Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/5dd7b1-e337-404d-b764-ddb0b148e46b/1/zdsWrFInKKGeEITcGLmOoYcDziQ.roa
File: zdsWrFInKKGeEITcGLmOoYcDziQ.roa (raw, json)
Hash identifier: k5j3rO/+lBm1MetroQRQus71HCZ1n3FapC03V/2n1nI=
Subject key identifier: CD:DB:16:AC:52:27:28:A1:9E:10:84:DC:18:B9:8E:A1:87:03:CE:24
Certificate issuer: /CN=9cb96ce59c59557530f0eaa44c664503d9c401ed
Certificate serial: 01926C03F62D02E63E147154D8228BFEDD2F
Authority key identifier: 9C:B9:6C:E5:9C:59:55:75:30:F0:EA:A4:4C:66:45:03:D9:C4:01:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLls5ZxZVXUw8OqkTGZFA9nEAe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/5dd7b1-e337-404d-b764-ddb0b148e46b/1/zdsWrFInKKGeEITcGLmOoYcDziQ.roa
Signing time: Tue 08 Oct 2024 12:04:11 +0000
ROA not before: Tue 08 Oct 2024 12:04:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23342
IP address blocks: 193.29.148.0/23 maxlen: 23
193.29.158.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 02 Dec 2024 12:34:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6c:03:f6:2d:02:e6:3e:14:71:54:d8:22:8b:fe:dd:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb96ce59c59557530f0eaa44c664503d9c401ed
Validity
Not Before: Oct 8 12:04:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cddb16ac522728a19e1084dc18b98ea18703ce24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:43:2e:40:da:40:73:7a:55:b7:fa:8d:ae:0b:
20:de:d6:76:f4:21:9b:66:f6:12:4e:de:0f:87:03:
0f:c3:a8:f9:2a:7e:ad:02:c0:41:0f:88:05:6c:1b:
f0:43:b9:f7:6c:bb:c2:f5:94:e1:94:b6:e0:29:6f:
1b:3b:9f:97:4a:18:b9:0a:b5:f8:4b:e0:4f:b9:66:
8b:7b:fd:b9:f8:c2:7c:7f:3c:f0:9b:ac:a6:3f:d2:
70:e7:99:57:91:5e:7b:88:39:ec:10:bb:e2:4a:f7:
66:1f:60:7f:72:11:ee:72:68:86:a7:8b:1a:08:62:
b6:3f:49:ee:46:f2:fe:4f:b8:f2:0f:63:ae:9a:6e:
14:d2:cf:18:23:02:a3:b2:71:f3:3c:3d:da:26:2c:
07:95:4b:30:cc:2b:8b:52:34:e1:89:bb:78:a8:84:
06:9a:a2:e7:2c:1b:90:a0:36:21:36:1c:6e:9a:c9:
b4:de:1d:cf:cd:12:d3:a7:97:f9:38:76:15:07:08:
5e:45:3f:48:2c:fa:ff:ad:2f:7c:7d:3c:a7:ab:1a:
00:9d:61:3f:56:6e:ad:d7:23:f1:7d:c1:cb:b1:1e:
ac:02:49:72:bd:1d:56:1b:c2:05:d1:30:21:ce:ca:
66:b8:f3:55:c8:44:66:88:9f:aa:fc:58:ff:d8:40:
1a:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:DB:16:AC:52:27:28:A1:9E:10:84:DC:18:B9:8E:A1:87:03:CE:24
X509v3 Authority Key Identifier:
keyid:9C:B9:6C:E5:9C:59:55:75:30:F0:EA:A4:4C:66:45:03:D9:C4:01:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLls5ZxZVXUw8OqkTGZFA9nEAe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/5dd7b1-e337-404d-b764-ddb0b148e46b/1/zdsWrFInKKGeEITcGLmOoYcDziQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/5dd7b1-e337-404d-b764-ddb0b148e46b/1/nLls5ZxZVXUw8OqkTGZFA9nEAe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.29.148.0/23
