Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/cZbVl-hI8DkuvQ_8qYPvwutMaG4.roa
File: cZbVl-hI8DkuvQ_8qYPvwutMaG4.roa (raw, json)
Hash identifier: b7hfH+dsxqNTiX/PA9UfEQjXLplB0aH9hC7XQwhFpCI=
Subject key identifier: 71:96:D5:97:E8:48:F0:39:2E:BD:0F:FC:A9:83:EF:C2:EB:4C:68:6E
Certificate issuer: /CN=5f5980132d193e270ed1efe0ad2849fe8ab0d76c
Certificate serial: 01917DC0F2238D1B2B629A1631739025B64A
Authority key identifier: 5F:59:80:13:2D:19:3E:27:0E:D1:EF:E0:AD:28:49:FE:8A:B0:D7:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X1mAEy0ZPicO0e_grShJ_oqw12w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/cZbVl-hI8DkuvQ_8qYPvwutMaG4.roa
Signing time: Fri 23 Aug 2024 05:41:22 +0000
ROA not before: Fri 23 Aug 2024 05:41:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51468
IP address blocks: 141.138.172.0/22 maxlen: 22
2a03:3c00:c000::/34 maxlen: 34
2a03:3c00:c001::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 28 Oct 2024 05:45:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7d:c0:f2:23:8d:1b:2b:62:9a:16:31:73:90:25:b6:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f5980132d193e270ed1efe0ad2849fe8ab0d76c
Validity
Not Before: Aug 23 05:41:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7196d597e848f0392ebd0ffca983efc2eb4c686e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1a:38:06:cb:1c:d2:41:0a:83:ab:1a:18:bc:
06:ee:a4:68:23:25:04:20:5c:f8:7b:5e:4b:5b:db:
36:36:45:b7:4d:b9:fb:06:0b:c6:00:0d:ed:31:7e:
f3:05:a5:9e:42:c4:0e:70:e7:1f:dd:14:35:a0:34:
f3:d2:62:53:1d:12:67:ac:6a:a0:7c:61:fd:cb:a9:
a3:41:88:fd:d5:a8:25:c8:2d:48:02:97:de:01:b8:
34:ba:7c:b6:17:64:bb:79:45:8d:f5:2a:53:b0:7f:
cd:7a:ad:4b:06:d8:88:8e:a8:41:ba:31:0e:18:f9:
5a:79:2b:c7:77:b2:7c:bf:41:44:0a:80:87:d6:0a:
e7:84:b9:aa:0c:38:c3:74:86:d1:24:01:9a:d6:cb:
bb:6e:52:4f:0b:41:36:2d:6b:b7:94:59:77:59:fd:
16:fb:4c:59:08:e1:30:3c:8e:b9:eb:b7:fa:b1:7b:
aa:32:e9:b9:b9:c2:51:de:ba:12:64:49:b4:d8:78:
f2:41:88:a9:ec:9b:a4:e6:e0:3f:43:99:5d:9f:be:
7b:b7:f7:9f:e9:1b:00:2f:c1:61:eb:6a:f5:8a:53:
78:bd:44:66:5b:3e:ea:0b:b3:ba:62:84:74:53:e2:
9d:d9:d6:22:f4:c7:46:7a:9e:97:dd:a4:92:59:10:
72:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:96:D5:97:E8:48:F0:39:2E:BD:0F:FC:A9:83:EF:C2:EB:4C:68:6E
X509v3 Authority Key Identifier:
keyid:5F:59:80:13:2D:19:3E:27:0E:D1:EF:E0:AD:28:49:FE:8A:B0:D7:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X1mAEy0ZPicO0e_grShJ_oqw12w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/cZbVl-hI8DkuvQ_8qYPvwutMaG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/X1mAEy0ZPicO0e_grShJ_oqw12w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.138.172.0/22
