Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/1a830a-f061-4cdc-bafb-a2fe9f015d71/1/DZSNRxWKRySgDA0vp-t_yWLOM8s.roa
File: DZSNRxWKRySgDA0vp-t_yWLOM8s.roa (raw, json)
Hash identifier: YXZvzIL92YSM+Soks1VyuPwa6ienl17op9OMYitacc8=
Subject key identifier: 0D:94:8D:47:15:8A:47:24:A0:0C:0D:2F:A7:EB:7F:C9:62:CE:33:CB
Certificate issuer: /CN=efad344eb5f7eb1dee4b8f8435fb5b9d87663e9d
Certificate serial: 018CCEB466CC73D419B9603215570FCD11A0
Authority key identifier: EF:AD:34:4E:B5:F7:EB:1D:EE:4B:8F:84:35:FB:5B:9D:87:66:3E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7600TrX36x3uS4-ENftbnYdmPp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/1a830a-f061-4cdc-bafb-a2fe9f015d71/1/DZSNRxWKRySgDA0vp-t_yWLOM8s.roa
Signing time: Wed 03 Jan 2024 09:42:58 +0000
ROA not before: Wed 03 Jan 2024 09:42:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 62.36.0.0/16 maxlen: 16
145.1.240.0/20 maxlen: 20
149.74.0.0/16 maxlen: 16
1.178.232.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ce:b4:66:cc:73:d4:19:b9:60:32:15:57:0f:cd:11:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efad344eb5f7eb1dee4b8f8435fb5b9d87663e9d
Validity
Not Before: Jan 3 09:42:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d948d47158a4724a00c0d2fa7eb7fc962ce33cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5f:16:a2:6c:f2:4b:39:07:98:bb:ce:b5:ee:
8c:08:cb:7e:8f:f6:dd:ca:08:46:6a:90:10:6b:3e:
8e:5c:0a:4f:c2:3c:a2:d6:c5:53:e3:95:2b:89:35:
60:3c:b6:2c:4a:72:78:a2:73:2a:da:02:d0:0f:55:
68:af:d6:9a:14:f9:cf:5d:46:6e:fe:1e:d4:80:c0:
5b:81:08:d7:06:0a:5c:3d:76:f5:72:8e:3f:e6:1d:
4a:e3:d3:3f:9f:8b:ac:c9:4b:0a:c5:24:01:87:6a:
80:ab:e8:af:51:d2:89:a4:94:25:c2:64:00:9b:24:
44:fd:ad:26:44:ba:88:6a:81:9c:5c:a5:49:7a:1d:
bc:3e:a5:84:81:ab:13:ed:49:38:33:6f:b1:0c:98:
d1:8c:eb:03:e4:ea:60:21:44:1d:8a:3e:73:68:a7:
6f:0b:d4:0f:2e:37:7a:86:93:ca:a3:7f:26:ad:80:
d7:13:ec:60:f5:fb:4f:c7:d5:c0:b7:ae:7f:53:5d:
4b:f7:54:08:4b:d4:34:4a:7d:16:ac:e2:60:aa:d1:
86:15:22:ab:6c:94:50:57:6c:1f:c5:cf:ac:99:b2:
d0:04:c1:26:33:32:42:7a:e0:2a:be:46:b9:b4:04:
b2:ee:c9:e7:23:6f:3a:e2:64:12:69:ee:17:33:19:
5f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:94:8D:47:15:8A:47:24:A0:0C:0D:2F:A7:EB:7F:C9:62:CE:33:CB
X509v3 Authority Key Identifier:
keyid:EF:AD:34:4E:B5:F7:EB:1D:EE:4B:8F:84:35:FB:5B:9D:87:66:3E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7600TrX36x3uS4-ENftbnYdmPp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1a830a-f061-4cdc-bafb-a2fe9f015d71/1/DZSNRxWKRySgDA0vp-t_yWLOM8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1a830a-f061-4cdc-bafb-a2fe9f015d71/1/7600TrX36x3uS4-ENftbnYdmPp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
