Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/zYzjXahtSWU4k0uZpmF9zsJlelA.roa
File: zYzjXahtSWU4k0uZpmF9zsJlelA.roa (raw, json)
Hash identifier: OCIECJAmSyMf2zxPigVjRIJ1zIUVfQDqJZJr58OsuoQ=
Subject key identifier: CD:8C:E3:5D:A8:6D:49:65:38:93:4B:99:A6:61:7D:CE:C2:65:7A:50
Certificate issuer: /CN=d9f19f05ccf2221398469c0be8ddc04ce14e135a
Certificate serial: 018CC3B68EEDC90B3B999D16B17414E657F4
Authority key identifier: D9:F1:9F:05:CC:F2:22:13:98:46:9C:0B:E8:DD:C0:4C:E1:4E:13:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fGfBczyIhOYRpwL6N3ATOFOE1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/zYzjXahtSWU4k0uZpmF9zsJlelA.roa
Signing time: Mon 01 Jan 2024 06:29:30 +0000
ROA not before: Mon 01 Jan 2024 06:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39566
IP address blocks: 193.93.88.0/22 maxlen: 22
91.211.220.0/22 maxlen: 22
2001:678:63c::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:50:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:8e:ed:c9:0b:3b:99:9d:16:b1:74:14:e6:57:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9f19f05ccf2221398469c0be8ddc04ce14e135a
Validity
Not Before: Jan 1 06:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd8ce35da86d496538934b99a6617dcec2657a50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:fa:bf:91:28:5e:27:a9:84:b5:17:17:8c:7b:
07:68:5a:10:3d:c9:7b:1b:16:92:89:d8:a3:bc:13:
c1:53:6c:4d:fc:ae:71:a0:f5:f8:ec:f1:7c:0e:6e:
23:45:23:26:21:2c:45:85:9a:38:bb:19:92:83:c9:
ec:57:01:76:e6:d2:7e:76:f5:3a:d0:1d:34:fa:d5:
5e:f3:ff:05:55:e1:63:c7:68:ac:e4:59:ee:79:7d:
d5:e3:00:49:d4:b2:c8:7b:ac:b1:fa:a5:24:70:95:
28:68:20:45:fe:89:4c:2d:db:37:7d:1e:f7:e5:1f:
ec:63:73:e9:d6:c3:6f:e2:e8:33:9b:90:60:8a:e2:
d8:c8:57:f0:79:79:3e:29:b8:d1:f0:87:7e:b3:91:
1f:ab:ca:b9:1b:0e:21:57:42:4f:6d:85:f5:a7:42:
93:ad:fa:99:df:f2:1d:e7:8b:88:9c:fe:d8:f9:a1:
a7:7c:6d:b9:3f:d5:36:ab:f1:48:a1:78:59:98:21:
b6:d2:fb:3d:99:74:39:03:09:c6:13:f8:47:09:93:
c8:5a:9f:7e:8e:c2:fd:21:89:7d:4b:5e:2b:40:17:
b8:48:9d:89:d3:0b:de:8f:f9:da:cd:73:d4:5d:18:
d5:aa:26:01:24:58:03:ae:4a:37:fe:52:e2:3c:37:
d7:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:8C:E3:5D:A8:6D:49:65:38:93:4B:99:A6:61:7D:CE:C2:65:7A:50
X509v3 Authority Key Identifier:
keyid:D9:F1:9F:05:CC:F2:22:13:98:46:9C:0B:E8:DD:C0:4C:E1:4E:13:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fGfBczyIhOYRpwL6N3ATOFOE1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/zYzjXahtSWU4k0uZpmF9zsJlelA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.220.0/22
193.93.88.0/22
IPv6:
2001:678:63c::/48
