Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f60134-6d6d-4dc1-92a9-659ae821991c/1/zc1tzta1phXC93TTYf72XRxqvjk.roa
File: zc1tzta1phXC93TTYf72XRxqvjk.roa (raw, json)
Hash identifier: 0Tm4gjqDufJar6QPpXTRBkVjDgRvhPTMunizNxu+2c8=
Subject key identifier: CD:CD:6D:CE:D6:B5:A6:15:C2:F7:74:D3:61:FE:F6:5D:1C:6A:BE:39
Certificate issuer: /CN=aceb99748999ab8e0218f7c8dbdcc5698d669d39
Certificate serial: 01898CC5996F561FA6E45A0F56765624B445
Authority key identifier: AC:EB:99:74:89:99:AB:8E:02:18:F7:C8:DB:DC:C5:69:8D:66:9D:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rOuZdImZq44CGPfI29zFaY1mnTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f60134-6d6d-4dc1-92a9-659ae821991c/1/zc1tzta1phXC93TTYf72XRxqvjk.roa
Signing time: Tue 25 Jul 2023 11:18:27 +0000
ROA not before: Tue 25 Jul 2023 11:18:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204499
IP address blocks: 185.219.112.0/24 maxlen: 24
185.219.115.0/24 maxlen: 24
185.219.113.0/24 maxlen: 24
185.219.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Aug 2023 07:32:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8c:c5:99:6f:56:1f:a6:e4:5a:0f:56:76:56:24:b4:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aceb99748999ab8e0218f7c8dbdcc5698d669d39
Validity
Not Before: Jul 25 11:18:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cdcd6dced6b5a615c2f774d361fef65d1c6abe39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:cb:21:69:58:8f:03:8f:d7:b4:de:07:5b:85:
ff:b4:66:3c:40:9b:33:a9:54:31:d5:b1:04:71:3c:
5b:bb:6e:80:45:18:5a:f6:69:c3:33:50:23:2b:5b:
22:13:6c:96:05:87:64:04:d0:ce:62:d5:a3:09:7e:
bf:42:e2:8b:02:4b:41:5f:6c:a6:5e:06:25:4c:21:
64:23:05:5e:a7:e3:b8:02:c0:e6:9c:bf:09:4e:ec:
c2:8e:74:17:1b:5c:cb:a1:8d:7d:10:56:fb:26:7a:
de:66:ba:a2:93:08:69:dc:82:25:b7:24:7f:0f:ca:
da:2a:02:6b:de:6e:a4:85:53:7c:e9:ab:62:e8:16:
db:13:6b:23:a7:8f:56:8c:ec:bf:73:81:30:9d:90:
ba:39:5f:75:79:5f:c3:a9:67:13:c4:ea:4d:55:cf:
ca:5c:19:3e:d6:17:56:77:d7:c5:9e:ca:bd:b6:d0:
2b:21:f2:25:ba:a8:b0:16:27:87:62:44:95:9e:86:
1e:d1:d2:fb:f9:62:53:ae:b5:4a:0c:13:23:82:ed:
f3:46:57:c9:d9:0f:d2:9d:b1:a9:13:b3:ec:df:7d:
a4:c9:ec:df:84:34:77:b6:3f:23:82:3d:9b:f1:a9:
c3:e7:c5:c0:64:0d:41:f2:bb:e4:e7:e9:11:ce:a7:
24:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:CD:6D:CE:D6:B5:A6:15:C2:F7:74:D3:61:FE:F6:5D:1C:6A:BE:39
X509v3 Authority Key Identifier:
keyid:AC:EB:99:74:89:99:AB:8E:02:18:F7:C8:DB:DC:C5:69:8D:66:9D:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rOuZdImZq44CGPfI29zFaY1mnTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f60134-6d6d-4dc1-92a9-659ae821991c/1/zc1tzta1phXC93TTYf72XRxqvjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f60134-6d6d-4dc1-92a9-659ae821991c/1/rOuZdImZq44CGPfI29zFaY1mnTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.219.112.0/22
