Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/ZUnKWpT4R3Swno3laJfmFGaZTkQ.roa
File: ZUnKWpT4R3Swno3laJfmFGaZTkQ.roa (raw, json)
Hash identifier: P1OCcYhD8+6TSxEMQfpUOtYbBz8cXcEBDkVMwwBwkkk=
Subject key identifier: 65:49:CA:5A:94:F8:47:74:B0:9E:8D:E5:68:97:E6:14:66:99:4E:44
Certificate issuer: /CN=3694fcc6bf6a8740fa7814641fd9d6ec8d862e5f
Certificate serial: 018E7A75B9FC275C56DAA4E19D755A6DC3DB
Authority key identifier: 36:94:FC:C6:BF:6A:87:40:FA:78:14:64:1F:D9:D6:EC:8D:86:2E:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpT8xr9qh0D6eBRkH9nW7I2GLl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/ZUnKWpT4R3Swno3laJfmFGaZTkQ.roa
Signing time: Tue 26 Mar 2024 11:11:59 +0000
ROA not before: Tue 26 Mar 2024 11:11:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23470
IP address blocks: 185.194.204.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Mar 2024 07:52:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7a:75:b9:fc:27:5c:56:da:a4:e1:9d:75:5a:6d:c3:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3694fcc6bf6a8740fa7814641fd9d6ec8d862e5f
Validity
Not Before: Mar 26 11:11:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6549ca5a94f84774b09e8de56897e61466994e44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:3b:c4:8b:66:05:f1:5e:e5:af:cc:a5:af:99:
d5:b5:dd:ac:20:50:a7:14:41:af:e2:c6:97:c4:a5:
a5:19:ca:a9:61:68:f5:b5:65:e0:8a:b2:d9:35:a9:
19:c4:e2:2d:64:92:30:86:68:9c:a9:c6:f6:5f:14:
25:f9:72:ff:a0:bb:b9:dc:c9:4d:b5:9f:f7:44:38:
eb:5b:d6:ed:39:ac:c3:67:98:bf:79:cd:46:e6:82:
a6:b5:70:9f:72:2d:a1:c9:ae:0c:90:15:e4:ff:1e:
fb:65:e7:f6:8e:96:5f:72:40:6c:3b:f7:65:5f:77:
00:18:09:2f:b1:ae:4c:7e:46:65:3e:43:42:60:49:
9d:35:be:05:5f:11:a3:d8:d2:08:09:8e:08:b2:7d:
50:5b:45:57:88:c3:0a:91:a8:58:59:37:df:66:5a:
37:b7:b2:8f:6c:84:ed:be:96:bf:ef:3d:ee:34:2a:
1b:26:6d:13:9e:b9:22:12:c7:7f:53:6c:3e:e8:fb:
27:1d:a6:d5:14:37:da:31:c1:7e:ab:c0:82:0b:fb:
8d:55:2f:e6:13:bf:72:eb:17:81:b7:d7:9e:db:55:
28:16:1f:7d:82:b6:c4:c2:76:38:57:a3:2f:66:7b:
c7:3e:6d:43:6f:ce:42:ad:8c:2c:9f:43:52:fd:11:
79:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:49:CA:5A:94:F8:47:74:B0:9E:8D:E5:68:97:E6:14:66:99:4E:44
X509v3 Authority Key Identifier:
keyid:36:94:FC:C6:BF:6A:87:40:FA:78:14:64:1F:D9:D6:EC:8D:86:2E:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpT8xr9qh0D6eBRkH9nW7I2GLl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/ZUnKWpT4R3Swno3laJfmFGaZTkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/NpT8xr9qh0D6eBRkH9nW7I2GLl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.204.0/23
