Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/4fc780-b296-40b7-9508-9f8e6a184374/1/jzGD1TfYBwuzmwknfA5nzU1jfVE.roa
File: jzGD1TfYBwuzmwknfA5nzU1jfVE.roa (raw, json)
Hash identifier: dTaehA3iduiiVLMY4uM/CbxOmDnUF5MgjaT5HY3AwzU=
Subject key identifier: 8F:31:83:D5:37:D8:07:0B:B3:9B:09:27:7C:0E:67:CD:4D:63:7D:51
Certificate issuer: /CN=cd919eb5c2108360155de7fb4f216a055ae31f09
Certificate serial: 01872AF84FAA6E1DF7B245FF6F26DD18B365
Authority key identifier: CD:91:9E:B5:C2:10:83:60:15:5D:E7:FB:4F:21:6A:05:5A:E3:1F:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zZGetcIQg2AVXef7TyFqBVrjHwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/4fc780-b296-40b7-9508-9f8e6a184374/1/jzGD1TfYBwuzmwknfA5nzU1jfVE.roa
Signing time: Wed 29 Mar 2023 01:25:29 +0000
ROA not before: Wed 29 Mar 2023 01:25:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39180
IP address blocks: 185.191.200.0/24 maxlen: 24
185.191.201.0/24 maxlen: 24
185.191.202.0/24 maxlen: 24
185.191.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2a:f8:4f:aa:6e:1d:f7:b2:45:ff:6f:26:dd:18:b3:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd919eb5c2108360155de7fb4f216a055ae31f09
Validity
Not Before: Mar 29 01:25:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f3183d537d8070bb39b09277c0e67cd4d637d51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e9:51:29:43:e9:24:2f:92:5d:40:07:ef:76:
b0:58:bb:1b:e0:cc:77:10:52:89:77:2a:5b:3d:ba:
32:a8:46:5a:ab:b9:45:43:42:e2:7f:08:da:92:7a:
b6:71:4f:fa:0d:24:32:2f:49:02:be:55:01:6e:1d:
8a:61:3a:04:fe:11:78:46:be:39:95:95:93:40:08:
bc:ed:23:e0:3a:14:90:43:19:2c:26:cf:6a:89:4f:
e1:0d:b8:85:f2:eb:04:3d:dd:21:75:6e:98:15:54:
f4:b2:62:c7:28:f4:99:39:05:5e:01:09:c8:a1:18:
33:42:97:6e:dc:7f:fc:16:21:e2:16:99:fc:52:1e:
5e:8f:44:10:6c:4a:5e:58:4c:20:d2:bd:85:fa:81:
74:88:03:aa:cb:29:f1:88:4e:03:24:67:3d:46:5a:
27:d9:5d:34:af:e3:47:eb:32:8e:81:dc:e5:6f:1c:
d7:9b:49:7b:08:b7:6e:8a:fa:ce:cc:21:be:1d:f1:
cb:e7:7f:5b:a7:79:5b:6a:80:31:fc:f2:b3:fe:7c:
c8:ae:a7:26:71:b3:33:9b:7c:8c:a7:b0:c8:d3:84:
37:e9:99:d6:d8:13:6b:6b:f3:0e:3a:bc:75:77:ec:
3d:b8:11:3c:90:00:82:4b:e4:4c:e7:44:b9:7d:1b:
7c:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:31:83:D5:37:D8:07:0B:B3:9B:09:27:7C:0E:67:CD:4D:63:7D:51
X509v3 Authority Key Identifier:
keyid:CD:91:9E:B5:C2:10:83:60:15:5D:E7:FB:4F:21:6A:05:5A:E3:1F:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zZGetcIQg2AVXef7TyFqBVrjHwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/4fc780-b296-40b7-9508-9f8e6a184374/1/jzGD1TfYBwuzmwknfA5nzU1jfVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/4fc780-b296-40b7-9508-9f8e6a184374/1/zZGetcIQg2AVXef7TyFqBVrjHwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.200.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:58:f3:26:cd:ce:09:c1:e2:c7:4a:98:3d:b2:4a:e7:ea:fa:
