Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/865eeb-d60b-4e00-811f-51d1646023f0/1/zTOg8dLqLF7xVOBgKIFWai5myMQ.roa
File: zTOg8dLqLF7xVOBgKIFWai5myMQ.roa (raw, json)
Hash identifier: DmxPG8lAYuCiKNtZbU9VbFdeSqNfbBrMMHB+FPJcOFs=
Subject key identifier: CD:33:A0:F1:D2:EA:2C:5E:F1:54:E0:60:28:81:56:6A:2E:66:C8:C4
Certificate issuer: /CN=84926c47a3607f51a39e1c91e7897f85f47e347c
Certificate serial: 0186977002107A46076343C12A7F4D2238B8
Authority key identifier: 84:92:6C:47:A3:60:7F:51:A3:9E:1C:91:E7:89:7F:85:F4:7E:34:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hJJsR6Ngf1GjnhyR54l_hfR-NHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/865eeb-d60b-4e00-811f-51d1646023f0/1/zTOg8dLqLF7xVOBgKIFWai5myMQ.roa
Signing time: Tue 28 Feb 2023 09:52:25 +0000
ROA not before: Tue 28 Feb 2023 09:52:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24961
IP address blocks: 185.109.49.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:97:70:02:10:7a:46:07:63:43:c1:2a:7f:4d:22:38:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84926c47a3607f51a39e1c91e7897f85f47e347c
Validity
Not Before: Feb 28 09:52:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd33a0f1d2ea2c5ef154e0602881566a2e66c8c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:fc:bc:a2:f0:3d:34:ff:bf:a4:e4:ef:97:36:
a5:d6:51:5b:49:20:66:4b:0e:b6:85:a7:f0:28:e4:
bc:35:38:f1:83:50:5f:77:58:bc:b5:21:a8:03:89:
18:ea:3b:f2:d6:5a:41:e9:59:be:09:d2:7d:ae:26:
4e:33:e4:34:a6:65:96:c2:d9:82:1c:13:96:5f:fd:
be:b8:73:1e:36:9b:ca:59:8f:33:6f:69:99:9a:b4:
1a:40:fb:4c:91:40:d9:ed:73:08:02:b1:e3:56:d2:
d7:c3:eb:cd:f0:eb:e9:df:5c:e2:1f:06:40:42:33:
29:b8:e8:3f:c3:40:5d:94:b5:40:d5:c9:08:9f:9d:
e6:66:a4:8b:3b:f5:e5:b0:2c:b7:5d:dc:c0:ae:50:
d1:b5:50:86:8d:70:92:8d:12:a3:7a:a6:3e:7d:23:
5f:d6:ce:b4:7a:57:79:79:c0:47:2b:11:b9:9b:48:
cd:96:8f:8f:da:bd:8d:02:00:b3:6b:8d:79:f2:ae:
c9:3a:c3:e3:ac:10:f8:3f:d2:4f:98:de:fc:55:5c:
32:30:4e:74:98:c4:02:00:60:64:79:9f:c3:4e:12:
b1:8a:cd:eb:a1:17:ad:04:1f:6a:e0:f8:93:fb:f7:
83:39:44:72:5c:66:cd:55:ed:ac:af:f2:0c:7b:f7:
3d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:33:A0:F1:D2:EA:2C:5E:F1:54:E0:60:28:81:56:6A:2E:66:C8:C4
X509v3 Authority Key Identifier:
keyid:84:92:6C:47:A3:60:7F:51:A3:9E:1C:91:E7:89:7F:85:F4:7E:34:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hJJsR6Ngf1GjnhyR54l_hfR-NHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/865eeb-d60b-4e00-811f-51d1646023f0/1/zTOg8dLqLF7xVOBgKIFWai5myMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/865eeb-d60b-4e00-811f-51d1646023f0/1/hJJsR6Ngf1GjnhyR54l_hfR-NHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.109.49.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:ba:0a:a6:3f:dc:9b:04:4f:3f:a0:5f:ae:f3:58:92:2e:90:
