Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/ba9003-d433-4095-84b7-2f933d9896e0/1/Z1sxwgFiYjIHHjhKUSke75PznLY.roa
File: Z1sxwgFiYjIHHjhKUSke75PznLY.roa (raw, json)
Hash identifier: +wQfG7Z5nzFnq/XFmwz8n0Iiu9po4Z7nA68ueNE8C88=
Subject key identifier: 67:5B:31:C2:01:62:62:32:07:1E:38:4A:51:29:1E:EF:93:F3:9C:B6
Certificate issuer: /CN=9098153bde0e34584bac91fa1868d7ef24d68bcf
Certificate serial: 01941A00AB0963FC9EBCB9AB5FA0BFB429B4
Authority key identifier: 90:98:15:3B:DE:0E:34:58:4B:AC:91:FA:18:68:D7:EF:24:D6:8B:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kJgVO94ONFhLrJH6GGjX7yTWi88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/ba9003-d433-4095-84b7-2f933d9896e0/1/Z1sxwgFiYjIHHjhKUSke75PznLY.roa
Signing time: Mon 30 Dec 2024 23:57:18 +0000
ROA not before: Mon 30 Dec 2024 23:57:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213702
IP address blocks: 193.150.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1a:00:ab:09:63:fc:9e:bc:b9:ab:5f:a0:bf:b4:29:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9098153bde0e34584bac91fa1868d7ef24d68bcf
Validity
Not Before: Dec 30 23:57:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=675b31c201626232071e384a51291eef93f39cb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ea:10:56:3a:2e:35:31:25:12:64:96:59:cd:
40:22:ed:00:fe:6c:ff:73:a2:3f:99:55:ce:03:a5:
52:0a:28:8e:2e:0c:54:d4:b2:a5:ae:ff:58:b6:13:
2b:99:76:94:e5:be:6e:0e:0c:6c:8c:9d:53:ed:4f:
d1:7e:39:39:1b:a6:0e:17:a6:4e:d3:36:74:8f:e4:
7f:06:09:cd:54:5c:10:c2:5f:9a:bf:35:c5:62:e7:
a6:9c:36:62:6f:60:10:65:dd:8a:29:90:e7:1c:39:
28:af:9b:11:80:24:68:34:05:ab:0d:39:20:45:9f:
91:55:6a:9f:72:fb:22:28:3b:85:5c:16:ec:f2:46:
44:4a:4c:a2:82:72:e0:ae:ae:9c:3e:e9:7a:6f:b9:
a4:ec:80:ea:90:d6:4e:17:17:fa:38:4d:3b:2f:38:
f1:0c:eb:7d:02:40:0f:2c:f5:52:c5:e1:27:cd:f4:
a5:24:c5:bd:77:26:bf:70:1a:33:95:04:43:67:8c:
c4:25:4c:90:49:5c:5f:a1:28:9b:7c:31:fd:84:0d:
3f:50:e7:70:26:a6:a0:fd:aa:98:f9:5e:f5:87:fd:
18:91:32:57:ff:a1:38:57:9a:25:83:93:18:b7:09:
0c:b7:f1:81:5a:d9:7c:96:81:1c:10:e0:87:c6:aa:
a1:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:5B:31:C2:01:62:62:32:07:1E:38:4A:51:29:1E:EF:93:F3:9C:B6
X509v3 Authority Key Identifier:
keyid:90:98:15:3B:DE:0E:34:58:4B:AC:91:FA:18:68:D7:EF:24:D6:8B:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kJgVO94ONFhLrJH6GGjX7yTWi88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/ba9003-d433-4095-84b7-2f933d9896e0/1/Z1sxwgFiYjIHHjhKUSke75PznLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/ba9003-d433-4095-84b7-2f933d9896e0/1/kJgVO94ONFhLrJH6GGjX7yTWi88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.150.70.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:55:50:59:28:fe:98:3f:f8:11:01:aa:47:ea:e1:a7:1b:9a:
