:9e:51:
0a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:98:A5:5D:5A:B5:99:68:63:A6:11:BE:30:FD:51:C5:AF:82:A9:43
X509v3 Authority Key Identifier:
keyid:AF:B4:E0:4A:0E:D3:44:11:2C:18:53:CA:B0:9F:52:E1:CD:9A:BA:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r7TgSg7TRBEsGFPKsJ9S4c2auvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/pZilXVq1mWhjphG-MP1Rxa-CqUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/r7TgSg7TRBEsGFPKsJ9S4c2auvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.163.209.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:92:86:f3:9e:09:b1:72:29:51:1a:3e:16:b7:6f:fb:e2:60:
ef:47:12:ff:14:21:32:08:01:40:fc:88:91:ed:3f:b9:a6:71:
9b:6c:f1:01:ce:d7:0b:17:4e:6d:47:64:de:e5:2c:a3:17:8a:
70:c9:e1:cd:24:82:69:2a:c1:b3:95:f3:1c:3e:a1:98:a8:24:
84:d2:33:8f:46:a7:04:5f:fd:0b:97:f9:f0:c1:c1:b2:26:b5:
de:f1:d7:c0:07:94:2e:46:22:f0:ce:ae:d5:f2:b2:54:ef:d1:
64:f2:da:ba:6e:31:a0:08:98:22:69:1c:34:45:79:8c:d9:b4:
5d:72:92:24:6b:50:bf:cf:c2:c6:ab:46:54:4f:ac:c8:75:13:
46:c9:09:64:38:77:da:5f:62:fb:b9:8a:38:11:f0:0e:a7:bc:
1a:86:34:e0:78:11:97:00:2c:55:46:36:f0:fe:39:e7:2d:0d:
c1:33:a2:a7:1e:a4:a4:bd:ac:19:8a:b4:67:85:26:64:39:69:
76:45:14:ec:3b:75:54:0d:ae:ca:0b:dc:35:3c:7b:1c:ca:33:
f0:d8:7d:55:d4:15:68:7b:f1:8d:c0:d6:80:1b:ab:f4:89:e8:
b5:72:de:3a:89:9b:78:28:97:88:05:13:53:29:44:6a:01:51:
ed:0b:45:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtqg1BHCubLx4uqcob2mxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmYjRlMDRhMGVkMzQ0MTEyYzE4NTNjYWIwOWY1MmUxY2Q5
YWJhZjIwHhcNMjQwMTAxMDYyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTk4YTU1ZDVhYjU5OTY4NjNhNjExYmUzMGZkNTFjNWFmODJhOTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+m0w52lUeh1S3VNQD7IISROMPpQ
nkhg9ZsrwBQumxR7YwzxADSjnqNEaNhw5GO5AfaaaO6YZa0noWmIQ61x/WLgHzJl
P8geQDSFZXBvguQRBiTqi0SB2AgTUTj9bAPh7of0KzqGVHQoEzcczxMjRjCYUrc2
Rv1ge/QkyAQnkZDEM+LmxtJC0vRnRk78hBjqTbDJ7Nk+AffPUOAm/jktBubc8P+8
U5vUpxXM5jtBQiyYftpjMrSezVtgjzAyJ4hDUPo9ul4MdS9RRX3NrnOH61Jv+GD9
7E/gTyAm8tyYj5KLEBHrsrBIErtPIHjLNJZeZ066dJa7PI9Kec4MnlEKZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKWYpV1atZloY6YRvjD9UcWvgqlDMB8GA1UdIwQY
MBaAFK+04EoO00QRLBhTyrCfUuHNmrryMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjdUZ1NnN1RSQkVzR0ZQS3NKOVM0YzJhdXZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8xOWYyZTYtMWJmMy00ZjdhLTg4MTct
ODA5NWYzMjk3MTc5LzEvcFppbFhWcTFtV2hqcGhHLU1QMVJ4YS1DcVVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8xOWYyZTYtMWJmMy00ZjdhLTg4MTctODA5NWYzMjk3MTc5
LzEvcjdUZ1NnN1RSQkVzR0ZQS3NKOVM0YzJhdXZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUaPRMA0G
CSqGSIb3DQEBCwUAA4IBAQBbkobzngmxcilRGj4Wt2/74mDvRxL/FCEyCAFA/IiR
7T+5pnGbbPEBztcLF05tR2Te5SyjF4pwyeHNJIJpKsGzlfMcPqGYqCSE0jOPRqcE
X/0Ll/nwwcGyJrXe8dfAB5QuRiLwzq7V8rJU79Fk8tq6bjGgCJgiaRw0RXmM2bRd
cpIka1C/z8LGq0ZUT6zIdRNGyQlkOHfaX2L7uYo4EfAOp7wahjTgeBGXACxVRjbw
/jnnLQ3BM6KnHqSkvawZirRnhSZkOWl2RRTsO3VUDa7KC9w1PHscyjPw2H1V1BVo
e/GNwNaAG6v0iei1ct46iZt4KJeIBRNTKURqAVHtC0Xw
-----END CERTIFICATE-----
Generated at Tue Apr 15 12:59:59 2025 by rpki-client