Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/cf3641-5c30-4dea-b004-c8e7fd809f90/1/ZcxGo8kikPnOTizsqpzbBjxG-KQ.roa
File: ZcxGo8kikPnOTizsqpzbBjxG-KQ.roa (raw, json)
Hash identifier: CsvQd1hX+I+xw1XnrXT/1v4srvtglAeiY189sZu7KsQ=
Subject key identifier: 65:CC:46:A3:C9:22:90:F9:CE:4E:2C:EC:AA:9C:DB:06:3C:46:F8:A4
Certificate issuer: /CN=5ad9c45020072b3369c2b810fef4527244c5b741
Certificate serial: 01856F8B8245C21AD2539FD23E2846B2608E
Authority key identifier: 5A:D9:C4:50:20:07:2B:33:69:C2:B8:10:FE:F4:52:72:44:C5:B7:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WtnEUCAHKzNpwrgQ_vRSckTFt0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/cf3641-5c30-4dea-b004-c8e7fd809f90/1/ZcxGo8kikPnOTizsqpzbBjxG-KQ.roa
Signing time: Sun 01 Jan 2023 22:54:51 +0000
ROA not before: Sun 01 Jan 2023 22:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203986
IP address blocks: 185.78.176.0/22 maxlen: 22
2a00:67e0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:82:45:c2:1a:d2:53:9f:d2:3e:28:46:b2:60:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ad9c45020072b3369c2b810fef4527244c5b741
Validity
Not Before: Jan 1 22:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65cc46a3c92290f9ce4e2cecaa9cdb063c46f8a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:45:a5:f3:3c:5d:78:11:43:6e:52:d5:4f:d0:
d2:ab:c1:25:8f:be:b2:35:ed:01:5d:f0:57:89:49:
11:f2:bc:27:5c:61:a4:c8:9b:18:2a:6a:73:1c:2f:
47:af:aa:a8:07:24:bc:da:44:c5:63:1d:7e:a4:17:
7b:4c:71:13:f8:ff:de:48:13:8f:b2:6c:89:b5:67:
e7:63:a2:f8:78:fb:9b:cf:a0:a4:33:75:5a:30:c8:
72:e9:58:09:1c:86:da:59:66:71:36:b2:db:6b:ad:
3b:bd:c5:b1:4b:2f:c5:f2:81:65:84:0a:55:b9:ab:
69:a5:69:38:d8:3a:9c:2a:ef:6e:48:fe:2f:9a:52:
37:f7:d9:90:2a:04:b3:0e:e9:5b:c1:b2:79:d6:bd:
68:ec:5b:94:2f:68:2c:80:5d:7a:39:2d:63:0a:22:
cf:c5:4f:e7:d0:11:d9:7f:2b:8b:88:68:95:b0:76:
92:04:12:ba:b2:86:d4:9a:67:b7:c3:a8:bf:2c:22:
c0:bc:41:a0:19:98:2e:80:a3:2c:62:dd:ce:2e:7d:
29:02:07:1b:3c:ee:18:40:89:05:76:c7:9c:e5:9e:
20:0c:32:c6:fa:a2:07:95:4d:2d:9d:bc:b8:6b:c6:
2c:22:3a:17:5b:6d:a3:e8:61:29:01:f5:9d:ab:0d:
23:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:CC:46:A3:C9:22:90:F9:CE:4E:2C:EC:AA:9C:DB:06:3C:46:F8:A4
X509v3 Authority Key Identifier:
keyid:5A:D9:C4:50:20:07:2B:33:69:C2:B8:10:FE:F4:52:72:44:C5:B7:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WtnEUCAHKzNpwrgQ_vRSckTFt0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/cf3641-5c30-4dea-b004-c8e7fd809f90/1/ZcxGo8kikPnOTizsqpzbBjxG-KQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/cf3641-5c30-4dea-b004-c8e7fd809f90/1/WtnEUCAHKzNpwrgQ_vRSckTFt0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.78.176.0/22
