Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/pzjQi6YpuDECckErvhNC-alJCSs.roa
File: pzjQi6YpuDECckErvhNC-alJCSs.roa (raw, json)
Hash identifier: He4WQyKpXyhs6/Iy3+kqDlYMMF151WEP/FZgAtA2tLs=
Subject key identifier: A7:38:D0:8B:A6:29:B8:31:02:72:41:2B:BE:13:42:F9:A9:49:09:2B
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EEAD1429646F48012B5BBCA45FD905A5E
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/pzjQi6YpuDECckErvhNC-alJCSs.roa
Signing time: Wed 17 Apr 2024 06:49:26 +0000
ROA not before: Wed 17 Apr 2024 06:49:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13118
IP address blocks: 109.161.0.0/17 maxlen: 17
109.161.0.0/19 maxlen: 19
109.161.32.0/19 maxlen: 19
109.161.52.0/24 maxlen: 24
109.161.57.0/24 maxlen: 24
109.161.60.0/22 maxlen: 22
109.161.64.0/19 maxlen: 19
109.161.64.0/20 maxlen: 20
217.15.128.0/19 maxlen: 19
Validation: Failed, certificate revoked on Wed 17 Apr 2024 07:19:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ea:d1:42:96:46:f4:80:12:b5:bb:ca:45:fd:90:5a:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 17 06:49:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a738d08ba629b8310272412bbe1342f9a949092b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:03:b9:58:1b:07:85:5f:45:89:a4:9f:09:36:
6d:dd:59:ce:c7:31:8d:a4:39:1f:aa:b2:8e:9e:e1:
22:bb:71:6d:2c:b6:67:c5:88:73:83:e2:d7:e0:13:
26:ed:99:1b:f0:da:7a:ad:5f:80:d1:b0:46:ed:11:
15:64:be:be:f7:d7:96:5a:84:10:d6:e7:c5:63:7e:
03:46:26:36:0d:97:7d:eb:35:77:52:2c:e4:69:f2:
6f:57:0f:fa:ce:f4:c0:f5:44:4d:ea:cb:8c:f5:2a:
51:45:8d:38:9a:97:ca:e9:65:fd:9a:43:02:7e:c2:
a2:99:b2:c8:43:0a:91:c3:37:0f:e0:6d:a6:d2:c5:
b8:f1:a1:15:46:3e:7b:76:4e:6b:38:ed:25:6d:f8:
40:d8:31:82:f1:5e:52:d6:22:72:65:5d:6d:17:94:
21:40:34:13:82:db:9a:46:ff:3d:0b:04:20:27:6d:
32:df:ff:e6:f1:50:a8:9c:e4:04:51:d5:4e:ff:49:
2a:9a:fb:b7:80:92:00:96:07:e6:0f:0c:f1:05:a3:
e4:06:d0:b1:ea:de:92:9e:01:10:13:97:14:a0:05:
5c:f0:8e:8f:5d:99:94:52:27:0d:be:ac:4f:7a:87:
fe:27:91:9b:80:8d:8c:64:49:c6:21:07:be:6c:bf:
e5:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:38:D0:8B:A6:29:B8:31:02:72:41:2B:BE:13:42:F9:A9:49:09:2B
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/pzjQi6YpuDECckErvhNC-alJCSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.161.0.0/17
217.15.128.0/19
Signature Algorithm: sha256WithRSAEncryption
03:07:06:75:59:0d:3e:c4:ba:01:6e:02:70:76:26:76:9c:26:
a4:27:4d:11:9c:9c:48:1a:f9:72:e5:3e:5b:42:bd:b6:dd:89:
16:23:84:86:45:2e:4a:bd:98:f0:1c:7d:fa:be:cf:c5:16:63:
0b:57:1f:1f:89:1f:66:6b:81:2e:d3:e9:4a:96:3d:2d:51:f4:
38:25:c4:9f:9b:62:80:66:c8:c1:d5:bd:04:4e:32:1a:60:8a:
3c:3e:b9:aa:88:2e:c0:a3:82:0d:79:23:5d:5b:ad:b3:86:e8:
37:22:7e:49:2b:42:b5:d1:37:58:91:f4:13:b3:42:49:07:54:
11:47:bb:34:0e:fd:d0:68:82:6b:c2:c1:25:31:a4:23:2d:2e:
5f:5c:08:b0:77:74:76:c9:b4:99:99:30:8e:5b:06:3a:b4:63:
1a:47:a6:7d:e8:ee:7f:a0:3d:aa:de:9d:1a:5a:4e:3f:c8:61:
e7:09:18:ae:a3:98:a3:f0:91:b4:84:d2:f8:dd:bc:3d:b6:5a:
10:70:5d:a5:84:23:c7:38:79:89:61:75:2a:04:cd:85:87:04:
cf:7a:7e:c4:12:2a:1a:d4:ef:10:8a:11:ad:76:9d:17:83:fe:
bf:e5:5a:d7:93:c5:5b:a6:99:b0:42:12:29:10:30:f1:08:63:
0a:43:0e:34
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7q0UKWRvSAErW7ykX9kFpeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDE3MDY0OTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzM4ZDA4YmE2MjliODMxMDI3MjQxMmJiZTEzNDJmOWE5NDkwOTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngO5WBsHhV9FiaSfCTZt3VnOxzGN
pDkfqrKOnuEiu3FtLLZnxYhzg+LX4BMm7Zkb8Np6rV+A0bBG7REVZL6+99eWWoQQ
1ufFY34DRiY2DZd96zV3UizkafJvVw/6zvTA9URN6suM9SpRRY04mpfK6WX9mkMC
fsKimbLIQwqRwzcP4G2m0sW48aEVRj57dk5rOO0lbfhA2DGC8V5S1iJyZV1tF5Qh
QDQTgtuaRv89CwQgJ20y3//m8VConOQEUdVO/0kqmvu3gJIAlgfmDwzxBaPkBtCx
6t6SngEQE5cUoAVc8I6PXZmUUicNvqxPeof+J5GbgI2MZEnGIQe+bL/l+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKc40IumKbgxAnJBK74TQvmpSQkrMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvcHpqUWk2WXB1REVDY2tFcnZoTkMtYWxKQ1NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQHbaEAAwQF
2Q+AMA0GCSqGSIb3DQEBCwUAA4IBAQADBwZ1WQ0+xLoBbgJwdiZ2nCakJ00RnJxI
Gvly5T5bQr223YkWI4SGRS5KvZjwHH36vs/FFmMLVx8fiR9ma4Eu0+lKlj0tUfQ4
JcSfm2KAZsjB1b0ETjIaYIo8PrmqiC7Ao4INeSNdW62zhug3In5JK0K10TdYkfQT
s0JJB1QRR7s0Dv3QaIJrwsElMaQjLS5fXAiwd3R2ybSZmTCOWwY6tGMaR6Z96O5/
oD2q3p0aWk4/yGHnCRiuo5ij8JG0hNL43bw9tloQcF2lhCPHOHmJYXUqBM2FhwTP
en7EEioa1O8QihGtdp0Xg/6/5VrXk8VbppmwQhIpEDDxCGMKQw40
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:08:43 2025 by rpki-client