Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/ad18a0-b32c-4fcb-be9c-1caf0611374d/1/ZUI6FGLA38VFNp6rW33CDZnHwkg.roa
File: ZUI6FGLA38VFNp6rW33CDZnHwkg.roa (raw, json)
Hash identifier: Bp0eNePL6rAU8/mPQzjq/aI7lTrFd/vurr7UdkqYcm4=
Subject key identifier: 65:42:3A:14:62:C0:DF:C5:45:36:9E:AB:5B:7D:C2:0D:99:C7:C2:48
Certificate issuer: /CN=08819c27a5be3d2db222b05637447ed6e8324873
Certificate serial: 0185723A1B366F92866218CDEF8FB8417C2D
Authority key identifier: 08:81:9C:27:A5:BE:3D:2D:B2:22:B0:56:37:44:7E:D6:E8:32:48:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIGcJ6W-PS2yIrBWN0R-1ugySHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/ad18a0-b32c-4fcb-be9c-1caf0611374d/1/ZUI6FGLA38VFNp6rW33CDZnHwkg.roa
Signing time: Mon 02 Jan 2023 11:24:48 +0000
ROA not before: Mon 02 Jan 2023 11:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198028
IP address blocks: 194.12.51.0/24 maxlen: 24
194.12.52.0/24 maxlen: 24
194.12.55.0/24 maxlen: 24
194.12.53.0/24 maxlen: 24
194.12.54.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:1b:36:6f:92:86:62:18:cd:ef:8f:b8:41:7c:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08819c27a5be3d2db222b05637447ed6e8324873
Validity
Not Before: Jan 2 11:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65423a1462c0dfc545369eab5b7dc20d99c7c248
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ad:92:b5:3b:1f:8c:fd:49:8c:c1:aa:78:a9:
1e:a2:34:52:09:ba:ee:97:f7:e3:38:bb:90:55:6d:
59:27:5e:79:f1:a4:73:40:5f:58:d8:a3:c1:cd:3e:
6e:01:15:d1:0c:02:d8:c8:91:0a:17:0d:6e:cf:37:
90:5d:0a:38:cf:dd:d9:10:74:a6:89:ed:b0:77:27:
3a:88:47:84:2b:2b:5a:cb:f7:84:a8:e0:cd:45:a2:
30:be:5f:71:bf:f9:b0:fc:a3:c7:d1:1a:9a:90:a3:
88:f2:f0:19:80:9a:87:5e:16:4a:9c:de:2c:7f:a6:
a0:50:a0:06:b1:2b:5f:92:83:7f:20:8d:e6:b4:55:
52:66:6a:8a:64:86:b6:e5:00:8a:ae:a6:49:6e:90:
95:d9:1b:92:b7:fe:a3:43:99:89:10:81:2f:d1:91:
83:f4:d4:0a:86:20:0d:e5:1d:74:1d:cd:1a:51:82:
2c:2c:08:d6:78:d2:c3:8e:71:d4:70:a4:5e:37:bb:
c4:98:e5:4f:67:f6:89:c7:e6:b4:65:bb:f7:9a:50:
03:fc:6c:81:0e:c1:8d:9c:fc:57:78:43:b0:ce:7d:
a3:8d:f3:38:8f:51:4a:27:24:da:f2:34:af:d9:8d:
47:80:7c:6e:64:a5:ad:17:47:8a:67:29:2a:ff:30:
1a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:42:3A:14:62:C0:DF:C5:45:36:9E:AB:5B:7D:C2:0D:99:C7:C2:48
X509v3 Authority Key Identifier:
keyid:08:81:9C:27:A5:BE:3D:2D:B2:22:B0:56:37:44:7E:D6:E8:32:48:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIGcJ6W-PS2yIrBWN0R-1ugySHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/ad18a0-b32c-4fcb-be9c-1caf0611374d/1/ZUI6FGLA38VFNp6rW33CDZnHwkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/ad18a0-b32c-4fcb-be9c-1caf0611374d/1/CIGcJ6W-PS2yIrBWN0R-1ugySHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.12.51.0-194.12.55.255
