Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/ZgitG33YB8vO-PZROjehrc4QS7g.roa
File: ZgitG33YB8vO-PZROjehrc4QS7g.roa (raw, json)
Hash identifier: ZEM9u9k0KnbLitSd1NlhB5kBtt4Vxg+9vykUmxiMW10=
Subject key identifier: 66:08:AD:1B:7D:D8:07:CB:CE:F8:F6:51:3A:37:A1:AD:CE:10:4B:B8
Certificate issuer: /CN=fc282a794b3f7ab4cd6feb6c5fd6b3d256afc461
Certificate serial: 0186C0C1A25F31AB7768A4505937FF12AAF1
Authority key identifier: FC:28:2A:79:4B:3F:7A:B4:CD:6F:EB:6C:5F:D6:B3:D2:56:AF:C4:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_CgqeUs_erTNb-tsX9az0lavxGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/ZgitG33YB8vO-PZROjehrc4QS7g.roa
Signing time: Wed 08 Mar 2023 10:26:00 +0000
ROA not before: Wed 08 Mar 2023 10:26:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 185.144.236.0/22 maxlen: 24
2a07:4407::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c0:c1:a2:5f:31:ab:77:68:a4:50:59:37:ff:12:aa:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc282a794b3f7ab4cd6feb6c5fd6b3d256afc461
Validity
Not Before: Mar 8 10:26:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6608ad1b7dd807cbcef8f6513a37a1adce104bb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:fe:f4:70:d0:48:f1:5f:dc:1b:0e:fd:75:50:
b9:b2:e8:93:51:80:5b:0e:bc:78:66:ff:16:31:7a:
65:01:ee:2e:f5:d4:58:4e:fe:a4:33:ed:61:02:88:
2f:a4:b7:43:ab:86:bf:8b:f1:e7:7f:02:63:b9:a2:
a4:9c:53:10:68:57:0c:5d:1c:d6:95:ea:40:b6:e4:
55:c6:99:07:97:d0:86:5c:56:d9:94:07:08:d9:9c:
4d:b1:4c:0f:c0:32:a6:12:25:fd:0e:2f:7c:25:cd:
7e:95:ac:b8:71:ea:40:2b:c6:1c:d2:dc:3c:a3:17:
0c:b1:75:c6:bd:20:c1:14:95:c5:18:53:85:df:59:
c6:6b:ac:47:56:2d:68:61:3a:4f:de:fd:c3:7e:95:
a7:5b:7f:6e:10:6e:8b:cd:87:f3:bc:59:3c:3c:47:
ad:4a:8b:28:0c:29:01:b2:10:a9:3a:fc:d0:83:81:
1e:38:40:3c:9b:66:6a:0f:e9:18:f9:25:1e:17:b4:
0e:54:d2:40:ea:b7:68:da:44:f0:98:a7:68:54:0f:
f5:a0:0d:3c:b3:5b:f2:5e:d2:1d:89:d2:2e:ca:2c:
e7:3e:15:16:a1:0f:5b:b1:45:25:f5:56:d4:e3:1f:
8c:e9:4e:39:3e:f5:8c:44:f4:0d:dc:5a:bc:24:31:
3e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:08:AD:1B:7D:D8:07:CB:CE:F8:F6:51:3A:37:A1:AD:CE:10:4B:B8
X509v3 Authority Key Identifier:
keyid:FC:28:2A:79:4B:3F:7A:B4:CD:6F:EB:6C:5F:D6:B3:D2:56:AF:C4:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_CgqeUs_erTNb-tsX9az0lavxGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/ZgitG33YB8vO-PZROjehrc4QS7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/_CgqeUs_erTNb-tsX9az0lavxGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.236.0/22
IPv6:
2a07:4407::/32
Signature Algorithm: sha256WithRSAEncryption