Signature Algorithm: sha256WithRSAEncryption
24:6f:a9:36:40:90:f4:e6:97:52:7b:8f:b4:e3:62:89:2c:0d:
f5:28:b4:e0:9f:89:31:e7:3e:6c:86:8a:95:df:9b:5a:ca:a3:
af:bf:af:d6:8e:8c:48:56:09:b9:8f:26:4a:87:97:6f:7e:ce:
1c:4b:1f:4a:89:4e:31:7a:73:00:3b:bc:e9:70:fe:b2:e3:1a:
0a:0c:e6:fb:4a:e6:9f:6f:5b:d1:11:9b:27:7c:48:a5:68:81:
93:a5:30:d3:e3:ee:70:bd:c3:3e:0c:32:2a:67:30:59:52:96:
cb:32:44:e0:39:2e:c0:61:eb:48:f0:56:ef:d9:66:33:c5:e6:
2b:84:6f:c0:41:f5:ba:2a:25:c0:01:35:ee:d8:a2:13:7c:68:
0d:ab:21:c3:a5:36:f2:a3:fb:09:e6:8e:67:1e:66:81:e2:c8:
76:b3:62:d1:41:ec:3f:03:d1:e5:4a:37:b2:ba:de:b9:82:42:
83:18:dd:d5:e0:9f:14:01:61:7c:24:e7:0f:c9:74:11:20:82:
83:52:b2:ec:e4:8f:08:1c:d2:d1:80:77:76:6a:dd:15:44:e8:
03:2a:75:31:13:bb:f8:bb:9d:c5:38:8d:f7:f5:bb:42:0d:9d:
8f:19:85:1c:dc:75:b4:66:b0:4a:ea:0e:a7:af:54:00:2c:30:
f0:0c:e8:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmMxZlvVh+m5FoPVnZWJLRFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZWI5OTc0ODk5OWFiOGUwMjE4ZjdjOGRiZGNjNTY5OGQ2
NjlkMzkwHhcNMjMwNzI1MTExODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGNkNmRjZWQ2YjVhNjE1YzJmNzc0ZDM2MWZlZjY1ZDFjNmFiZTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosshaViPA4/XtN4HW4X/tGY8QJsz
qVQx1bEEcTxbu26ARRha9mnDM1AjK1siE2yWBYdkBNDOYtWjCX6/QuKLAktBX2ym
XgYlTCFkIwVep+O4AsDmnL8JTuzCjnQXG1zLoY19EFb7JnreZrqikwhp3IIltyR/
D8raKgJr3m6khVN86ati6BbbE2sjp49WjOy/c4EwnZC6OV91eV/DqWcTxOpNVc/K
XBk+1hdWd9fFnsq9ttArIfIluqiwFieHYkSVnoYe0dL7+WJTrrVKDBMjgu3zRlfJ
2Q/SnbGpE7Ps332kyezfhDR3tj8jgj2b8anD58XAZA1B8rvk5+kRzqckmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM3Nbc7WtaYVwvd002H+9l0car45MB8GA1UdIwQY
MBaAFKzrmXSJmauOAhj3yNvcxWmNZp05MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvck91WmRJbVpxNDRDR1BmSTI5ekZhWTFtblRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mNjAxMzQtNmQ2ZC00ZGMxLTkyYTkt
NjU5YWU4MjE5OTFjLzEvemMxdHp0YTFwaFhDOTNUVFlmNzJYUnhxdmprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mNjAxMzQtNmQ2ZC00ZGMxLTkyYTktNjU5YWU4MjE5OTFj
LzEvck91WmRJbVpxNDRDR1BmSTI5ekZhWTFtblRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudtwMA0G
CSqGSIb3DQEBCwUAA4IBAQAkb6k2QJD05pdSe4+042KJLA31KLTgn4kx5z5shoqV
35tayqOvv6/WjoxIVgm5jyZKh5dvfs4cSx9KiU4xenMAO7zpcP6y4xoKDOb7Suaf
b1vREZsnfEilaIGTpTDT4+5wvcM+DDIqZzBZUpbLMkTgOS7AYetI8Fbv2WYzxeYr
hG/AQfW6KiXAATXu2KITfGgNqyHDpTbyo/sJ5o5nHmaB4sh2s2LRQew/A9HlSjey
ut65gkKDGN3V4J8UAWF8JOcPyXQRIIKDUrLs5I8IHNLRgHd2at0VROgDKnUxE7v4
u53FOI339btCDZ2PGYUc3HW0ZrBK6g6nr1QALDDwDOhd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:17 2024 by rpki-client on console-ams.rpki-client.org