Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/f2da78-2d98-4081-9d67-43bf655f3365/1/zQbng0C92EiiK6VfScCiY0yEQT4.roa
File: zQbng0C92EiiK6VfScCiY0yEQT4.roa (raw, json)
Hash identifier: 7SJSSgSsDsQMU0aWa6FaRAMQyzaDM8VaNcSiQvsImxA=
Subject key identifier: CD:06:E7:83:40:BD:D8:48:A2:2B:A5:5F:49:C0:A2:63:4C:84:41:3E
Certificate issuer: /CN=21077355df11cdbf992f90d67eaab9109ab8ebf3
Certificate serial: 018CC56DF8EA625E19DF6CC2376B85391AE5
Authority key identifier: 21:07:73:55:DF:11:CD:BF:99:2F:90:D6:7E:AA:B9:10:9A:B8:EB:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQdzVd8Rzb-ZL5DWfqq5EJq46_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/f2da78-2d98-4081-9d67-43bf655f3365/1/zQbng0C92EiiK6VfScCiY0yEQT4.roa
Signing time: Mon 01 Jan 2024 14:29:27 +0000
ROA not before: Mon 01 Jan 2024 14:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60205
IP address blocks: 185.25.47.254/31 maxlen: 31
185.25.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 May 2024 07:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:f8:ea:62:5e:19:df:6c:c2:37:6b:85:39:1a:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21077355df11cdbf992f90d67eaab9109ab8ebf3
Validity
Not Before: Jan 1 14:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd06e78340bdd848a22ba55f49c0a2634c84413e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e0:7b:37:22:2f:b5:01:5b:2f:72:6a:2c:24:
47:05:f3:cd:ea:24:e6:2f:b7:42:39:60:07:6c:85:
21:64:2a:a4:0f:64:40:94:fc:89:f5:c4:3d:78:c0:
76:af:74:3d:f8:a5:31:19:be:95:78:77:f5:7a:fd:
55:46:40:44:d4:9d:78:b5:30:2a:61:06:e7:67:d0:
f3:52:24:f4:24:37:06:8e:0d:1e:e6:ed:d1:29:32:
f7:03:af:53:11:67:f1:33:42:71:44:b6:67:0f:df:
a0:af:15:5b:75:2e:6c:d9:3e:3d:04:9b:cf:86:2c:
8e:fe:3d:cb:b2:c0:6f:14:59:0b:aa:99:0e:a1:85:
94:af:9c:a9:73:23:85:ad:77:fb:fd:e8:73:2f:9e:
d3:07:92:ff:ab:46:f5:53:9b:ad:7f:f5:1e:14:90:
3a:34:00:c0:dd:e6:44:02:80:18:6a:f1:b6:92:cf:
ce:83:3c:e6:08:b0:49:90:78:9b:7d:c0:68:c1:cb:
73:bc:de:40:c8:d1:f8:dd:5b:25:bf:fb:27:b7:25:
f3:7e:a7:a7:2a:70:46:75:a2:2e:88:78:3d:c7:fd:
9a:97:e3:3d:d7:ab:af:d1:3e:ed:46:b2:92:a8:40:
7b:d5:99:d1:f9:39:73:75:b6:96:c6:14:6b:55:7c:
62:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:06:E7:83:40:BD:D8:48:A2:2B:A5:5F:49:C0:A2:63:4C:84:41:3E
X509v3 Authority Key Identifier:
keyid:21:07:73:55:DF:11:CD:BF:99:2F:90:D6:7E:AA:B9:10:9A:B8:EB:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQdzVd8Rzb-ZL5DWfqq5EJq46_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/f2da78-2d98-4081-9d67-43bf655f3365/1/zQbng0C92EiiK6VfScCiY0yEQT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/f2da78-2d98-4081-9d67-43bf655f3365/1/IQdzVd8Rzb-ZL5DWfqq5EJq46_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.47.0/24
