Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/010161-b840-4497-afbe-4bef43d3fb17/1/E_zcZiTqITbk0NPsbk7Y_QOeKp0.roa
File: E_zcZiTqITbk0NPsbk7Y_QOeKp0.roa (raw, json)
Hash identifier: wgaiEXC/5RhJYsXCbOlMw8gfFUJmy6crMqGuYBTKLXw=
Subject key identifier: 13:FC:DC:66:24:EA:21:36:E4:D0:D3:EC:6E:4E:D8:FD:03:9E:2A:9D
Certificate issuer: /CN=0d9302d546e068c2fd7677d9d5200add36c8bcd5
Certificate serial: 018CC8708844BDA90807D0F91AC8D13D60DF
Authority key identifier: 0D:93:02:D5:46:E0:68:C2:FD:76:77:D9:D5:20:0A:DD:36:C8:BC:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DZMC1UbgaML9dnfZ1SAK3TbIvNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/010161-b840-4497-afbe-4bef43d3fb17/1/E_zcZiTqITbk0NPsbk7Y_QOeKp0.roa
Signing time: Tue 02 Jan 2024 04:31:07 +0000
ROA not before: Tue 02 Jan 2024 04:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200739
IP address blocks: 185.97.224.0/22 maxlen: 22
2a06:8c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 24 Apr 2024 14:03:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:88:44:bd:a9:08:07:d0:f9:1a:c8:d1:3d:60:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d9302d546e068c2fd7677d9d5200add36c8bcd5
Validity
Not Before: Jan 2 04:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=13fcdc6624ea2136e4d0d3ec6e4ed8fd039e2a9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:15:36:70:85:62:a5:a7:b3:ac:88:ff:10:ce:
e2:29:65:8a:29:c2:3d:b6:2d:9e:cc:0f:9a:7a:79:
fe:e6:2a:6d:60:1d:a2:ec:61:34:eb:87:b1:bb:70:
a0:89:41:bb:9f:7b:a2:cc:b9:38:15:11:66:3e:13:
fa:51:58:e1:53:61:24:63:71:36:93:e1:1f:53:65:
e6:ff:90:15:88:6d:d2:13:e6:bc:2e:0e:8f:47:3d:
81:a4:d3:6a:f5:7f:ab:3b:bd:92:58:92:8c:1f:31:
1d:ca:87:5f:f9:c5:02:79:33:c4:11:42:07:6a:1f:
f6:ed:e2:3c:94:4a:c3:d8:cc:f5:c9:09:c0:04:85:
9a:71:66:64:21:f0:17:da:e9:19:49:fd:33:38:ff:
af:e5:39:85:51:3c:b6:d5:30:55:58:27:08:f5:50:
38:a7:05:af:92:3d:87:6c:df:ef:00:de:2d:e9:92:
39:17:57:a8:d0:39:78:33:95:da:81:8a:cd:c8:04:
3f:a4:d6:2d:80:70:94:33:f3:4a:32:7f:07:48:70:
46:47:f8:9d:89:dc:76:12:32:58:de:26:92:a5:83:
57:a9:44:a6:de:54:98:16:6f:10:35:b2:0c:cd:30:
99:f8:c3:50:ea:10:e6:3c:31:f5:f2:3c:b6:fa:47:
a5:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:FC:DC:66:24:EA:21:36:E4:D0:D3:EC:6E:4E:D8:FD:03:9E:2A:9D
X509v3 Authority Key Identifier:
keyid:0D:93:02:D5:46:E0:68:C2:FD:76:77:D9:D5:20:0A:DD:36:C8:BC:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DZMC1UbgaML9dnfZ1SAK3TbIvNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/010161-b840-4497-afbe-4bef43d3fb17/1/E_zcZiTqITbk0NPsbk7Y_QOeKp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/010161-b840-4497-afbe-4bef43d3fb17/1/DZMC1UbgaML9dnfZ1SAK3TbIvNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.224.0/22
