Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/zNCWOBzwsHbRmTixz1qVB1xIkxw.roa
File: zNCWOBzwsHbRmTixz1qVB1xIkxw.roa (raw, json)
Hash identifier: wXjrBw4VJRWK1xXhpZnT/RwI+LQw8y286ND94+VYcik=
Subject key identifier: CC:D0:96:38:1C:F0:B0:76:D1:99:38:B1:CF:5A:95:07:5C:48:93:1C
Certificate issuer: /CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Certificate serial: 018CC6B831F913AD2BA940D0D69E0962ACED
Authority key identifier: F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/zNCWOBzwsHbRmTixz1qVB1xIkxw.roa
Signing time: Mon 01 Jan 2024 20:30:09 +0000
ROA not before: Mon 01 Jan 2024 20:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.93.220.0/24 maxlen: 24
193.160.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 12:48:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:31:f9:13:ad:2b:a9:40:d0:d6:9e:09:62:ac:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Validity
Not Before: Jan 1 20:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ccd096381cf0b076d19938b1cf5a95075c48931c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a8:9d:e9:03:58:e0:03:10:56:1f:ca:26:88:
c2:e1:85:90:02:9e:f5:5a:2f:56:b3:e5:6f:fd:02:
08:46:4f:e4:74:3b:0f:b1:1b:c2:63:74:e3:cb:6a:
36:59:2b:a3:f7:b3:10:6f:b2:80:9f:fd:24:a0:c9:
bc:0b:4f:80:80:cb:25:a5:42:a1:48:47:e6:59:f4:
b5:39:e6:5a:23:44:a6:a2:8f:2b:65:a2:27:bc:e0:
be:a8:13:de:76:02:55:74:17:5f:40:4b:89:c0:b3:
d9:6c:fa:a5:23:34:e8:61:14:88:21:69:1f:e9:d7:
c0:4c:95:49:a3:f8:80:b6:13:17:48:fe:b2:d7:99:
ed:99:55:23:83:8d:e9:c5:61:0b:79:b9:a8:74:a0:
3f:56:b2:34:59:cf:08:82:67:e4:2d:ea:c7:18:fc:
52:c1:8a:4c:82:e7:68:62:4d:f5:88:9b:b5:90:ab:
ea:6c:d4:f5:40:8f:15:b2:fd:b7:13:cd:8b:6b:48:
19:af:62:8b:ea:5a:fe:44:b8:10:3c:50:84:1b:a0:
55:eb:ed:8e:7f:96:bb:70:c4:60:4c:d0:fd:0e:6c:
7f:f7:66:b3:e6:1b:df:2f:13:e7:e5:ad:bd:2a:dd:
38:c6:40:30:0d:e9:af:6d:6d:96:1a:1f:57:f7:f1:
c7:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:D0:96:38:1C:F0:B0:76:D1:99:38:B1:CF:5A:95:07:5C:48:93:1C
X509v3 Authority Key Identifier:
keyid:F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/zNCWOBzwsHbRmTixz1qVB1xIkxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/9NCKHhy8kJJU6ea5yTn9haJoseE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.220.0/24
193.160.8.0/24
Signature Algorithm: sha256WithRSAEncryption
71:c3:a1:07:4f:19:38:61:cf:54:ac:79:a6:bd:43:a0:2b:b4:
6f:f3:f0:dd:0e:0d:13:33:6b:86:48:8c:b5:5c:c3:0f:1e:0f:
a0:b8:c9:9f:8a:bb:d1:93:ff:64:a8:d1:05:05:59:0a:38:a7:
4a:19:6e:30:06:66:a6:68:ba:ae:88:27:44:83:97:36:1d:69:
8a:0e:24:3e:98:f0:0c:06:78:8f:bc:bf:50:10:63:b6:72:3e:
dd:33:7f:78:79:b1:2d:a6:65:bf:b3:f1:ee:4c:b0:87:ba:d4:
cf:d9:78:b8:d8:d5:6e:01:68:71:d1:04:9f:9b:cf:bd:0d:5e:
52:13:20:dc:db:2f:b6:2b:f7:11:c7:63:70:05:00:16:2c:c9:
8d:04:ea:53:6f:01:26:11:e9:c2:f1:ef:12:43:b4:00:8f:41:
c9:3d:cc:e5:14:40:9a:06:54:76:c4:9d:2f:c5:fa:1c:dc:5f:
f5:ff:c5:24:e4:76:fd:69:6e:3a:11:f5:3a:0f:0b:44:47:5a:
06:ea:ce:1a:cd:a2:0e:4a:6b:6d:73:3c:f4:07:89:57:27:4e:
a3:1c:83:d8:3f:09:88:1f:d6:39:5a:a4:3b:2e:27:7f:16:e5:
6a:b7:bc:64:c1:82:df:5e:8e:ce:52:4b:a4:98:24:cd:e4:14:
b8:ae:93:ef
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGuDH5E60rqUDQ1p4JYqztMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZDA4YTFlMWNiYzkwOTI1NGU5ZTZiOWM5MzlmZDg1YTI2
OGIxZTEwHhcNMjQwMTAxMjAzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2QwOTYzODFjZjBiMDc2ZDE5OTM4YjFjZjVhOTUwNzVjNDg5MzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaid6QNY4AMQVh/KJojC4YWQAp71
Wi9Ws+Vv/QIIRk/kdDsPsRvCY3Tjy2o2WSuj97MQb7KAn/0koMm8C0+AgMslpUKh
SEfmWfS1OeZaI0Smoo8rZaInvOC+qBPedgJVdBdfQEuJwLPZbPqlIzToYRSIIWkf
6dfATJVJo/iAthMXSP6y15ntmVUjg43pxWELebmodKA/VrI0Wc8IgmfkLerHGPxS
wYpMgudoYk31iJu1kKvqbNT1QI8Vsv23E82La0gZr2KL6lr+RLgQPFCEG6BV6+2O
f5a7cMRgTND9Dmx/92az5hvfLxPn5a29Kt04xkAwDemvbW2WGh9X9/HHXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMzQljgc8LB20Zk4sc9alQdcSJMcMB8GA1UdIwQY
MBaAFPTQih4cvJCSVOnmuck5/YWiaLHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2Ut
ZGNlOTQ3ZTI5NGI2LzEvek5DV09CendzSGJSbVRpeHoxcVZCMXhJa3h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2UtZGNlOTQ3ZTI5NGI2
LzEvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuV3cAwQA
waAIMA0GCSqGSIb3DQEBCwUAA4IBAQBxw6EHTxk4Yc9UrHmmvUOgK7Rv8/DdDg0T
M2uGSIy1XMMPHg+guMmfirvRk/9kqNEFBVkKOKdKGW4wBmamaLquiCdEg5c2HWmK
DiQ+mPAMBniPvL9QEGO2cj7dM394ebEtpmW/s/HuTLCHutTP2Xi42NVuAWhx0QSf
m8+9DV5SEyDc2y+2K/cRx2NwBQAWLMmNBOpTbwEmEenC8e8SQ7QAj0HJPczlFECa
BlR2xJ0vxfoc3F/1/8Uk5Hb9aW46EfU6DwtER1oG6s4azaIOSmttczz0B4lXJ06j
HIPYPwmIH9Y5WqQ7Lid/FuVqt7xkwYLfXo7OUkukmCTN5BS4rpPv
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org