Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/zNhcnUXg5DWvC6kMRV9guZW_sFg.roa
File: zNhcnUXg5DWvC6kMRV9guZW_sFg.roa (raw, json)
Hash identifier: yEeuPhpmLKIhViYShoKlyNep444tbbNDCP/BLElRzmM=
Subject key identifier: CC:D8:5C:9D:45:E0:E4:35:AF:0B:A9:0C:45:5F:60:B9:95:BF:B0:58
Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial: 0188427CF295C27A938FDD8F90D12D5E5354
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/zNhcnUXg5DWvC6kMRV9guZW_sFg.roa
Signing time: Mon 22 May 2023 08:04:24 +0000
ROA not before: Mon 22 May 2023 08:04:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197177
IP address blocks: 94.240.20.0/24 maxlen: 24
94.240.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:42:7c:f2:95:c2:7a:93:8f:dd:8f:90:d1:2d:5e:53:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Validity
Not Before: May 22 08:04:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ccd85c9d45e0e435af0ba90c455f60b995bfb058
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:dc:ed:b0:93:b0:70:75:ff:0a:70:28:3a:dd:
aa:10:c3:c7:b5:25:19:e2:06:1e:cc:e4:29:85:7c:
32:a2:66:3d:be:e9:49:42:48:08:5e:6d:a3:dc:cf:
7d:0c:c0:69:95:cb:90:23:9b:f3:3f:36:69:e6:64:
09:bd:92:ce:db:c3:ec:1f:4b:c8:69:92:17:39:24:
2e:23:b1:0f:a6:b6:64:95:5d:81:28:cf:fa:5e:0e:
fe:5a:9a:ed:22:23:83:f0:c0:2c:e0:88:b4:f0:b9:
ce:0a:90:0b:ab:90:a6:41:b6:29:77:cd:26:1a:3e:
a5:88:1c:14:3f:dd:44:80:83:6d:48:25:fe:ee:03:
3a:bc:1e:c7:33:c2:1d:58:45:4f:4d:98:c9:d7:2c:
fe:81:9e:ca:a1:d8:60:8b:a8:6c:11:09:ce:2e:99:
fd:64:7c:91:0f:cc:77:dd:37:16:e3:fc:98:a5:14:
58:fb:d2:b4:58:40:9c:0e:1a:01:9a:ed:ab:8c:d9:
78:b7:bd:53:47:f6:ba:b8:08:52:3e:f5:20:8d:52:
31:bf:df:a9:d2:e9:6e:a3:87:00:2f:b8:93:5d:91:
da:ab:48:b6:19:63:e1:df:50:9d:72:da:d8:8d:52:
b8:b5:0f:fe:77:cf:23:1c:1d:18:8c:10:56:d3:1d:
41:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:D8:5C:9D:45:E0:E4:35:AF:0B:A9:0C:45:5F:60:B9:95:BF:B0:58
X509v3 Authority Key Identifier:
keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/zNhcnUXg5DWvC6kMRV9guZW_sFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.240.20.0/24
94.240.39.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:01:19:e2:b8:2a:4b:21:c8:dd:ef:d4:d0:99:cd:09:e4:36:
03:9d:de:0c:09:9b:4c:15:bd:c9:9d:2f:68:d3:25:db:2d:c3:
15:17:b2:6c:dc:88:63:b2:5f:41:b7:ef:7b:76:92:4a:35:75:
c4:f3:41:b5:5b:b8:bd:67:57:b4:64:8c:16:2d:b7:6f:14:1c:
ea:a5:5d:9b:f3:2a:6a:c1:58:d9:54:ec:ed:03:9f:28:5b:85:
ec:64:2d:b4:a6:c5:9c:c0:d2:1e:35:9b:c3:2a:75:d4:81:47:
aa:21:2d:50:ad:af:72:01:a2:9a:69:46:ed:e8:f7:ff:ef:bd:
4e:5d:32:c8:dd:8d:38:c2:35:39:8a:93:c1:0b:b3:59:6a:96:
07:b5:9d:0f:49:00:9b:6f:b8:50:76:21:51:b3:a1:02:ca:ea:
99:c4:dd:30:ff:44:4e:5b:78:d2:b8:68:7b:3b:bf:4d:ad:1f:
e5:77:06:1b:3c:d7:f1:e8:8d:68:f8:39:6d:60:2d:4c:50:27:
f9:8a:4c:d6:b7:9a:3e:62:4a:ed:71:d3:5a:82:37:f1:c1:87:
1c:67:3b:82:e8:b9:00:31:d1:ef:c2:b1:99:3b:79:d8:80:a0:
33:20:5d:7a:ce:39:bc:36:8d:69:09:73:6e:20:11:14:07:a2:
54:e9:45:7f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYhCfPKVwnqTj92PkNEtXlNUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWEyZmQ2ZjVlNWFmODdkNWNlYTA5NTA2NmZiY2MzZDNl
NTQ2YTQwHhcNMjMwNTIyMDgwNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2Q4NWM5ZDQ1ZTBlNDM1YWYwYmE5MGM0NTVmNjBiOTk1YmZiMDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9dztsJOwcHX/CnAoOt2qEMPHtSUZ
4gYezOQphXwyomY9vulJQkgIXm2j3M99DMBplcuQI5vzPzZp5mQJvZLO28PsH0vI
aZIXOSQuI7EPprZklV2BKM/6Xg7+WprtIiOD8MAs4Ii08LnOCpALq5CmQbYpd80m
Gj6liBwUP91EgINtSCX+7gM6vB7HM8IdWEVPTZjJ1yz+gZ7Kodhgi6hsEQnOLpn9
ZHyRD8x33TcW4/yYpRRY+9K0WECcDhoBmu2rjNl4t71TR/a6uAhSPvUgjVIxv9+p
0uluo4cAL7iTXZHaq0i2GWPh31CdctrYjVK4tQ/+d88jHB0YjBBW0x1BeQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMzYXJ1F4OQ1rwupDEVfYLmVv7BYMB8GA1UdIwQY
MBaAFDUaL9b15a+H1c6glQZvvMPT5UakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODIt
MjMwNDllNGQyZjEyLzEvek5oY25VWGc1RFd2QzZrTVJWOWd1Wldfc0ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODItMjMwNDllNGQyZjEy
LzEvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXvAUAwQA
XvAnMA0GCSqGSIb3DQEBCwUAA4IBAQArARniuCpLIcjd79TQmc0J5DYDnd4MCZtM
Fb3JnS9o0yXbLcMVF7Js3Ihjsl9Bt+97dpJKNXXE80G1W7i9Z1e0ZIwWLbdvFBzq
pV2b8ypqwVjZVOztA58oW4XsZC20psWcwNIeNZvDKnXUgUeqIS1Qra9yAaKaaUbt
6Pf/771OXTLI3Y04wjU5ipPBC7NZapYHtZ0PSQCbb7hQdiFRs6ECyuqZxN0w/0RO
W3jSuGh7O79NrR/ldwYbPNfx6I1o+DltYC1MUCf5ikzWt5o+YkrtcdNagjfxwYcc
ZzuC6LkAMdHvwrGZO3nYgKAzIF16zjm8No1pCXNuIBEUB6JU6UV/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:12 2024 by rpki-client on console-ams.rpki-client.org