Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/zn2U7K2EjNZ1fMszlEZwpjkwoYI.roa
File: zn2U7K2EjNZ1fMszlEZwpjkwoYI.roa (raw, json)
Hash identifier: cm73AxD5NYPn4DlSvNx+TZNE54Dnwvv3UMXUt+FpbGg=
Subject key identifier: CE:7D:94:EC:AD:84:8C:D6:75:7C:CB:33:94:46:70:A6:39:30:A1:82
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 018C598F81C1DC2F5549152D6B83074D9F3B
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/zn2U7K2EjNZ1fMszlEZwpjkwoYI.roa
Signing time: Mon 11 Dec 2023 15:47:06 +0000
ROA not before: Mon 11 Dec 2023 15:47:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200019
IP address blocks: 45.148.244.0/24 maxlen: 24
93.185.167.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:59:8f:81:c1:dc:2f:55:49:15:2d:6b:83:07:4d:9f:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Dec 11 15:47:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce7d94ecad848cd6757ccb33944670a63930a182
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:94:c2:1c:a3:44:ad:bb:ad:49:0e:93:74:43:
06:5b:33:1d:4e:f7:ea:17:3f:c9:35:d7:99:bf:60:
0c:2f:7a:be:f9:79:7a:06:1a:b3:8d:3d:e2:31:33:
17:d6:1e:37:6f:2c:49:b5:5b:e2:b4:77:5b:65:50:
77:40:ca:20:fc:8f:dc:32:b4:91:ed:10:64:f4:ad:
60:4f:d7:8c:77:f2:bf:ca:2d:cc:24:28:47:eb:3d:
d0:c9:24:00:d6:c4:a1:b1:fb:93:83:c1:e2:4b:56:
5d:c0:1e:64:2b:a0:27:7c:56:37:20:ca:1e:97:25:
68:29:bd:94:be:2e:76:cf:20:20:76:81:fc:4f:05:
7e:07:4b:54:3b:aa:17:cd:15:c3:60:de:f1:74:ad:
b9:29:aa:6f:51:fe:97:91:1c:d1:c1:42:f6:0c:9e:
a4:05:27:4b:29:66:94:ed:54:48:d7:73:2b:6e:78:
19:80:75:b2:d6:39:99:32:dc:77:35:ec:cc:a5:09:
e2:50:db:38:a9:82:24:70:aa:6f:0a:18:e2:99:b8:
de:2f:54:1b:73:3a:6d:97:37:06:36:b6:0a:49:6e:
74:f5:58:80:98:d2:d5:ce:91:6e:27:9b:93:27:0a:
28:07:63:49:df:4a:c2:23:94:7c:31:33:df:72:88:
fc:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:7D:94:EC:AD:84:8C:D6:75:7C:CB:33:94:46:70:A6:39:30:A1:82
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/zn2U7K2EjNZ1fMszlEZwpjkwoYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.244.0/24
93.185.167.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:89:87:d7:9b:7d:32:d5:f2:74:3e:d5:6e:a4:7c:90:e6:bf:
cb:3c:34:ca:17:3e:81:04:96:bf:5a:85:cc:95:62:ce:0f:e0:
f0:c9:4f:c1:7d:bf:f3:2e:04:10:a6:99:69:20:52:d2:7d:2b:
26:4a:21:d1:48:6e:60:1c:69:6b:2f:e5:0d:4f:47:64:fb:5c:
83:b1:b6:23:e4:43:43:b6:65:77:41:c4:d8:e6:57:14:bf:49:
6d:44:87:e2:4e:db:d3:6c:8a:55:1d:71:5c:24:36:a2:6d:60:
2d:3c:6b:70:dd:fd:5b:65:42:ac:12:d8:48:27:6d:a6:33:fa:
cb:6a:2f:6b:7c:ca:6f:80:d2:41:20:33:24:98:c5:13:99:c0:
df:fe:93:36:e9:c6:cd:df:3d:b0:fd:5e:15:db:db:0b:3f:2b:
fe:f6:00:01:33:51:e1:c7:cd:5b:de:f2:51:36:b7:7f:01:2a:
a0:fa:0c:43:1d:76:95:09:a6:5a:6f:3f:06:7b:c5:d0:ef:41:
11:63:f7:29:93:2e:80:21:72:1f:12:d1:5a:e8:de:39:94:6e:
69:5a:c3:09:0f:66:06:f9:e0:0b:02:2c:58:40:89:8e:fb:62:
8b:a7:47:c0:35:90:5a:bb:bb:5f:f1:75:10:5b:5f:cf:74:99:
c6:4d:9c:d8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxZj4HB3C9VSRUta4MHTZ87MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjMxMjExMTU0NzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTdkOTRlY2FkODQ4Y2Q2NzU3Y2NiMzM5NDQ2NzBhNjM5MzBhMTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJTCHKNErbutSQ6TdEMGWzMdTvfq
Fz/JNdeZv2AML3q++Xl6BhqzjT3iMTMX1h43byxJtVvitHdbZVB3QMog/I/cMrSR
7RBk9K1gT9eMd/K/yi3MJChH6z3QySQA1sShsfuTg8HiS1ZdwB5kK6AnfFY3IMoe
lyVoKb2Uvi52zyAgdoH8TwV+B0tUO6oXzRXDYN7xdK25KapvUf6XkRzRwUL2DJ6k
BSdLKWaU7VRI13MrbngZgHWy1jmZMtx3NezMpQniUNs4qYIkcKpvChjimbjeL1Qb
czptlzcGNrYKSW509ViAmNLVzpFuJ5uTJwooB2NJ30rCI5R8MTPfcoj8JwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM59lOythIzWdXzLM5RGcKY5MKGCMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvem4yVTdLMkVqTloxZk1zemxFWndwamt3b1lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZT0AwQA
XbmnMA0GCSqGSIb3DQEBCwUAA4IBAQAOiYfXm30y1fJ0PtVupHyQ5r/LPDTKFz6B
BJa/WoXMlWLOD+DwyU/Bfb/zLgQQpplpIFLSfSsmSiHRSG5gHGlrL+UNT0dk+1yD
sbYj5ENDtmV3QcTY5lcUv0ltRIfiTtvTbIpVHXFcJDaibWAtPGtw3f1bZUKsEthI
J22mM/rLai9rfMpvgNJBIDMkmMUTmcDf/pM26cbN3z2w/V4V29sLPyv+9gABM1Hh
x81b3vJRNrd/ASqg+gxDHXaVCaZabz8Ge8XQ70ERY/cpky6AIXIfEtFa6N45lG5p
WsMJD2YG+eALAixYQImO+2KLp0fANZBau7tf8XUQW1/PdJnGTZzY
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:17 2024 by rpki-client on console-ams.rpki-client.org