Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/8710ba-fb59-466b-9e6b-e898681bc89e/1/ZtwHGnss4nEdmYj2wEaJTpbRPFI.roa
File: ZtwHGnss4nEdmYj2wEaJTpbRPFI.roa (raw, json)
Hash identifier: ALmKFx85YHZ2FL7iJyZiQinkABp1XT+eLZIdXwrX+VY=
Subject key identifier: 66:DC:07:1A:7B:2C:E2:71:1D:99:88:F6:C0:46:89:4E:96:D1:3C:52
Certificate issuer: /CN=090fac7852b42d1e6b1c3f0f29d13ce5e9ecb2d6
Certificate serial: 0185729EF93B69E78845BCA93B37950E26FC
Authority key identifier: 09:0F:AC:78:52:B4:2D:1E:6B:1C:3F:0F:29:D1:3C:E5:E9:EC:B2:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CQ-seFK0LR5rHD8PKdE85ensstY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/8710ba-fb59-466b-9e6b-e898681bc89e/1/ZtwHGnss4nEdmYj2wEaJTpbRPFI.roa
Signing time: Mon 02 Jan 2023 13:14:59 +0000
ROA not before: Mon 02 Jan 2023 13:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24837
IP address blocks: 185.108.196.0/23 maxlen: 23
185.108.198.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:f9:3b:69:e7:88:45:bc:a9:3b:37:95:0e:26:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=090fac7852b42d1e6b1c3f0f29d13ce5e9ecb2d6
Validity
Not Before: Jan 2 13:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66dc071a7b2ce2711d9988f6c046894e96d13c52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:6c:13:23:1f:a9:fd:79:49:b2:d6:86:7a:8d:
4b:d8:53:31:51:1f:ec:31:79:12:27:0a:1f:a3:16:
fc:25:22:ea:98:2c:04:ab:e7:0e:11:50:89:88:7e:
9a:72:38:3b:8c:55:cb:f1:f1:e7:c0:20:32:a2:23:
e8:7c:f7:d4:c8:91:8d:63:fb:64:3d:c2:13:43:55:
fd:f4:06:f0:1e:84:2d:17:28:9d:cd:51:33:0f:59:
d9:25:9b:82:6b:a4:9a:8f:8f:10:5a:34:d5:a6:22:
48:b6:05:3b:46:52:1c:84:c3:75:47:c1:85:5d:8e:
d7:36:64:15:df:b4:f0:76:dd:89:28:50:53:18:74:
94:9c:9a:c9:46:5d:73:01:a2:a1:d9:5a:cd:13:31:
c5:9e:a2:e0:84:c0:a0:95:42:bc:0d:e0:10:bd:44:
6d:41:60:7e:c1:ef:31:e0:03:b8:45:d0:13:e5:b6:
84:26:95:9f:32:1e:f8:11:7c:88:26:ad:dc:9a:c2:
4d:95:4a:44:80:96:e6:ed:be:20:c4:97:dc:41:7e:
5e:f2:49:e2:4c:20:08:95:57:1e:e1:5f:12:a3:4d:
8d:56:70:32:e7:df:30:c8:37:38:c4:7c:bd:3e:c5:
57:5b:d9:b8:72:fb:84:79:ec:48:3b:b9:89:ac:1c:
c6:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:DC:07:1A:7B:2C:E2:71:1D:99:88:F6:C0:46:89:4E:96:D1:3C:52
X509v3 Authority Key Identifier:
keyid:09:0F:AC:78:52:B4:2D:1E:6B:1C:3F:0F:29:D1:3C:E5:E9:EC:B2:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CQ-seFK0LR5rHD8PKdE85ensstY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/8710ba-fb59-466b-9e6b-e898681bc89e/1/ZtwHGnss4nEdmYj2wEaJTpbRPFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/8710ba-fb59-466b-9e6b-e898681bc89e/1/CQ-seFK0LR5rHD8PKdE85ensstY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.196.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:c4:51:82:d0:63:3b:d8:03:6d:a3:dc:61:a7:94:d2:06:53:
25:ba:69:10:40:cc:cb:e7:9c:54:b5:1f:c8:9b:0f:af:53:51:
a8:ff:69:b9:55:60:da:68:3d:27:ad:ca:fc:4e:fc:6b:5a:91:
73:b2:1d:d8:48:8e:b1:bf:c1:d2:28:20:1b:84:97:c2:be:c1:
35:b2:a2:ff:12:80:57:6a:60:6e:31:f8:0e:73:7e:1e:dd:fc:
c0:28:40:57:6f:4a:13:53:7e:f4:f2:45:c8:30:19:16:d2:98:
24:da:54:74:f3:30:a7:96:fe:59:35:39:80:c3:ad:27:f9:52:
34:58:f3:a6:2a:69:4c:1e:bb:37:8d:c0:89:c6:2b:6d:9e:49:
5a:97:f1:a0:a5:da:a7:15:14:1a:cb:30:fd:46:3a:13:1e:2a:
1a:8e:c5:d1:62:75:e3:2e:28:a3:58:ca:3f:2d:b4:61:fd:a5:
ad:e5:a9:91:67:b9:4a:fc:d4:44:72:8f:5b:fc:9d:d2:49:1b:
9b:4e:6e:8e:59:79:b3:32:cc:25:32:52:73:95:6c:ad:b0:61:
62:8f:fb:5c:fa:5b:20:9e:9d:ef:0b:e6:df:f8:11:43:0a:25:
e7:c4:89:19:66:33:4a:3d:46:bd:d6:0c:5a:e6:81:e8:bd:3a:
72:d6:da:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVynvk7aeeIRbypOzeVDib8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MGZhYzc4NTJiNDJkMWU2YjFjM2YwZjI5ZDEzY2U1ZTll
Y2IyZDYwHhcNMjMwMTAyMTMxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmRjMDcxYTdiMmNlMjcxMWQ5OTg4ZjZjMDQ2ODk0ZTk2ZDEzYzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WwTIx+p/XlJstaGeo1L2FMxUR/s
MXkSJwofoxb8JSLqmCwEq+cOEVCJiH6acjg7jFXL8fHnwCAyoiPofPfUyJGNY/tk
PcITQ1X99AbwHoQtFyidzVEzD1nZJZuCa6Saj48QWjTVpiJItgU7RlIchMN1R8GF
XY7XNmQV37Twdt2JKFBTGHSUnJrJRl1zAaKh2VrNEzHFnqLghMCglUK8DeAQvURt
QWB+we8x4AO4RdAT5baEJpWfMh74EXyIJq3cmsJNlUpEgJbm7b4gxJfcQX5e8kni
TCAIlVce4V8So02NVnAy598wyDc4xHy9PsVXW9m4cvuEeexIO7mJrBzGpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGbcBxp7LOJxHZmI9sBGiU6W0TxSMB8GA1UdIwQY
MBaAFAkPrHhStC0eaxw/DynRPOXp7LLWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1Etc2VGSzBMUjVySEQ4UEtkRTg1ZW5zc3RZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy84NzEwYmEtZmI1OS00NjZiLTllNmIt
ZTg5ODY4MWJjODllLzEvWnR3SEduc3M0bkVkbVlqMndFYUpUcGJSUEZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy84NzEwYmEtZmI1OS00NjZiLTllNmItZTg5ODY4MWJjODll
LzEvQ1Etc2VGSzBMUjVySEQ4UEtkRTg1ZW5zc3RZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWzEMA0G
CSqGSIb3DQEBCwUAA4IBAQA8xFGC0GM72ANto9xhp5TSBlMlumkQQMzL55xUtR/I
mw+vU1Go/2m5VWDaaD0nrcr8TvxrWpFzsh3YSI6xv8HSKCAbhJfCvsE1sqL/EoBX
amBuMfgOc34e3fzAKEBXb0oTU3708kXIMBkW0pgk2lR08zCnlv5ZNTmAw60n+VI0
WPOmKmlMHrs3jcCJxittnklal/GgpdqnFRQayzD9RjoTHioajsXRYnXjLiijWMo/
LbRh/aWt5amRZ7lK/NREco9b/J3SSRubTm6OWXmzMswlMlJzlWytsGFij/tc+lsg
np3vC+bf+BFDCiXnxIkZZjNKPUa91gxa5oHovTpy1tqZ
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:18:50 2024 by rpki-client on console-ams.rpki-client.org