3a:88:c8:4e:43:bb:8e:63:99:c2:06:05:51:7a:eb:ac:35:8b:
56:b3:80:4d:85:ed:fb:89:9b:4c:31:c4:70:53:37:51:b9:da:
20:bb:28:a3:46:8e:cb:5a:2b:ad:6f:ae:2d:af:ce:c2:e7:6b:
0d:8a:38:82:5c:d8:3a:0b:ca:a4:7e:25:90:7c:08:71:fb:a5:
48:40:f3:81:fc:dc:bd:2e:06:9a:96:29:65:83:c1:a1:0c:71:
f7:77:ac:92:5c:7e:0b:84:2f:30:68:dc:0e:2e:32:92:4d:a4:
0d:ad:73:9a:77:19:33:04:97:35:f5:ee:8d:b4:2f:fe:89:cd:
82:5d:fe:a4:aa:58:3a:10:ef:71:2f:58:98:0e:48:f0:ee:53:
1d:d5:71:47:cf:45:16:72:e7:ff:00:1d:e0:bd:1b:7f:e6:48:
c4:04:94:00:76:31:aa:fa:47:c3:3b:65:3c:2e:0f:2b:99:a8:
53:94:38:61:a2:d4:a8:92:1b:72:e6:79:a5:62:5d:00:11:7b:
06:d7:a5:fd:f1:8c:8e:77:73:62:96:68:86:8a:cc:b7:a3:21:
89:dc:97:c3:ee:75:32:4e:11:ed:59:1f:fe:59:12:8a:8a:ea:
eb:5d:25:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcq+E+qbh33skX/bybdGLNlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkOTE5ZWI1YzIxMDgzNjAxNTVkZTdmYjRmMjE2YTA1NWFl
MzFmMDkwHhcNMjMwMzI5MDEyNTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjMxODNkNTM3ZDgwNzBiYjM5YjA5Mjc3YzBlNjdjZDRkNjM3ZDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuulRKUPpJC+SXUAH73awWLsb4Mx3
EFKJdypbPboyqEZaq7lFQ0Lifwjaknq2cU/6DSQyL0kCvlUBbh2KYToE/hF4Rr45
lZWTQAi87SPgOhSQQxksJs9qiU/hDbiF8usEPd0hdW6YFVT0smLHKPSZOQVeAQnI
oRgzQpdu3H/8FiHiFpn8Uh5ej0QQbEpeWEwg0r2F+oF0iAOqyynxiE4DJGc9Rlon
2V00r+NH6zKOgdzlbxzXm0l7CLduivrOzCG+HfHL539bp3lbaoAx/PKz/nzIrqcm
cbMzm3yMp7DI04Q36ZnW2BNra/MOOrx1d+w9uBE8kACCS+RM50S5fRt8iQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI8xg9U32AcLs5sJJ3wOZ81NY31RMB8GA1UdIwQY
MBaAFM2RnrXCEINgFV3n+08hagVa4x8JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelpHZXRjSVFnMkFWWGVmN1R5RnFCVnJqSHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny80ZmM3ODAtYjI5Ni00MGI3LTk1MDgt
OWY4ZTZhMTg0Mzc0LzEvanpHRDFUZllCd3V6bXdrbmZBNW56VTFqZlZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny80ZmM3ODAtYjI5Ni00MGI3LTk1MDgtOWY4ZTZhMTg0Mzc0
LzEvelpHZXRjSVFnMkFWWGVmN1R5RnFCVnJqSHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCub/IMA0G
CSqGSIb3DQEBCwUAA4IBAQCMWPMmzc4JweLHSpg9skrn6vo6iMhOQ7uOY5nCBgVR
euusNYtWs4BNhe37iZtMMcRwUzdRudoguyijRo7LWiutb64tr87C52sNijiCXNg6
C8qkfiWQfAhx+6VIQPOB/Ny9Lgaalillg8GhDHH3d6ySXH4LhC8waNwOLjKSTaQN
rXOadxkzBJc19e6NtC/+ic2CXf6kqlg6EO9xL1iYDkjw7lMd1XFHz0UWcuf/AB3g
vRt/5kjEBJQAdjGq+kfDO2U8Lg8rmahTlDhhotSokhty5nmlYl0AEXsG16X98YyO
d3NilmiGisy3oyGJ3JfD7nUyThHtWR/+WRKKiurrXSVZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:52 2024 by rpki-client on console-ams.rpki-client.org