Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/rZPEz0F_ZTWhEaf4QvZrPKQRKZk.roa
File: rZPEz0F_ZTWhEaf4QvZrPKQRKZk.roa (raw, json)
Hash identifier: Cc8FaFTwWIwyfQoA9MyG4en9DfMOAjRhJ4KMYtAC0lw=
Subject key identifier: AD:93:C4:CF:41:7F:65:35:A1:11:A7:F8:42:F6:6B:3C:A4:11:29:99
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018ED201F4B18A0BD670E81225253D24CEB7
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/rZPEz0F_ZTWhEaf4QvZrPKQRKZk.roa
Signing time: Fri 12 Apr 2024 11:12:07 +0000
ROA not before: Fri 12 Apr 2024 11:12:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28860
IP address blocks: 81.27.144.0/24 maxlen: 24
81.27.149.0/24 maxlen: 24
81.27.150.0/24 maxlen: 24
81.27.151.0/24 maxlen: 24
81.27.152.0/24 maxlen: 24
81.27.158.0/24 maxlen: 24
217.24.112.0/24 maxlen: 24
217.24.113.0/24 maxlen: 24
217.24.114.0/24 maxlen: 24
217.24.115.0/24 maxlen: 24
217.24.116.0/24 maxlen: 24
217.24.117.0/24 maxlen: 24
217.24.118.0/24 maxlen: 24
217.24.120.0/24 maxlen: 24
217.24.121.0/24 maxlen: 24
217.24.122.0/24 maxlen: 24
217.24.123.0/24 maxlen: 24
217.24.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Aug 2024 13:45:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d2:01:f4:b1:8a:0b:d6:70:e8:12:25:25:3d:24:ce:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 12 11:12:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad93c4cf417f6535a111a7f842f66b3ca4112999
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:dd:08:da:be:e2:95:90:af:00:3c:66:8e:64:
68:eb:77:e6:16:73:76:bd:6b:d5:02:b0:57:9d:7f:
27:ba:12:59:59:35:b0:99:b7:69:56:8f:e7:67:4c:
68:d3:01:60:b8:e3:19:83:7f:db:6c:fe:67:e3:5e:
c6:92:97:ee:bd:22:25:c1:c7:af:ac:fb:a6:e2:43:
e9:a5:59:2e:10:4c:6e:02:ea:cb:2f:55:ca:7b:6a:
92:ea:bb:d2:2b:1c:83:b2:05:3a:ae:de:a5:dd:55:
eb:52:03:5b:25:95:a1:ec:8b:eb:bf:de:16:55:1b:
8c:9c:05:13:aa:fa:c0:20:3f:80:52:34:84:1c:58:
72:62:e2:f4:55:d3:d9:72:eb:ce:12:be:38:81:73:
e0:f0:27:28:96:fb:7f:83:21:9a:01:1b:7a:fa:ae:
a4:47:02:35:16:46:09:fa:4f:1f:f3:3e:5c:ee:0b:
f5:48:38:cb:f5:1c:01:9d:2b:68:11:20:ee:d4:5c:
9f:12:ec:6d:3a:48:4f:bc:bd:51:a3:c1:c1:36:59:
24:48:76:2b:e0:32:fb:bf:6f:b5:2e:89:e6:35:d5:
e0:c9:58:ff:30:3b:bd:f7:32:20:33:47:eb:17:5f:
e5:2c:13:95:4e:06:e4:ee:bb:38:17:65:d6:67:bf:
89:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:93:C4:CF:41:7F:65:35:A1:11:A7:F8:42:F6:6B:3C:A4:11:29:99
