Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZMS3mWFZbMs5MmFXEXK9aGwWTtk.roa
File: ZMS3mWFZbMs5MmFXEXK9aGwWTtk.roa (raw, json)
Hash identifier: /K6H8GY9PhT/rbmbUaAMgOpfJHcjR/KTuUYGBO/xu54=
Subject key identifier: 64:C4:B7:99:61:59:6C:CB:39:32:61:57:11:72:BD:68:6C:16:4E:D9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01870864F933FF754E261240A9FC6BCE003F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZMS3mWFZbMs5MmFXEXK9aGwWTtk.roa
Signing time: Wed 22 Mar 2023 08:17:27 +0000
ROA not before: Wed 22 Mar 2023 08:17:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138687
IP address blocks: 194.87.180.0/24 maxlen: 24
194.58.61.0/24 maxlen: 24
212.193.5.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:08:64:f9:33:ff:75:4e:26:12:40:a9:fc:6b:ce:00:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 22 08:17:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64c4b79961596ccb393261571172bd686c164ed9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:82:0a:8a:2f:e3:a2:eb:f6:e9:3d:9a:89:67:
6b:4a:16:72:75:64:97:46:dd:5d:d5:e8:8b:3f:0a:
94:55:20:cf:13:9a:ba:ce:ea:33:7b:6d:f3:92:8d:
4e:ba:fb:23:7d:c5:3a:2f:23:c0:98:4a:a6:f0:1e:
b6:d5:ad:2e:7a:a6:98:4b:8f:ee:7d:2c:cf:84:cb:
fb:b0:74:5a:0a:9d:ca:d4:b6:c0:4f:30:18:80:22:
47:cb:30:f8:f3:fe:3e:22:74:1d:66:d5:57:b9:9c:
9f:91:1a:67:47:be:68:c4:0a:f1:75:58:b9:6a:d8:
e7:63:5d:16:e5:d9:2d:a5:90:d0:b3:0a:7c:68:54:
3d:59:46:17:75:58:22:8d:c2:0e:65:12:a8:87:48:
70:55:62:0a:3d:be:10:ae:86:c7:1b:76:8f:8d:88:
84:9f:42:d0:bc:5d:c7:a7:ce:40:1f:7b:8f:6e:f4:
e0:a0:93:fe:0c:2b:92:31:a4:63:f5:f7:13:45:ab:
5f:e7:05:36:6a:33:97:a7:64:c6:43:ee:b5:fc:6d:
9d:51:46:ef:9c:89:78:d6:5d:9c:0d:e5:3d:7a:16:
b6:0e:19:00:48:ea:e9:06:a2:7a:6d:c6:25:69:fb:
01:70:9f:3a:21:5b:16:59:81:01:82:f3:54:36:02:
67:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:C4:B7:99:61:59:6C:CB:39:32:61:57:11:72:BD:68:6C:16:4E:D9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZMS3mWFZbMs5MmFXEXK9aGwWTtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.61.0/24
194.87.180.0/24
212.193.5.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:91:df:50:54:3f:56:94:84:5a:79:ec:69:5d:bb:07:8c:ba:
cf:28:cb:c0:8e:1d:8e:5d:7e:18:68:83:6a:40:f4:57:80:f0:
ed:17:31:d5:e7:2b:f4:6d:d1:81:46:55:34:6d:98:80:b8:e8:
79:db:04:66:91:1c:6d:30:5d:71:d0:37:d9:87:09:2b:3d:fd:
fa:0e:1e:a6:40:89:52:97:34:d9:28:36:f0:7b:a7:ec:87:bd:
c8:f1:7c:ae:29:b7:36:89:73:b4:36:fe:d3:72:8c:84:52:44:
d2:c7:19:35:fa:05:d1:52:59:84:c3:a7:01:38:b7:d7:82:7b:
0a:65:46:3f:be:c1:a2:9c:b3:a3:b8:cb:6e:b9:94:3f:5d:d5:
dc:8c:f7:8a:d7:e3:81:1d:da:62:33:85:7a:69:31:76:ff:76:
1d:eb:3e:04:b3:29:5f:16:cf:24:cf:92:33:e6:94:f4:7e:32:
f8:08:06:bd:39:a2:58:4a:71:31:d6:e2:25:a7:ec:10:8c:b1:
d5:9b:ee:28:a8:af:07:f5:8e:42:03:71:ee:0d:c1:07:df:4c:
1c:4b:2f:94:3c:c0:0c:26:58:24:bd:14:31:a2:50:96:34:03:
8b:da:54:78:dc:c5:f0:2e:0f:34:67:73:1c:07:0c:aa:2f:61:
da:c7:ba:e2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYcIZPkz/3VOJhJAqfxrzgA/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzIyMDgxNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGM0Yjc5OTYxNTk2Y2NiMzkzMjYxNTcxMTcyYmQ2ODZjMTY0ZWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIIKii/jouv26T2aiWdrShZydWSX
Rt1d1eiLPwqUVSDPE5q6zuoze23zko1OuvsjfcU6LyPAmEqm8B621a0ueqaYS4/u
fSzPhMv7sHRaCp3K1LbATzAYgCJHyzD48/4+InQdZtVXuZyfkRpnR75oxArxdVi5
atjnY10W5dktpZDQswp8aFQ9WUYXdVgijcIOZRKoh0hwVWIKPb4QrobHG3aPjYiE
n0LQvF3Hp85AH3uPbvTgoJP+DCuSMaRj9fcTRatf5wU2ajOXp2TGQ+61/G2dUUbv
nIl41l2cDeU9eha2DhkASOrpBqJ6bcYlafsBcJ86IVsWWYEBgvNUNgJnRQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGTEt5lhWWzLOTJhVxFyvWhsFk7ZMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWk1TM21XRlpiTXM1TW1GWEVYSzlhR3dXVHRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwjo9AwQA
wle0AwQA1MEFMA0GCSqGSIb3DQEBCwUAA4IBAQAMkd9QVD9WlIRaeexpXbsHjLrP
KMvAjh2OXX4YaINqQPRXgPDtFzHV5yv0bdGBRlU0bZiAuOh52wRmkRxtMF1x0DfZ
hwkrPf36Dh6mQIlSlzTZKDbwe6fsh73I8XyuKbc2iXO0Nv7TcoyEUkTSxxk1+gXR
UlmEw6cBOLfXgnsKZUY/vsGinLOjuMtuuZQ/XdXcjPeK1+OBHdpiM4V6aTF2/3Yd
6z4EsylfFs8kz5Iz5pT0fjL4CAa9OaJYSnEx1uIlp+wQjLHVm+4oqK8H9Y5CA3Hu
DcEH30wcSy+UPMAMJlgkvRQxolCWNAOL2lR43MXwLg80Z3McBwyqL2Hax7ri
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:00 2023 by rpki-client on console-ams.rpki-client.org