Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Zodccrt31O0u2fF-9ejDj0tD3-Q.roa
File: Zodccrt31O0u2fF-9ejDj0tD3-Q.roa (raw, json)
Hash identifier: YY3f5H3SwwfKZkvSIXfuPuZfFNF9cBMFQ2tBjrjy3OY=
Subject key identifier: 66:87:5C:72:BB:77:D4:ED:2E:D9:F1:7E:F5:E8:C3:8F:4B:43:DF:E4
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D6A5C16E0F303E12B3DB8C6DC65C407B7
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Zodccrt31O0u2fF-9ejDj0tD3-Q.roa
Signing time: Fri 02 Feb 2024 15:07:16 +0000
ROA not before: Fri 02 Feb 2024 15:07:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199760
IP address blocks: 62.76.224.0/24 maxlen: 24
195.133.84.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Feb 2024 11:47:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6a:5c:16:e0:f3:03:e1:2b:3d:b8:c6:dc:65:c4:07:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 2 15:07:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66875c72bb77d4ed2ed9f17ef5e8c38f4b43dfe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:51:00:b0:b8:23:b5:a0:67:56:18:3c:42:7b:
aa:8c:20:2b:fc:34:cb:2c:81:e7:c0:f3:84:42:b1:
1a:a6:e5:76:67:ad:c7:b2:43:c6:8f:3f:c9:7b:02:
3b:a3:1c:30:1c:37:c0:3f:dd:fb:74:c9:1b:5f:35:
e4:24:a7:0a:2d:7c:22:8e:5e:09:bf:59:cc:51:c7:
09:e8:8c:c9:e2:d5:2a:52:c8:88:50:9b:e0:a3:80:
98:85:ba:31:e3:c3:a2:cd:1e:97:ac:ee:2c:c9:46:
ef:2e:d9:d5:25:0c:58:e9:7e:c4:ac:93:a2:b7:06:
29:22:e2:25:3b:c2:24:4f:2c:bd:20:d8:d6:ee:43:
82:1a:03:0e:64:a2:e7:12:a8:54:df:ae:30:1a:f6:
ed:20:1e:49:22:c4:f0:d1:b3:cc:c8:f3:5a:d4:03:
99:dc:86:6f:8b:6b:c1:ba:9f:20:f5:0d:49:f4:c8:
b9:f7:eb:77:8a:29:c8:0c:32:ea:2c:91:77:9c:c7:
56:86:64:71:5a:93:62:41:b5:da:15:1e:ac:88:db:
d5:7a:08:fd:a3:65:22:32:d4:8e:f1:d3:17:04:75:
9f:7b:ce:54:b1:d2:0b:c6:1f:58:82:0f:14:45:89:
de:bb:d4:7b:69:1c:82:b4:c0:73:94:86:f9:e0:4e:
e8:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:87:5C:72:BB:77:D4:ED:2E:D9:F1:7E:F5:E8:C3:8F:4B:43:DF:E4
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Zodccrt31O0u2fF-9ejDj0tD3-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.224.0/24
195.133.84.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:df:11:5d:d2:e4:ec:cd:41:06:e2:c8:18:da:6e:ed:c2:0a:
31:af:a2:3a:9d:b4:87:39:40:f4:89:99:5b:d2:1a:a8:51:6a:
e1:78:c4:eb:67:3e:25:12:41:07:ae:90:f3:0b:39:2a:30:41:
71:55:e5:92:b4:72:f5:1d:f9:c8:f1:4b:21:ce:1c:94:80:18:
34:94:6f:7d:15:59:2f:a0:ae:9c:34:d9:b1:f3:92:4e:a6:b3:
27:f0:8b:be:63:bc:77:d6:58:13:67:ee:3d:ed:bf:aa:ef:93:
48:7e:34:4f:4e:4d:58:2c:dd:c5:ee:27:39:ca:40:a0:41:61:
2b:4d:22:29:2b:c6:02:49:8e:05:d8:1d:67:88:bb:43:12:6b:
2a:05:87:e1:40:a6:c6:47:b3:8b:11:f2:4b:02:93:fc:ec:3c:
ec:bc:1a:69:d3:8d:e9:88:3c:d2:3b:4b:dc:58:0b:7e:ce:e1:
d7:90:4c:7e:10:4f:50:1b:8d:4d:b4:67:e5:65:9f:79:da:e8:
ff:b0:83:74:b9:4d:9a:85:57:3d:ce:c9:74:84:f3:9c:5b:ec:
a1:ed:49:f4:9d:fd:0d:6e:ab:b6:69:99:e6:dc:d8:b4:b9:42:
ff:bb:af:6e:b7:42:19:28:37:66:48:e9:07:cc:c5:c8:d4:5e:
de:15:c6:9a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1qXBbg8wPhKz24xtxlxAe3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjAyMTUwNzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Njg3NWM3MmJiNzdkNGVkMmVkOWYxN2VmNWU4YzM4ZjRiNDNkZmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1EAsLgjtaBnVhg8QnuqjCAr/DTL
LIHnwPOEQrEapuV2Z63HskPGjz/JewI7oxwwHDfAP937dMkbXzXkJKcKLXwijl4J
v1nMUccJ6IzJ4tUqUsiIUJvgo4CYhbox48OizR6XrO4syUbvLtnVJQxY6X7ErJOi
twYpIuIlO8IkTyy9INjW7kOCGgMOZKLnEqhU364wGvbtIB5JIsTw0bPMyPNa1AOZ
3IZvi2vBup8g9Q1J9Mi59+t3iinIDDLqLJF3nMdWhmRxWpNiQbXaFR6siNvVegj9
o2UiMtSO8dMXBHWfe85UsdILxh9Ygg8URYneu9R7aRyCtMBzlIb54E7otQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGaHXHK7d9TtLtnxfvXow49LQ9/kMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWm9kY2NydDMxTzB1MmZGLTllakRqMHREMy1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPkzgAwQA
w4VUMA0GCSqGSIb3DQEBCwUAA4IBAQBr3xFd0uTszUEG4sgY2m7twgoxr6I6nbSH
OUD0iZlb0hqoUWrheMTrZz4lEkEHrpDzCzkqMEFxVeWStHL1HfnI8UshzhyUgBg0
lG99FVkvoK6cNNmx85JOprMn8Iu+Y7x31lgTZ+497b+q75NIfjRPTk1YLN3F7ic5
ykCgQWErTSIpK8YCSY4F2B1niLtDEmsqBYfhQKbGR7OLEfJLApP87DzsvBpp043p
iDzSO0vcWAt+zuHXkEx+EE9QG41NtGflZZ952uj/sIN0uU2ahVc9zsl0hPOcW+yh
7Un0nf0Nbqu2aZnm3Ni0uUL/u69ut0IZKDdmSOkHzMXI1F7eFcaa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:20 2024 by rpki-client on console-fra.rpki-client.org