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/rZPEz0F_ZTWhEaf4QvZrPKQRKZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.27.144.0/24
81.27.149.0-81.27.152.255
81.27.158.0/24
217.24.112.0-217.24.118.255
217.24.120.0/22
217.24.125.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:37:de:bb:1c:1b:d9:89:d5:00:b2:b0:03:3c:ca:f9:33:48:
25:f7:eb:67:d0:e3:5f:3a:7a:3d:5d:a0:eb:75:52:76:16:f4:
59:8b:29:6b:51:21:b0:25:7a:d4:fc:8b:a7:15:01:c2:d1:22:
9d:ac:e1:70:8b:4e:ad:e7:1e:41:d6:a0:59:2a:16:8d:75:c1:
70:73:51:d7:8f:a1:48:5f:5e:04:fa:38:02:02:d6:99:c2:6a:
07:27:86:56:20:3f:ae:4b:80:7b:bb:09:ff:c3:f8:ef:41:9a:
4b:b8:5a:11:a9:6d:c0:9b:40:9d:bf:fa:06:99:ef:e4:9c:26:
42:57:57:30:ae:3e:3c:f3:78:03:8d:4b:19:ef:5c:89:31:3d:
03:06:01:58:e8:53:40:fd:3d:35:be:ed:58:e5:48:21:bf:d9:
9e:f8:00:aa:6b:46:89:a9:80:e9:41:77:a6:a7:82:ab:2e:f4:
c4:6c:d0:21:ff:5e:01:fc:62:a2:dc:3a:6c:af:2d:f3:fa:a6:
ae:45:06:5b:11:ef:d6:b8:cf:9b:a7:4c:87:3d:2e:8f:9e:00:
6e:e4:41:12:0c:88:36:fd:86:ba:67:93:23:3f:05:e0:bf:28:
47:85:83:c3:1c:e5:9e:82:e8:76:85:ca:93:65:b7:4a:cf:a1:
d7:61:70:d5
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAY7SAfSxigvWcOgSJSU9JM63MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDEyMTExMjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDkzYzRjZjQxN2Y2NTM1YTExMWE3Zjg0MmY2NmIzY2E0MTEyOTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu90I2r7ilZCvADxmjmRo63fmFnN2
vWvVArBXnX8nuhJZWTWwmbdpVo/nZ0xo0wFguOMZg3/bbP5n417GkpfuvSIlwcev
rPum4kPppVkuEExuAurLL1XKe2qS6rvSKxyDsgU6rt6l3VXrUgNbJZWh7Ivrv94W
VRuMnAUTqvrAID+AUjSEHFhyYuL0VdPZcuvOEr44gXPg8Ccolvt/gyGaARt6+q6k
RwI1FkYJ+k8f8z5c7gv1SDjL9RwBnStoESDu1FyfEuxtOkhPvL1Ro8HBNlkkSHYr
4DL7v2+1LonmNdXgyVj/MDu99zIgM0frF1/lLBOVTgbk7rs4F2XWZ7+JgwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFK2TxM9Bf2U1oRGn+EL2azykESmZMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvclpQRXowRl9aVFdoRWFmNFF2WnJQS1FSS1prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQAURuQMAwD
BABRG5UDBABRG5gDBABRG54wDAMEBNkYcAMEANkYdgMEAtkYeAMEANkYfTANBgkq
hkiG9w0BAQsFAAOCAQEAHDfeuxwb2YnVALKwAzzK+TNIJffrZ9DjXzp6PV2g63VS
dhb0WYspa1EhsCV61PyLpxUBwtEinazhcItOreceQdagWSoWjXXBcHNR14+hSF9e
BPo4AgLWmcJqByeGViA/rkuAe7sJ/8P470GaS7haEaltwJtAnb/6Bpnv5JwmQldX
MK4+PPN4A41LGe9ciTE9AwYBWOhTQP09Nb7tWOVIIb/ZnvgAqmtGiamA6UF3pqeC
qy70xGzQIf9eAfxiotw6bK8t8/qmrkUGWxHv1rjPm6dMhz0uj54AbuRBEgyINv2G
umeTIz8F4L8oR4WDwxzlnoLodoXKk2W3Ss+h12Fw1Q==
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:30:57 2025 by rpki-client