Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/05881c-2aa5-42e4-84b8-7ac3ca1f357d/1/rZ-MJaiAqSDX8uCZyAGUdvJOGfc.roa
File: rZ-MJaiAqSDX8uCZyAGUdvJOGfc.roa (raw, json)
Hash identifier: kEyiDOf+PzenVBzTdjDHTo/H9QfIEuaGtDqPhsAsXlY=
Subject key identifier: AD:9F:8C:25:A8:80:A9:20:D7:F2:E0:99:C8:01:94:76:F2:4E:19:F7
Certificate issuer: /CN=6e409def4a8a89ca88f57182c52ed6d70fb91976
Certificate serial: 01856CEF3F6E098D0D6CF8958380B6D2129D
Authority key identifier: 6E:40:9D:EF:4A:8A:89:CA:88:F5:71:82:C5:2E:D6:D7:0F:B9:19:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bkCd70qKicqI9XGCxS7W1w-5GXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/05881c-2aa5-42e4-84b8-7ac3ca1f357d/1/rZ-MJaiAqSDX8uCZyAGUdvJOGfc.roa
Signing time: Sun 01 Jan 2023 10:44:56 +0000
ROA not before: Sun 01 Jan 2023 10:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200697
IP address blocks: 192.166.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:3f:6e:09:8d:0d:6c:f8:95:83:80:b6:d2:12:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e409def4a8a89ca88f57182c52ed6d70fb91976
Validity
Not Before: Jan 1 10:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad9f8c25a880a920d7f2e099c8019476f24e19f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c8:e9:dc:cd:2f:27:28:da:86:2f:84:c5:54:
b2:25:58:02:14:3a:f2:ab:6c:f2:ea:50:80:f1:a0:
a7:42:90:e6:d3:61:e1:e6:61:2a:0d:76:01:eb:a8:
df:f3:8e:4e:1f:49:76:bf:71:88:62:12:67:42:19:
6d:a2:42:61:ba:6a:ef:31:e0:ac:9a:52:87:5c:55:
aa:06:fd:8a:65:bf:dd:f0:a9:c4:e4:13:20:92:da:
6a:b5:77:11:9b:d9:50:af:88:61:1b:bf:c6:e7:aa:
20:5c:d4:74:46:56:6d:3a:8f:16:4e:e4:cb:45:98:
96:26:8d:25:26:cb:f1:9f:83:06:23:2f:a6:b8:72:
d1:dd:fc:82:55:d2:a7:6d:f0:82:d4:c1:19:b0:74:
da:9e:be:f3:e1:81:f9:c7:42:5e:7a:7e:a5:a2:f4:
7c:9c:01:93:f9:4d:4a:15:21:e7:da:d5:27:fc:bb:
b1:0a:02:ef:0b:0c:80:80:dc:ed:23:17:44:9d:3b:
10:4c:4e:16:ee:c1:f2:b4:88:07:93:a3:5e:eb:61:
8e:d8:f0:73:91:3f:99:e1:5d:a9:70:71:22:20:e5:
aa:d2:f1:72:6d:34:e1:23:81:4c:b4:e0:5c:f2:a1:
23:6a:59:c2:e4:64:88:8f:97:db:21:b3:26:b4:75:
68:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:9F:8C:25:A8:80:A9:20:D7:F2:E0:99:C8:01:94:76:F2:4E:19:F7
X509v3 Authority Key Identifier:
keyid:6E:40:9D:EF:4A:8A:89:CA:88:F5:71:82:C5:2E:D6:D7:0F:B9:19:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bkCd70qKicqI9XGCxS7W1w-5GXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/05881c-2aa5-42e4-84b8-7ac3ca1f357d/1/rZ-MJaiAqSDX8uCZyAGUdvJOGfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/05881c-2aa5-42e4-84b8-7ac3ca1f357d/1/bkCd70qKicqI9XGCxS7W1w-5GXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.166.37.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:7f:36:69:57:25:e4:f0:53:d2:bd:86:48:29:bd:db:19:8f:
e6:8e:9e:b8:8b:f7:da:9b:65:7b:28:1d:0a:3a:f0:ab:3b:96:
71:fa:71:9c:9d:80:21:91:d8:c3:40:60:d7:8d:1b:3e:f0:e5:
bb:0a:67:c3:1d:ff:3f:85:c9:b7:05:07:2c:65:55:6c:9b:f0:
0e:55:23:e9:f8:ae:92:39:5f:95:f4:e6:27:8c:98:85:c6:9b:
03:f0:81:2b:2c:10:90:20:47:82:45:29:69:bc:ee:0e:10:1c:
e0:a6:8d:0c:e2:b6:19:4d:48:28:3d:af:82:b3:1e:27:37:da:
87:fa:c4:01:62:00:f9:4f:9a:ee:c4:4c:11:ac:8b:f7:71:35:
7a:05:8d:9f:08:60:19:3e:79:a6:d9:91:0f:26:1a:ae:9d:87:
01:01:83:54:4b:cb:98:ed:3b:0a:e4:ec:f2:e7:b9:50:bb:8d:
e1:f0:5a:34:ff:f0:aa:73:32:09:b4:8e:44:04:a6:06:3a:4c:
d4:13:92:3c:0e:63:fa:dc:bd:0d:5b:68:8c:2c:ab:b7:18:2e:
53:39:8f:09:92:6c:da:91:de:33:56:d6:d4:c8:5e:62:e8:85:
14:4d:8a:f3:a1:73:af:65:6a:50:63:a3:66:fe:bc:81:3a:42:
e7:c2:eb:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs7z9uCY0NbPiVg4C20hKdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNDA5ZGVmNGE4YTg5Y2E4OGY1NzE4MmM1MmVkNmQ3MGZi
OTE5NzYwHhcNMjMwMTAxMTA0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDlmOGMyNWE4ODBhOTIwZDdmMmUwOTljODAxOTQ3NmYyNGUxOWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0sjp3M0vJyjahi+ExVSyJVgCFDry
q2zy6lCA8aCnQpDm02Hh5mEqDXYB66jf845OH0l2v3GIYhJnQhltokJhumrvMeCs
mlKHXFWqBv2KZb/d8KnE5BMgktpqtXcRm9lQr4hhG7/G56ogXNR0RlZtOo8WTuTL
RZiWJo0lJsvxn4MGIy+muHLR3fyCVdKnbfCC1MEZsHTanr7z4YH5x0Jeen6lovR8
nAGT+U1KFSHn2tUn/LuxCgLvCwyAgNztIxdEnTsQTE4W7sHytIgHk6Ne62GO2PBz
kT+Z4V2pcHEiIOWq0vFybTThI4FMtOBc8qEjalnC5GSIj5fbIbMmtHVo6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK2fjCWogKkg1/LgmcgBlHbyThn3MB8GA1UdIwQY
MBaAFG5Ane9KionKiPVxgsUu1tcPuRl2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmtDZDcwcUtpY3FJOVhHQ3hTN1cxdy01R1hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8wNTg4MWMtMmFhNS00MmU0LTg0Yjgt
N2FjM2NhMWYzNTdkLzEvclotTUphaUFxU0RYOHVDWnlBR1VkdkpPR2ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8wNTg4MWMtMmFhNS00MmU0LTg0YjgtN2FjM2NhMWYzNTdk
LzEvYmtDZDcwcUtpY3FJOVhHQ3hTN1cxdy01R1hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwKYlMA0G
CSqGSIb3DQEBCwUAA4IBAQBdfzZpVyXk8FPSvYZIKb3bGY/mjp64i/fam2V7KB0K
OvCrO5Zx+nGcnYAhkdjDQGDXjRs+8OW7CmfDHf8/hcm3BQcsZVVsm/AOVSPp+K6S
OV+V9OYnjJiFxpsD8IErLBCQIEeCRSlpvO4OEBzgpo0M4rYZTUgoPa+Csx4nN9qH
+sQBYgD5T5ruxEwRrIv3cTV6BY2fCGAZPnmm2ZEPJhqunYcBAYNUS8uY7TsK5Ozy
57lQu43h8Fo0//CqczIJtI5EBKYGOkzUE5I8DmP63L0NW2iMLKu3GC5TOY8Jkmza
kd4zVtbUyF5i6IUUTYrzoXOvZWpQY6Nm/ryBOkLnwuvn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:04 2024 by rpki-client on console-fra.rpki-client.org