Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/ZGN7u5T2IGL3v6KvLwOc8EwIoKQ.roa
File: ZGN7u5T2IGL3v6KvLwOc8EwIoKQ.roa (raw, json)
Hash identifier: QriFDBMsok8O8PJTWbcig/53pHj5G+G1zkbtUAVPUQM=
Subject key identifier: 64:63:7B:BB:94:F6:20:62:F7:BF:A2:AF:2F:03:9C:F0:4C:08:A0:A4
Certificate issuer: /CN=d34d4a3b747fca70103b17f3dbdc5045cace32df
Certificate serial: 01856EA698CCC112D9CE47B76C0E36F25692
Authority key identifier: D3:4D:4A:3B:74:7F:CA:70:10:3B:17:F3:DB:DC:50:45:CA:CE:32:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/ZGN7u5T2IGL3v6KvLwOc8EwIoKQ.roa
Signing time: Sun 01 Jan 2023 18:44:49 +0000
ROA not before: Sun 01 Jan 2023 18:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203489
IP address blocks: 185.191.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:98:cc:c1:12:d9:ce:47:b7:6c:0e:36:f2:56:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d34d4a3b747fca70103b17f3dbdc5045cace32df
Validity
Not Before: Jan 1 18:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64637bbb94f62062f7bfa2af2f039cf04c08a0a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:70:9e:44:62:18:76:ae:7c:e4:f0:0c:0d:1a:
1b:18:8f:48:bf:0a:d2:36:53:6d:30:41:57:9a:e2:
82:bc:26:35:3e:15:52:74:5c:6b:7c:04:b5:86:1c:
13:a6:ea:b7:1e:bb:1e:23:1f:ce:01:58:4b:5b:b8:
15:ed:26:95:89:b7:2a:05:e1:82:5d:0c:8b:ed:e1:
d3:4e:d4:95:f6:68:89:ee:80:0d:16:c3:f3:f7:cf:
f8:c1:6d:8d:40:58:56:86:c2:a2:c9:ad:3d:e1:6d:
e4:fd:01:07:5a:71:a4:66:ec:4f:e2:d6:53:80:3c:
bc:a3:bd:f1:a7:34:ed:dc:40:4d:d6:54:1e:31:eb:
5a:ee:3d:be:fb:66:80:77:48:05:d9:21:82:26:da:
94:f5:ff:6a:fb:c1:aa:6c:e5:34:57:61:b8:62:d5:
8a:69:a3:d4:82:ab:8e:0b:99:ef:80:3b:b2:1e:b0:
dc:0c:e3:ee:38:42:99:cb:b0:0c:df:56:a1:62:82:
13:0a:c3:18:a1:59:de:04:59:20:7c:3f:23:6c:4f:
bf:25:77:1a:3e:b5:04:5a:35:9e:b7:a5:af:43:d9:
dd:76:62:da:61:82:40:4d:20:44:d6:1d:6a:ae:6a:
16:5d:e8:4c:de:69:84:92:a2:5b:05:ed:08:43:df:
cc:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:63:7B:BB:94:F6:20:62:F7:BF:A2:AF:2F:03:9C:F0:4C:08:A0:A4
X509v3 Authority Key Identifier:
keyid:D3:4D:4A:3B:74:7F:CA:70:10:3B:17:F3:DB:DC:50:45:CA:CE:32:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/ZGN7u5T2IGL3v6KvLwOc8EwIoKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.99.0/24
Signature Algorithm: sha256WithRSAEncryption
e2:2b:9b:cb:e9:42:b3:24:e0:65:fa:b8:66:0c:e9:d7:2f:56:
08:71:06:c4:62:7b:f8:43:ac:2f:3d:a5:86:3f:3b:87:1f:77:
68:9e:83:45:c3:87:1d:46:30:ea:05:29:aa:9a:92:d4:e0:8e:
53:d9:0f:93:fa:e9:02:89:42:b9:f1:dd:77:a1:e3:c1:4c:0f:
67:e1:18:3b:f9:01:d8:f2:ff:68:7f:fb:61:3f:fc:40:4f:81:
2e:0f:d4:0b:30:bc:c2:4a:1c:ff:f5:c6:42:7e:08:5c:99:ca:
84:fe:a3:eb:70:1c:84:53:23:fe:58:25:94:0e:b4:30:2c:12:
1b:2b:86:95:31:7e:f2:b3:22:77:59:d4:6b:9a:2f:77:d1:45:
1c:f1:6f:02:8f:f0:d7:71:a5:f5:f2:9a:dd:55:dc:35:28:1c:
95:61:c3:47:d6:38:06:14:30:a4:e1:b4:60:77:ef:7e:7b:97:
19:65:33:14:ba:be:b4:87:b3:b6:53:45:bb:d7:c9:d3:d9:36:
ed:2b:d7:60:31:8e:2d:28:79:99:30:6f:6b:f2:0b:8f:3d:1e:
6a:f5:b8:f8:13:57:3b:e5:72:f7:c3:06:f2:c2:28:73:d9:85:
42:b8:e6:fb:fe:45:7f:b4:38:47:0b:06:5e:b6:a6:e5:cb:1e:
28:63:8d:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuppjMwRLZzke3bA428laSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNGQ0YTNiNzQ3ZmNhNzAxMDNiMTdmM2RiZGM1MDQ1Y2Fj
ZTMyZGYwHhcNMjMwMTAxMTg0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDYzN2JiYjk0ZjYyMDYyZjdiZmEyYWYyZjAzOWNmMDRjMDhhMGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinCeRGIYdq585PAMDRobGI9IvwrS
NlNtMEFXmuKCvCY1PhVSdFxrfAS1hhwTpuq3HrseIx/OAVhLW7gV7SaVibcqBeGC
XQyL7eHTTtSV9miJ7oANFsPz98/4wW2NQFhWhsKiya094W3k/QEHWnGkZuxP4tZT
gDy8o73xpzTt3EBN1lQeMeta7j2++2aAd0gF2SGCJtqU9f9q+8GqbOU0V2G4YtWK
aaPUgquOC5nvgDuyHrDcDOPuOEKZy7AM31ahYoITCsMYoVneBFkgfD8jbE+/JXca
PrUEWjWet6WvQ9nddmLaYYJATSBE1h1qrmoWXehM3mmEkqJbBe0IQ9/MwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGRje7uU9iBi97+iry8DnPBMCKCkMB8GA1UdIwQY
MBaAFNNNSjt0f8pwEDsX89vcUEXKzjLfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi84ZDgzNzItZTA3OS00ODMxLWFmZDIt
NDM3OTM0YzU4NDUzLzEvWkdON3U1VDJJR0wzdjZLdkx3T2M4RXdJb0tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi84ZDgzNzItZTA3OS00ODMxLWFmZDItNDM3OTM0YzU4NDUz
LzEvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub9jMA0G
CSqGSIb3DQEBCwUAA4IBAQDiK5vL6UKzJOBl+rhmDOnXL1YIcQbEYnv4Q6wvPaWG
PzuHH3donoNFw4cdRjDqBSmqmpLU4I5T2Q+T+ukCiUK58d13oePBTA9n4Rg7+QHY
8v9of/thP/xAT4EuD9QLMLzCShz/9cZCfghcmcqE/qPrcByEUyP+WCWUDrQwLBIb
K4aVMX7ysyJ3WdRrmi930UUc8W8Cj/DXcaX18prdVdw1KByVYcNH1jgGFDCk4bRg
d+9+e5cZZTMUur60h7O2U0W718nT2TbtK9dgMY4tKHmZMG9r8guPPR5q9bj4E1c7
5XL3wwbywihz2YVCuOb7/kV/tDhHCwZetqblyx4oY411
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:06 2024 by rpki-client on console-fra.rpki-client.org