Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/352d11-d0e3-453f-80fc-69c93d31db64/1/rzXgoFxQZ4NIFtgbMaXdPwZr390.roa
File: rzXgoFxQZ4NIFtgbMaXdPwZr390.roa (raw, json)
Hash identifier: +u6+SJKdp9dQwDQTkWRzmuGtP8OoSkAXYjOgSqsLSZk=
Subject key identifier: AF:35:E0:A0:5C:50:67:83:48:16:D8:1B:31:A5:DD:3F:06:6B:DF:DD
Certificate issuer: /CN=16de8a33a02cfe8fff75d0980f559771c93febd4
Certificate serial: 018750AB45809D530772F74BB109FA82187E
Authority key identifier: 16:DE:8A:33:A0:2C:FE:8F:FF:75:D0:98:0F:55:97:71:C9:3F:EB:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ft6KM6As_o__ddCYD1WXcck_69Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/352d11-d0e3-453f-80fc-69c93d31db64/1/rzXgoFxQZ4NIFtgbMaXdPwZr390.roa
Signing time: Wed 05 Apr 2023 09:06:54 +0000
ROA not before: Wed 05 Apr 2023 09:06:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209279
IP address blocks: 185.188.31.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:50:ab:45:80:9d:53:07:72:f7:4b:b1:09:fa:82:18:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16de8a33a02cfe8fff75d0980f559771c93febd4
Validity
Not Before: Apr 5 09:06:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af35e0a05c5067834816d81b31a5dd3f066bdfdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c7:02:96:a5:86:33:9c:3f:71:55:25:13:a8:
c0:26:32:3b:cd:7e:50:9a:ac:12:bf:8f:59:14:13:
d9:99:31:9a:ec:56:a7:a7:d0:18:4c:a2:02:c4:01:
dd:7e:95:9b:87:12:64:dc:69:7f:9e:6e:57:bb:ca:
9c:00:87:6d:06:a9:61:1d:82:6f:be:3d:2b:32:3c:
9d:53:e5:e4:77:7d:f3:ab:7f:57:92:87:d3:74:5f:
1b:c3:24:31:3a:89:74:02:a4:d0:0a:b8:7b:3b:86:
43:3c:80:3f:c4:42:ba:4d:65:b0:d3:30:c6:1a:02:
d1:18:e3:1c:4a:0c:d8:31:21:cf:dc:ac:8a:b1:57:
3e:32:d7:5a:b0:59:ba:89:e8:67:0b:52:9c:bb:0a:
b8:e3:96:c1:28:51:0c:ce:53:90:35:cc:92:6b:ee:
f1:e5:1a:80:9f:01:df:1b:00:a3:e3:81:ec:5d:de:
1a:e1:9e:e0:12:42:4f:66:47:55:65:37:7b:40:80:
1c:95:c9:ec:16:f6:73:29:20:5c:78:17:72:da:52:
9d:da:5c:10:25:b8:0a:bf:d6:45:40:aa:76:64:67:
99:ea:59:c7:6f:da:b9:a6:d6:67:0e:65:a9:cd:e1:
b4:12:19:5c:79:d1:8d:49:2c:c6:c4:07:d7:a4:bc:
43:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:35:E0:A0:5C:50:67:83:48:16:D8:1B:31:A5:DD:3F:06:6B:DF:DD
X509v3 Authority Key Identifier:
keyid:16:DE:8A:33:A0:2C:FE:8F:FF:75:D0:98:0F:55:97:71:C9:3F:EB:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ft6KM6As_o__ddCYD1WXcck_69Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/352d11-d0e3-453f-80fc-69c93d31db64/1/rzXgoFxQZ4NIFtgbMaXdPwZr390.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/352d11-d0e3-453f-80fc-69c93d31db64/1/Ft6KM6As_o__ddCYD1WXcck_69Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.31.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:5a:ad:3b:dd:3e:e0:d3:27:33:44:2e:18:9d:3a:4f:dc:3c:
c7:56:6d:16:b0:c5:7b:93:ff:33:dc:32:4e:31:8a:f6:f2:4b:
7b:6e:5f:d2:49:6d:89:1a:cd:85:54:58:93:76:ee:1e:c0:37:
19:77:42:71:31:a8:14:35:77:cb:e3:33:06:4b:4d:ee:ac:39:
c8:c2:35:77:ca:8e:f4:11:39:65:db:e3:95:6f:90:74:65:88:
0e:32:f2:85:8d:5c:fd:44:38:34:8f:e5:24:fd:ea:6f:6f:16:
15:e0:56:b0:c6:8b:63:0b:63:46:57:5d:c6:9c:49:f3:8e:17:
6f:b9:c2:e3:fd:80:65:dc:16:15:12:2a:0a:e6:42:90:19:4f:
c1:cd:be:92:45:1e:2f:59:04:00:20:c0:38:28:0c:1c:2c:59:
07:bb:64:3c:29:b5:d4:75:2f:b2:13:99:c3:67:2e:1e:1b:b2:
62:18:6d:46:c6:5f:a1:b6:dc:fc:f9:52:11:b7:a8:90:3a:74:
ae:93:9d:dc:64:6a:d4:40:ba:c0:da:84:d0:6f:5f:91:b6:eb:
10:17:58:c6:67:be:3a:e4:d3:b7:58:9b:f1:68:7b:e3:71:4f:
8f:85:14:21:d0:88:a0:a8:cf:0e:ff:2c:02:63:f1:5c:50:21:
37:cb:b7:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdQq0WAnVMHcvdLsQn6ghh+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ZGU4YTMzYTAyY2ZlOGZmZjc1ZDA5ODBmNTU5NzcxYzkz
ZmViZDQwHhcNMjMwNDA1MDkwNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjM1ZTBhMDVjNTA2NzgzNDgxNmQ4MWIzMWE1ZGQzZjA2NmJkZmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiccClqWGM5w/cVUlE6jAJjI7zX5Q
mqwSv49ZFBPZmTGa7Fanp9AYTKICxAHdfpWbhxJk3Gl/nm5Xu8qcAIdtBqlhHYJv
vj0rMjydU+Xkd33zq39XkofTdF8bwyQxOol0AqTQCrh7O4ZDPIA/xEK6TWWw0zDG
GgLRGOMcSgzYMSHP3KyKsVc+MtdasFm6iehnC1Kcuwq445bBKFEMzlOQNcySa+7x
5RqAnwHfGwCj44HsXd4a4Z7gEkJPZkdVZTd7QIAclcnsFvZzKSBceBdy2lKd2lwQ
JbgKv9ZFQKp2ZGeZ6lnHb9q5ptZnDmWpzeG0EhlcedGNSSzGxAfXpLxDcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK814KBcUGeDSBbYGzGl3T8Ga9/dMB8GA1UdIwQY
MBaAFBbeijOgLP6P/3XQmA9Vl3HJP+vUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnQ2S002QXNfb19fZGRDWUQxV1hjY2tfNjlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zNTJkMTEtZDBlMy00NTNmLTgwZmMt
NjljOTNkMzFkYjY0LzEvcnpYZ29GeFFaNE5JRnRnYk1hWGRQd1pyMzkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8zNTJkMTEtZDBlMy00NTNmLTgwZmMtNjljOTNkMzFkYjY0
LzEvRnQ2S002QXNfb19fZGRDWUQxV1hjY2tfNjlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubwfMA0G
CSqGSIb3DQEBCwUAA4IBAQDGWq073T7g0yczRC4YnTpP3DzHVm0WsMV7k/8z3DJO
MYr28kt7bl/SSW2JGs2FVFiTdu4ewDcZd0JxMagUNXfL4zMGS03urDnIwjV3yo70
ETll2+OVb5B0ZYgOMvKFjVz9RDg0j+Uk/epvbxYV4FawxotjC2NGV13GnEnzjhdv
ucLj/YBl3BYVEioK5kKQGU/Bzb6SRR4vWQQAIMA4KAwcLFkHu2Q8KbXUdS+yE5nD
Zy4eG7JiGG1Gxl+httz8+VIRt6iQOnSuk53cZGrUQLrA2oTQb1+RtusQF1jGZ746
5NO3WJvxaHvjcU+PhRQh0IigqM8O/ywCY/FcUCE3y7eS
-----END CERTIFICATE-----
Generated at Wed Sep 20 19:14:36 2023 by rpki-client on console-ams.rpki-client.org