Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/db2912-89a9-4ee9-8229-a55f77b83e6b/1/zKQUNOwpMvY8jywDRxSJ3nqOIgc.roa
File: zKQUNOwpMvY8jywDRxSJ3nqOIgc.roa (raw, json)
Hash identifier: LaR2EWYeK1CqOikzyRXXW+tKv12f/qohNn0GRlL9u/k=
Subject key identifier: CC:A4:14:34:EC:29:32:F6:3C:8F:2C:03:47:14:89:DE:7A:8E:22:07
Certificate issuer: /CN=00ad6d83c8083729d7a9d8571d65ce97e058b821
Certificate serial: 018CC794B1D247E38657EA124D9967586BB3
Authority key identifier: 00:AD:6D:83:C8:08:37:29:D7:A9:D8:57:1D:65:CE:97:E0:58:B8:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK1tg8gINynXqdhXHWXOl-BYuCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/db2912-89a9-4ee9-8229-a55f77b83e6b/1/zKQUNOwpMvY8jywDRxSJ3nqOIgc.roa
Signing time: Tue 02 Jan 2024 00:31:00 +0000
ROA not before: Tue 02 Jan 2024 00:31:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15743
IP address blocks: 192.166.176.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 12 Jul 2024 11:19:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:b1:d2:47:e3:86:57:ea:12:4d:99:67:58:6b:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00ad6d83c8083729d7a9d8571d65ce97e058b821
Validity
Not Before: Jan 2 00:31:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cca41434ec2932f63c8f2c03471489de7a8e2207
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a1:66:43:2a:cb:48:dd:16:00:24:14:bf:b3:
a9:fe:ea:14:15:d5:4c:c6:9a:b2:7b:5b:ff:92:64:
6f:e4:e1:ab:8c:18:99:1e:a5:fe:4c:80:b8:40:33:
ee:0e:b1:b8:42:da:c0:40:83:55:39:d6:08:40:f1:
25:d9:b3:2d:3a:af:03:18:3d:64:90:39:4b:7c:06:
0d:d2:c2:3b:b9:38:60:e3:e6:f9:11:74:c3:3b:6c:
82:76:0f:4f:8a:e0:33:3d:c2:e0:4c:30:d8:bb:03:
70:41:4b:ad:f4:78:00:72:94:56:8a:92:96:05:37:
96:11:03:1d:e7:e3:85:56:8d:f2:73:55:03:f6:74:
51:cc:a2:29:3c:90:52:6e:06:17:5c:6d:e5:0d:8d:
83:6c:c6:ab:d4:66:2e:aa:52:12:29:91:92:9d:f7:
59:b4:a3:03:b2:b7:78:f1:b2:f5:e2:70:99:7f:4f:
49:84:d3:5b:8b:a6:2f:54:1b:ad:79:d1:ac:31:7c:
83:d6:7e:9f:ee:8a:bb:39:11:a6:bf:e8:50:98:23:
82:00:44:55:38:80:19:20:3d:81:61:c7:9a:e1:12:
50:d0:cb:0a:0f:7f:44:bb:96:2b:ad:02:57:66:89:
aa:2f:9e:59:c6:37:d9:77:2c:16:37:d4:24:27:05:
c1:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:A4:14:34:EC:29:32:F6:3C:8F:2C:03:47:14:89:DE:7A:8E:22:07
X509v3 Authority Key Identifier:
keyid:00:AD:6D:83:C8:08:37:29:D7:A9:D8:57:1D:65:CE:97:E0:58:B8:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK1tg8gINynXqdhXHWXOl-BYuCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/db2912-89a9-4ee9-8229-a55f77b83e6b/1/zKQUNOwpMvY8jywDRxSJ3nqOIgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/db2912-89a9-4ee9-8229-a55f77b83e6b/1/AK1tg8gINynXqdhXHWXOl-BYuCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.166.176.0/21
