Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/3dc222-1206-4922-8890-455b19f766cc/1/ZT3ESyIfLKrsgIOjPQIapv36QJY.roa
File: ZT3ESyIfLKrsgIOjPQIapv36QJY.roa (raw, json)
Hash identifier: 0/1L4poGCZITpNDfq0GmDQRBih22WFjbfhZlm7O6kdY=
Subject key identifier: 65:3D:C4:4B:22:1F:2C:AA:EC:80:83:A3:3D:02:1A:A6:FD:FA:40:96
Certificate issuer: /CN=4f0e77d9c6ff68dca68f05df8f4675ee7bdcb0bc
Certificate serial: 01889F66282E08E530184E6F5F188A63EFD1
Authority key identifier: 4F:0E:77:D9:C6:FF:68:DC:A6:8F:05:DF:8F:46:75:EE:7B:DC:B0:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tw532cb_aNymjwXfj0Z17nvcsLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/3dc222-1206-4922-8890-455b19f766cc/1/ZT3ESyIfLKrsgIOjPQIapv36QJY.roa
Signing time: Fri 09 Jun 2023 09:04:12 +0000
ROA not before: Fri 09 Jun 2023 09:04:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206207
IP address blocks: 185.190.208.0/22 maxlen: 24
2a0a:d40::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9f:66:28:2e:08:e5:30:18:4e:6f:5f:18:8a:63:ef:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f0e77d9c6ff68dca68f05df8f4675ee7bdcb0bc
Validity
Not Before: Jun 9 09:04:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=653dc44b221f2caaec8083a33d021aa6fdfa4096
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b8:97:7f:af:cd:2a:b5:e6:e4:13:c4:ae:92:
0e:c9:a9:ba:47:a9:21:e9:5c:b3:53:15:23:88:80:
fa:70:10:b7:9a:47:de:d1:0d:2b:33:9f:89:27:a2:
dc:6d:c1:07:85:3c:33:d2:71:8f:4d:e8:d8:31:0f:
d6:26:91:b8:d1:65:51:2b:17:58:4d:78:4b:55:57:
86:48:b2:7b:49:26:13:97:09:66:af:11:93:1d:84:
2e:61:a2:c8:62:07:9f:fd:b0:20:54:78:70:a4:02:
7d:df:79:e4:67:cb:52:f3:df:9e:c7:cf:29:85:50:
1c:3d:86:ce:4d:22:58:0a:04:0b:bb:66:94:5f:66:
66:46:23:4c:d5:71:c1:cb:b6:e1:5a:67:0a:7a:d0:
4b:ac:dc:e4:99:e0:6f:21:cb:05:3e:36:2e:2d:43:
73:0b:f3:64:0f:40:4e:3f:8f:25:12:ee:16:48:58:
31:90:7e:3d:26:f7:72:f8:81:7e:3c:e5:88:5c:9c:
35:28:bf:1a:cb:05:94:d4:68:9a:84:2e:ce:3f:9a:
6c:db:b1:48:eb:e5:ef:89:e2:80:57:ae:16:5f:2d:
39:77:a5:b9:4d:4f:21:ed:a2:57:14:1e:d7:de:97:
1e:0f:d6:3b:80:59:b7:e7:2b:ca:20:3f:6d:a4:9d:
fd:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:3D:C4:4B:22:1F:2C:AA:EC:80:83:A3:3D:02:1A:A6:FD:FA:40:96
X509v3 Authority Key Identifier:
keyid:4F:0E:77:D9:C6:FF:68:DC:A6:8F:05:DF:8F:46:75:EE:7B:DC:B0:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tw532cb_aNymjwXfj0Z17nvcsLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/3dc222-1206-4922-8890-455b19f766cc/1/ZT3ESyIfLKrsgIOjPQIapv36QJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/3dc222-1206-4922-8890-455b19f766cc/1/Tw532cb_aNymjwXfj0Z17nvcsLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.208.0/22
