Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/zp7cIKZw3DkP8yGb31f_kg9mxI8.roa
File: zp7cIKZw3DkP8yGb31f_kg9mxI8.roa (raw, json)
Hash identifier: jH3zGKW8HmOR0p7HRCWgmfsdCnPY7Mq1dZIdMs5+46s=
Subject key identifier: CE:9E:DC:20:A6:70:DC:39:0F:F3:21:9B:DF:57:FF:92:0F:66:C4:8F
Certificate issuer: /CN=1220dd2b92da284c63cec46f6f6a41c013a9c881
Certificate serial: 019051AD0F1664CF01F91342612ECD0D03AA
Authority key identifier: 12:20:DD:2B:92:DA:28:4C:63:CE:C4:6F:6F:6A:41:C0:13:A9:C8:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EiDdK5LaKExjzsRvb2pBwBOpyIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/zp7cIKZw3DkP8yGb31f_kg9mxI8.roa
Signing time: Tue 25 Jun 2024 23:13:34 +0000
ROA not before: Tue 25 Jun 2024 23:13:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61414
IP address blocks: 185.243.40.0/24 maxlen: 24
185.243.41.0/24 maxlen: 24
185.243.42.0/24 maxlen: 24
193.3.191.0/24 maxlen: 24
2a0d:280::/29 maxlen: 29
2a0d:280::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 11 Sep 2024 14:15:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:51:ad:0f:16:64:cf:01:f9:13:42:61:2e:cd:0d:03:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1220dd2b92da284c63cec46f6f6a41c013a9c881
Validity
Not Before: Jun 25 23:13:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce9edc20a670dc390ff3219bdf57ff920f66c48f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:44:d5:c4:dd:1a:a2:a1:d6:d7:03:ff:36:dd:
c0:30:41:f7:ec:75:c2:7f:9a:26:0f:ae:a2:08:15:
69:9b:3c:1e:0d:cb:28:41:bb:af:fb:e6:46:7b:e0:
1c:7c:9a:b6:da:31:9c:61:73:50:cf:2f:91:8c:59:
3b:fc:d4:56:57:ea:83:ee:54:ac:aa:4f:19:81:8f:
ce:0c:0d:f4:92:0c:21:17:83:a7:e6:75:f4:72:93:
5a:e1:1e:e7:f1:7e:20:7e:e5:4d:c6:71:28:80:34:
b2:76:5f:c7:f4:aa:b3:91:38:a2:18:30:ff:a8:b6:
62:41:9d:07:97:b8:95:5b:d6:de:f6:a2:46:d8:3f:
49:b3:83:25:de:b0:f3:99:23:c5:5b:56:99:94:31:
d0:09:07:9d:48:73:72:9d:4c:ee:c8:f2:0d:45:9b:
a0:df:94:3a:a9:8e:bb:86:e3:7d:72:60:ef:51:ba:
60:01:dd:64:bd:34:a6:3f:3b:d5:b1:37:87:51:6e:
74:95:72:ab:ba:8a:2f:e8:68:3a:7a:ce:fd:ef:ab:
be:6b:a2:87:d2:e2:8d:a6:a3:90:9f:2b:3c:2b:e5:
a2:84:95:52:bc:b9:dc:eb:65:1a:9d:8f:70:2e:ef:
56:62:88:e2:66:20:3a:3b:cf:c6:3e:e4:6d:36:a6:
33:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:9E:DC:20:A6:70:DC:39:0F:F3:21:9B:DF:57:FF:92:0F:66:C4:8F
X509v3 Authority Key Identifier:
keyid:12:20:DD:2B:92:DA:28:4C:63:CE:C4:6F:6F:6A:41:C0:13:A9:C8:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EiDdK5LaKExjzsRvb2pBwBOpyIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/zp7cIKZw3DkP8yGb31f_kg9mxI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/EiDdK5LaKExjzsRvb2pBwBOpyIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.40.0-185.243.42.255