IPv6:
2a06:8c0::/29
Signature Algorithm: sha256WithRSAEncryption
44:c3:87:7b:8f:fa:1f:b5:26:97:68:5b:12:18:b3:95:00:fd:
04:75:37:f2:21:09:d7:22:ee:eb:55:8d:38:0b:49:03:44:ea:
40:e9:55:ca:46:34:ee:93:02:d1:2e:07:73:26:db:e6:d2:b0:
31:3d:b9:4d:f2:0e:f6:ea:14:fc:62:7f:a5:a7:42:6f:b8:1d:
30:e2:ad:49:8a:6d:bb:b4:ab:f9:ff:b1:2c:06:5a:bb:b2:27:
5a:e7:c3:38:29:77:c7:dd:a9:3c:04:b5:ff:26:f1:72:9b:d8:
38:f1:f9:15:96:d5:b5:4c:0a:e3:25:2b:7d:ba:ac:e9:4c:9f:
58:99:eb:23:bf:54:48:4f:f0:19:5d:19:bd:cb:8b:58:3c:93:
0c:f3:50:11:95:74:c5:be:59:d2:35:e3:48:c6:b3:9b:3b:13:
a0:36:3b:cc:f6:96:4f:f6:b0:72:ba:09:30:41:29:2c:15:48:
4f:c0:48:47:65:4d:6b:94:31:4a:38:f9:41:c9:aa:32:3b:7f:
13:f0:e2:01:70:77:eb:e8:23:fd:9e:03:79:cb:46:ce:30:ac:
b6:90:9f:a7:d6:ba:1d:44:72:c3:2a:34:33:65:7b:ba:f9:c5:
ce:21:e8:d6:c2:51:cf:25:61:94:a3:9f:cd:18:e8:2f:6f:d6:
87:1d:5c:61
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIcIhEvakIB9D5GsjRPWDfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOTMwMmQ1NDZlMDY4YzJmZDc2NzdkOWQ1MjAwYWRkMzZj
OGJjZDUwHhcNMjQwMTAyMDQzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2ZjZGM2NjI0ZWEyMTM2ZTRkMGQzZWM2ZTRlZDhmZDAzOWUyYTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBU2cIVipaezrIj/EM7iKWWKKcI9
ti2ezA+aenn+5iptYB2i7GE064exu3CgiUG7n3uizLk4FRFmPhP6UVjhU2EkY3E2
k+EfU2Xm/5AViG3SE+a8Lg6PRz2BpNNq9X+rO72SWJKMHzEdyodf+cUCeTPEEUIH
ah/27eI8lErD2Mz1yQnABIWacWZkIfAX2ukZSf0zOP+v5TmFUTy21TBVWCcI9VA4
pwWvkj2HbN/vAN4t6ZI5F1eo0Dl4M5XagYrNyAQ/pNYtgHCUM/NKMn8HSHBGR/id
idx2EjJY3iaSpYNXqUSm3lSYFm8QNbIMzTCZ+MNQ6hDmPDH18jy2+keljQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBP83GYk6iE25NDT7G5O2P0DniqdMB8GA1UdIwQY
MBaAFA2TAtVG4GjC/XZ32dUgCt02yLzVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFpNQzFVYmdhTUw5ZG5mWjFTQUszVGJJdk5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8wMTAxNjEtYjg0MC00NDk3LWFmYmUt
NGJlZjQzZDNmYjE3LzEvRV96Y1ppVHFJVGJrME5Qc2JrN1lfUU9lS3AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8wMTAxNjEtYjg0MC00NDk3LWFmYmUtNGJlZjQzZDNmYjE3
LzEvRFpNQzFVYmdhTUw5ZG5mWjFTQUszVGJJdk5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWHgMA0E
AgACMAcDBQMqBgjAMA0GCSqGSIb3DQEBCwUAA4IBAQBEw4d7j/oftSaXaFsSGLOV
AP0EdTfyIQnXIu7rVY04C0kDROpA6VXKRjTukwLRLgdzJtvm0rAxPblN8g726hT8
Yn+lp0JvuB0w4q1Jim27tKv5/7EsBlq7sida58M4KXfH3ak8BLX/JvFym9g48fkV
ltW1TArjJSt9uqzpTJ9Ymesjv1RIT/AZXRm9y4tYPJMM81ARlXTFvlnSNeNIxrOb
OxOgNjvM9pZP9rByugkwQSksFUhPwEhHZU1rlDFKOPlByaoyO38T8OIBcHfr6CP9
ngN5y0bOMKy2kJ+n1rodRHLDKjQzZXu6+cXOIejWwlHPJWGUo5/NGOgvb9aHHVxh
-----END CERTIFICATE-----
Generated at Wed Apr 24 17:56:42 2024 by rpki-client on console-fra.rpki-client.org