Signature Algorithm: sha256WithRSAEncryption
99:27:17:32:cf:ef:e0:7d:b2:b0:67:24:8d:07:6d:19:c6:0c:
a5:5d:6f:13:9b:c9:39:50:f9:6f:b3:89:6b:1d:3b:be:17:dd:
16:ce:fb:17:fb:4d:8c:0d:23:f7:a9:7f:ad:3a:cc:3f:1f:0e:
d8:db:43:98:e8:9b:55:5c:75:16:37:56:d1:4a:4d:32:09:60:
cf:93:3f:be:ef:21:c6:ee:f3:f8:ce:39:7e:de:b5:d0:18:29:
56:45:7e:bd:78:a3:40:b4:da:4b:6d:11:c3:46:71:a2:74:d5:
c1:54:58:39:e2:c8:40:82:11:9a:51:15:b5:d7:87:26:04:4a:
80:4f:42:66:d1:51:e7:00:9d:0b:cd:aa:a5:f9:4a:99:56:db:
6e:37:25:45:d8:65:0c:fa:c5:e8:d9:a0:0d:c4:7e:be:cc:58:
f4:28:21:aa:19:71:9b:fb:dc:52:f3:1a:e8:84:36:e7:28:41:
4a:5b:be:60:e4:63:35:07:91:32:84:a1:d0:5a:85:39:bd:03:
87:6e:45:58:c9:89:3c:0a:a2:f7:c9:74:28:0b:3e:85:8a:ac:
4f:f9:4e:f3:18:86:43:5e:02:20:4d:b9:9d:43:f0:8f:ad:83:
d7:a8:12:be:cb:f0:5c:3d:62:8b:9e:43:2d:c3:b5:07:1f:f1:
91:86:1a:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY56dbn8J1xW2qThnXVabcPbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTRmY2M2YmY2YTg3NDBmYTc4MTQ2NDFmZDlkNmVjOGQ4
NjJlNWYwHhcNMjQwMzI2MTExMTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTQ5Y2E1YTk0Zjg0Nzc0YjA5ZThkZTU2ODk3ZTYxNDY2OTk0ZTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DvEi2YF8V7lr8ylr5nVtd2sIFCn
FEGv4saXxKWlGcqpYWj1tWXgirLZNakZxOItZJIwhmicqcb2XxQl+XL/oLu53MlN
tZ/3RDjrW9btOazDZ5i/ec1G5oKmtXCfci2hya4MkBXk/x77Zef2jpZfckBsO/dl
X3cAGAkvsa5MfkZlPkNCYEmdNb4FXxGj2NIICY4Isn1QW0VXiMMKkahYWTffZlo3
t7KPbITtvpa/7z3uNCobJm0TnrkiEsd/U2w+6PsnHabVFDfaMcF+q8CCC/uNVS/m
E79y6xeBt9ee21UoFh99grbEwnY4V6MvZnvHPm1Db85CrYwsn0NS/RF5RQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGVJylqU+Ed0sJ6N5WiX5hRmmU5EMB8GA1UdIwQY
MBaAFDaU/Ma/aodA+ngUZB/Z1uyNhi5fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBUOHhyOXFoMEQ2ZUJSa0g5blc3STJHTGw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9hOGRkOWUtNzFmMi00Zjc3LWI1NzUt
MGQzZmNlNDI5YmRlLzEvWlVuS1dwVDRSM1N3bm8zbGFKZm1GR2FaVGtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9hOGRkOWUtNzFmMi00Zjc3LWI1NzUtMGQzZmNlNDI5YmRl
LzEvTnBUOHhyOXFoMEQ2ZUJSa0g5blc3STJHTGw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBucLMMA0G
CSqGSIb3DQEBCwUAA4IBAQCZJxcyz+/gfbKwZySNB20ZxgylXW8Tm8k5UPlvs4lr
HTu+F90WzvsX+02MDSP3qX+tOsw/Hw7Y20OY6JtVXHUWN1bRSk0yCWDPkz++7yHG
7vP4zjl+3rXQGClWRX69eKNAtNpLbRHDRnGidNXBVFg54shAghGaURW114cmBEqA
T0Jm0VHnAJ0Lzaql+UqZVttuNyVF2GUM+sXo2aANxH6+zFj0KCGqGXGb+9xS8xro
hDbnKEFKW75g5GM1B5EyhKHQWoU5vQOHbkVYyYk8CqL3yXQoCz6FiqxP+U7zGIZD
XgIgTbmdQ/CPrYPXqBK+y/BcPWKLnkMtw7UHH/GRhhre
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:16 2024 by rpki-client on console-ams.rpki-client.org