Signature Algorithm: sha256WithRSAEncryption
00:e7:10:c4:f6:10:c7:7c:28:86:e0:94:78:90:2d:55:2a:21:
b6:5c:e5:70:e4:1e:f5:dd:77:9f:cc:fa:8d:02:53:c1:53:9f:
0d:bf:2f:6b:6e:6c:f2:6c:64:d6:3a:12:63:d5:f7:0b:85:8a:
9a:56:85:5a:39:57:2b:f0:4a:68:38:3a:6a:56:c0:37:0e:b7:
6a:3f:fa:6e:f9:18:52:8d:6c:cb:d6:b3:6f:e7:62:7a:01:27:
a9:98:79:00:c1:71:fe:e9:3d:17:3d:4d:61:2a:e6:73:72:e7:
71:86:5c:e7:ee:88:29:c0:f3:19:fa:74:b2:5c:ae:8c:7c:56:
a1:f5:00:51:ee:b1:61:b8:86:7f:77:08:b1:26:a3:7b:3c:40:
d2:48:ee:74:3c:d5:e7:43:d8:93:8b:20:39:22:2b:4d:c1:5d:
ae:62:aa:38:cb:bc:4c:9b:a1:d7:aa:9a:ba:e8:d8:a8:66:1b:
36:4b:4c:6f:a6:dd:e2:1d:aa:8f:44:c4:6c:b6:f2:66:57:1b:
86:78:c9:3b:bf:b1:cd:d1:c5:db:7b:88:6c:b9:12:ab:b4:c4:
69:e6:6b:b9:0f:f6:cc:54:72:09:65:1d:ab:04:b2:3d:12:87:
2a:a9:f5:50:b2:b4:38:ce:89:ed:43:68:c5:65:8b:d7:96:c5:
86:c5:8a:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbfjqYl4Z32zCN2uFORrlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDc3MzU1ZGYxMWNkYmY5OTJmOTBkNjdlYWFiOTEwOWFi
OGViZjMwHhcNMjQwMTAxMTQyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDA2ZTc4MzQwYmRkODQ4YTIyYmE1NWY0OWMwYTI2MzRjODQ0MTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+B7NyIvtQFbL3JqLCRHBfPN6iTm
L7dCOWAHbIUhZCqkD2RAlPyJ9cQ9eMB2r3Q9+KUxGb6VeHf1ev1VRkBE1J14tTAq
YQbnZ9DzUiT0JDcGjg0e5u3RKTL3A69TEWfxM0JxRLZnD9+grxVbdS5s2T49BJvP
hiyO/j3LssBvFFkLqpkOoYWUr5ypcyOFrXf7/ehzL57TB5L/q0b1U5utf/UeFJA6
NADA3eZEAoAYavG2ks/OgzzmCLBJkHibfcBowctzvN5AyNH43Vslv/sntyXzfqen
KnBGdaIuiHg9x/2al+M916uv0T7tRrKSqEB71ZnR+TlzdbaWxhRrVXxiEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM0G54NAvdhIoiulX0nAomNMhEE+MB8GA1UdIwQY
MBaAFCEHc1XfEc2/mS+Q1n6quRCauOvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFkelZkOFJ6Yi1aTDVEV2ZxcTVFSnE0Nl9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9mMmRhNzgtMmQ5OC00MDgxLTlkNjct
NDNiZjY1NWYzMzY1LzEvelFibmcwQzkyRWlpSzZWZlNjQ2lZMHlFUVQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9mMmRhNzgtMmQ5OC00MDgxLTlkNjctNDNiZjY1NWYzMzY1
LzEvSVFkelZkOFJ6Yi1aTDVEV2ZxcTVFSnE0Nl9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRkvMA0G
CSqGSIb3DQEBCwUAA4IBAQAA5xDE9hDHfCiG4JR4kC1VKiG2XOVw5B713XefzPqN
AlPBU58Nvy9rbmzybGTWOhJj1fcLhYqaVoVaOVcr8EpoODpqVsA3DrdqP/pu+RhS
jWzL1rNv52J6ASepmHkAwXH+6T0XPU1hKuZzcudxhlzn7ogpwPMZ+nSyXK6MfFah
9QBR7rFhuIZ/dwixJqN7PEDSSO50PNXnQ9iTiyA5IitNwV2uYqo4y7xMm6HXqpq6
6NioZhs2S0xvpt3iHaqPRMRstvJmVxuGeMk7v7HN0cXbe4hsuRKrtMRp5mu5D/bM
VHIJZR2rBLI9EocqqfVQsrQ4zontQ2jFZYvXlsWGxYqy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:49 2024 by rpki-client on console-fra.rpki-client.org