Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/6e3fba-4d3a-43cb-babf-5f2882de3ec7/1/397NOZFuBnqwAbpghir51FM6kNc.roa
File: 397NOZFuBnqwAbpghir51FM6kNc.roa (raw, json)
Hash identifier: z67ZhDZrsOq5UegwgxxI7S/r+PyUoz/gXPCGRwA30ak=
Subject key identifier: DF:DE:CD:39:91:6E:06:7A:B0:01:BA:60:86:2A:F9:D4:53:3A:90:D7
Certificate issuer: /CN=64e90627021adcfa5624342d3e5f8b48035acfb4
Certificate serial: 01856F8B9D1787E33481333A91110B532838
Authority key identifier: 64:E9:06:27:02:1A:DC:FA:56:24:34:2D:3E:5F:8B:48:03:5A:CF:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZOkGJwIa3PpWJDQtPl-LSANaz7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/6e3fba-4d3a-43cb-babf-5f2882de3ec7/1/397NOZFuBnqwAbpghir51FM6kNc.roa
Signing time: Sun 01 Jan 2023 22:54:58 +0000
ROA not before: Sun 01 Jan 2023 22:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198336
IP address blocks: 176.227.224.0/21 maxlen: 21
176.227.224.0/20 maxlen: 20
176.227.232.0/23 maxlen: 23
176.227.238.0/23 maxlen: 23
176.227.234.0/23 maxlen: 23
176.227.237.0/24 maxlen: 24
176.227.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:9d:17:87:e3:34:81:33:3a:91:11:0b:53:28:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64e90627021adcfa5624342d3e5f8b48035acfb4
Validity
Not Before: Jan 1 22:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dfdecd39916e067ab001ba60862af9d4533a90d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b9:90:80:71:b6:e1:a1:08:fe:4c:0c:f6:37:
7e:28:ef:9a:8a:2b:e1:2f:ac:63:07:32:25:49:bf:
a7:b1:35:fb:1c:96:75:9a:17:e9:a1:36:ae:96:4e:
7a:ca:f3:f5:92:5c:72:08:92:d4:62:e6:1b:1e:db:
6f:3d:e7:82:3b:7e:f8:e9:cc:cf:f0:0a:84:af:93:
5b:99:5b:f0:b5:17:a9:7f:02:40:eb:63:f3:a3:9d:
4c:39:a1:23:6f:5c:73:30:f6:be:b2:71:99:1a:22:
ae:52:3b:22:03:00:bf:d5:dc:3c:8b:a1:2a:3e:16:
38:eb:a3:b0:01:1c:17:93:01:95:50:55:9c:f4:8e:
02:95:e4:b4:1d:d5:ab:44:65:db:48:c5:d0:04:27:
41:53:d9:83:a6:a8:38:9a:b4:ff:4c:1d:1b:c9:ee:
5b:23:86:42:71:28:01:15:13:83:ee:1e:be:ec:e4:
ea:f6:9f:25:da:ba:c6:bd:c3:20:28:3e:f9:80:d8:
bc:79:1a:6d:79:6c:e8:c2:84:40:91:7f:d4:42:a7:
94:51:43:fe:2d:6a:3f:aa:eb:be:da:32:f0:eb:1a:
34:25:db:b6:48:ce:8d:1e:32:ff:98:db:07:61:f1:
61:65:18:82:62:15:4a:ba:84:63:99:1a:32:af:57:
32:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:DE:CD:39:91:6E:06:7A:B0:01:BA:60:86:2A:F9:D4:53:3A:90:D7
X509v3 Authority Key Identifier:
keyid:64:E9:06:27:02:1A:DC:FA:56:24:34:2D:3E:5F:8B:48:03:5A:CF:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZOkGJwIa3PpWJDQtPl-LSANaz7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/6e3fba-4d3a-43cb-babf-5f2882de3ec7/1/397NOZFuBnqwAbpghir51FM6kNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/6e3fba-4d3a-43cb-babf-5f2882de3ec7/1/ZOkGJwIa3PpWJDQtPl-LSANaz7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.227.224.0/20