193.29.158.0/23
Signature Algorithm: sha256WithRSAEncryption
19:51:87:0d:ff:83:16:fa:46:85:da:36:68:75:b1:4d:94:af:
06:7e:5b:78:37:45:4e:eb:69:a0:81:f2:bd:f3:ab:da:ba:83:
de:04:dd:00:60:d3:de:16:c6:68:76:81:6f:ff:12:99:11:ba:
81:a1:81:71:eb:7c:91:ae:01:17:2a:94:fe:0d:cd:53:35:b6:
9b:96:db:5f:20:00:bf:3f:e6:e3:fd:dd:63:c6:ee:f1:15:fb:
02:a9:f3:0c:81:4f:01:98:26:dd:f8:ac:41:df:4f:d3:cd:a0:
d8:c9:a3:16:a4:3a:88:54:fd:78:16:fc:f0:42:69:ca:53:f0:
7b:c7:c7:ca:e2:19:51:da:40:13:17:3f:98:44:f0:54:45:d6:
a7:a8:f3:9b:51:f1:f7:e6:d7:2e:56:d0:5c:e5:8c:a6:21:4e:
72:03:a6:ed:64:43:29:b6:fe:50:18:49:49:44:75:a6:16:a3:
a7:11:01:c7:4c:59:85:3f:34:a7:7d:08:52:b2:ec:5e:5f:86:
10:63:df:aa:74:ec:3b:9b:02:3d:c1:1f:04:81:61:c6:e6:7a:
62:99:9f:37:4a:b6:81:e6:8b:96:58:f5:5e:ed:11:fe:2f:a0:
69:83:1d:7c:ac:9a:e4:af:9d:eb:e9:21:09:17:e3:b7:fb:85:
fb:f7:ad:b0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZJsA/YtAuY+FHFU2CKL/t0vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjk2Y2U1OWM1OTU1NzUzMGYwZWFhNDRjNjY0NTAzZDlj
NDAxZWQwHhcNMjQxMDA4MTIwNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGRiMTZhYzUyMjcyOGExOWUxMDg0ZGMxOGI5OGVhMTg3MDNjZTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0MuQNpAc3pVt/qNrgsg3tZ29CGb
ZvYSTt4PhwMPw6j5Kn6tAsBBD4gFbBvwQ7n3bLvC9ZThlLbgKW8bO5+XShi5CrX4
S+BPuWaLe/25+MJ8fzzwm6ymP9Jw55lXkV57iDnsELviSvdmH2B/chHucmiGp4sa
CGK2P0nuRvL+T7jyD2Oumm4U0s8YIwKjsnHzPD3aJiwHlUswzCuLUjThibt4qIQG
mqLnLBuQoDYhNhxumsm03h3PzRLTp5f5OHYVBwheRT9ILPr/rS98fTynqxoAnWE/
Vm6t1yPxfcHLsR6sAklyvR1WG8IF0TAhzspmuPNVyERmiJ+q/Fj/2EAabQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM3bFqxSJyihnhCE3Bi5jqGHA84kMB8GA1UdIwQY
MBaAFJy5bOWcWVV1MPDqpExmRQPZxAHtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxsczVaeFpWWFV3OE9xa1RHWkZBOW5FQWUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS81ZGQ3YjEtZTMzNy00MDRkLWI3NjQt
ZGRiMGIxNDhlNDZiLzEvemRzV3JGSW5LS0dlRUlUY0dMbU9vWWNEemlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS81ZGQ3YjEtZTMzNy00MDRkLWI3NjQtZGRiMGIxNDhlNDZi
LzEvbkxsczVaeFpWWFV3OE9xa1RHWkZBOW5FQWUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwR2UAwQB
wR2eMA0GCSqGSIb3DQEBCwUAA4IBAQAZUYcN/4MW+kaF2jZodbFNlK8Gflt4N0VO
62mggfK986vauoPeBN0AYNPeFsZodoFv/xKZEbqBoYFx63yRrgEXKpT+Dc1TNbab
lttfIAC/P+bj/d1jxu7xFfsCqfMMgU8BmCbd+KxB30/TzaDYyaMWpDqIVP14Fvzw
QmnKU/B7x8fK4hlR2kATFz+YRPBURdanqPObUfH35tcuVtBc5YymIU5yA6btZEMp
tv5QGElJRHWmFqOnEQHHTFmFPzSnfQhSsuxeX4YQY9+qdOw7mwI9wR8EgWHG5npi
mZ83SraB5ouWWPVe7RH+L6Bpgx18rJrkr53r6SEJF+O3+4X7962w
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:53:05 2025 by rpki-client