Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zcIbmbK5w-0HXeVFGgr3uvwFe0U.roa
File: zcIbmbK5w-0HXeVFGgr3uvwFe0U.roa (raw, json)
Hash identifier: Ax0YV6ws0RAzCVF/ctvjJD3A86C3eOPpNG8uNDWiAmI=
Subject key identifier: CD:C2:1B:99:B2:B9:C3:ED:07:5D:E5:45:1A:0A:F7:BA:FC:05:7B:45
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCDE680B6EA60168CFD7E947F8BAB9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zcIbmbK5w-0HXeVFGgr3uvwFe0U.roa
Signing time: Tue 02 Jan 2024 06:29:27 +0000
ROA not before: Tue 02 Jan 2024 06:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39521
IP address blocks: 194.31.223.0/24 maxlen: 24
164.40.189.0/24 maxlen: 24
164.40.190.0/24 maxlen: 24
164.40.191.0/24 maxlen: 24
164.40.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jan 2024 11:38:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:de:68:0b:6e:a6:01:68:cf:d7:e9:47:f8:ba:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cdc21b99b2b9c3ed075de5451a0af7bafc057b45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:a6:63:cb:81:c9:d2:44:a3:69:6a:ea:8c:b5:
7a:8c:51:60:21:ad:b4:84:ee:fd:dc:77:f9:d2:ae:
81:97:94:63:91:e9:4c:65:24:8a:ca:8d:ad:91:fc:
f6:70:9f:6d:7a:8e:52:79:8a:df:cb:6f:8f:c2:79:
37:3b:4e:ff:70:35:99:e7:07:87:f1:bb:95:5d:5d:
48:a4:db:e9:26:ec:a2:ca:74:9f:2f:4e:3c:e8:31:
4f:e0:30:c4:64:bc:ff:1c:31:cc:28:3c:f5:ba:1e:
ea:00:b6:02:95:79:de:63:79:5b:8d:24:55:b6:34:
dc:8e:d2:41:85:05:dc:28:49:26:0f:ac:8f:35:23:
f5:a6:3c:0c:2f:32:c4:18:a7:91:c5:93:01:bd:b2:
42:b5:cc:44:22:99:94:e5:9f:6f:7a:b6:d1:97:79:
c5:ad:ab:85:e5:88:1e:44:e6:2e:02:74:dd:56:05:
af:05:fd:f4:76:0a:72:e9:4b:3f:b3:69:85:32:d8:
28:68:29:45:dd:7d:a1:7f:29:85:43:f8:7f:3d:f7:
3e:f7:99:ca:dd:45:86:ec:5a:03:c0:1b:cf:8a:4f:
43:20:ff:18:8e:ad:ff:49:04:a1:ff:dd:56:67:88:
55:3a:e6:0d:3a:d7:d1:46:7b:83:be:a5:f3:bc:04:
5a:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:C2:1B:99:B2:B9:C3:ED:07:5D:E5:45:1A:0A:F7:BA:FC:05:7B:45
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zcIbmbK5w-0HXeVFGgr3uvwFe0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.40.188.0/22
194.31.223.0/24
Signature Algorithm: sha256WithRSAEncryption
60:fd:6a:6d:c1:19:c7:28:b6:f7:fe:79:0d:e9:30:34:4d:b0:
07:7c:7e:e4:7c:59:bd:7e:73:df:78:b6:fd:d3:0c:f2:b5:70:
26:16:4a:2c:a9:ea:68:af:20:b1:4e:42:71:d8:1a:1c:b0:de:
dd:fa:3a:4e:e4:ac:4e:6e:44:57:7b:8d:10:fa:ed:71:9a:f1:
df:76:65:76:9a:9c:af:90:fa:cb:eb:bd:e5:a3:5c:1e:cf:a2:
57:31:17:9c:72:ae:a3:29:33:bc:2a:42:c1:fc:4c:da:c3:4d:
b1:28:4d:f1:21:d7:1a:ee:78:83:d9:e5:e7:25:ee:85:d9:3e:
11:d1:ae:43:ba:81:6d:5f:97:c1:6f:42:8d:15:24:06:c6:ff:
59:40:f3:bd:e4:b9:e6:07:5c:d7:ab:07:ae:42:d7:04:6f:ac:
ac:d9:32:09:8e:68:a1:c9:a4:77:a2:39:dd:47:8c:b4:f6:57:
b6:63:a0:2b:2a:d9:97:0a:c4:1d:62:20:be:06:e7:dc:62:20:
c6:ce:93:ad:d1:a2:81:1f:56:08:b1:32:09:d6:4c:a2:a4:3f:
8c:b8:44:37:60:17:20:0a:19:d2:85:ef:83:9e:0a:40:fb:ba:
82:e8:af:30:0f:bf:03:4d:13:ab:13:fd:be:d9:6b:73:ee:0a:
41:ae:c1:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3N5oC26mAWjP1+lH+Lq5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGMyMWI5OWIyYjljM2VkMDc1ZGU1NDUxYTBhZjdiYWZjMDU3YjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgaZjy4HJ0kSjaWrqjLV6jFFgIa20
hO793Hf50q6Bl5RjkelMZSSKyo2tkfz2cJ9teo5SeYrfy2+Pwnk3O07/cDWZ5weH
8buVXV1IpNvpJuyiynSfL0486DFP4DDEZLz/HDHMKDz1uh7qALYClXneY3lbjSRV
tjTcjtJBhQXcKEkmD6yPNSP1pjwMLzLEGKeRxZMBvbJCtcxEIpmU5Z9verbRl3nF
rauF5YgeROYuAnTdVgWvBf30dgpy6Us/s2mFMtgoaClF3X2hfymFQ/h/Pfc+95nK
3UWG7FoDwBvPik9DIP8Yjq3/SQSh/91WZ4hVOuYNOtfRRnuDvqXzvARaBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM3CG5myucPtB13lRRoK97r8BXtFMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvemNJYm1iSzV3LTBIWGVWRkdncjN1dndGZTBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCpCi8AwQA
wh/fMA0GCSqGSIb3DQEBCwUAA4IBAQBg/WptwRnHKLb3/nkN6TA0TbAHfH7kfFm9
fnPfeLb90wzytXAmFkosqeporyCxTkJx2BocsN7d+jpO5KxObkRXe40Q+u1xmvHf
dmV2mpyvkPrL673lo1wez6JXMReccq6jKTO8KkLB/Ezaw02xKE3xIdca7niD2eXn
Je6F2T4R0a5DuoFtX5fBb0KNFSQGxv9ZQPO95LnmB1zXqweuQtcEb6ys2TIJjmih
yaR3ojndR4y09le2Y6ArKtmXCsQdYiC+BufcYiDGzpOt0aKBH1YIsTIJ1kyipD+M
uEQ3YBcgChnShe+DngpA+7qC6K8wD78DTROrE/2+2Wtz7gpBrsFA
-----END CERTIFICATE-----
Generated at Mon Jan 8 15:32:20 2024 by rpki-client on console-fra.rpki-client.org