Signature Algorithm: sha256WithRSAEncryption
32:02:c3:ac:11:40:45:be:f1:be:41:f5:d2:fb:f7:55:a2:1c:
34:ed:b7:47:e9:de:d3:03:64:f0:44:d0:83:c2:91:03:7a:8d:
c0:be:4d:dd:85:4a:f8:96:ab:2e:d7:a0:ee:11:ad:49:5c:a6:
af:0a:a3:77:da:83:a3:57:e3:7a:d7:46:8f:a6:62:92:39:41:
9e:06:d9:cf:fc:a2:42:9c:e6:6f:63:29:4e:57:b8:cf:c4:e4:
30:2d:7f:bc:d4:d7:38:a7:c4:ff:e0:a6:7b:43:db:07:ee:6d:
a2:7a:dc:2c:cf:27:95:ed:70:3c:16:2d:01:37:88:59:6e:34:
eb:a4:08:63:51:39:b5:1f:7d:5c:fa:68:7f:68:17:07:21:5f:
23:d9:20:dd:a0:e9:78:6c:a1:fc:29:ad:99:f2:2c:ab:45:ac:
4b:a5:b6:25:b8:f8:03:73:75:35:54:f7:95:fa:48:c6:f8:e7:
ed:db:1a:49:a9:15:ff:4c:63:9a:d3:7a:37:25:63:55:d9:75:
72:99:58:08:21:b5:d2:c5:09:bd:ad:ce:be:14:98:13:7b:19:
5a:34:0f:ff:51:c0:d4:c1:bc:47:ef:35:24:10:19:49:ce:09:
85:13:78:c6:a4:3a:ed:f9:96:01:4a:c9:c5:d4:1d:8f:b2:47:
30:e2:09:c7
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVyOhs2b5KGYhjN74+4QXwtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODE5YzI3YTViZTNkMmRiMjIyYjA1NjM3NDQ3ZWQ2ZTgz
MjQ4NzMwHhcNMjMwMTAyMTEyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTQyM2ExNDYyYzBkZmM1NDUzNjllYWI1YjdkYzIwZDk5YzdjMjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAua2StTsfjP1JjMGqeKkeojRSCbru
l/fjOLuQVW1ZJ1558aRzQF9Y2KPBzT5uARXRDALYyJEKFw1uzzeQXQo4z93ZEHSm
ie2wdyc6iEeEKytay/eEqODNRaIwvl9xv/mw/KPH0RqakKOI8vAZgJqHXhZKnN4s
f6agUKAGsStfkoN/II3mtFVSZmqKZIa25QCKrqZJbpCV2RuSt/6jQ5mJEIEv0ZGD
9NQKhiAN5R10Hc0aUYIsLAjWeNLDjnHUcKReN7vEmOVPZ/aJx+a0Zbv3mlAD/GyB
DsGNnPxXeEOwzn2jjfM4j1FKJyTa8jSv2Y1HgHxuZKWtF0eKZykq/zAalwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGVCOhRiwN/FRTaeq1t9wg2Zx8JIMB8GA1UdIwQY
MBaAFAiBnCelvj0tsiKwVjdEftboMkhzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lHY0o2Vy1QUzJ5SXJCV04wUi0xdWd5U0hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9hZDE4YTAtYjMyYy00ZmNiLWJlOWMt
MWNhZjA2MTEzNzRkLzEvWlVJNkZHTEEzOFZGTnA2clczM0NEWm5Id2tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9hZDE4YTAtYjMyYy00ZmNiLWJlOWMtMWNhZjA2MTEzNzRk
LzEvQ0lHY0o2Vy1QUzJ5SXJCV04wUi0xdWd5U0hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADCDDMD
BAPCDDAwDQYJKoZIhvcNAQELBQADggEBADICw6wRQEW+8b5B9dL791WiHDTtt0fp
3tMDZPBE0IPCkQN6jcC+Td2FSviWqy7XoO4RrUlcpq8Ko3fag6NX43rXRo+mYpI5
QZ4G2c/8okKc5m9jKU5XuM/E5DAtf7zU1zinxP/gpntD2wfubaJ63CzPJ5XtcDwW
LQE3iFluNOukCGNRObUffVz6aH9oFwchXyPZIN2g6XhsofwprZnyLKtFrEultiW4
+ANzdTVU95X6SMb45+3bGkmpFf9MY5rTejclY1XZdXKZWAghtdLFCb2tzr4UmBN7
GVo0D/9RwNTBvEfvNSQQGUnOCYUTeMakOu35lgFKycXUHY+yRzDiCcc=
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:18 2024 by rpki-client on console-ams.rpki-client.org