Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/CzwNYCTiHejRgzWPzemun_WQCPQ.roa
File: CzwNYCTiHejRgzWPzemun_WQCPQ.roa (raw, json)
Hash identifier: jG2jj24SZmD43+M5qgMT+S5oXdUWKAjqbCL8+zr3rF8=
Subject key identifier: 0B:3C:0D:60:24:E2:1D:E8:D1:83:35:8F:CD:E9:AE:9F:F5:90:08:F4
Certificate issuer: /CN=9f0743496c7ff3effb870601139cad9d2f271e10
Certificate serial: 018570796F52B183F81FE6CA5BA3F3F41DC5
Authority key identifier: 9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/CzwNYCTiHejRgzWPzemun_WQCPQ.roa
Signing time: Mon 02 Jan 2023 03:14:44 +0000
ROA not before: Mon 02 Jan 2023 03:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 185.92.24.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:6f:52:b1:83:f8:1f:e6:ca:5b:a3:f3:f4:1d:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0743496c7ff3effb870601139cad9d2f271e10
Validity
Not Before: Jan 2 03:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b3c0d6024e21de8d183358fcde9ae9ff59008f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fe:73:25:3e:25:57:eb:6c:a4:62:e6:89:3c:
90:a1:3b:a9:ee:bb:28:7e:46:29:4b:d4:96:24:47:
3f:ff:7d:9f:0b:84:55:1c:69:d7:e9:9e:b1:aa:14:
2c:3e:f2:58:31:8f:3b:b8:7f:85:3d:92:04:7f:e2:
3b:1c:6f:99:31:22:ff:8d:4c:73:79:85:2f:f8:30:
c0:5a:5b:cd:f5:8d:89:6e:dc:4e:85:95:6e:dc:62:
91:36:a0:0a:16:a9:13:ba:29:f9:78:f4:e1:c5:b6:
10:a1:1c:f9:ea:cb:6b:65:f2:49:87:c6:2a:11:c2:
4d:bc:d2:80:67:5e:98:3e:d6:3a:ec:0e:28:8c:8a:
a3:a1:e0:b0:d8:f5:60:ae:0b:41:d4:4b:c1:af:68:
23:e7:e8:b9:30:a3:55:81:6d:c4:e7:af:83:a3:08:
3a:3f:90:be:81:8d:d2:b2:85:45:44:fa:43:c9:50:
06:90:6a:e1:98:14:27:ef:bb:2a:9b:94:a9:d9:d8:
d2:f0:21:8a:0f:16:6c:7c:0c:f5:34:d2:3a:6d:cd:
ca:e6:0d:0b:21:22:04:f4:95:31:15:a1:b6:31:72:
46:d9:96:09:3a:8f:bc:e0:8a:d8:bf:b7:cf:1c:6a:
84:57:03:92:e0:ce:ad:c7:f0:2c:ac:bf:8a:99:30:
cd:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:3C:0D:60:24:E2:1D:E8:D1:83:35:8F:CD:E9:AE:9F:F5:90:08:F4
X509v3 Authority Key Identifier:
keyid:9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/CzwNYCTiHejRgzWPzemun_WQCPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.92.24.0/24
Signature Algorithm: sha256WithRSAEncryption
18:86:f6:b9:fd:07:87:ab:57:5b:5f:ed:87:f4:3f:e3:88:92:
04:bb:b7:33:b8:79:65:2c:fa:2c:2d:cb:02:50:74:00:84:3c:
24:a2:19:cd:eb:81:47:74:a6:3e:60:41:e6:92:91:9b:9f:e0:
16:35:d2:37:df:1f:df:96:7b:2d:98:bf:1c:96:dc:73:7b:94:
ed:ca:9d:0a:fe:42:a5:8d:0c:e8:8f:8c:9c:85:a2:7b:38:e3:
b0:26:c8:f4:5a:68:3c:41:27:71:17:84:55:6b:d5:10:39:1b:
8a:e2:3e:23:b5:b4:3b:0b:db:1a:0b:68:70:43:92:dc:91:62:
81:80:79:74:b9:52:ca:62:09:83:38:11:2b:90:b9:2d:a3:da:
e2:1e:ce:88:c0:51:25:00:ff:f2:39:0d:d3:2c:89:01:5c:00:
fe:65:b9:5b:a3:f3:ba:ea:1f:05:1d:a4:aa:5b:a8:3e:48:64:
a8:8d:4b:0a:de:d9:98:65:a9:18:a2:5b:0b:26:2b:fe:9e:84:
fb:0e:2f:b0:f0:38:47:08:10:8a:dc:5e:29:f5:fb:e9:03:ba:
45:6e:2e:21:06:ce:62:aa:75:12:3a:41:db:03:2f:83:19:bf:
8e:71:98:c7:f7:01:be:b7:b4:d7:dd:f4:aa:24:cf:00:a6:31:
8c:ec:3f:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVweW9SsYP4H+bKW6Pz9B3FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDc0MzQ5NmM3ZmYzZWZmYjg3MDYwMTEzOWNhZDlkMmYy
NzFlMTAwHhcNMjMwMTAyMDMxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjNjMGQ2MDI0ZTIxZGU4ZDE4MzM1OGZjZGU5YWU5ZmY1OTAwOGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/5zJT4lV+tspGLmiTyQoTup7rso
fkYpS9SWJEc//32fC4RVHGnX6Z6xqhQsPvJYMY87uH+FPZIEf+I7HG+ZMSL/jUxz
eYUv+DDAWlvN9Y2JbtxOhZVu3GKRNqAKFqkTuin5ePThxbYQoRz56strZfJJh8Yq
EcJNvNKAZ16YPtY67A4ojIqjoeCw2PVgrgtB1EvBr2gj5+i5MKNVgW3E56+Dowg6
P5C+gY3SsoVFRPpDyVAGkGrhmBQn77sqm5Sp2djS8CGKDxZsfAz1NNI6bc3K5g0L
ISIE9JUxFaG2MXJG2ZYJOo+84IrYv7fPHGqEVwOS4M6tx/AsrL+KmTDNMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAs8DWAk4h3o0YM1j83prp/1kAj0MB8GA1UdIwQY
MBaAFJ8HQ0lsf/Pv+4cGAROcrZ0vJx4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2Mt
NjM0MTEzNjdkOTBhLzEvQ3p3TllDVGlIZWpSZ3pXUHplbXVuX1dRQ1BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2MtNjM0MTEzNjdkOTBh
LzEvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVwYMA0G
CSqGSIb3DQEBCwUAA4IBAQAYhva5/QeHq1dbX+2H9D/jiJIEu7czuHllLPosLcsC
UHQAhDwkohnN64FHdKY+YEHmkpGbn+AWNdI33x/flnstmL8cltxze5Ttyp0K/kKl
jQzoj4ychaJ7OOOwJsj0Wmg8QSdxF4RVa9UQORuK4j4jtbQ7C9saC2hwQ5LckWKB
gHl0uVLKYgmDOBErkLkto9riHs6IwFElAP/yOQ3TLIkBXAD+Zblbo/O66h8FHaSq
W6g+SGSojUsK3tmYZakYolsLJiv+noT7Di+w8DhHCBCK3F4p9fvpA7pFbi4hBs5i
qnUSOkHbAy+DGb+OcZjH9wG+t7TX3fSqJM8ApjGM7D/X
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:24 2024 by rpki-client on console-ams.rpki-client.org