70:2f:33:7e:35:69:93:6f:48:16:1d:3e:9a:5a:ca:ec:8d:ba:
13:d9:b9:55:5a:c1:cd:26:be:9a:87:7b:7a:aa:84:c8:e9:34:
71:cb:1d:8d:2b:dd:b9:7a:57:43:13:ca:07:f3:82:dd:45:96:
cd:a0:e2:e5:c6:ea:c1:5f:37:b4:3e:e0:2a:ca:e0:4a:3f:b4:
f0:29:14:13:11:62:d9:9a:71:e6:b2:b2:f7:63:08:43:26:d5:
a0:ac:2f:9b:0c:17:2e:ba:15:d8:a8:5c:0c:70:9f:d6:cc:b5:
de:78:3c:c0:a3:fe:db:15:29:32:4e:23:8a:1c:5f:be:09:fd:
e7:fd:a8:78:ae:35:ce:d8:eb:cd:6d:b6:4d:2c:42:47:2a:fa:
f6:bf:b1:76:29:ca:a5:97:ce:aa:6c:eb:b3:bb:de:5f:06:1c:
f3:80:1f:55:45:4d:e8:ad:e0:2c:ba:4f:32:50:34:d0:2e:e5:
eb:9b:f2:34:b5:70:61:86:74:8a:21:e8:ff:5d:dc:bd:96:1d:
1e:6a:dd:0a:0e:dd:96:14:05:26:cf:7b:44:31:73:67:55:65:
53:17:ea:97:f3:c5:29:a0:b1:4e:77:f1:c5:f7:2c:b2:d0:be:
a3:73:cd:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQaAKsJY/yevLmrX6C/tCm0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwOTgxNTNiZGUwZTM0NTg0YmFjOTFmYTE4NjhkN2VmMjRk
NjhiY2YwHhcNMjQxMjMwMjM1NzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzViMzFjMjAxNjI2MjMyMDcxZTM4NGE1MTI5MWVlZjkzZjM5Y2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+oQVjouNTElEmSWWc1AIu0A/mz/
c6I/mVXOA6VSCiiOLgxU1LKlrv9YthMrmXaU5b5uDgxsjJ1T7U/Rfjk5G6YOF6ZO
0zZ0j+R/BgnNVFwQwl+avzXFYuemnDZib2AQZd2KKZDnHDkor5sRgCRoNAWrDTkg
RZ+RVWqfcvsiKDuFXBbs8kZESkyignLgrq6cPul6b7mk7IDqkNZOFxf6OE07Lzjx
DOt9AkAPLPVSxeEnzfSlJMW9dya/cBozlQRDZ4zEJUyQSVxfoSibfDH9hA0/UOdw
Jqag/aqY+V71h/0YkTJX/6E4V5olg5MYtwkMt/GBWtl8loEcEOCHxqqhAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGdbMcIBYmIyBx44SlEpHu+T85y2MB8GA1UdIwQY
MBaAFJCYFTveDjRYS6yR+hho1+8k1ovPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0pnVk85NE9ORmhMckpINkdHalg3eVRXaTg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9iYTkwMDMtZDQzMy00MDk1LTg0Yjct
MmY5MzNkOTg5NmUwLzEvWjFzeHdnRmlZaklISGpoS1VTa2U3NVB6bkxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9iYTkwMDMtZDQzMy00MDk1LTg0YjctMmY5MzNkOTg5NmUw
LzEva0pnVk85NE9ORmhMckpINkdHalg3eVRXaTg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwZZGMA0G
CSqGSIb3DQEBCwUAA4IBAQA8VVBZKP6YP/gRAapH6uGnG5pwLzN+NWmTb0gWHT6a
WsrsjboT2blVWsHNJr6ah3t6qoTI6TRxyx2NK925eldDE8oH84LdRZbNoOLlxurB
Xze0PuAqyuBKP7TwKRQTEWLZmnHmsrL3YwhDJtWgrC+bDBcuuhXYqFwMcJ/WzLXe
eDzAo/7bFSkyTiOKHF++Cf3n/ah4rjXO2OvNbbZNLEJHKvr2v7F2Kcqll86qbOuz
u95fBhzzgB9VRU3oreAsuk8yUDTQLuXrm/I0tXBhhnSKIej/Xdy9lh0eat0KDt2W
FAUmz3tEMXNnVWVTF+qX88UpoLFOd/HF9yyy0L6jc82U
-----END CERTIFICATE-----
Generated at Thu May 1 11:48:42 2025 by rpki-client