98:4f:5e:54:94:27:1c:fd:44:34:61:3c:b0:c9:73:6c:52:a8:
c2:35:af:d1:d2:35:6e:d1:50:3e:c0:de:22:33:2b:b2:59:3d:
00:60:8d:53:be:b4:fb:f7:23:d4:62:a6:f4:e2:fb:cf:87:cb:
9f:fc:13:c3:9e:9a:ad:5a:34:d8:86:72:2e:f1:4b:8e:fa:07:
db:3b:f4:69:d0:66:be:07:dd:cd:b6:aa:af:da:a7:de:99:e7:
0a:6e:c9:f6:86:44:13:c3:cd:c5:4a:05:8d:67:c2:b1:19:51:
09:4f:08:bf:52:d8:df:17:e0:ab:51:ea:55:fc:ac:b4:be:88:
30:56:4e:32:e4:f7:62:e7:c0:d1:47:86:09:6d:59:08:13:12:
a0:ae:79:1a:6c:89:9f:b9:02:f6:a8:07:34:34:03:80:14:72:
af:40:9c:4c:e4:eb:31:4f:ff:07:ff:12:b9:b2:1f:9c:91:30:
48:ec:fb:aa:d1:d3:9b:04:92:d2:53:04:cc:36:4f:c9:84:e5:
3d:8e:63:84:aa:2b:63:f0:38:c4:32:96:c2:1e:96:14:21:f4:
c7:bc:d5:de:29:34:2b:a4:00:b0:4d:47:c7:bc:45:cc:45:7d:
c1:f6:84:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaXcAIQekYHY0PBKn9NIji4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0OTI2YzQ3YTM2MDdmNTFhMzllMWM5MWU3ODk3Zjg1ZjQ3
ZTM0N2MwHhcNMjMwMjI4MDk1MjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDMzYTBmMWQyZWEyYzVlZjE1NGUwNjAyODgxNTY2YTJlNjZjOGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvy8ovA9NP+/pOTvlzal1lFbSSBm
Sw62hafwKOS8NTjxg1Bfd1i8tSGoA4kY6jvy1lpB6Vm+CdJ9riZOM+Q0pmWWwtmC
HBOWX/2+uHMeNpvKWY8zb2mZmrQaQPtMkUDZ7XMIArHjVtLXw+vN8Ovp31ziHwZA
QjMpuOg/w0BdlLVA1ckIn53mZqSLO/XlsCy3XdzArlDRtVCGjXCSjRKjeqY+fSNf
1s60eld5ecBHKxG5m0jNlo+P2r2NAgCza4158q7JOsPjrBD4P9JPmN78VVwyME50
mMQCAGBkeZ/DThKxis3roRetBB9q4PiT+/eDOURyXGbNVe2sr/IMe/c9fQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM0zoPHS6ixe8VTgYCiBVmouZsjEMB8GA1UdIwQY
MBaAFISSbEejYH9Ro54ckeeJf4X0fjR8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEpKc1I2TmdmMUdqbmh5UjU0bF9oZlItTkh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC84NjVlZWItZDYwYi00ZTAwLTgxMWYt
NTFkMTY0NjAyM2YwLzEvelRPZzhkTHFMRjd4Vk9CZ0tJRldhaTVteU1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC84NjVlZWItZDYwYi00ZTAwLTgxMWYtNTFkMTY0NjAyM2Yw
LzEvaEpKc1I2TmdmMUdqbmh5UjU0bF9oZlItTkh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuW0xMA0G
CSqGSIb3DQEBCwUAA4IBAQCcugqmP9ybBE8/oF+u81iSLpCYT15UlCcc/UQ0YTyw
yXNsUqjCNa/R0jVu0VA+wN4iMyuyWT0AYI1TvrT79yPUYqb04vvPh8uf/BPDnpqt
WjTYhnIu8UuO+gfbO/Rp0Ga+B93Ntqqv2qfemecKbsn2hkQTw83FSgWNZ8KxGVEJ
Twi/UtjfF+CrUepV/Ky0vogwVk4y5Pdi58DRR4YJbVkIExKgrnkabImfuQL2qAc0
NAOAFHKvQJxM5OsxT/8H/xK5sh+ckTBI7Puq0dObBJLSUwTMNk/JhOU9jmOEqitj
8DjEMpbCHpYUIfTHvNXeKTQrpACwTUfHvEXMRX3B9oRV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:53 2024 by rpki-client on console-fra.rpki-client.org