Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a83337-6e16-4cd9-921a-87b010ea6235/1/za0ZatGHFQRe--bq9TPDPS18TWE.roa
File: za0ZatGHFQRe--bq9TPDPS18TWE.roa (raw, json)
Hash identifier: RhYmoGnzvWGLWwQqCebcUggmUDd4njVxoCFdSGCBwTM=
Subject key identifier: CD:AD:19:6A:D1:87:15:04:5E:FB:E6:EA:F5:33:C3:3D:2D:7C:4D:61
Certificate issuer: /CN=a7a538aac33778460e19701aab5952c7aa25f05c
Certificate serial: 018D7C808C16D8BC3A73E82FDB8C902692FF
Authority key identifier: A7:A5:38:AA:C3:37:78:46:0E:19:70:1A:AB:59:52:C7:AA:25:F0:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p6U4qsM3eEYOGXAaq1lSx6ol8Fw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/a83337-6e16-4cd9-921a-87b010ea6235/1/za0ZatGHFQRe--bq9TPDPS18TWE.roa
Signing time: Tue 06 Feb 2024 03:40:15 +0000
ROA not before: Tue 06 Feb 2024 03:40:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207718
IP address blocks: 194.147.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7c:80:8c:16:d8:bc:3a:73:e8:2f:db:8c:90:26:92:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7a538aac33778460e19701aab5952c7aa25f05c
Validity
Not Before: Feb 6 03:40:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cdad196ad18715045efbe6eaf533c33d2d7c4d61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:40:55:82:23:eb:be:22:59:5a:36:48:75:3e:
1f:b5:58:8d:2f:5d:b4:65:43:3d:0a:3a:19:20:bd:
48:82:27:41:cd:4c:66:78:54:7a:78:ee:4c:09:69:
6d:1a:cf:dd:7c:80:4d:d3:e4:d3:3c:6a:2b:fd:b2:
dc:b3:2a:78:8b:3f:7b:a2:16:f5:b5:fa:34:c8:c9:
fa:fc:fa:ec:4b:95:e9:7d:67:8e:fe:ad:ba:03:07:
59:cf:31:6a:00:84:85:e5:73:38:97:2e:97:7e:c0:
6b:ee:77:66:0e:2f:03:d6:fc:83:0b:97:c7:a2:6b:
a6:5a:5a:12:39:5a:e6:94:7f:54:0d:a2:10:e1:52:
40:56:f8:89:fa:2a:16:0a:fd:fe:43:e5:69:98:eb:
f3:5c:ed:8b:99:1e:96:eb:75:ab:59:ba:8b:09:3e:
77:59:73:6e:b0:e8:ae:2e:c9:1f:99:3d:6c:a1:ec:
59:d5:eb:cd:2e:5d:bd:25:9b:f3:e6:de:46:cc:f1:
1c:95:bf:c8:bc:d4:c2:4d:f1:4b:99:2f:de:88:68:
5d:e6:66:06:7a:6e:f6:38:e5:6d:10:89:29:e6:09:
81:ff:48:f2:fe:5d:4c:36:41:d6:8e:01:de:c3:40:
4a:88:8b:d1:49:fd:64:9c:78:2e:7b:35:b1:52:da:
47:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:AD:19:6A:D1:87:15:04:5E:FB:E6:EA:F5:33:C3:3D:2D:7C:4D:61
X509v3 Authority Key Identifier:
keyid:A7:A5:38:AA:C3:37:78:46:0E:19:70:1A:AB:59:52:C7:AA:25:F0:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p6U4qsM3eEYOGXAaq1lSx6ol8Fw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a83337-6e16-4cd9-921a-87b010ea6235/1/za0ZatGHFQRe--bq9TPDPS18TWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a83337-6e16-4cd9-921a-87b010ea6235/1/p6U4qsM3eEYOGXAaq1lSx6ol8Fw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.32.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:77:ff:0d:eb:12:c4:50:ab:b1:3e:85:21:e6:19:02:1a:7b:
93:38:10:be:08:c6:e0:4a:ee:c7:4d:29:e7:8c:e2:94:77:41:
42:4f:37:a4:bf:5e:7b:19:b6:a9:45:a0:0a:9a:15:af:1b:83:
5d:77:91:30:aa:1b:0a:06:3e:db:4d:7b:94:09:9d:50:37:01:
15:49:d1:fb:29:36:15:97:8a:7a:94:3f:70:cd:45:94:b4:e7:
1d:8b:c5:ad:54:27:22:68:5c:3b:da:31:8e:58:55:69:a2:ea:
da:db:83:04:5d:84:2e:f5:3c:0c:16:14:8e:38:50:31:0d:c2:
ab:2d:da:19:d6:90:17:53:e3:1d:9f:4e:e6:d5:50:14:93:c9:
c9:65:12:3b:f0:90:8c:7a:90:bd:bb:83:0d:dc:95:2f:34:3b:
5e:6a:69:8d:89:c9:69:2c:4b:13:93:60:45:89:d8:56:41:44:
d6:90:69:4c:ce:39:1c:a9:2e:26:78:f0:0e:5f:20:65:ca:d8:
35:b8:b2:e2:57:1b:43:23:c7:07:65:e3:20:25:53:64:be:64:
12:b2:91:83:9a:d6:bd:6f:94:08:4d:c2:34:20:0c:21:76:5e:
73:78:df:38:88:c3:57:1d:71:97:77:79:40:c2:72:27:87:0f:
9f:24:48:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY18gIwW2Lw6c+gv24yQJpL/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3YTUzOGFhYzMzNzc4NDYwZTE5NzAxYWFiNTk1MmM3YWEy
NWYwNWMwHhcNMjQwMjA2MDM0MDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGFkMTk2YWQxODcxNTA0NWVmYmU2ZWFmNTMzYzMzZDJkN2M0ZDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUBVgiPrviJZWjZIdT4ftViNL120
ZUM9CjoZIL1IgidBzUxmeFR6eO5MCWltGs/dfIBN0+TTPGor/bLcsyp4iz97ohb1
tfo0yMn6/PrsS5XpfWeO/q26AwdZzzFqAISF5XM4ly6XfsBr7ndmDi8D1vyDC5fH
omumWloSOVrmlH9UDaIQ4VJAVviJ+ioWCv3+Q+VpmOvzXO2LmR6W63WrWbqLCT53
WXNusOiuLskfmT1soexZ1evNLl29JZvz5t5GzPEclb/IvNTCTfFLmS/eiGhd5mYG
em72OOVtEIkp5gmB/0jy/l1MNkHWjgHew0BKiIvRSf1knHguezWxUtpHVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM2tGWrRhxUEXvvm6vUzwz0tfE1hMB8GA1UdIwQY
MBaAFKelOKrDN3hGDhlwGqtZUseqJfBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDZVNHFzTTNlRVlPR1hBYXExbFN4Nm9sOEZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hODMzMzctNmUxNi00Y2Q5LTkyMWEt
ODdiMDEwZWE2MjM1LzEvemEwWmF0R0hGUVJlLS1icTlUUERQUzE4VFdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hODMzMzctNmUxNi00Y2Q5LTkyMWEtODdiMDEwZWE2MjM1
LzEvcDZVNHFzTTNlRVlPR1hBYXExbFN4Nm9sOEZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpMgMA0G
CSqGSIb3DQEBCwUAA4IBAQB+d/8N6xLEUKuxPoUh5hkCGnuTOBC+CMbgSu7HTSnn
jOKUd0FCTzekv157GbapRaAKmhWvG4Ndd5EwqhsKBj7bTXuUCZ1QNwEVSdH7KTYV
l4p6lD9wzUWUtOcdi8WtVCciaFw72jGOWFVpoura24MEXYQu9TwMFhSOOFAxDcKr
LdoZ1pAXU+Mdn07m1VAUk8nJZRI78JCMepC9u4MN3JUvNDteammNiclpLEsTk2BF
idhWQUTWkGlMzjkcqS4mePAOXyBlytg1uLLiVxtDI8cHZeMgJVNkvmQSspGDmta9
b5QITcI0IAwhdl5zeN84iMNXHXGXd3lAwnInhw+fJEhY
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:15:05 2025 by rpki-client