IPv6:
2a0a:d40::/32
Signature Algorithm: sha256WithRSAEncryption
9d:dd:13:1d:8e:0e:93:b8:16:a6:35:e0:33:b2:3a:0a:e4:70:
66:c0:48:e1:60:84:f5:2e:9c:46:71:d4:54:74:f4:bc:d7:4c:
f8:0d:43:6b:e8:4e:e6:45:77:1e:cc:76:55:01:48:05:ff:e4:
c0:3b:ed:0d:b2:39:c7:f5:dd:1a:36:32:ed:a9:ab:88:72:17:
19:05:84:9a:8b:9a:48:df:83:16:2e:e2:90:aa:d7:bc:7c:a5:
31:86:43:d8:5a:83:9b:60:9c:fd:3c:5b:58:76:c1:50:fd:4a:
47:dc:94:85:32:ba:28:8b:e9:65:87:8a:1e:f8:17:bb:40:64:
58:97:14:51:b8:83:0d:97:96:10:4e:dd:50:5e:21:e4:53:d4:
8d:f5:bd:44:76:8f:bf:bf:97:b3:24:30:37:e3:a4:1b:49:32:
eb:ba:61:d7:f7:a3:76:7c:68:79:fc:c5:44:a2:7e:ee:55:52:
fb:64:01:40:37:b3:56:39:68:9a:73:62:83:aa:63:40:de:9a:
20:4e:d9:5f:75:98:f0:ae:4a:c5:e9:81:ff:a5:5d:52:cd:a2:
d8:b5:de:b7:2a:96:ae:f5:69:a1:13:a2:d4:2b:50:27:05:23:
4f:06:5b:85:25:81:b3:ee:53:7b:3c:26:44:31:b5:45:03:61:
c0:ae:e6:04
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYifZiguCOUwGE5vXxiKY+/RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMGU3N2Q5YzZmZjY4ZGNhNjhmMDVkZjhmNDY3NWVlN2Jk
Y2IwYmMwHhcNMjMwNjA5MDkwNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTNkYzQ0YjIyMWYyY2FhZWM4MDgzYTMzZDAyMWFhNmZkZmE0MDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbiXf6/NKrXm5BPErpIOyam6R6kh
6VyzUxUjiID6cBC3mkfe0Q0rM5+JJ6LcbcEHhTwz0nGPTejYMQ/WJpG40WVRKxdY
TXhLVVeGSLJ7SSYTlwlmrxGTHYQuYaLIYgef/bAgVHhwpAJ933nkZ8tS89+ex88p
hVAcPYbOTSJYCgQLu2aUX2ZmRiNM1XHBy7bhWmcKetBLrNzkmeBvIcsFPjYuLUNz
C/NkD0BOP48lEu4WSFgxkH49Jvdy+IF+POWIXJw1KL8aywWU1GiahC7OP5ps27FI
6+XvieKAV64WXy05d6W5TU8h7aJXFB7X3pceD9Y7gFm35yvKID9tpJ39PwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGU9xEsiHyyq7ICDoz0CGqb9+kCWMB8GA1UdIwQY
MBaAFE8Od9nG/2jcpo8F349Gde573LC8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHc1MzJjYl9hTnltandYZmowWjE3bnZjc0x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8zZGMyMjItMTIwNi00OTIyLTg4OTAt
NDU1YjE5Zjc2NmNjLzEvWlQzRVN5SWZMS3JzZ0lPalBRSWFwdjM2UUpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8zZGMyMjItMTIwNi00OTIyLTg4OTAtNDU1YjE5Zjc2NmNj
LzEvVHc1MzJjYl9hTnltandYZmowWjE3bnZjc0x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCub7QMA0E
AgACMAcDBQAqCg1AMA0GCSqGSIb3DQEBCwUAA4IBAQCd3RMdjg6TuBamNeAzsjoK
5HBmwEjhYIT1LpxGcdRUdPS810z4DUNr6E7mRXcezHZVAUgF/+TAO+0NsjnH9d0a
NjLtqauIchcZBYSai5pI34MWLuKQqte8fKUxhkPYWoObYJz9PFtYdsFQ/UpH3JSF
Mrooi+llh4oe+Be7QGRYlxRRuIMNl5YQTt1QXiHkU9SN9b1Edo+/v5ezJDA346Qb
STLrumHX96N2fGh5/MVEon7uVVL7ZAFAN7NWOWiac2KDqmNA3pogTtlfdZjwrkrF
6YH/pV1SzaLYtd63Kpau9WmhE6LUK1AnBSNPBluFJYGz7lN7PCZEMbVFA2HAruYE
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:38 2024 by rpki-client on console-fra.rpki-client.org