Signature Algorithm: sha256WithRSAEncryption
21:4b:08:76:7a:ca:73:fb:d5:a4:f4:28:79:07:19:a1:f2:3d:
7d:ec:35:0a:2c:80:de:da:ac:0a:cc:73:5a:df:6f:28:4b:75:
57:62:23:cf:d7:8f:45:45:71:fc:8e:bb:36:62:1e:27:69:0a:
1f:93:d8:1f:13:8e:48:27:0a:11:e1:b8:32:35:8a:df:91:31:
97:38:b2:7d:ad:ae:bc:0f:cb:b5:3c:5e:2e:e5:d0:9c:bd:f4:
38:a0:7e:a0:fd:07:c3:0b:cf:4f:ab:cf:db:af:26:3b:6b:4e:
11:dc:e9:06:08:62:8d:b6:07:67:e4:e3:87:a6:fc:56:dd:6c:
b3:8b:5c:c3:14:af:3b:03:f6:42:57:2f:c5:63:9e:5b:c4:6f:
16:7d:a9:e9:07:e3:3c:3d:6c:f2:33:f4:57:93:d5:61:6d:bb:
de:f5:6c:92:4a:8f:b6:c1:04:3c:f2:9b:06:2d:4f:f3:5c:69:
6b:57:a0:e1:29:34:93:e2:91:8d:b9:9c:c6:ae:d0:23:46:f7:
db:ba:2b:de:2b:cb:8d:48:75:e0:46:84:50:a0:fc:b1:13:60:
02:af:d3:36:44:93:49:bf:8c:70:6e:79:f1:77:5d:1f:a3:d3:
dd:f2:d2:89:3f:f9:9d:93:7b:e1:53:44:2c:29:d6:c4:d5:5e:
7f:53:88:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvi50Xh+M0gTM6kRELUyg4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZTkwNjI3MDIxYWRjZmE1NjI0MzQyZDNlNWY4YjQ4MDM1
YWNmYjQwHhcNMjMwMTAxMjI1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmRlY2QzOTkxNmUwNjdhYjAwMWJhNjA4NjJhZjlkNDUzM2E5MGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLmQgHG24aEI/kwM9jd+KO+aiivh
L6xjBzIlSb+nsTX7HJZ1mhfpoTaulk56yvP1klxyCJLUYuYbHttvPeeCO3746czP
8AqEr5NbmVvwtRepfwJA62Pzo51MOaEjb1xzMPa+snGZGiKuUjsiAwC/1dw8i6Eq
PhY466OwARwXkwGVUFWc9I4CleS0HdWrRGXbSMXQBCdBU9mDpqg4mrT/TB0bye5b
I4ZCcSgBFROD7h6+7OTq9p8l2rrGvcMgKD75gNi8eRpteWzowoRAkX/UQqeUUUP+
LWo/quu+2jLw6xo0Jdu2SM6NHjL/mNsHYfFhZRiCYhVKuoRjmRoyr1cybQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN/ezTmRbgZ6sAG6YIYq+dRTOpDXMB8GA1UdIwQY
MBaAFGTpBicCGtz6ViQ0LT5fi0gDWs+0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk9rR0p3SWEzUHBXSkRRdFBsLUxTQU5hejdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy82ZTNmYmEtNGQzYS00M2NiLWJhYmYt
NWYyODgyZGUzZWM3LzEvMzk3Tk9aRnVCbnF3QWJwZ2hpcjUxRk02a05jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy82ZTNmYmEtNGQzYS00M2NiLWJhYmYtNWYyODgyZGUzZWM3
LzEvWk9rR0p3SWEzUHBXSkRRdFBsLUxTQU5hejdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEsOPgMA0G
CSqGSIb3DQEBCwUAA4IBAQAhSwh2espz+9Wk9Ch5Bxmh8j197DUKLIDe2qwKzHNa
328oS3VXYiPP149FRXH8jrs2Yh4naQofk9gfE45IJwoR4bgyNYrfkTGXOLJ9ra68
D8u1PF4u5dCcvfQ4oH6g/QfDC89Pq8/bryY7a04R3OkGCGKNtgdn5OOHpvxW3Wyz
i1zDFK87A/ZCVy/FY55bxG8WfanpB+M8PWzyM/RXk9Vhbbve9WySSo+2wQQ88psG
LU/zXGlrV6DhKTST4pGNuZzGrtAjRvfbuiveK8uNSHXgRoRQoPyxE2ACr9M2RJNJ
v4xwbnnxd10fo9Pd8tKJP/mdk3vhU0QsKdbE1V5/U4j4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:05 2024 by rpki-client on console-ams.rpki-client.org