193.3.191.0/24
IPv6:
2a0d:280::/29
Signature Algorithm: sha256WithRSAEncryption
af:d8:f3:0d:82:f6:d9:61:c0:f7:5b:3c:85:7f:f8:c0:cd:08:
d3:97:da:30:a4:60:c9:f4:75:0e:b1:9c:af:69:e6:72:53:4c:
02:f8:f8:75:66:1a:2f:ba:23:be:b1:4d:38:49:1a:f1:04:04:
64:4b:b4:8f:dc:b5:23:1b:79:a9:0f:a2:0f:44:88:a7:60:52:
78:d3:69:67:83:7c:06:a3:2f:f2:27:2b:40:86:30:07:2c:0c:
52:45:00:4d:9c:72:8f:76:eb:f9:f1:13:4f:4c:ba:bf:74:75:
08:ae:04:bc:4d:42:04:a9:87:75:ca:f5:f4:38:41:4d:7d:83:
a0:fa:99:f1:ee:34:5e:02:ca:13:96:fe:00:33:c9:3d:23:ad:
de:1c:2b:47:af:67:5e:97:fd:2e:56:c5:db:6a:35:cc:1d:72:
72:47:08:f3:32:bb:38:e1:41:b1:26:98:35:bd:0a:11:c0:9a:
5d:91:a1:33:ad:c5:7d:ed:82:f4:c2:5a:df:72:54:90:53:bd:
d1:dc:e7:ce:ef:3b:af:42:c4:f5:34:c3:e2:30:46:74:da:c3:
b0:00:ec:3d:62:34:fd:6b:07:75:18:65:d3:bb:f2:df:ad:ab:
cf:15:4c:01:18:31:dc:2c:44:14:2b:24:bd:2f:2b:f1:1e:8f:
f7:d4:dc:38
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZBRrQ8WZM8B+RNCYS7NDQOqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMjBkZDJiOTJkYTI4NGM2M2NlYzQ2ZjZmNmE0MWMwMTNh
OWM4ODEwHhcNMjQwNjI1MjMxMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTllZGMyMGE2NzBkYzM5MGZmMzIxOWJkZjU3ZmY5MjBmNjZjNDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUTVxN0aoqHW1wP/Nt3AMEH37HXC
f5omD66iCBVpmzweDcsoQbuv++ZGe+AcfJq22jGcYXNQzy+RjFk7/NRWV+qD7lSs
qk8ZgY/ODA30kgwhF4On5nX0cpNa4R7n8X4gfuVNxnEogDSydl/H9KqzkTiiGDD/
qLZiQZ0Hl7iVW9be9qJG2D9Js4Ml3rDzmSPFW1aZlDHQCQedSHNynUzuyPINRZug
35Q6qY67huN9cmDvUbpgAd1kvTSmPzvVsTeHUW50lXKruoov6Gg6es7976u+a6KH
0uKNpqOQnys8K+WihJVSvLnc62UanY9wLu9WYojiZiA6O8/GPuRtNqYzfwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFM6e3CCmcNw5D/Mhm99X/5IPZsSPMB8GA1UdIwQY
MBaAFBIg3SuS2ihMY87Eb29qQcATqciBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWlEZEs1TGFLRXhqenNSdmIycEJ3Qk9weUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8zYjhmM2ItZWJmMC00Y2I3LWE0OWIt
YTg1ODU4NDliZTE0LzEvenA3Y0lLWnczRGtQOHlHYjMxZl9rZzlteEk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8zYjhmM2ItZWJmMC00Y2I3LWE0OWItYTg1ODU4NDliZTE0
LzEvRWlEZEs1TGFLRXhqenNSdmIycEJ3Qk9weUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAO58ygD
BAC58yoDBADBA78wDQQCAAIwBwMFAyoNAoAwDQYJKoZIhvcNAQELBQADggEBAK/Y
8w2C9tlhwPdbPIV/+MDNCNOX2jCkYMn0dQ6xnK9p5nJTTAL4+HVmGi+6I76xTThJ
GvEEBGRLtI/ctSMbeakPog9EiKdgUnjTaWeDfAajL/InK0CGMAcsDFJFAE2cco92
6/nxE09Mur90dQiuBLxNQgSph3XK9fQ4QU19g6D6mfHuNF4CyhOW/gAzyT0jrd4c
K0evZ16X/S5WxdtqNcwdcnJHCPMyuzjhQbEmmDW9ChHAml2RoTOtxX3tgvTCWt9y
VJBTvdHc587vO69CxPU0w+IwRnTaw7AA7D1iNP1rB3UYZdO78t+tq88VTAEYMdws
RBQrJL0vK/Eej/fU3Dg=
-----END CERTIFICATE-----
Generated at Wed Sep 11 18:35:55 2024 by rpki-client on console-ams.rpki-client.org