66:44:7f:27:e6:97:e7:d3:52:40:bb:64:04:cc:8d:95:ea:be:
f7:0a:8f:1d:0f:c3:55:7c:2a:b7:f1:5a:0e:57:2d:a3:2a:79:
25:58:56:98:ea:80:b0:4f:da:12:5f:40:63:4c:69:7d:d3:80:
de:8b:98:d5:78:60:f9:9d:34:c4:9e:c1:6d:8b:86:05:4e:cd:
50:66:e2:10:38:96:e9:a1:23:ec:11:fa:a6:b7:9a:01:33:b7:
9f:5a:aa:30:39:c3:c1:08:58:8e:a3:20:44:c7:60:dd:9a:9d:
e9:f2:df:63:a1:d4:65:e5:8c:c9:2b:d7:7a:d9:53:72:af:e9:
56:23:6b:ff:9c:14:9b:99:3b:e2:d9:7b:c1:5f:69:71:7f:54:
dd:bd:09:90:7b:6d:c6:98:30:10:79:5a:56:d4:ae:bc:6a:a9:
b1:35:5f:83:08:65:ee:de:65:7d:5e:d2:ed:b3:08:6d:20:59:
1f:fb:4c:b5:ea:78:e3:f8:08:d0:63:61:7c:7e:2e:16:f8:a6:
21:39:35:a1:28:96:e3:6b:80:6f:51:1c:80:e5:d1:e6:15:0d:
1c:44:29:12:97:2c:8d:cb:2c:8f:0e:18:40:3c:37:7e:5a:c1:
76:17:1d:71:e0:b5:ae:68:af:23:13:d9:72:45:af:7d:66:c6:
80:78:e2:be
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYbAwaJfMat3aKRQWTf/EqrxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMjgyYTc5NGIzZjdhYjRjZDZmZWI2YzVmZDZiM2QyNTZh
ZmM0NjEwHhcNMjMwMzA4MTAyNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjA4YWQxYjdkZDgwN2NiY2VmOGY2NTEzYTM3YTFhZGNlMTA0YmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmf70cNBI8V/cGw79dVC5suiTUYBb
Drx4Zv8WMXplAe4u9dRYTv6kM+1hAogvpLdDq4a/i/HnfwJjuaKknFMQaFcMXRzW
lepAtuRVxpkHl9CGXFbZlAcI2ZxNsUwPwDKmEiX9Di98Jc1+lay4cepAK8Yc0tw8
oxcMsXXGvSDBFJXFGFOF31nGa6xHVi1oYTpP3v3DfpWnW39uEG6LzYfzvFk8PEet
SosoDCkBshCpOvzQg4EeOEA8m2ZqD+kY+SUeF7QOVNJA6rdo2kTwmKdoVA/1oA08
s1vyXtIdidIuyiznPhUWoQ9bsUUl9VbU4x+M6U45PvWMRPQN3Fq8JDE+CwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGYIrRt92AfLzvj2UTo3oa3OEEu4MB8GA1UdIwQY
MBaAFPwoKnlLP3q0zW/rbF/Ws9JWr8RhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0NncWVVc19lclROYi10c1g5YXowbGF2eEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9lNDg1ZTEtYTY1Zi00M2Q0LWI1NzIt
ZDMzMjZjNTliY2QyLzEvWmdpdEczM1lCOHZPLVBaUk9qZWhyYzRRUzdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9lNDg1ZTEtYTY1Zi00M2Q0LWI1NzItZDMzMjZjNTliY2Qy
LzEvX0NncWVVc19lclROYi10c1g5YXowbGF2eEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZDsMA0E
AgACMAcDBQAqB0QHMA0GCSqGSIb3DQEBCwUAA4IBAQBmRH8n5pfn01JAu2QEzI2V
6r73Co8dD8NVfCq38VoOVy2jKnklWFaY6oCwT9oSX0BjTGl904Dei5jVeGD5nTTE
nsFti4YFTs1QZuIQOJbpoSPsEfqmt5oBM7efWqowOcPBCFiOoyBEx2Ddmp3p8t9j
odRl5YzJK9d62VNyr+lWI2v/nBSbmTvi2XvBX2lxf1TdvQmQe23GmDAQeVpW1K68
aqmxNV+DCGXu3mV9XtLtswhtIFkf+0y16njj+AjQY2F8fi4W+KYhOTWhKJbja4Bv
URyA5dHmFQ0cRCkSlyyNyyyPDhhAPDd+WsF2Fx1x4LWuaK8jE9lyRa99ZsaAeOK+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:37 2024 by rpki-client on console-fra.rpki-client.org