1.178.232.0/21
62.36.0.0/16
145.1.240.0/20
149.74.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b9:56:0d:25:d1:c4:d1:e8:50:9c:fe:3d:9b:0f:af:f5:fa:13:
f4:68:67:08:ae:2d:2b:30:30:12:d0:3c:49:d8:aa:e8:21:b7:
a9:2e:1a:6f:09:cd:9a:b3:7a:3e:a0:73:41:b6:6b:da:39:b7:
6f:51:fe:b6:cd:b8:a0:0d:07:f9:05:62:6b:dc:0c:40:a9:18:
6a:ff:80:dd:49:00:73:b4:4b:36:2b:84:76:88:a9:e0:7c:e3:
1b:26:d5:02:cd:fe:d5:45:5f:d2:31:de:b1:f3:0d:5f:49:38:
2e:a8:cb:19:6d:a7:ff:d7:32:4a:4c:f9:51:29:3d:8a:8c:19:
8c:ca:c9:d7:13:5f:c8:29:a6:a6:07:a4:7c:1e:dc:f6:c2:4a:
19:f0:40:80:20:bf:a5:29:6f:ce:68:5b:bb:98:af:32:36:fe:
bc:bb:7b:bf:56:db:52:0d:1c:f5:c3:6e:54:94:75:61:42:0c:
49:01:7e:1b:fa:27:f4:d5:58:97:be:c3:6a:22:92:89:6f:ee:
01:5a:37:35:c4:51:d7:30:29:2b:9e:2a:93:c6:0a:0c:22:8c:
16:6c:c8:8f:a0:73:7f:7d:b2:e0:87:8d:c8:90:ae:34:85:0c:
18:37:48:8c:37:b1:a9:19:75:8e:d6:f9:15:9d:e4:7e:c5:59:
d9:89:f3:18
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzOtGbMc9QZuWAyFVcPzRGgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYWQzNDRlYjVmN2ViMWRlZTRiOGY4NDM1ZmI1YjlkODc2
NjNlOWQwHhcNMjQwMTAzMDk0MjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDk0OGQ0NzE1OGE0NzI0YTAwYzBkMmZhN2ViN2ZjOTYyY2UzM2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuF8WomzySzkHmLvOte6MCMt+j/bd
yghGapAQaz6OXApPwjyi1sVT45UriTVgPLYsSnJ4onMq2gLQD1Vor9aaFPnPXUZu
/h7UgMBbgQjXBgpcPXb1co4/5h1K49M/n4usyUsKxSQBh2qAq+ivUdKJpJQlwmQA
myRE/a0mRLqIaoGcXKVJeh28PqWEgasT7Uk4M2+xDJjRjOsD5OpgIUQdij5zaKdv
C9QPLjd6hpPKo38mrYDXE+xg9ftPx9XAt65/U11L91QIS9Q0Sn0WrOJgqtGGFSKr
bJRQV2wfxc+smbLQBMEmMzJCeuAqvka5tASy7snnI2864mQSae4XMxlfVQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFA2UjUcVikckoAwNL6frf8lizjPLMB8GA1UdIwQY
MBaAFO+tNE619+sd7kuPhDX7W52HZj6dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzYwMFRyWDM2eDN1UzQtRU5mdGJuWWRtUHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8xYTgzMGEtZjA2MS00Y2RjLWJhZmIt
YTJmZTlmMDE1ZDcxLzEvRFpTTlJ4V0tSeVNnREEwdnAtdF95V0xPTThzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8xYTgzMGEtZjA2MS00Y2RjLWJhZmItYTJmZTlmMDE1ZDcx
LzEvNzYwMFRyWDM2eDN1UzQtRU5mdGJuWWRtUHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAcBAIAATAWAwQDAbLoAwMA
PiQDBASRAfADAwCVSjANBgkqhkiG9w0BAQsFAAOCAQEAuVYNJdHE0ehQnP49mw+v
9foT9GhnCK4tKzAwEtA8Sdiq6CG3qS4abwnNmrN6PqBzQbZr2jm3b1H+ts24oA0H
+QVia9wMQKkYav+A3UkAc7RLNiuEdoip4HzjGybVAs3+1UVf0jHesfMNX0k4LqjL
GW2n/9cySkz5USk9iowZjMrJ1xNfyCmmpgekfB7c9sJKGfBAgCC/pSlvzmhbu5iv
Mjb+vLt7v1bbUg0c9cNuVJR1YUIMSQF+G/on9NVYl77DaiKSiW/uAVo3NcRR1zAp
K54qk8YKDCKMFmzIj6Bzf32y4IeNyJCuNIUMGDdIjDexqRl1jtb5FZ3kfsVZ2Ynz
GA==
-----END CERTIFICATE-----
Generated at Wed Jan 3 18:36:46 2024 by rpki-client on console-ams.rpki-client.org