IPv6:
2a03:3c00:c000::/34
Signature Algorithm: sha256WithRSAEncryption
4a:ff:1f:9a:46:e9:cd:47:84:74:e7:4c:f1:c4:8e:31:c9:9c:
35:7b:de:ef:da:61:fa:79:24:7f:27:4a:6e:fa:1b:3c:5a:5d:
d3:25:f4:98:31:18:d2:e0:5c:2e:e6:91:b8:84:ca:4c:5a:8f:
11:5c:4d:12:fc:11:a1:33:0b:01:36:4b:32:9a:80:b0:53:b2:
9b:0e:65:d7:24:c5:e4:36:c3:a2:a2:55:02:ac:4c:66:b6:91:
d6:d6:d0:51:9a:f7:2d:7b:69:84:72:bb:90:32:96:74:0a:27:
ba:19:a1:6e:5b:6b:65:1f:3d:c5:56:e5:0a:7a:27:56:5e:c3:
07:80:71:5d:70:31:1e:c6:cd:6f:96:18:36:73:66:a4:37:4b:
c3:e0:f9:94:99:77:c2:6c:3d:06:93:ef:73:94:fc:c2:2c:af:
0a:14:c7:83:af:f2:a3:32:b5:86:c8:77:7d:69:92:be:ab:d1:
74:aa:9e:b1:51:69:22:d3:6e:75:af:87:d2:bb:ff:d4:f1:b3:
66:0c:06:37:fc:6c:d1:52:f0:3b:7a:bf:6a:b1:3e:a1:38:77:
74:6c:44:f0:cf:33:70:3f:fa:59:3f:f7:63:f6:41:5b:83:89:
fe:ce:7c:25:37:34:93:74:33:92:4e:3c:d6:63:b4:85:8b:a4:
2b:e7:83:48
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZF9wPIjjRsrYpoWMXOQJbZKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNTk4MDEzMmQxOTNlMjcwZWQxZWZlMGFkMjg0OWZlOGFi
MGQ3NmMwHhcNMjQwODIzMDU0MTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTk2ZDU5N2U4NDhmMDM5MmViZDBmZmNhOTgzZWZjMmViNGM2ODZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBo4Bssc0kEKg6saGLwG7qRoIyUE
IFz4e15LW9s2NkW3Tbn7BgvGAA3tMX7zBaWeQsQOcOcf3RQ1oDTz0mJTHRJnrGqg
fGH9y6mjQYj91aglyC1IApfeAbg0uny2F2S7eUWN9SpTsH/Neq1LBtiIjqhBujEO
GPlaeSvHd7J8v0FECoCH1grnhLmqDDjDdIbRJAGa1su7blJPC0E2LWu3lFl3Wf0W
+0xZCOEwPI6567f6sXuqMum5ucJR3roSZEm02HjyQYip7Juk5uA/Q5ldn757t/ef
6RsAL8Fh62r1ilN4vURmWz7qC7O6YoR0U+Kd2dYi9MdGep6X3aSSWRByqwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFHGW1ZfoSPA5Lr0P/KmD78LrTGhuMB8GA1UdIwQY
MBaAFF9ZgBMtGT4nDtHv4K0oSf6KsNdsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDFtQUV5MFpQaWNPMGVfZ3JTaEpfb3F3MTJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9hYThhYzgtMTNiOC00MTk3LWJlNTYt
MWUxZGU5MWE5ODdjLzEvY1piVmwtaEk4RGt1dlFfOHFZUHZ3dXRNYUc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9hYThhYzgtMTNiOC00MTk3LWJlNTYtMWUxZGU5MWE5ODdj
LzEvWDFtQUV5MFpQaWNPMGVfZ3JTaEpfb3F3MTJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCjYqsMA4E
AgACMAgDBgYqAzwAwDANBgkqhkiG9w0BAQsFAAOCAQEASv8fmkbpzUeEdOdM8cSO
McmcNXve79ph+nkkfydKbvobPFpd0yX0mDEY0uBcLuaRuITKTFqPEVxNEvwRoTML
ATZLMpqAsFOymw5l1yTF5DbDoqJVAqxMZraR1tbQUZr3LXtphHK7kDKWdAonuhmh
bltrZR89xVblCnonVl7DB4BxXXAxHsbNb5YYNnNmpDdLw+D5lJl3wmw9BpPvc5T8
wiyvChTHg6/yozK1hsh3fWmSvqvRdKqesVFpItNuda+H0rv/1PGzZgwGN/xs0VLw
O3q/arE+oTh3dGxE8M8zcD/6WT/3Y/ZBW4OJ/s58JTc0k3Qzkk481mO0hYukK+eD
SA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:54:59 2025 by rpki-client