Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/zeFnB9ByVEeGNo_Gkq2jTV8Ge7Y.roa
File: zeFnB9ByVEeGNo_Gkq2jTV8Ge7Y.roa (raw, json)
Hash identifier: 1RnA1q2gEhHn3zUfyHpfqESMg0pnQe43UNdZ0oKFDUY=
Subject key identifier: CD:E1:67:07:D0:72:54:47:86:36:8F:C6:92:AD:A3:4D:5F:06:7B:B6
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01857102F8F5947EC5B8BFD473FFB67707DD
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/zeFnB9ByVEeGNo_Gkq2jTV8Ge7Y.roa
Signing time: Mon 02 Jan 2023 05:44:58 +0000
ROA not before: Mon 02 Jan 2023 05:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 4785
IP address blocks: 194.242.2.0/24 maxlen: 24
193.19.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:f8:f5:94:7e:c5:b8:bf:d4:73:ff:b6:77:07:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 2 05:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cde16707d072544786368fc692ada34d5f067bb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:8a:0d:c8:48:64:4b:da:7c:ea:76:b2:d4:3f:
50:10:54:49:11:09:83:3a:4d:12:fe:b4:9a:f4:40:
f6:69:7e:d7:db:f2:87:71:6e:36:87:cb:2c:3b:9b:
6a:20:a3:99:ae:ba:b4:f3:bb:24:10:74:7b:1f:1e:
18:e5:73:cf:96:9e:1b:89:22:dc:4b:ac:22:42:48:
1c:b5:c2:62:75:cc:7e:22:b6:96:d7:5a:9f:04:0b:
15:17:c3:3c:8d:1a:73:82:5f:cd:b1:cf:ce:ae:42:
60:b8:51:e8:3a:e2:62:c1:4c:b0:16:99:bc:4e:2c:
83:66:23:7a:a2:d2:ae:d3:fb:70:b7:e2:24:22:2f:
92:6d:53:37:db:30:40:37:45:9c:e2:ec:d5:a4:26:
24:07:d9:bf:e7:cc:b1:cd:c7:28:9b:c2:a3:48:d5:
7c:d1:01:0d:ec:dd:50:4a:b9:f2:32:6d:46:bf:91:
b7:d0:82:5c:60:16:d6:df:11:52:68:f9:58:1b:50:
a5:14:66:e6:e4:9f:57:55:ee:d0:93:8d:a8:92:87:
eb:35:c0:94:33:04:4c:cf:00:04:01:23:eb:8e:84:
51:42:9d:25:91:00:06:ac:6c:2d:53:fb:9f:2d:71:
f1:72:f7:27:ae:85:b1:f0:8f:cd:79:68:82:81:6d:
82:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:E1:67:07:D0:72:54:47:86:36:8F:C6:92:AD:A3:4D:5F:06:7B:B6
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/zeFnB9ByVEeGNo_Gkq2jTV8Ge7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.108.0/24
194.242.2.0/24
Signature Algorithm: sha256WithRSAEncryption
88:76:00:9d:58:c8:20:5b:e6:de:7c:f9:e9:2e:cd:64:81:c7:
ef:13:9e:a9:60:23:68:07:fb:bc:fb:94:86:4f:81:a3:12:38:
31:5f:0b:f5:01:5c:95:5f:13:bb:3c:e6:a8:f3:32:ac:b6:b7:
f4:ea:c6:dc:6f:ea:26:f2:a9:a8:24:87:85:4d:08:42:dc:6f:
11:21:af:00:6d:ef:23:4e:7b:52:57:05:3a:ab:d7:8e:25:1f:
c6:e6:a0:75:b6:fa:57:73:b4:03:2e:06:53:7f:e9:92:5c:8b:
60:a2:fe:18:fb:1b:9d:66:cf:3a:84:96:cf:99:9e:64:15:f4:
4c:8c:fe:59:83:6d:73:32:40:3f:c4:02:33:7d:02:3d:7c:42:
c1:29:ce:c7:23:51:d9:23:f0:c7:a8:c4:87:b6:95:81:6b:76:
cc:3c:1a:4b:77:ab:f1:d2:62:f3:ee:eb:2e:a5:16:ad:22:8b:
74:9d:6f:23:3c:02:03:c8:c5:7a:be:d5:6b:bd:ff:87:3b:a0:
cc:e0:57:f0:ed:7b:ef:ce:be:31:ca:d0:5c:0c:9e:ba:4b:0d:
bf:64:86:bf:ec:21:87:4a:f5:f3:c7:65:30:ac:df:89:8b:78:
4e:14:d4:66:ef:ab:35:f1:6c:27:6b:e0:b4:b6:19:91:a4:cc:
14:6d:5b:9c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxAvj1lH7FuL/Uc/+2dwfdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGUxNjcwN2QwNzI1NDQ3ODYzNjhmYzY5MmFkYTM0ZDVmMDY3YmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4oNyEhkS9p86nay1D9QEFRJEQmD
Ok0S/rSa9ED2aX7X2/KHcW42h8ssO5tqIKOZrrq087skEHR7Hx4Y5XPPlp4biSLc
S6wiQkgctcJidcx+IraW11qfBAsVF8M8jRpzgl/Nsc/OrkJguFHoOuJiwUywFpm8
TiyDZiN6otKu0/twt+IkIi+SbVM32zBAN0Wc4uzVpCYkB9m/58yxzccom8KjSNV8
0QEN7N1QSrnyMm1Gv5G30IJcYBbW3xFSaPlYG1ClFGbm5J9XVe7Qk42okofrNcCU
MwRMzwAEASPrjoRRQp0lkQAGrGwtU/ufLXHxcvcnroWx8I/NeWiCgW2C/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM3hZwfQclRHhjaPxpKto01fBnu2MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvemVGbkI5QnlWRWVHTm9fR2txMmpUVjhHZTdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwRNsAwQA
wvICMA0GCSqGSIb3DQEBCwUAA4IBAQCIdgCdWMggW+befPnpLs1kgcfvE56pYCNo
B/u8+5SGT4GjEjgxXwv1AVyVXxO7POao8zKstrf06sbcb+om8qmoJIeFTQhC3G8R
Ia8Abe8jTntSVwU6q9eOJR/G5qB1tvpXc7QDLgZTf+mSXItgov4Y+xudZs86hJbP
mZ5kFfRMjP5Zg21zMkA/xAIzfQI9fELBKc7HI1HZI/DHqMSHtpWBa3bMPBpLd6vx
0mLz7usupRatIot0nW8jPAIDyMV6vtVrvf+HO6DM4Ffw7Xvvzr4xytBcDJ66Sw2/
ZIa/7CGHSvXzx2UwrN+Ji3hOFNRm76s18Wwna+C0thmRpMwUbVuc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:49 2024 by rpki-client on console-fra.rpki-client.org