Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZUzhyVLZsE3xOPClq6KymWdm8SE.roa
File: ZUzhyVLZsE3xOPClq6KymWdm8SE.roa (raw, json)
Hash identifier: 8x0WQk30dwlxchchralqCA925WhYoYmPBMeuHumj8CM=
Subject key identifier: 65:4C:E1:C9:52:D9:B0:4D:F1:38:F0:A5:AB:A2:B2:99:67:66:F1:21
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186ACB09B827474C0F973D296D47A204F6B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZUzhyVLZsE3xOPClq6KymWdm8SE.roa
Signing time: Sat 04 Mar 2023 12:55:00 +0000
ROA not before: Sat 04 Mar 2023 12:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33387
IP address blocks: 194.87.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 May 2023 10:28:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ac:b0:9b:82:74:74:c0:f9:73:d2:96:d4:7a:20:4f:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 4 12:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=654ce1c952d9b04df138f0a5aba2b2996766f121
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:7b:a4:77:5b:cb:6e:6f:25:f8:e0:29:68:19:
84:e2:a9:c8:15:76:1d:6f:b3:85:be:9a:94:e6:2e:
d6:3c:07:45:19:29:88:05:12:d6:6f:ce:d5:3a:ef:
4c:5d:6d:0f:8c:98:69:fe:ef:46:c3:da:5d:e1:45:
34:5d:bb:2d:ae:ab:ba:4b:6d:0a:bc:29:12:b9:77:
74:b3:5d:9d:7c:32:4c:6d:3b:11:f6:7e:8c:ce:82:
3c:94:ed:7d:d9:1a:bc:f1:e3:1f:90:a3:54:32:f1:
f4:e1:3c:c5:3a:f0:80:1b:86:6d:11:11:3f:ad:7e:
9e:cd:2b:c2:d0:11:29:db:a6:6a:a1:c0:33:d2:50:
6c:f3:ff:d0:b3:1c:a1:f3:51:7e:57:3d:65:07:32:
f4:b6:e9:72:65:3c:b9:f4:ec:7b:a5:20:ef:ac:25:
16:75:bd:f8:db:86:09:68:f2:48:7e:a8:50:44:f6:
f6:f1:7b:f9:e3:c8:d0:ab:79:f8:c4:95:33:80:6a:
00:59:3c:8b:37:73:5f:46:67:c1:11:66:6a:f4:62:
51:d3:f5:c8:71:1f:00:a3:45:2e:04:f8:d4:74:94:
ea:fa:db:2c:28:ae:c1:29:b0:e6:0d:2b:78:07:07:
82:30:71:9c:55:4a:ee:81:06:7e:0e:79:34:d6:ef:
58:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:4C:E1:C9:52:D9:B0:4D:F1:38:F0:A5:AB:A2:B2:99:67:66:F1:21
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZUzhyVLZsE3xOPClq6KymWdm8SE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.17.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:51:12:8e:7d:1d:5f:62:9b:b4:ee:a5:39:d8:50:90:96:94:
ad:cf:37:88:34:48:6e:80:64:4d:e4:7e:7f:a6:91:af:ca:b7:
5a:ba:4d:d9:bb:f0:2d:2a:a7:c7:8e:8c:ea:18:98:a6:ac:02:
ae:d5:dd:44:82:17:ca:38:36:e4:6d:82:8c:13:d9:5c:e7:53:
7c:a7:e4:ae:74:99:4c:38:e0:a8:4b:21:16:ab:8c:a3:71:c6:
69:41:06:83:c8:eb:02:fc:1b:99:01:8c:73:da:64:1a:2e:63:
5e:3c:52:29:68:40:56:c9:b4:5c:02:b2:fe:0e:c7:12:83:36:
24:d0:80:8a:ac:00:10:58:00:c3:e6:10:cf:91:f2:6d:47:54:
43:df:60:01:54:69:dd:7e:9c:d3:b0:7f:c2:0c:58:69:28:30:
a5:e8:28:8a:4a:54:62:c2:32:7a:70:ba:af:f0:8d:7c:e8:13:
66:40:05:ac:85:b7:a5:f4:eb:0a:3a:78:ed:89:f2:4a:c8:d4:
81:3d:6d:2c:74:74:e5:ff:6c:57:18:11:15:36:93:0b:c5:3f:
2b:e8:da:71:fd:88:6a:1f:fc:9c:34:f1:b5:ff:85:7a:fa:7d:
cd:0f:06:6b:c6:60:ef:8b:af:1a:47:b0:10:48:02:f5:38:d9:
0b:e0:da:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYassJuCdHTA+XPSltR6IE9rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzA0MTI1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTRjZTFjOTUyZDliMDRkZjEzOGYwYTVhYmEyYjI5OTY3NjZmMTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33ukd1vLbm8l+OApaBmE4qnIFXYd
b7OFvpqU5i7WPAdFGSmIBRLWb87VOu9MXW0PjJhp/u9Gw9pd4UU0Xbstrqu6S20K
vCkSuXd0s12dfDJMbTsR9n6MzoI8lO192Rq88eMfkKNUMvH04TzFOvCAG4ZtERE/
rX6ezSvC0BEp26ZqocAz0lBs8//Qsxyh81F+Vz1lBzL0tulyZTy59Ox7pSDvrCUW
db3424YJaPJIfqhQRPb28Xv548jQq3n4xJUzgGoAWTyLN3NfRmfBEWZq9GJR0/XI
cR8Ao0UuBPjUdJTq+tssKK7BKbDmDSt4BweCMHGcVUrugQZ+Dnk01u9Y4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGVM4clS2bBN8TjwpauisplnZvEhMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWlV6aHlWTFpzRTN4T1BDbHE2S3ltV2RtOFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlcRMA0G
CSqGSIb3DQEBCwUAA4IBAQBuURKOfR1fYpu07qU52FCQlpStzzeINEhugGRN5H5/
ppGvyrdauk3Zu/AtKqfHjozqGJimrAKu1d1EghfKODbkbYKME9lc51N8p+SudJlM
OOCoSyEWq4yjccZpQQaDyOsC/BuZAYxz2mQaLmNePFIpaEBWybRcArL+DscSgzYk
0ICKrAAQWADD5hDPkfJtR1RD32ABVGndfpzTsH/CDFhpKDCl6CiKSlRiwjJ6cLqv
8I186BNmQAWshbel9OsKOnjtifJKyNSBPW0sdHTl/2xXGBEVNpMLxT8r6Npx/Yhq
H/ycNPG1/4V6+n3NDwZrxmDvi68aR7AQSAL1ONkL4Nro
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:20 2024 by rpki-client on console-fra.rpki-client.org