Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/ZW5dD0J9hisr7hAwW3kQ4SXiXRk.roa
File: ZW5dD0J9hisr7hAwW3kQ4SXiXRk.roa (raw, json)
Hash identifier: TAqDbsaVvI1HTKKr+uBzCs4BcrbToWv4h18rlSiPafg=
Subject key identifier: 65:6E:5D:0F:42:7D:86:2B:2B:EE:10:30:5B:79:10:E1:25:E2:5D:19
Certificate issuer: /CN=d5e85847cc44b86102270bbd768e4c3ceba1c988
Certificate serial: 018F7B9A5FED5908D8C6642F47EC54FADCF0
Authority key identifier: D5:E8:58:47:CC:44:B8:61:02:27:0B:BD:76:8E:4C:3C:EB:A1:C9:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ehYR8xEuGECJwu9do5MPOuhyYg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/ZW5dD0J9hisr7hAwW3kQ4SXiXRk.roa
Signing time: Wed 15 May 2024 09:34:25 +0000
ROA not before: Wed 15 May 2024 09:34:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208324
IP address blocks: 176.105.236.0/24 maxlen: 24
176.105.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 May 2024 16:19:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:7b:9a:5f:ed:59:08:d8:c6:64:2f:47:ec:54:fa:dc:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5e85847cc44b86102270bbd768e4c3ceba1c988
Validity
Not Before: May 15 09:34:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=656e5d0f427d862b2bee10305b7910e125e25d19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:49:49:62:e2:b9:2f:61:d5:1f:9d:bf:5f:6c:
d8:29:2a:61:1f:9d:3e:45:73:f2:eb:dd:79:c6:3e:
a6:31:e8:50:f5:78:cb:c8:de:c0:38:10:8d:9b:fe:
5e:78:0b:1f:07:14:a1:aa:45:01:c7:37:2d:c2:e4:
e6:89:9b:86:ca:d1:95:a8:97:39:4f:08:40:4a:38:
99:95:a9:63:01:c6:57:b6:c2:33:1b:0c:99:f8:d6:
a7:4a:fe:2c:95:60:3f:cb:ad:e5:a0:9c:98:e9:99:
fa:d2:f4:77:cf:b8:8a:45:51:43:c1:13:db:5d:11:
99:34:15:dd:07:a8:e0:07:e7:9d:af:d3:39:d9:81:
f7:ed:5d:84:07:9a:f0:48:27:36:41:8a:be:84:fe:
2d:df:a5:dc:13:83:06:2f:f8:f9:ba:63:15:58:18:
b7:3a:ee:62:6e:e2:3f:0c:60:7a:c2:c4:9e:df:05:
87:98:79:17:ce:54:ef:2c:c8:c5:8f:c9:47:fc:08:
d1:b2:eb:ef:1c:7a:23:2f:34:c9:60:0d:8a:14:84:
84:47:28:11:98:00:f5:4b:00:65:be:10:cc:bf:2e:
24:78:c7:63:b1:dc:1a:85:9e:49:58:c5:20:25:fb:
84:69:a7:89:96:89:54:48:72:c9:3a:62:11:aa:7b:
b2:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:6E:5D:0F:42:7D:86:2B:2B:EE:10:30:5B:79:10:E1:25:E2:5D:19
X509v3 Authority Key Identifier:
keyid:D5:E8:58:47:CC:44:B8:61:02:27:0B:BD:76:8E:4C:3C:EB:A1:C9:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ehYR8xEuGECJwu9do5MPOuhyYg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/ZW5dD0J9hisr7hAwW3kQ4SXiXRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.105.236.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:81:9e:d6:7d:fc:ff:87:71:1d:1f:d7:56:a5:0b:70:e4:07:
24:fe:bf:db:60:f6:5a:01:b9:7e:01:62:d2:f9:ca:9c:8b:0e:
a3:4c:aa:4a:6e:e2:66:eb:44:b6:6d:ff:e0:62:36:99:4f:6f:
81:95:f9:9b:b0:fa:7b:43:ee:54:8c:2f:fc:52:8f:17:5a:b4:
0a:ce:75:7a:1e:ad:7d:22:ec:ba:7b:71:d9:2b:9a:75:5c:87:
3e:cf:1e:54:22:5b:c4:12:88:81:45:5b:6c:cf:a0:61:b7:9f:
9d:d9:a1:15:00:aa:1c:40:4f:84:66:20:12:93:d6:81:a7:ef:
e7:15:80:6d:96:da:d1:de:13:89:a2:71:0a:3f:e3:bc:d8:83:
25:61:4d:82:96:ed:14:45:d8:54:7a:24:ca:fb:55:e8:71:1c:
98:0a:6c:f1:b6:11:b9:9d:53:b2:ed:e9:9a:91:83:64:36:b7:
d9:70:f8:c0:2e:af:8e:b0:87:01:77:1a:11:e3:fa:a8:14:36:
4b:f5:76:43:ed:93:e6:cd:3b:e5:b5:dc:62:3f:41:79:21:20:
04:e5:d9:92:5d:c6:a6:5a:c9:e7:c9:c8:16:16:36:ae:a0:22:
0e:4b:dd:d8:7e:45:b7:c8:46:d4:d1:5d:8e:b8:a2:12:9e:de:
7a:b9:fd:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY97ml/tWQjYxmQvR+xU+tzwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZTg1ODQ3Y2M0NGI4NjEwMjI3MGJiZDc2OGU0YzNjZWJh
MWM5ODgwHhcNMjQwNTE1MDkzNDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTZlNWQwZjQyN2Q4NjJiMmJlZTEwMzA1Yjc5MTBlMTI1ZTI1ZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqklJYuK5L2HVH52/X2zYKSphH50+
RXPy6915xj6mMehQ9XjLyN7AOBCNm/5eeAsfBxShqkUBxzctwuTmiZuGytGVqJc5
TwhASjiZlaljAcZXtsIzGwyZ+NanSv4slWA/y63loJyY6Zn60vR3z7iKRVFDwRPb
XRGZNBXdB6jgB+edr9M52YH37V2EB5rwSCc2QYq+hP4t36XcE4MGL/j5umMVWBi3
Ou5ibuI/DGB6wsSe3wWHmHkXzlTvLMjFj8lH/AjRsuvvHHojLzTJYA2KFISERygR
mAD1SwBlvhDMvy4keMdjsdwahZ5JWMUgJfuEaaeJlolUSHLJOmIRqnuy+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGVuXQ9CfYYrK+4QMFt5EOEl4l0ZMB8GA1UdIwQY
MBaAFNXoWEfMRLhhAicLvXaOTDzrocmIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWVoWVI4eEV1R0VDSnd1OWRvNU1QT3VoeVlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My84M2Y5NTYtZTE4ZC00NzM4LWJkNmEt
NzI5YzBmNDM0MTRkLzEvWlc1ZEQwSjloaXNyN2hBd1cza1E0U1hpWFJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My84M2Y5NTYtZTE4ZC00NzM4LWJkNmEtNzI5YzBmNDM0MTRk
LzEvMWVoWVI4eEV1R0VDSnd1OWRvNU1QT3VoeVlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsGnsMA0G
CSqGSIb3DQEBCwUAA4IBAQA9gZ7Wffz/h3EdH9dWpQtw5Ack/r/bYPZaAbl+AWLS
+cqciw6jTKpKbuJm60S2bf/gYjaZT2+BlfmbsPp7Q+5UjC/8Uo8XWrQKznV6Hq19
Iuy6e3HZK5p1XIc+zx5UIlvEEoiBRVtsz6Bht5+d2aEVAKocQE+EZiASk9aBp+/n
FYBtltrR3hOJonEKP+O82IMlYU2Clu0URdhUeiTK+1XocRyYCmzxthG5nVOy7ema
kYNkNrfZcPjALq+OsIcBdxoR4/qoFDZL9XZD7ZPmzTvltdxiP0F5ISAE5dmSXcam
WsnnycgWFjauoCIOS93YfkW3yEbU0V2OuKISnt56uf3F
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:57 2024 by rpki-client on console-ams.rpki-client.org