Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/RZ4ZVE2deBH78ZezvRr2mU0bZ30.roa
File: RZ4ZVE2deBH78ZezvRr2mU0bZ30.roa (raw, json)
Hash identifier: SrV0NmY6hb1vzGbIbAxPBUzaJHhd/IA6cPQOBrjy2VQ=
Subject key identifier: 45:9E:19:54:4D:9D:78:11:FB:F1:97:B3:BD:1A:F6:99:4D:1B:67:7D
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01966D29B06CB933E77CD6BA8B8E3B6C342F
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/RZ4ZVE2deBH78ZezvRr2mU0bZ30.roa
Signing time: Fri 25 Apr 2025 13:36:10 +0000
ROA not before: Fri 25 Apr 2025 13:36:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31732
IP address blocks: 188.209.155.0/24 maxlen: 24
188.209.156.0/22 maxlen: 24
213.173.32.0/22 maxlen: 24
2001:16c0::/29 maxlen: 29
2001:16c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 04 May 2025 03:53:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6d:29:b0:6c:b9:33:e7:7c:d6:ba:8b:8e:3b:6c:34:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Apr 25 13:36:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=459e19544d9d7811fbf197b3bd1af6994d1b677d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:47:b4:10:fa:f6:a8:85:4e:01:cb:17:5f:de:
86:9a:34:d9:d3:f1:50:01:d5:0d:26:59:af:d4:75:
5e:7e:89:bb:49:82:34:26:a7:94:dc:ef:b3:e0:d1:
8b:cf:4e:96:3c:48:67:d0:92:77:0c:b0:f5:07:4f:
81:f9:97:65:ca:20:db:bf:81:2c:f3:7a:45:a3:61:
30:96:e5:5f:46:0e:87:48:de:40:39:db:88:99:28:
15:9d:f0:40:ad:86:8f:54:f3:e1:8e:88:51:a5:a3:
c8:ef:08:1d:45:57:a0:db:50:1d:b6:00:7f:01:f5:
b1:c0:5f:f4:61:28:25:d1:26:3c:e6:d5:35:96:67:
63:52:19:40:b3:2a:1a:1a:e9:12:0b:51:18:c3:8a:
b8:71:59:77:21:69:47:12:fd:3f:b8:ba:10:d2:1d:
49:cc:ac:1e:03:3a:3b:e8:11:01:61:9f:83:6e:9d:
3a:a5:ab:b6:58:70:59:30:81:55:4d:bb:fd:b2:ab:
fd:f0:bc:d1:d8:48:8d:6c:ec:b3:e6:94:27:6d:4c:
cd:e9:28:36:fe:ed:95:f6:35:b5:a5:10:67:2a:f7:
81:ea:00:25:ab:3b:d5:0c:aa:79:10:8f:0b:a6:4a:
c9:1e:4d:5f:43:65:e5:c1:e8:eb:0b:28:0d:28:58:
75:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:9E:19:54:4D:9D:78:11:FB:F1:97:B3:BD:1A:F6:99:4D:1B:67:7D
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/RZ4ZVE2deBH78ZezvRr2mU0bZ30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.155.0-188.209.159.255
213.173.32.0/22
IPv6:
2001:16c0::/29
Signature Algorithm: sha256WithRSAEncryption
6d:b3:a9:da:56:4f:e5:f0:d7:15:c5:ef:d1:d8:df:8b:50:d6:
89:25:ee:07:67:fe:c4:db:1f:63:87:b8:9b:a9:a1:55:2a:d1:
31:ef:15:74:b7:01:6f:9c:88:a4:dc:05:de:22:3a:05:e1:bd:
92:c4:4d:79:71:8a:fd:16:65:6c:75:6f:fa:6a:dd:6c:30:7b:
d2:5b:b1:4a:9c:de:90:9f:fa:80:79:e7:e0:c9:5a:51:69:de:
47:db:58:69:81:e0:6b:e1:7c:23:a2:c3:c4:76:f1:4e:bd:1f:
f9:4a:ef:71:af:e3:19:07:e4:cc:d8:a8:cf:82:6a:76:d9:74:
16:32:f2:01:da:d3:d1:98:5e:28:dd:e4:d5:02:02:9e:9d:bd:
60:a1:6b:de:fe:14:63:37:92:7d:80:1e:49:da:24:7a:61:86:
42:f3:8a:14:97:b3:5b:3a:6e:bd:c7:83:6e:74:07:15:79:bb:
64:55:9f:1f:34:e0:70:ab:07:56:5a:c5:42:ed:79:89:88:9c:
a8:23:7f:30:28:02:72:da:9e:56:4b:4d:cd:b8:2c:6e:68:80:
91:57:36:ba:a1:72:97:1d:7a:b0:c2:23:58:dc:3e:c9:4a:54:
3f:3a:aa:43:96:f7:55:9a:d3:2f:43:4e:2d:15:c8:0a:28:ff:
42:f8:95:63
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZZtKbBsuTPnfNa6i447bDQvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwNDI1MTMzNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTllMTk1NDRkOWQ3ODExZmJmMTk3YjNiZDFhZjY5OTRkMWI2NzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUe0EPr2qIVOAcsXX96GmjTZ0/FQ
AdUNJlmv1HVefom7SYI0JqeU3O+z4NGLz06WPEhn0JJ3DLD1B0+B+ZdlyiDbv4Es
83pFo2EwluVfRg6HSN5AOduImSgVnfBArYaPVPPhjohRpaPI7wgdRVeg21AdtgB/
AfWxwF/0YSgl0SY85tU1lmdjUhlAsyoaGukSC1EYw4q4cVl3IWlHEv0/uLoQ0h1J
zKweAzo76BEBYZ+Dbp06pau2WHBZMIFVTbv9sqv98LzR2EiNbOyz5pQnbUzN6Sg2
/u2V9jW1pRBnKveB6gAlqzvVDKp5EI8LpkrJHk1fQ2XlwejrCygNKFh1dwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFEWeGVRNnXgR+/GXs70a9plNG2d9MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvUlo0WlZFMmRlQkg3OFplenZScjJtVTBiWjMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAC80ZsD
BAW80YADBALVrSAwDQQCAAIwBwMFAyABFsAwDQYJKoZIhvcNAQELBQADggEBAG2z
qdpWT+Xw1xXF79HY34tQ1okl7gdn/sTbH2OHuJupoVUq0THvFXS3AW+ciKTcBd4i
OgXhvZLETXlxiv0WZWx1b/pq3Wwwe9JbsUqc3pCf+oB55+DJWlFp3kfbWGmB4Gvh
fCOiw8R28U69H/lK73Gv4xkH5MzYqM+CanbZdBYy8gHa09GYXijd5NUCAp6dvWCh
a97+FGM3kn2AHknaJHphhkLzihSXs1s6br3Hg250BxV5u2RVnx804HCrB1ZaxULt
eYmInKgjfzAoAnLanlZLTc24LG5ogJFXNrqhcpcderDCI1jcPslKVD86qkOW91Wa
0y9DTi0VyAoo/0L4lWM=
-----END CERTIFICATE-----
Generated at Wed May 14 23:58:58 2025 by rpki-client