Signature Algorithm: sha256WithRSAEncryption
62:35:28:3e:13:01:fb:18:5e:bc:85:30:b0:1c:89:a2:89:66:
f8:22:ed:90:4d:9b:1d:56:21:83:29:49:75:b8:08:3f:0f:21:
a6:99:44:71:61:cc:d1:4a:7c:4d:6e:92:76:f7:e1:3c:4f:76:
6e:38:9f:17:1d:1d:16:6e:40:53:e7:38:a8:6f:03:7f:cd:b5:
93:e0:c0:e0:ec:35:63:5a:b7:80:fe:a8:aa:54:e9:62:98:58:
b7:de:1b:df:ec:37:94:77:e8:67:87:9a:92:ff:ee:6a:7a:86:
8b:d5:05:6d:a9:ca:a4:57:ac:d3:43:65:48:16:34:62:f5:41:
27:d2:e7:8f:9b:e0:ad:c7:90:4d:1d:58:0f:a8:06:5d:76:ea:
8b:82:59:a1:9a:bf:24:27:34:ba:42:5f:15:48:db:84:41:4c:
42:6c:73:de:d1:05:0f:85:2c:1d:03:fa:2e:e4:4c:36:a3:b5:
60:c7:9a:43:9c:d5:17:4d:f7:b4:62:54:0d:19:3a:21:13:11:
c9:52:95:ef:3b:bd:1f:04:93:c0:2e:c6:6f:7d:dc:65:7f:9f:
11:71:01:e8:be:a7:63:0a:ce:2d:73:c4:7c:ee:06:b9:83:92:
1c:dd:2d:10:7b:f5:8d:ac:8f:51:21:ce:f6:35:0a:16:1e:4c:
8f:a8:52:2a
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzDto7tyQs7mZ0WsXQU5lf0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZjE5ZjA1Y2NmMjIyMTM5ODQ2OWMwYmU4ZGRjMDRjZTE0
ZTEzNWEwHhcNMjQwMTAxMDYyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDhjZTM1ZGE4NmQ0OTY1Mzg5MzRiOTlhNjYxN2RjZWMyNjU3YTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPq/kSheJ6mEtRcXjHsHaFoQPcl7
GxaSidijvBPBU2xN/K5xoPX47PF8Dm4jRSMmISxFhZo4uxmSg8nsVwF25tJ+dvU6
0B00+tVe8/8FVeFjx2is5FnueX3V4wBJ1LLIe6yx+qUkcJUoaCBF/olMLds3fR73
5R/sY3Pp1sNv4ugzm5BgiuLYyFfweXk+KbjR8Id+s5Efq8q5Gw4hV0JPbYX1p0KT
rfqZ3/Id54uInP7Y+aGnfG25P9U2q/FIoXhZmCG20vs9mXQ5AwnGE/hHCZPIWp9+
jsL9IYl9S14rQBe4SJ2J0wvej/nazXPUXRjVqiYBJFgDrko3/lLiPDfXgQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFM2M412obUllOJNLmaZhfc7CZXpQMB8GA1UdIwQY
MBaAFNnxnwXM8iITmEacC+jdwEzhThNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZHZkJjenlJaE9ZUnB3TDZOM0FUT0ZPRTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS82ZTMyNDYtZmJhNi00ZTFkLTgwODkt
NGZmMzMzMzgzNjFlLzEvell6alhhaHRTV1U0azB1WnBtRjl6c0psZWxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS82ZTMyNDYtZmJhNi00ZTFkLTgwODktNGZmMzMzMzgzNjFl
LzEvMmZHZkJjenlJaE9ZUnB3TDZOM0FUT0ZPRTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCW9PcAwQC
wV1YMA8EAgACMAkDBwAgAQZ4BjwwDQYJKoZIhvcNAQELBQADggEBAGI1KD4TAfsY
XryFMLAciaKJZvgi7ZBNmx1WIYMpSXW4CD8PIaaZRHFhzNFKfE1uknb34TxPdm44
nxcdHRZuQFPnOKhvA3/NtZPgwODsNWNat4D+qKpU6WKYWLfeG9/sN5R36GeHmpL/
7mp6hovVBW2pyqRXrNNDZUgWNGL1QSfS54+b4K3HkE0dWA+oBl126ouCWaGavyQn
NLpCXxVI24RBTEJsc97RBQ+FLB0D+i7kTDajtWDHmkOc1RdN97RiVA0ZOiETEclS
le87vR8Ek8Auxm993GV/nxFxAei+p2MKzi1zxHzuBrmDkhzdLRB79Y2sj1EhzvY1
ChYeTI+oUio=
-----END CERTIFICATE-----
Generated at Fri May 16 16:50:24 2025 by rpki-client