Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/eca01c-5232-47c5-b014-5b132f7d3b49/1/zS7Ql3UljY9DO1fkkVmc8w5fwXA.roa
File: zS7Ql3UljY9DO1fkkVmc8w5fwXA.roa (raw, json)
Hash identifier: +b2X+mPXcVNXp2ZkzeNMu7HJHV3ag1oNXOghaGtmo3A=
Subject key identifier: CD:2E:D0:97:75:25:8D:8F:43:3B:57:E4:91:59:9C:F3:0E:5F:C1:70
Certificate issuer: /CN=d2dd4ddd536f18a872cbac15e589542aedcd0737
Certificate serial: 018BA05795E712E6EB0E57389B89DC978778
Authority key identifier: D2:DD:4D:DD:53:6F:18:A8:72:CB:AC:15:E5:89:54:2A:ED:CD:07:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0t1N3VNvGKhyy6wV5YlUKu3NBzc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/eca01c-5232-47c5-b014-5b132f7d3b49/1/zS7Ql3UljY9DO1fkkVmc8w5fwXA.roa
Signing time: Sun 05 Nov 2023 16:36:16 +0000
ROA not before: Sun 05 Nov 2023 16:36:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58121
IP address blocks: 193.176.97.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a0:57:95:e7:12:e6:eb:0e:57:38:9b:89:dc:97:87:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2dd4ddd536f18a872cbac15e589542aedcd0737
Validity
Not Before: Nov 5 16:36:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd2ed09775258d8f433b57e491599cf30e5fc170
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:cd:eb:ed:73:7c:a1:34:9b:d5:55:c2:71:7d:
1a:5b:05:c2:58:c4:37:c0:85:24:fa:c0:db:e2:13:
b3:6f:cd:84:c5:fb:19:06:0f:88:1b:a0:63:4c:06:
ba:3f:78:af:d4:71:ba:18:81:c2:e5:08:2c:bd:a7:
4c:56:67:a9:fe:3d:f1:c5:e7:84:66:e7:78:aa:c9:
22:6e:30:18:7c:05:7d:52:91:e4:6b:39:7b:9b:94:
4c:0c:ad:c5:0c:90:a2:e6:8c:1d:32:fb:b2:dd:12:
a7:ad:af:2d:40:33:95:ef:cf:80:91:5b:93:b6:57:
03:4e:d4:b6:b8:99:ba:1b:8d:41:a4:c7:23:8f:1b:
b9:0c:0e:55:1c:d2:71:9b:15:2a:1e:fc:43:d1:9e:
4f:a4:29:6d:7d:58:2b:3a:5e:85:47:99:5e:de:e9:
09:92:d0:2b:5e:74:1c:c1:e0:c3:1e:ab:5c:f6:b2:
22:92:7f:8f:93:63:90:0c:7d:c9:7f:aa:28:c7:c3:
01:63:67:69:3a:95:5f:25:5c:3e:96:17:ba:15:63:
66:d6:44:21:12:7d:aa:db:bf:dd:dd:dd:dd:2a:15:
26:c4:e7:81:ff:08:bc:9f:e6:a0:21:e3:cd:5d:68:
71:aa:81:51:da:95:75:18:d7:a5:32:8c:3f:06:b7:
4a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:2E:D0:97:75:25:8D:8F:43:3B:57:E4:91:59:9C:F3:0E:5F:C1:70
X509v3 Authority Key Identifier:
keyid:D2:DD:4D:DD:53:6F:18:A8:72:CB:AC:15:E5:89:54:2A:ED:CD:07:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0t1N3VNvGKhyy6wV5YlUKu3NBzc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/eca01c-5232-47c5-b014-5b132f7d3b49/1/zS7Ql3UljY9DO1fkkVmc8w5fwXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/eca01c-5232-47c5-b014-5b132f7d3b49/1/0t1N3VNvGKhyy6wV5YlUKu3NBzc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.176.97.0/24
