Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/zbqaXC5lLVf4rtzlhNqtSniuCD0.roa
File: zbqaXC5lLVf4rtzlhNqtSniuCD0.roa (raw, json)
Hash identifier: +G39bgG5sqxb7tOmMsNF1WpxfzjeZQ76vwOJRTV4JQU=
Subject key identifier: CD:BA:9A:5C:2E:65:2D:57:F8:AE:DC:E5:84:DA:AD:4A:78:AE:08:3D
Certificate issuer: /CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Certificate serial: 0189D4912CCD7784D8B52A9D5C2A9123407B
Authority key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/zbqaXC5lLVf4rtzlhNqtSniuCD0.roa
Signing time: Tue 08 Aug 2023 09:53:51 +0000
ROA not before: Tue 08 Aug 2023 09:53:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 188.66.24.0/24 maxlen: 24
188.66.27.0/24 maxlen: 24
188.66.25.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d4:91:2c:cd:77:84:d8:b5:2a:9d:5c:2a:91:23:40:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Validity
Not Before: Aug 8 09:53:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cdba9a5c2e652d57f8aedce584daad4a78ae083d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:22:0d:73:b5:75:9e:9e:5e:bd:05:58:bb:d6:
7e:0b:fb:93:2c:ca:85:96:8f:5a:19:63:94:7b:2b:
6a:be:7a:49:ee:8d:d1:c8:0f:55:89:a6:a7:c9:ab:
e8:6e:fa:b7:82:99:7d:c7:18:80:8b:51:ff:e7:60:
26:8f:0c:ec:96:73:62:96:4c:54:45:2f:fb:ea:8f:
20:dd:0e:22:a6:a6:ef:f7:48:00:ff:21:bd:ba:cc:
d3:32:e0:f5:98:80:34:3d:68:63:01:fc:be:c7:72:
78:40:5a:62:6d:0c:cf:ca:8d:35:29:94:41:0f:6d:
51:e8:1e:3e:35:37:6e:3f:19:cc:5d:ba:ba:01:f1:
ab:e6:01:3c:e7:a3:e9:6f:c0:7a:b6:d3:e8:76:7f:
e8:f7:1b:81:3a:76:e8:6e:1a:b2:d1:4a:c1:de:79:
76:e9:98:70:50:b7:95:73:01:68:88:3d:61:ce:8e:
04:ab:4d:3b:c4:43:c0:1f:05:a5:75:89:b0:e9:20:
ed:2a:70:74:1d:d0:94:da:b8:80:ab:c6:a9:42:85:
b6:b9:1f:ff:ab:78:c8:e0:e6:cd:85:72:8e:9d:d1:
80:1e:81:f5:7a:8b:14:5b:c4:3b:9d:e8:a3:e5:ed:
dc:be:bf:84:34:b8:42:6e:48:7a:18:f5:fd:85:8d:
08:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:BA:9A:5C:2E:65:2D:57:F8:AE:DC:E5:84:DA:AD:4A:78:AE:08:3D
X509v3 Authority Key Identifier:
keyid:08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/zbqaXC5lLVf4rtzlhNqtSniuCD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.66.24.0/23
188.66.27.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:bc:13:27:16:2d:b0:60:32:7d:21:8f:c4:ef:d3:e9:03:7e:
5b:3b:a4:b0:4b:96:7b:7e:ab:3a:88:95:53:93:b9:75:45:d8:
26:96:31:cc:13:33:79:13:83:0e:61:e4:ea:c7:a0:ee:20:64:
76:67:87:46:90:da:9e:59:ec:d2:2f:b5:1e:7a:52:ff:e4:89:
83:0f:d3:38:df:ef:50:1d:ce:68:14:c1:38:82:32:41:07:81:
4e:c1:82:1e:e8:e8:f7:7c:fd:5e:a5:7c:6a:c5:aa:43:10:68:
7d:6a:07:fc:f3:59:e3:35:94:35:39:eb:34:6d:63:68:77:d5:
02:d3:c6:78:dc:5e:b1:b8:79:21:89:a5:89:cb:62:df:f9:e7:
12:e7:85:69:e7:fb:1f:a1:de:10:8e:c7:69:c2:37:d1:c8:38:
28:13:ea:30:3c:b7:4c:eb:f4:60:e7:d8:13:8c:a5:d3:5b:c2:
d3:8d:6b:64:05:e4:ae:33:fa:56:33:c5:91:7f:f8:4e:cf:af:
2a:13:10:d6:4f:f9:8d:e7:74:72:55:d3:48:05:4a:f8:1b:3f:
4b:0a:f9:2c:c6:e6:e6:70:28:58:cc:65:47:05:0a:5e:87:a1:
55:00:94:b9:30:13:e6:3c:12:e0:94:e3:2b:eb:bb:48:26:c0:
3a:fa:99:30
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnUkSzNd4TYtSqdXCqRI0B7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODQ2NWIzN2IyZDRlOWY0MTNhMzFkYzdiN2U2Y2JhMmEz
M2RiOTYwHhcNMjMwODA4MDk1MzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGJhOWE1YzJlNjUyZDU3ZjhhZWRjZTU4NGRhYWQ0YTc4YWUwODNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgiINc7V1np5evQVYu9Z+C/uTLMqF
lo9aGWOUeytqvnpJ7o3RyA9Viaanyavobvq3gpl9xxiAi1H/52AmjwzslnNilkxU
RS/76o8g3Q4ipqbv90gA/yG9uszTMuD1mIA0PWhjAfy+x3J4QFpibQzPyo01KZRB
D21R6B4+NTduPxnMXbq6AfGr5gE856Ppb8B6ttPodn/o9xuBOnbobhqy0UrB3nl2
6ZhwULeVcwFoiD1hzo4Eq007xEPAHwWldYmw6SDtKnB0HdCU2riAq8apQoW2uR//
q3jI4ObNhXKOndGAHoH1eosUW8Q7neij5e3cvr+ENLhCbkh6GPX9hY0IpwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM26mlwuZS1X+K7c5YTarUp4rgg9MB8GA1UdIwQY
MBaAFAiEZbN7LU6fQTox3Ht+bLoqM9uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUt
MmM3MDg2ZmRlZDkzLzEvemJxYVhDNWxMVmY0cnR6bGhOcXRTbml1Q0QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUtMmM3MDg2ZmRlZDkz
LzEvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBvEIYAwQA
vEIbMA0GCSqGSIb3DQEBCwUAA4IBAQBqvBMnFi2wYDJ9IY/E79PpA35bO6SwS5Z7
fqs6iJVTk7l1RdgmljHMEzN5E4MOYeTqx6DuIGR2Z4dGkNqeWezSL7UeelL/5ImD
D9M43+9QHc5oFME4gjJBB4FOwYIe6Oj3fP1epXxqxapDEGh9agf881njNZQ1Oes0
bWNod9UC08Z43F6xuHkhiaWJy2Lf+ecS54Vp5/sfod4QjsdpwjfRyDgoE+owPLdM
6/Rg59gTjKXTW8LTjWtkBeSuM/pWM8WRf/hOz68qExDWT/mN53RyVdNIBUr4Gz9L
CvksxubmcChYzGVHBQpeh6FVAJS5MBPmPBLglOMr67tIJsA6+pkw
-----END CERTIFICATE-----
Generated at Tue Aug 22 12:44:35 2023 by rpki-client on console-ams.rpki-client.org