IPv6:
2a00:67e0::/32
Signature Algorithm: sha256WithRSAEncryption
14:29:83:39:63:e6:38:36:4c:0f:28:45:09:d6:39:47:04:b1:
43:52:7a:09:a0:ed:52:04:b4:5e:70:0e:d5:c0:79:c7:7a:7b:
eb:79:6d:f0:90:52:3a:cc:11:a6:22:3e:ed:f8:a1:d7:63:a1:
06:12:76:ea:33:44:ab:54:20:41:93:a0:3e:dd:47:c4:c5:fb:
0c:7e:cb:e2:47:2d:1c:b0:41:2d:75:d0:e1:fd:f5:6a:c5:09:
4e:9d:b1:65:a1:d2:b8:bc:5f:19:62:b1:79:5d:36:f7:8f:de:
50:ff:48:c8:c8:35:3e:bd:b4:be:87:ab:8b:42:7f:6b:da:39:
fd:44:d1:9a:2d:7d:01:a4:92:cd:26:5a:5d:42:ee:49:c8:6d:
9a:eb:95:77:ee:c4:e7:3d:dd:c0:74:a1:cf:e8:09:e8:7d:62:
a3:94:79:fc:e0:bc:d4:c8:91:88:84:81:e7:39:8b:dc:af:83:
76:fe:95:6f:8a:70:19:30:c7:66:e0:59:94:74:04:3a:11:e7:
4d:2e:82:57:04:eb:ae:44:9a:3e:03:70:d9:69:ae:4d:f3:08:
26:30:04:02:c0:ba:73:7a:64:15:0a:e4:9a:e0:f2:81:b5:78:
54:e9:f7:c3:04:a8:9e:8e:a7:50:5f:4e:14:6e:17:4c:2e:5f:
18:4d:d5:85
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvi4JFwhrSU5/SPihGsmCOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZDljNDUwMjAwNzJiMzM2OWMyYjgxMGZlZjQ1MjcyNDRj
NWI3NDEwHhcNMjMwMTAxMjI1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWNjNDZhM2M5MjI5MGY5Y2U0ZTJjZWNhYTljZGIwNjNjNDZmOGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgEWl8zxdeBFDblLVT9DSq8Elj76y
Ne0BXfBXiUkR8rwnXGGkyJsYKmpzHC9Hr6qoByS82kTFYx1+pBd7THET+P/eSBOP
smyJtWfnY6L4ePubz6CkM3VaMMhy6VgJHIbaWWZxNrLba607vcWxSy/F8oFlhApV
uatppWk42DqcKu9uSP4vmlI399mQKgSzDulbwbJ51r1o7FuUL2gsgF16OS1jCiLP
xU/n0BHZfyuLiGiVsHaSBBK6sobUmme3w6i/LCLAvEGgGZgugKMsYt3OLn0pAgcb
PO4YQIkFdsec5Z4gDDLG+qIHlU0tnby4a8YsIjoXW22j6GEpAfWdqw0jeQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGXMRqPJIpD5zk4s7Kqc2wY8RvikMB8GA1UdIwQY
MBaAFFrZxFAgByszacK4EP70UnJExbdBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3RuRVVDQUhLek5wd3JnUV92UlNja1RGdDBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9jZjM2NDEtNWMzMC00ZGVhLWIwMDQt
YzhlN2ZkODA5ZjkwLzEvWmN4R284a2lrUG5PVGl6c3FwemJCanhHLUtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9jZjM2NDEtNWMzMC00ZGVhLWIwMDQtYzhlN2ZkODA5Zjkw
LzEvV3RuRVVDQUhLek5wd3JnUV92UlNja1RGdDBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuU6wMA0E
AgACMAcDBQAqAGfgMA0GCSqGSIb3DQEBCwUAA4IBAQAUKYM5Y+Y4NkwPKEUJ1jlH
BLFDUnoJoO1SBLRecA7VwHnHenvreW3wkFI6zBGmIj7t+KHXY6EGEnbqM0SrVCBB
k6A+3UfExfsMfsviRy0csEEtddDh/fVqxQlOnbFlodK4vF8ZYrF5XTb3j95Q/0jI
yDU+vbS+h6uLQn9r2jn9RNGaLX0BpJLNJlpdQu5JyG2a65V37sTnPd3AdKHP6Ano
fWKjlHn84LzUyJGIhIHnOYvcr4N2/pVvinAZMMdm4FmUdAQ6EedNLoJXBOuuRJo+
A3DZaa5N8wgmMAQCwLpzemQVCuSa4PKBtXhU6ffDBKiejqdQX04UbhdMLl8YTdWF
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:30:56 2024 by rpki-client on console-fra.rpki-client.org