Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/z3-Gnh0G6Gn8LnwMCqmhEOwNkic.roa
File: z3-Gnh0G6Gn8LnwMCqmhEOwNkic.roa (raw, json)
Hash identifier: NjKADWgaafO/pUxa9/DEOxGTdqQg0cXW4VjL/GJrJyQ=
Subject key identifier: CF:7F:86:9E:1D:06:E8:69:FC:2E:7C:0C:0A:A9:A1:10:EC:0D:92:27
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 019402B31820FD3927DE965B8F674BFF9ABC
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/z3-Gnh0G6Gn8LnwMCqmhEOwNkic.roa
Signing time: Thu 26 Dec 2024 11:21:19 +0000
ROA not before: Thu 26 Dec 2024 11:21:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43278
IP address blocks: 95.182.102.0/24 maxlen: 24
95.182.103.0/24 maxlen: 24
109.248.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Dec 2024 14:06:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:02:b3:18:20:fd:39:27:de:96:5b:8f:67:4b:ff:9a:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Dec 26 11:21:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf7f869e1d06e869fc2e7c0c0aa9a110ec0d9227
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9b:c4:c1:be:78:d3:26:0d:b9:84:f1:7d:48:
f3:e5:85:7b:7c:cb:df:e3:24:48:18:c1:4f:c8:82:
3f:0d:e8:d7:60:9c:76:0d:50:ce:a4:4a:ac:ba:d0:
e8:a6:3d:98:72:03:53:c9:ed:91:51:05:30:ad:a1:
b5:d5:dd:73:5d:f3:b2:e4:01:11:a8:f5:a5:d5:75:
02:4c:78:e2:67:cd:1b:42:cc:45:04:2a:3b:22:0e:
26:55:85:74:1f:c3:fe:06:c6:31:35:a4:58:38:6e:
47:44:2b:90:d8:da:f9:e7:0a:8f:09:30:49:3b:f9:
d4:21:3b:9c:a1:3c:07:63:7a:4c:76:0d:2c:ef:04:
61:53:62:ea:7e:e6:91:2a:0a:6d:b2:f9:93:2c:78:
fc:ed:fb:f1:16:79:e9:56:a8:e7:e3:97:fa:f6:50:
ab:93:e1:1c:24:00:29:18:e6:e5:7a:2c:be:da:a6:
3e:00:35:bd:ba:6f:ce:9c:81:0c:1f:84:8d:bf:c8:
a3:c0:58:e9:22:9c:01:61:1a:41:83:f2:8d:10:a6:
4b:48:2d:fe:5c:16:f7:b9:43:cd:aa:ca:f8:d4:88:
9b:aa:5f:91:83:fa:0c:01:03:c0:bd:a3:df:3c:f0:
46:ce:fb:2f:40:0d:9f:03:8a:f7:13:dc:d1:89:ef:
88:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:7F:86:9E:1D:06:E8:69:FC:2E:7C:0C:0A:A9:A1:10:EC:0D:92:27
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/z3-Gnh0G6Gn8LnwMCqmhEOwNkic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.182.102.0/23
109.248.4.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:ee:22:48:71:76:ec:87:a5:46:50:ab:e5:11:73:29:1c:fe:
22:b5:83:2c:87:b6:ed:95:1c:75:58:e7:37:c6:3b:76:1d:af:
21:b3:b5:ff:77:bb:1a:93:a3:8a:62:23:79:aa:4d:1e:8e:6f:
43:86:98:54:7a:b3:0a:c2:58:d6:71:17:13:03:4a:10:4d:be:
29:61:ed:52:28:a7:66:81:9a:26:d4:76:2a:5d:96:30:a9:c4:
3f:64:ea:da:2c:6c:26:1f:cc:8a:dc:ef:10:4e:a8:45:fb:1b:
6a:1d:cb:00:65:77:cf:7a:05:e6:f1:17:36:c6:bf:79:2a:24:
11:f1:95:bc:1c:cb:e3:64:22:28:db:f5:48:69:f6:e7:c2:4d:
fc:d7:97:67:eb:93:ce:ff:91:10:d8:e7:78:86:36:e4:1a:f0:
52:68:a6:ec:cd:83:43:65:f5:fc:f8:95:30:cd:39:b2:47:83:
b2:15:f2:5d:a6:38:6d:6c:a5:1e:42:74:70:c9:3d:8b:98:aa:
13:dd:8c:7f:57:b3:6a:9f:41:e6:23:29:e3:b9:70:f6:9a:5b:
5a:6e:bc:1f:54:f6:72:06:76:64:0c:1f:7a:eb:f7:00:36:69:
3c:a9:11:2b:19:0e:ac:52:69:e8:df:4d:ba:77:14:04:1c:66:
0e:75:a6:a0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQCsxgg/Tkn3pZbj2dL/5q8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQxMjI2MTEyMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjdmODY5ZTFkMDZlODY5ZmMyZTdjMGMwYWE5YTExMGVjMGQ5MjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZvEwb540yYNuYTxfUjz5YV7fMvf
4yRIGMFPyII/DejXYJx2DVDOpEqsutDopj2YcgNTye2RUQUwraG11d1zXfOy5AER
qPWl1XUCTHjiZ80bQsxFBCo7Ig4mVYV0H8P+BsYxNaRYOG5HRCuQ2Nr55wqPCTBJ
O/nUITucoTwHY3pMdg0s7wRhU2LqfuaRKgptsvmTLHj87fvxFnnpVqjn45f69lCr
k+EcJAApGObleiy+2qY+ADW9um/OnIEMH4SNv8ijwFjpIpwBYRpBg/KNEKZLSC3+
XBb3uUPNqsr41Iibql+Rg/oMAQPAvaPfPPBGzvsvQA2fA4r3E9zRie+IkwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM9/hp4dBuhp/C58DAqpoRDsDZInMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvejMtR25oMEc2R244TG53TUNxbWhFT3dOa2ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBX7ZmAwQA
bfgEMA0GCSqGSIb3DQEBCwUAA4IBAQCa7iJIcXbsh6VGUKvlEXMpHP4itYMsh7bt
lRx1WOc3xjt2Ha8hs7X/d7sak6OKYiN5qk0ejm9DhphUerMKwljWcRcTA0oQTb4p
Ye1SKKdmgZom1HYqXZYwqcQ/ZOraLGwmH8yK3O8QTqhF+xtqHcsAZXfPegXm8Rc2
xr95KiQR8ZW8HMvjZCIo2/VIafbnwk3815dn65PO/5EQ2Od4hjbkGvBSaKbszYND
ZfX8+JUwzTmyR4OyFfJdpjhtbKUeQnRwyT2LmKoT3Yx/V7Nqn0HmIynjuXD2mlta
brwfVPZyBnZkDB966/cANmk8qRErGQ6sUmno3026dxQEHGYOdaag
-----END CERTIFICATE-----
Generated at Tue Jun 17 19:43:02 2025 by rpki-client