Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/ZgXUA7Je0YPhpxscvR6ep6O7too.roa
File: ZgXUA7Je0YPhpxscvR6ep6O7too.roa (raw, json)
Hash identifier: mW20V5scVLAlssLGub5mPchN8rHY+kDfP32eMKxshoE=
Subject key identifier: 66:05:D4:03:B2:5E:D1:83:E1:A7:1B:1C:BD:1E:9E:A7:A3:BB:B6:8A
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0186EB91D2B618D22E1E726504F09CD2DAA0
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/ZgXUA7Je0YPhpxscvR6ep6O7too.roa
Signing time: Thu 16 Mar 2023 17:57:27 +0000
ROA not before: Thu 16 Mar 2023 17:57:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212097
IP address blocks: 178.19.39.0/24 maxlen: 24
185.28.49.0/24 maxlen: 24
185.28.50.0/24 maxlen: 24
185.227.102.0/24 maxlen: 24
178.19.36.0/22 maxlen: 22
178.19.36.0/24 maxlen: 24
178.19.37.0/24 maxlen: 24
178.19.38.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:eb:91:d2:b6:18:d2:2e:1e:72:65:04:f0:9c:d2:da:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Mar 16 17:57:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6605d403b25ed183e1a71b1cbd1e9ea7a3bbb68a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:91:80:2d:84:f2:ef:19:23:b8:d5:f5:c8:43:
e8:dd:b3:33:57:11:42:8d:6e:5b:ab:a8:a0:af:4b:
89:ff:08:a9:1f:17:ee:ba:c6:3b:c1:be:b8:db:ae:
c5:b5:54:32:a4:a8:be:3c:9f:49:b1:23:12:92:5d:
ea:26:a4:f7:a3:81:bb:9f:46:46:39:78:9f:06:6e:
ff:97:c4:58:38:42:21:6a:e5:73:64:d0:e9:39:f1:
28:79:8a:ff:b8:db:af:83:8a:40:01:86:f4:67:ed:
a5:ee:d4:10:03:e6:88:51:95:b2:e7:46:93:95:25:
5e:3c:82:90:65:83:81:8d:52:21:54:c3:4e:df:95:
7e:03:28:70:fe:bc:35:a8:61:ce:77:b8:f4:9c:8e:
c2:54:4e:b3:93:95:ed:ed:ae:da:ba:1c:bf:7a:06:
f6:6d:33:4d:28:cc:e8:8f:3c:7d:dd:f2:26:de:34:
c6:7f:f8:b3:0d:39:79:33:8a:c7:64:fd:d7:74:a5:
78:79:65:01:58:ba:1e:e7:a0:a1:9d:68:1a:58:5c:
ed:74:0f:06:1e:a6:73:77:f8:03:f9:ae:e7:ed:f7:
9a:db:08:f6:53:8a:7a:a5:58:e5:29:84:d1:30:72:
82:5a:a8:fa:eb:37:7e:87:ef:20:af:c0:05:9b:f4:
da:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:05:D4:03:B2:5E:D1:83:E1:A7:1B:1C:BD:1E:9E:A7:A3:BB:B6:8A
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/ZgXUA7Je0YPhpxscvR6ep6O7too.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.19.36.0/22
185.28.49.0-185.28.50.255
185.227.102.0/24
Signature Algorithm: sha256WithRSAEncryption
81:16:49:b2:bd:f3:a4:d0:24:82:d4:c5:f5:6f:65:70:3a:9f:
7c:1e:6c:9a:88:d0:84:76:d4:b1:92:e4:11:47:dc:6b:eb:be:
32:47:6b:fd:87:2a:71:f4:6c:be:16:43:86:62:12:de:33:50:
0b:46:6c:21:88:0a:ba:bb:02:32:52:8a:dc:86:19:a1:9b:5e:
42:4c:de:e2:73:63:b2:1f:5e:4d:f3:7e:e6:fa:8f:15:ce:f0:
1b:e2:fe:94:75:21:82:2f:eb:9e:81:44:1c:b7:62:0d:c5:06:
0f:94:f2:0a:ca:17:12:03:3c:e3:19:6c:d4:b3:cb:4a:56:a1:
16:11:4d:73:f6:17:e7:a9:ea:b7:44:45:ce:e7:6c:b5:04:3f:
04:7f:fc:e4:d2:8e:97:c1:ec:6d:d2:f0:69:d9:30:05:fb:98:
12:48:e5:79:3c:71:cc:4b:c7:b6:d6:30:1f:cb:a5:b9:06:cd:
32:e8:f6:7a:22:1e:54:14:49:37:f0:f6:7d:ff:70:26:8e:6b:
c7:1f:79:12:de:96:15:8a:75:20:60:8a:b8:1d:e2:f5:7b:df:
d1:4d:17:63:75:2c:5e:61:d6:10:e7:9c:3f:17:7f:be:59:9c:
d9:8f:3d:40:c3:0f:58:99:fc:d2:ce:e2:45:16:ed:09:6c:e2:
2a:bf:80:95
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYbrkdK2GNIuHnJlBPCc0tqgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwMzE2MTc1NzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjA1ZDQwM2IyNWVkMTgzZTFhNzFiMWNiZDFlOWVhN2EzYmJiNjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5GALYTy7xkjuNX1yEPo3bMzVxFC
jW5bq6igr0uJ/wipHxfuusY7wb64267FtVQypKi+PJ9JsSMSkl3qJqT3o4G7n0ZG
OXifBm7/l8RYOEIhauVzZNDpOfEoeYr/uNuvg4pAAYb0Z+2l7tQQA+aIUZWy50aT
lSVePIKQZYOBjVIhVMNO35V+Ayhw/rw1qGHOd7j0nI7CVE6zk5Xt7a7auhy/egb2
bTNNKMzojzx93fIm3jTGf/izDTl5M4rHZP3XdKV4eWUBWLoe56ChnWgaWFztdA8G
HqZzd/gD+a7n7fea2wj2U4p6pVjlKYTRMHKCWqj66zd+h+8gr8AFm/TaKQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGYF1AOyXtGD4acbHL0enqeju7aKMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvWmdYVUE3SmUwWVBocHhzY3ZSNmVwNk83dG9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCshMkMAwD
BAC5HDEDBAC5HDIDBAC542YwDQYJKoZIhvcNAQELBQADggEBAIEWSbK986TQJILU
xfVvZXA6n3webJqI0IR21LGS5BFH3GvrvjJHa/2HKnH0bL4WQ4ZiEt4zUAtGbCGI
Crq7AjJSityGGaGbXkJM3uJzY7IfXk3zfub6jxXO8Bvi/pR1IYIv656BRBy3Yg3F
Bg+U8grKFxIDPOMZbNSzy0pWoRYRTXP2F+ep6rdERc7nbLUEPwR//OTSjpfB7G3S
8GnZMAX7mBJI5Xk8ccxLx7bWMB/LpbkGzTLo9noiHlQUSTfw9n3/cCaOa8cfeRLe
lhWKdSBgirgd4vV739FNF2N1LF5h1hDnnD8Xf75ZnNmPPUDDD1iZ/NLO4kUW7Qls
4iq/gJU=
-----END CERTIFICATE-----