Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/dZYuVSB7iXzgzRWXb4a5VsmJpVI.roa
File: dZYuVSB7iXzgzRWXb4a5VsmJpVI.roa (raw, json)
Hash identifier: yBMAIVD7V1V98RSkhsPQEXCks+F7cG/2KifWtt/aq90=
Subject key identifier: 75:96:2E:55:20:7B:89:7C:E0:CD:15:97:6F:86:B9:56:C9:89:A5:52
Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Certificate serial: 0191D646A3C9475AADEF54F1D625C866D9B0
Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/dZYuVSB7iXzgzRWXb4a5VsmJpVI.roa
Signing time: Mon 09 Sep 2024 10:13:59 +0000
ROA not before: Mon 09 Sep 2024 10:13:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50053
IP address blocks: 185.23.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Sep 2024 12:37:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d6:46:a3:c9:47:5a:ad:ef:54:f1:d6:25:c8:66:d9:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Validity
Not Before: Sep 9 10:13:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75962e55207b897ce0cd15976f86b956c989a552
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a8:b8:7c:1e:27:74:af:7c:58:81:12:dd:87:
26:ed:6c:c4:12:a2:68:f4:e4:12:3e:6b:35:69:d7:
03:ee:09:18:6f:48:79:f6:2a:21:23:8e:75:59:94:
02:6d:fa:c6:10:08:fd:3e:86:4f:a1:64:36:ce:0f:
83:61:dc:0f:0e:83:5f:8a:cd:54:b9:85:c9:aa:82:
d4:11:78:f4:8c:f2:6b:d9:db:64:b2:e0:ba:fc:1c:
10:09:04:c0:72:be:90:64:38:be:d8:3c:d6:8a:07:
2d:7c:f4:60:ec:32:0e:63:e7:13:1a:5a:11:23:e2:
2d:4c:fd:65:c0:23:c4:be:4c:04:ff:8c:d2:1d:00:
c3:12:7b:96:70:73:ef:ba:19:6e:64:c7:20:06:b7:
39:a2:16:b3:e8:74:74:00:53:73:52:97:8c:ee:2e:
a8:03:8e:a7:1e:f1:4e:db:3a:32:fc:e0:96:cd:ab:
6f:26:a2:ce:0a:60:38:f5:cf:9c:f0:9a:f1:74:29:
d8:eb:9e:27:50:4e:c6:85:7a:2d:42:51:1c:be:ea:
60:c1:9b:4c:13:e6:e0:7e:6c:a2:f0:0d:9f:b5:bb:
14:19:01:a4:86:aa:b8:f3:c4:0b:e3:9c:aa:3f:4f:
6b:e9:9f:24:e8:9f:98:5d:82:5e:33:ec:da:35:f0:
20:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:96:2E:55:20:7B:89:7C:E0:CD:15:97:6F:86:B9:56:C9:89:A5:52
X509v3 Authority Key Identifier:
keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/dZYuVSB7iXzgzRWXb4a5VsmJpVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.238.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:33:5a:52:50:8a:37:32:aa:a9:84:ee:6f:97:a6:21:7f:70:
90:af:aa:88:21:d2:75:cc:5a:f6:64:5f:1b:6a:54:0e:e8:3b:
f9:d0:42:37:39:d0:9a:11:86:5b:47:09:dc:82:9d:af:2f:44:
07:98:96:f1:11:91:2b:49:a0:eb:96:34:5c:4a:82:54:38:98:
be:26:18:e6:50:41:14:a4:d2:65:20:80:68:19:b9:8a:8c:cf:
f2:30:59:31:dc:33:76:3a:25:bb:e0:74:d6:11:7f:09:61:9e:
35:11:bf:06:78:50:14:ea:76:d7:09:cc:b9:51:fc:d3:f9:f8:
7d:5b:39:a6:fb:ae:3d:68:48:51:c5:58:95:f6:0d:de:88:26:
e5:12:6e:7a:44:fa:1a:08:a6:b7:b0:85:32:7f:cb:89:ae:fa:
94:99:6f:34:2a:12:2e:0c:de:6f:16:7b:94:cf:69:42:01:f7:
a1:7b:00:2f:00:e3:84:9c:fe:6e:46:5e:59:1d:24:3d:b8:26:
33:a6:69:09:5c:ab:23:8b:e3:b7:6b:b5:d1:53:8e:67:f4:eb:
97:ec:0d:0e:b8:e7:34:a0:19:d9:ae:1c:fe:17:9f:05:ba:ab:
22:56:a6:cd:35:db:aa:5f:bb:de:db:88:78:06:55:78:39:bc:
b3:5f:ef:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHWRqPJR1qt71Tx1iXIZtmwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi
NzEzMmYwHhcNMjQwOTA5MTAxMzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTk2MmU1NTIwN2I4OTdjZTBjZDE1OTc2Zjg2Yjk1NmM5ODlhNTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Ki4fB4ndK98WIES3Ycm7WzEEqJo
9OQSPms1adcD7gkYb0h59iohI451WZQCbfrGEAj9PoZPoWQ2zg+DYdwPDoNfis1U
uYXJqoLUEXj0jPJr2dtksuC6/BwQCQTAcr6QZDi+2DzWigctfPRg7DIOY+cTGloR
I+ItTP1lwCPEvkwE/4zSHQDDEnuWcHPvuhluZMcgBrc5ohaz6HR0AFNzUpeM7i6o
A46nHvFO2zoy/OCWzatvJqLOCmA49c+c8JrxdCnY654nUE7GhXotQlEcvupgwZtM
E+bgfmyi8A2ftbsUGQGkhqq488QL45yqP09r6Z8k6J+YXYJeM+zaNfAgxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHWWLlUge4l84M0Vl2+GuVbJiaVSMB8GA1UdIwQY
MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt
ZGVlNzY4NjAwMTNkLzEvZFpZdVZTQjdpWHpnelJXWGI0YTVWc21KcFZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk
LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRfuMA0G
CSqGSIb3DQEBCwUAA4IBAQA8M1pSUIo3MqqphO5vl6Yhf3CQr6qIIdJ1zFr2ZF8b
alQO6Dv50EI3OdCaEYZbRwncgp2vL0QHmJbxEZErSaDrljRcSoJUOJi+JhjmUEEU
pNJlIIBoGbmKjM/yMFkx3DN2OiW74HTWEX8JYZ41Eb8GeFAU6nbXCcy5UfzT+fh9
Wzmm+649aEhRxViV9g3eiCblEm56RPoaCKa3sIUyf8uJrvqUmW80KhIuDN5vFnuU
z2lCAfehewAvAOOEnP5uRl5ZHSQ9uCYzpmkJXKsji+O3a7XRU45n9OuX7A0OuOc0
oBnZrhz+F58FuqsiVqbNNduqX7ve24h4BlV4ObyzX+8W
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:40:20 2025 by rpki-client