Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7926b8-6ea7-45b4-953e-aab7fc3f8ac5/1/Rp_zfWa5ER5HWbwwupK5jt3dZMI.roa
File: Rp_zfWa5ER5HWbwwupK5jt3dZMI.roa (raw, json)
Hash identifier: g118QE1AW2yEyCTl2OhKCu883KMsC6MGRK9FYe4yF3g=
Subject key identifier: 46:9F:F3:7D:66:B9:11:1E:47:59:BC:30:BA:92:B9:8E:DD:DD:64:C2
Certificate issuer: /CN=1858caa6832aa2a3e7cc6d144515f8f431b66762
Certificate serial: 01856BDC6B451FF88C02E41E91A20B80B547
Authority key identifier: 18:58:CA:A6:83:2A:A2:A3:E7:CC:6D:14:45:15:F8:F4:31:B6:67:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GFjKpoMqoqPnzG0URRX49DG2Z2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/7926b8-6ea7-45b4-953e-aab7fc3f8ac5/1/Rp_zfWa5ER5HWbwwupK5jt3dZMI.roa
Signing time: Sun 01 Jan 2023 05:44:45 +0000
ROA not before: Sun 01 Jan 2023 05:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196932
IP address blocks: 178.255.136.0/21 maxlen: 21
185.192.200.0/22 maxlen: 22
2a03:40e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:6b:45:1f:f8:8c:02:e4:1e:91:a2:0b:80:b5:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1858caa6832aa2a3e7cc6d144515f8f431b66762
Validity
Not Before: Jan 1 05:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=469ff37d66b9111e4759bc30ba92b98edddd64c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d3:4f:71:be:af:d3:f6:a6:9f:37:c1:2c:4c:
6b:c5:5e:88:a5:d2:7b:c2:d3:32:0d:a7:34:68:25:
d6:a8:00:e9:68:16:05:5c:3e:cb:ca:e9:a8:c0:3b:
07:0c:b0:39:1a:d9:60:dd:d9:a6:58:5d:b0:e9:1a:
d7:7b:b5:2a:64:b6:d0:5a:59:18:55:0b:4f:b4:a6:
45:81:9f:ab:f6:48:b7:71:a9:74:d4:7a:66:55:33:
29:2e:e9:68:04:42:50:f0:15:5c:ca:26:f2:6a:b3:
14:30:9f:24:fe:d1:bb:cf:ee:85:a1:ef:d1:b8:22:
ed:0d:a8:91:65:ff:4c:71:57:5b:8a:86:48:b7:5a:
d9:3b:e6:86:11:02:78:7c:11:9e:a7:ed:98:92:23:
25:70:c9:f3:66:a1:75:bf:29:03:a9:7b:ac:2c:d6:
8d:d3:c0:eb:62:6b:c6:90:de:b4:87:f1:ea:00:41:
5a:b2:78:fd:16:d7:ff:19:26:33:dc:d3:5a:41:99:
fe:4a:b3:61:a2:63:c6:04:5c:e7:26:fe:dd:81:b0:
71:1c:01:0b:3e:43:1c:7e:be:b7:0c:a2:4c:72:9b:
d9:7f:29:9a:3e:d6:2b:01:39:04:a7:3a:cc:ff:d4:
c8:c7:7c:fe:7c:36:f6:ff:5d:25:ad:2d:f8:ca:55:
d8:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:9F:F3:7D:66:B9:11:1E:47:59:BC:30:BA:92:B9:8E:DD:DD:64:C2
X509v3 Authority Key Identifier:
keyid:18:58:CA:A6:83:2A:A2:A3:E7:CC:6D:14:45:15:F8:F4:31:B6:67:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GFjKpoMqoqPnzG0URRX49DG2Z2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7926b8-6ea7-45b4-953e-aab7fc3f8ac5/1/Rp_zfWa5ER5HWbwwupK5jt3dZMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7926b8-6ea7-45b4-953e-aab7fc3f8ac5/1/GFjKpoMqoqPnzG0URRX49DG2Z2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.136.0/21
