Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/510e8f-967f-4137-b4e6-cc75797518a0/1/ZREKvai1vE7XPY5uKX_JAWoL45g.roa
File: ZREKvai1vE7XPY5uKX_JAWoL45g.roa (raw, json)
Hash identifier: dExRJfx898ASyM2l+4kNVhLdSTbrzF3AyffmxIVM1Eo=
Subject key identifier: 65:11:0A:BD:A8:B5:BC:4E:D7:3D:8E:6E:29:7F:C9:01:6A:0B:E3:98
Certificate issuer: /CN=33ba6c0bcca16c685dc7b9b27f199b42b4beeee9
Certificate serial: 018CC56E65EC21DE7426255048443E68F60A
Authority key identifier: 33:BA:6C:0B:CC:A1:6C:68:5D:C7:B9:B2:7F:19:9B:42:B4:BE:EE:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M7psC8yhbGhdx7myfxmbQrS-7uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/510e8f-967f-4137-b4e6-cc75797518a0/1/ZREKvai1vE7XPY5uKX_JAWoL45g.roa
Signing time: Mon 01 Jan 2024 14:29:55 +0000
ROA not before: Mon 01 Jan 2024 14:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35175
IP address blocks: 193.143.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:65:ec:21:de:74:26:25:50:48:44:3e:68:f6:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33ba6c0bcca16c685dc7b9b27f199b42b4beeee9
Validity
Not Before: Jan 1 14:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65110abda8b5bc4ed73d8e6e297fc9016a0be398
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:31:b7:bb:ca:50:6b:57:20:55:95:e7:1e:89:
9a:48:63:80:06:c1:3b:da:1b:a9:26:cd:78:a6:e0:
83:63:35:2b:1c:94:4f:f0:25:cf:7f:48:d3:6e:5d:
ae:66:e8:8a:05:2a:12:ef:65:63:b4:a5:a5:2e:20:
c1:14:99:d8:ee:b0:c3:d3:30:6f:10:55:f2:ef:20:
a4:0f:bc:3a:e0:9b:f7:ce:66:4f:3c:7e:5d:79:19:
b0:0b:29:74:44:10:32:4b:8b:25:77:12:70:5d:20:
56:5d:58:d6:3b:7c:14:d6:ff:e4:d4:50:fd:82:79:
e8:59:57:8e:db:ed:5c:80:b9:de:74:35:1f:f0:0a:
77:91:5d:e6:05:1b:c5:8d:f7:4a:56:01:e2:85:76:
d8:3d:c9:37:a3:f7:d5:2c:3b:a2:17:2c:bf:24:b1:
07:8f:17:37:5a:6d:22:76:c0:a2:38:26:4a:6e:dd:
b6:90:7f:ef:7c:47:64:a6:ab:03:30:a4:0d:a0:02:
16:93:6d:d7:dc:d7:66:56:44:15:9e:95:dd:93:9b:
e9:e8:9b:c1:18:3d:bd:9c:14:cc:8a:f6:1f:39:97:
1b:17:45:7f:48:10:b0:4c:00:bd:4e:1c:84:c7:e3:
08:71:cc:d0:ab:67:4d:ea:bf:dc:6a:b8:aa:23:1e:
7d:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:11:0A:BD:A8:B5:BC:4E:D7:3D:8E:6E:29:7F:C9:01:6A:0B:E3:98
X509v3 Authority Key Identifier:
keyid:33:BA:6C:0B:CC:A1:6C:68:5D:C7:B9:B2:7F:19:9B:42:B4:BE:EE:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M7psC8yhbGhdx7myfxmbQrS-7uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/510e8f-967f-4137-b4e6-cc75797518a0/1/ZREKvai1vE7XPY5uKX_JAWoL45g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/510e8f-967f-4137-b4e6-cc75797518a0/1/M7psC8yhbGhdx7myfxmbQrS-7uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.143.74.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:3d:7e:72:db:2a:b7:80:02:ba:e1:a9:fd:c4:bd:b1:17:17:
37:cf:44:49:ff:ff:5a:fa:e5:45:88:ba:4d:7f:d2:d5:37:a1:
7b:dc:ce:c5:35:8d:52:29:58:09:b8:fa:3c:5c:e0:9a:5f:f8:
4a:99:f5:a2:04:b2:58:65:a8:36:72:7e:e7:6c:bf:35:f6:18:
a1:22:9e:d1:cb:ab:0c:69:2f:af:21:7f:08:9d:46:eb:f4:b7:
7f:6a:89:d0:c4:ba:da:d0:34:f4:c6:a8:0a:02:b1:39:4a:31:
a7:43:f3:68:25:1b:ca:e9:fd:16:22:13:f2:fe:85:e9:6a:5d:
3a:64:f1:fe:0c:b9:0b:fe:6e:e6:20:e7:fa:94:c2:e5:32:32:
1b:9f:89:cb:9d:e8:25:59:64:41:90:df:ae:8b:ea:31:1b:d9:
2f:6a:db:b0:87:d8:3a:5a:ec:06:57:e9:09:34:06:91:91:4a:
05:d6:a6:19:3c:44:91:22:2b:d4:0f:3f:ce:4c:37:7f:cc:8d:
0b:dc:47:69:66:37:89:d6:e1:66:37:53:2f:36:0d:19:b3:94:
d2:11:72:4b:62:4b:7b:14:73:85:da:31:51:d3:c8:88:98:66:
68:06:07:bd:e2:f4:f3:fd:21:28:09:00:01:2e:5f:14:18:0d:
96:0f:0b:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbmXsId50JiVQSEQ+aPYKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYmE2YzBiY2NhMTZjNjg1ZGM3YjliMjdmMTk5YjQyYjRi
ZWVlZTkwHhcNMjQwMTAxMTQyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTExMGFiZGE4YjViYzRlZDczZDhlNmUyOTdmYzkwMTZhMGJlMzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTG3u8pQa1cgVZXnHomaSGOABsE7
2hupJs14puCDYzUrHJRP8CXPf0jTbl2uZuiKBSoS72VjtKWlLiDBFJnY7rDD0zBv
EFXy7yCkD7w64Jv3zmZPPH5deRmwCyl0RBAyS4sldxJwXSBWXVjWO3wU1v/k1FD9
gnnoWVeO2+1cgLnedDUf8Ap3kV3mBRvFjfdKVgHihXbYPck3o/fVLDuiFyy/JLEH
jxc3Wm0idsCiOCZKbt22kH/vfEdkpqsDMKQNoAIWk23X3NdmVkQVnpXdk5vp6JvB
GD29nBTMivYfOZcbF0V/SBCwTAC9ThyEx+MIcczQq2dN6r/cariqIx59SQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGURCr2otbxO1z2Obil/yQFqC+OYMB8GA1UdIwQY
MBaAFDO6bAvMoWxoXce5sn8Zm0K0vu7pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTdwc0M4eWhiR2hkeDdteWZ4bWJRclMtN3VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi81MTBlOGYtOTY3Zi00MTM3LWI0ZTYt
Y2M3NTc5NzUxOGEwLzEvWlJFS3ZhaTF2RTdYUFk1dUtYX0pBV29MNDVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi81MTBlOGYtOTY3Zi00MTM3LWI0ZTYtY2M3NTc5NzUxOGEw
LzEvTTdwc0M4eWhiR2hkeDdteWZ4bWJRclMtN3VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwY9KMA0G
CSqGSIb3DQEBCwUAA4IBAQCnPX5y2yq3gAK64an9xL2xFxc3z0RJ//9a+uVFiLpN
f9LVN6F73M7FNY1SKVgJuPo8XOCaX/hKmfWiBLJYZag2cn7nbL819hihIp7Ry6sM
aS+vIX8InUbr9Ld/aonQxLra0DT0xqgKArE5SjGnQ/NoJRvK6f0WIhPy/oXpal06
ZPH+DLkL/m7mIOf6lMLlMjIbn4nLneglWWRBkN+ui+oxG9kvatuwh9g6WuwGV+kJ
NAaRkUoF1qYZPESRIivUDz/OTDd/zI0L3EdpZjeJ1uFmN1MvNg0Zs5TSEXJLYkt7
FHOF2jFR08iImGZoBge94vTz/SEoCQABLl8UGA2WDwtE
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:08 2025 by rpki-client