Signature Algorithm: sha256WithRSAEncryption
46:ef:67:cb:0f:3d:59:a8:5b:67:34:0d:ed:07:eb:4f:d1:18:
c4:ab:9f:7f:16:c4:e1:fb:e0:2c:dc:2a:28:e9:c1:04:23:f0:
ff:79:b8:bc:a3:31:39:5d:64:7a:34:fd:97:73:54:ca:1e:01:
af:ea:69:9b:06:18:d0:61:4e:91:75:01:d6:9d:ff:8c:9e:10:
5e:d0:bc:c7:21:9b:0f:0b:d2:9c:31:86:fd:70:69:fb:92:35:
5c:b2:8b:33:4a:75:88:05:38:18:9b:37:5c:30:8c:f9:de:e2:
5e:68:59:3a:02:7a:65:05:22:fd:2f:fb:d4:2b:7d:9c:91:fd:
5b:e6:61:c5:36:69:8e:16:79:09:9c:36:ce:b3:72:90:87:e9:
ad:97:c1:5b:38:d0:a5:3f:96:8c:f5:d9:27:bf:56:cf:12:6e:
3a:a7:34:9a:41:69:a3:85:46:ce:73:cf:ef:3c:18:bb:c8:c7:
54:1c:83:08:21:eb:b0:e9:77:f5:5f:23:15:a2:81:f1:1a:68:
26:a9:86:1f:08:ce:b8:3b:02:22:a0:cd:3d:79:69:85:75:9d:
78:47:1b:16:f5:06:db:49:6b:d2:52:c1:ad:d6:42:4f:cc:4f:
79:35:e4:13:45:fd:9f:e3:ac:cc:1a:ce:fe:83:87:23:28:58:
da:ca:8d:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlLHSR+OGV+oSTZlnWGuzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWQ2ZDgzYzgwODM3MjlkN2E5ZDg1NzFkNjVjZTk3ZTA1
OGI4MjEwHhcNMjQwMTAyMDAzMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2E0MTQzNGVjMjkzMmY2M2M4ZjJjMDM0NzE0ODlkZTdhOGUyMjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1aFmQyrLSN0WACQUv7Op/uoUFdVM
xpqye1v/kmRv5OGrjBiZHqX+TIC4QDPuDrG4QtrAQINVOdYIQPEl2bMtOq8DGD1k
kDlLfAYN0sI7uThg4+b5EXTDO2yCdg9PiuAzPcLgTDDYuwNwQUut9HgAcpRWipKW
BTeWEQMd5+OFVo3yc1UD9nRRzKIpPJBSbgYXXG3lDY2DbMar1GYuqlISKZGSnfdZ
tKMDsrd48bL14nCZf09JhNNbi6YvVButedGsMXyD1n6f7oq7ORGmv+hQmCOCAERV
OIAZID2BYcea4RJQ0MsKD39Eu5YrrQJXZomqL55ZxjfZdywWN9QkJwXBZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMykFDTsKTL2PI8sA0cUid56jiIHMB8GA1UdIwQY
MBaAFACtbYPICDcp16nYVx1lzpfgWLghMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUsxdGc4Z0lOeW5YcWRoWEhXWE9sLUJZdUNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kYjI5MTItODlhOS00ZWU5LTgyMjkt
YTU1Zjc3YjgzZTZiLzEvektRVU5Pd3BNdlk4anl3RFJ4U0ozbnFPSWdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kYjI5MTItODlhOS00ZWU5LTgyMjktYTU1Zjc3YjgzZTZi
LzEvQUsxdGc4Z0lOeW5YcWRoWEhXWE9sLUJZdUNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwKawMA0G
CSqGSIb3DQEBCwUAA4IBAQBG72fLDz1ZqFtnNA3tB+tP0RjEq59/FsTh++As3Coo
6cEEI/D/ebi8ozE5XWR6NP2Xc1TKHgGv6mmbBhjQYU6RdQHWnf+MnhBe0LzHIZsP
C9KcMYb9cGn7kjVcsoszSnWIBTgYmzdcMIz53uJeaFk6AnplBSL9L/vUK32ckf1b
5mHFNmmOFnkJnDbOs3KQh+mtl8FbONClP5aM9dknv1bPEm46pzSaQWmjhUbOc8/v
PBi7yMdUHIMIIeuw6Xf1XyMVooHxGmgmqYYfCM64OwIioM09eWmFdZ14RxsW9Qbb
SWvSUsGt1kJPzE95NeQTRf2f46zMGs7+g4cjKFjayo0S
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:23:28 2025 by rpki-client