185.192.200.0/22
IPv6:
2a03:40e0::/32
Signature Algorithm: sha256WithRSAEncryption
5e:6e:f8:c7:48:71:c1:a2:ca:a8:ed:78:6d:54:df:05:05:6d:
e8:a3:db:df:0c:60:19:49:d3:10:9f:c9:e5:f0:78:af:d8:48:
97:12:1f:17:6d:7e:37:ab:69:f3:e0:91:42:42:de:a9:10:f6:
21:6a:cb:e1:80:3d:b8:a0:9f:39:51:9b:51:58:00:3c:80:27:
fe:e2:ec:cb:32:d3:a9:9f:6b:4b:43:11:0c:7f:a5:49:58:b3:
62:ad:84:00:a4:01:07:22:3f:7f:46:55:c9:29:c7:e6:5f:ec:
58:fb:76:e0:bb:24:1e:d4:18:cf:4e:da:82:28:fa:6f:19:18:
c3:c5:63:c3:cf:d2:a6:73:c4:6d:4d:ad:2d:08:aa:d0:42:92:
cc:33:85:39:8c:c0:bd:e1:e3:fe:1e:15:ce:47:a2:6c:a7:e0:
78:b0:87:cf:18:8d:ff:62:3c:22:d8:d9:12:11:15:d2:d5:b5:
af:14:72:a0:41:c9:99:cd:c7:1e:29:9e:2f:1e:8c:f7:0e:70:
2f:88:b5:ee:f5:21:cc:63:72:ff:a1:44:20:5d:ea:65:02:57:
99:cd:6a:1d:86:29:30:d6:b5:8b:cd:ee:d7:0f:7d:9f:4f:d1:
26:c5:9a:5c:0b:de:a3:7b:90:e0:6f:b2:51:00:1c:88:47:91:
8a:47:ac:cf
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVr3GtFH/iMAuQekaILgLVHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NThjYWE2ODMyYWEyYTNlN2NjNmQxNDQ1MTVmOGY0MzFi
NjY3NjIwHhcNMjMwMTAxMDU0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjlmZjM3ZDY2YjkxMTFlNDc1OWJjMzBiYTkyYjk4ZWRkZGQ2NGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNNPcb6v0/amnzfBLExrxV6IpdJ7
wtMyDac0aCXWqADpaBYFXD7LyumowDsHDLA5Gtlg3dmmWF2w6RrXe7UqZLbQWlkY
VQtPtKZFgZ+r9ki3cal01HpmVTMpLuloBEJQ8BVcyibyarMUMJ8k/tG7z+6Foe/R
uCLtDaiRZf9McVdbioZIt1rZO+aGEQJ4fBGep+2YkiMlcMnzZqF1vykDqXusLNaN
08DrYmvGkN60h/HqAEFasnj9Ftf/GSYz3NNaQZn+SrNhomPGBFznJv7dgbBxHAEL
PkMcfr63DKJMcpvZfymaPtYrATkEpzrM/9TIx3z+fDb2/10lrS34ylXYTwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEaf831muREeR1m8MLqSuY7d3WTCMB8GA1UdIwQY
MBaAFBhYyqaDKqKj58xtFEUV+PQxtmdiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0ZqS3BvTXFvcVBuekcwVVJSWDQ5REcyWjJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83OTI2YjgtNmVhNy00NWI0LTk1M2Ut
YWFiN2ZjM2Y4YWM1LzEvUnBfemZXYTVFUjVIV2J3d3VwSzVqdDNkWk1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83OTI2YjgtNmVhNy00NWI0LTk1M2UtYWFiN2ZjM2Y4YWM1
LzEvR0ZqS3BvTXFvcVBuekcwVVJSWDQ5REcyWjJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsv+IAwQC
ucDIMA0EAgACMAcDBQAqA0DgMA0GCSqGSIb3DQEBCwUAA4IBAQBebvjHSHHBosqo
7XhtVN8FBW3oo9vfDGAZSdMQn8nl8Hiv2EiXEh8XbX43q2nz4JFCQt6pEPYhasvh
gD24oJ85UZtRWAA8gCf+4uzLMtOpn2tLQxEMf6VJWLNirYQApAEHIj9/RlXJKcfm
X+xY+3bguyQe1BjPTtqCKPpvGRjDxWPDz9Kmc8RtTa0tCKrQQpLMM4U5jMC94eP+
HhXOR6Jsp+B4sIfPGI3/Yjwi2NkSERXS1bWvFHKgQcmZzcceKZ4vHoz3DnAviLXu
9SHMY3L/oUQgXeplAleZzWodhikw1rWLze7XD32fT9EmxZpcC96je5Dgb7JRAByI
R5GKR6zP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:57 2024 by rpki-client on console-ams.rpki-client.org