Signature Algorithm: sha256WithRSAEncryption
65:13:6f:b7:89:ee:36:25:c6:2d:1b:e9:53:f3:01:b5:59:1b:
24:e9:03:8a:03:2d:30:e9:54:56:31:cf:15:03:b4:97:5d:41:
dd:3b:29:f8:43:37:39:23:99:91:8a:e3:30:72:1a:8d:06:1f:
69:80:06:46:b6:5d:7a:13:7b:a4:5f:7a:51:00:d4:bb:61:87:
c4:d4:54:81:73:92:3c:48:03:70:39:c2:c9:ba:d2:d5:00:c2:
d5:1e:73:e5:c2:24:d8:d6:47:b6:a4:67:6b:ba:78:6c:df:68:
74:68:fb:4b:06:a5:5b:3b:b5:2c:4b:36:f9:80:2d:0a:08:6a:
6f:0d:d2:7a:e8:39:2c:92:75:f0:59:e3:ce:ee:b6:e5:4a:08:
9b:bc:83:14:26:df:35:bb:3d:e0:a1:65:a2:38:a8:0e:a4:b8:
15:2c:69:43:c5:8b:b0:02:9f:f5:cd:5a:a9:e9:8d:56:cd:0a:
ad:b1:d6:8a:36:4f:3d:0a:ae:83:55:19:bf:40:97:63:46:e2:
21:08:9c:ad:6a:db:2a:e5:50:ac:21:7f:b3:9e:d9:7a:3b:4f:
54:c2:08:d7:56:6b:4a:b9:5c:bf:2e:f9:f2:cc:c0:d0:be:20:
c8:9f:d0:81:4b:c1:69:67:1f:6f:27:9c:69:58:4c:31:75:4b:
b0:e1:b9:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYugV5XnEubrDlc4m4ncl4d4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZGQ0ZGRkNTM2ZjE4YTg3MmNiYWMxNWU1ODk1NDJhZWRj
ZDA3MzcwHhcNMjMxMTA1MTYzNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDJlZDA5Nzc1MjU4ZDhmNDMzYjU3ZTQ5MTU5OWNmMzBlNWZjMTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0c3r7XN8oTSb1VXCcX0aWwXCWMQ3
wIUk+sDb4hOzb82ExfsZBg+IG6BjTAa6P3iv1HG6GIHC5QgsvadMVmep/j3xxeeE
Zud4qskibjAYfAV9UpHkazl7m5RMDK3FDJCi5owdMvuy3RKnra8tQDOV78+AkVuT
tlcDTtS2uJm6G41BpMcjjxu5DA5VHNJxmxUqHvxD0Z5PpCltfVgrOl6FR5le3ukJ
ktArXnQcweDDHqtc9rIikn+Pk2OQDH3Jf6oox8MBY2dpOpVfJVw+lhe6FWNm1kQh
En2q27/d3d3dKhUmxOeB/wi8n+agIePNXWhxqoFR2pV1GNelMow/BrdKtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM0u0Jd1JY2PQztX5JFZnPMOX8FwMB8GA1UdIwQY
MBaAFNLdTd1TbxiocsusFeWJVCrtzQc3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHQxTjNWTnZHS2h5eTZ3VjVZbFVLdTNOQnpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9lY2EwMWMtNTIzMi00N2M1LWIwMTQt
NWIxMzJmN2QzYjQ5LzEvelM3UWwzVWxqWTlETzFma2tWbWM4dzVmd1hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9lY2EwMWMtNTIzMi00N2M1LWIwMTQtNWIxMzJmN2QzYjQ5
LzEvMHQxTjNWTnZHS2h5eTZ3VjVZbFVLdTNOQnpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwbBhMA0G
CSqGSIb3DQEBCwUAA4IBAQBlE2+3ie42JcYtG+lT8wG1WRsk6QOKAy0w6VRWMc8V
A7SXXUHdOyn4Qzc5I5mRiuMwchqNBh9pgAZGtl16E3ukX3pRANS7YYfE1FSBc5I8
SANwOcLJutLVAMLVHnPlwiTY1ke2pGdrunhs32h0aPtLBqVbO7UsSzb5gC0KCGpv
DdJ66DksknXwWePO7rblSgibvIMUJt81uz3goWWiOKgOpLgVLGlDxYuwAp/1zVqp
6Y1WzQqtsdaKNk89Cq6DVRm/QJdjRuIhCJytatsq5VCsIX+zntl6O09UwgjXVmtK
uVy/LvnyzMDQviDIn9CBS8FpZx9vJ5xpWEwxdUuw4blT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:29 2024 by rpki-client on console-fra.rpki-client.org