Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/ad1216-b71d-4557-a086-efea63d06f80/1/zOtV_DK1xosq3MHE9pYKpzb-774.roa
File: zOtV_DK1xosq3MHE9pYKpzb-774.roa (raw, json)
Hash identifier: +Vo8INTXMDNLEWtasKobgv8wqkDrL0yERi/1m3dU5mw=
Subject key identifier: CC:EB:55:FC:32:B5:C6:8B:2A:DC:C1:C4:F6:96:0A:A7:36:FE:EF:BE
Certificate issuer: /CN=e19cbb88d2b1a896658506778662e75c732a67e7
Certificate serial: 018E751BE1683D812D389180F7F8781D2FDE
Authority key identifier: E1:9C:BB:88:D2:B1:A8:96:65:85:06:77:86:62:E7:5C:73:2A:67:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Zy7iNKxqJZlhQZ3hmLnXHMqZ-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/ad1216-b71d-4557-a086-efea63d06f80/1/zOtV_DK1xosq3MHE9pYKpzb-774.roa
Signing time: Mon 25 Mar 2024 10:15:45 +0000
ROA not before: Mon 25 Mar 2024 10:15:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59659
IP address blocks: 185.220.88.0/22 maxlen: 22
2a07:c9c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 02 Sep 2024 10:26:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:75:1b:e1:68:3d:81:2d:38:91:80:f7:f8:78:1d:2f:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e19cbb88d2b1a896658506778662e75c732a67e7
Validity
Not Before: Mar 25 10:15:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cceb55fc32b5c68b2adcc1c4f6960aa736feefbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:30:f0:ab:c4:af:f6:bd:68:8e:ed:6c:c3:9e:
b5:49:ac:bd:9c:85:9a:fd:83:e2:6e:e7:2f:63:42:
69:01:fe:9c:21:7c:8e:ad:4a:0d:ca:2f:74:88:b6:
57:0a:66:36:ef:59:6c:e7:7a:33:78:dd:cb:ca:e9:
b0:c0:5f:3f:e8:a2:7b:ca:88:b6:09:15:e7:43:f6:
29:cb:49:30:66:94:e9:66:10:f5:cc:ae:20:c0:f9:
a9:0f:60:e8:c0:b6:6f:a5:67:0d:2e:0f:54:9f:70:
8d:5f:a9:6e:5d:4b:52:55:b8:20:ec:20:7c:06:0a:
8d:7b:cf:94:82:d8:2a:20:42:d4:61:d3:ec:1a:c6:
14:e6:86:00:52:ea:19:9b:be:8a:9a:17:4d:e5:26:
c3:c5:f4:15:a4:4b:1e:53:bd:62:2f:7a:f2:ec:86:
c4:5d:dc:2c:d4:3f:aa:3d:9a:93:d7:36:34:0e:90:
2c:13:97:ff:97:24:09:88:c9:b5:a6:0c:6d:5e:71:
8d:83:4c:6e:4c:c1:bb:22:5f:63:91:2d:60:85:3c:
88:8e:fb:35:61:49:20:c8:45:30:a5:16:3b:59:40:
78:68:24:2f:57:b2:b4:81:0a:50:79:41:27:0b:fe:
92:47:48:69:9b:df:2c:34:c3:b1:84:31:2f:ea:c1:
05:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:EB:55:FC:32:B5:C6:8B:2A:DC:C1:C4:F6:96:0A:A7:36:FE:EF:BE
X509v3 Authority Key Identifier:
keyid:E1:9C:BB:88:D2:B1:A8:96:65:85:06:77:86:62:E7:5C:73:2A:67:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Zy7iNKxqJZlhQZ3hmLnXHMqZ-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/ad1216-b71d-4557-a086-efea63d06f80/1/zOtV_DK1xosq3MHE9pYKpzb-774.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/ad1216-b71d-4557-a086-efea63d06f80/1/4Zy7iNKxqJZlhQZ3hmLnXHMqZ-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.88.0/22
IPv6:
2a07:c9c0::/29
Signature Algorithm: sha256WithRSAEncryption
6f:58:24:3b:e7:1c:7a:e8:d8:4f:a5:12:5d:fc:9c:cb:5e:17:
45:b6:bd:79:eb:4d:90:c9:09:30:c0:13:a2:d7:0c:7b:79:82:
ee:b9:6c:f9:6a:1c:fe:b9:50:68:de:50:6b:c7:64:0a:6c:d0:
4e:1b:68:0c:1f:40:b0:ef:6a:91:c4:84:37:7b:7d:80:e3:aa:
5b:dd:9e:d7:93:0a:27:3b:16:b6:cd:0f:39:e4:2c:15:30:51:
c4:ae:66:73:1f:6a:ee:54:d8:4f:34:60:9c:5d:fb:dc:23:f4:
d2:58:4e:ae:2b:06:f9:b2:a9:bf:53:fc:99:d1:d7:e8:b7:80:
97:37:e6:c6:ed:bf:16:9d:bc:d6:a7:c8:04:a2:e4:eb:87:57:
97:8f:ef:f7:b1:b7:6c:97:8e:3a:97:c6:17:1c:e8:80:cc:de:
2f:76:a9:c8:5d:00:7d:89:79:db:42:68:e0:29:6e:cf:06:46:
1f:53:85:db:53:ba:22:30:fe:a6:09:ed:93:f4:37:c2:60:d1:
ba:f4:0e:1f:c8:90:44:d7:a5:66:be:d0:b7:db:09:0a:a2:d8:
ca:5d:3b:5e:cc:68:24:94:21:c3:8c:19:74:7c:99:1c:8e:07:
89:1c:fe:c3:62:79:35:ea:a3:f6:1b:cb:83:d7:8f:e6:9f:9d:
e1:34:0a:00
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY51G+FoPYEtOJGA9/h4HS/eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxOWNiYjg4ZDJiMWE4OTY2NTg1MDY3Nzg2NjJlNzVjNzMy
YTY3ZTcwHhcNMjQwMzI1MTAxNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2ViNTVmYzMyYjVjNjhiMmFkY2MxYzRmNjk2MGFhNzM2ZmVlZmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjDwq8Sv9r1oju1sw561Say9nIWa
/YPibucvY0JpAf6cIXyOrUoNyi90iLZXCmY271ls53ozeN3LyumwwF8/6KJ7yoi2
CRXnQ/Ypy0kwZpTpZhD1zK4gwPmpD2DowLZvpWcNLg9Un3CNX6luXUtSVbgg7CB8
BgqNe8+UgtgqIELUYdPsGsYU5oYAUuoZm76KmhdN5SbDxfQVpEseU71iL3ry7IbE
Xdws1D+qPZqT1zY0DpAsE5f/lyQJiMm1pgxtXnGNg0xuTMG7Il9jkS1ghTyIjvs1
YUkgyEUwpRY7WUB4aCQvV7K0gQpQeUEnC/6SR0hpm98sNMOxhDEv6sEFGQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMzrVfwytcaLKtzBxPaWCqc2/u++MB8GA1UdIwQY
MBaAFOGcu4jSsaiWZYUGd4Zi51xzKmfnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFp5N2lOS3hxSlpsaFFaM2htTG5YSE1xWi1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hZDEyMTYtYjcxZC00NTU3LWEwODYt
ZWZlYTYzZDA2ZjgwLzEvek90Vl9ESzF4b3NxM01IRTlwWUtwemItNzc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hZDEyMTYtYjcxZC00NTU3LWEwODYtZWZlYTYzZDA2Zjgw
LzEvNFp5N2lOS3hxSlpsaFFaM2htTG5YSE1xWi1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudxYMA0E
AgACMAcDBQMqB8nAMA0GCSqGSIb3DQEBCwUAA4IBAQBvWCQ75xx66NhPpRJd/JzL
XhdFtr15602QyQkwwBOi1wx7eYLuuWz5ahz+uVBo3lBrx2QKbNBOG2gMH0Cw72qR
xIQ3e32A46pb3Z7XkwonOxa2zQ855CwVMFHErmZzH2ruVNhPNGCcXfvcI/TSWE6u
Kwb5sqm/U/yZ0dfot4CXN+bG7b8WnbzWp8gEouTrh1eXj+/3sbdsl446l8YXHOiA
zN4vdqnIXQB9iXnbQmjgKW7PBkYfU4XbU7oiMP6mCe2T9DfCYNG69A4fyJBE16Vm
vtC32wkKotjKXTtezGgklCHDjBl0fJkcjgeJHP7DYnk16qP2G8uD14/mn53hNAoA
-----END CERTIFICATE-----
Generated at Mon Sep 2 12:55:53 2024 by rpki-client on console-fra.rpki-client.org