Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/zCHmPJOiBuNxcE7WXXQZO7uuyN8.roa
File: zCHmPJOiBuNxcE7WXXQZO7uuyN8.roa (raw, json)
Hash identifier: d2cLiLeAUYkVqCJGOYR8ope6pPUow2zXQ8GCKN424Wk=
Subject key identifier: CC:21:E6:3C:93:A2:06:E3:71:70:4E:D6:5D:74:19:3B:BB:AE:C8:DF
Certificate issuer: /CN=4b01b0851b7f89ea4bb132a7f5395b9d2aca1c02
Certificate serial: 018571BA12CC7E0D3FFC1E1E8DB6783EE246
Authority key identifier: 4B:01:B0:85:1B:7F:89:EA:4B:B1:32:A7:F5:39:5B:9D:2A:CA:1C:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SwGwhRt_iepLsTKn9TlbnSrKHAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/zCHmPJOiBuNxcE7WXXQZO7uuyN8.roa
Signing time: Mon 02 Jan 2023 09:04:58 +0000
ROA not before: Mon 02 Jan 2023 09:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207605
IP address blocks: 176.119.205.0/24 maxlen: 24
2a05:4500::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 23 Jul 2023 13:16:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:ba:12:cc:7e:0d:3f:fc:1e:1e:8d:b6:78:3e:e2:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b01b0851b7f89ea4bb132a7f5395b9d2aca1c02
Validity
Not Before: Jan 2 09:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc21e63c93a206e371704ed65d74193bbbaec8df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:09:27:78:75:8c:0b:f3:ce:ce:d6:50:f6:04:
e5:ac:2b:a2:77:09:47:c1:98:aa:18:9e:ff:4b:58:
f0:cc:7f:d2:28:a3:d1:5b:65:2c:36:49:e3:73:98:
a2:5a:db:02:98:04:c6:01:bc:8f:99:b8:6f:29:c0:
19:fa:db:05:89:78:5e:2e:cf:1b:5f:6c:ad:b6:e8:
bb:a9:01:ae:a5:ee:62:b1:cd:f0:ff:f2:7d:f8:b0:
59:6e:d8:52:25:29:b4:03:07:d9:b6:52:ff:f8:62:
8d:4c:86:b3:49:c5:09:fd:a1:4c:77:ec:c1:23:94:
a1:10:00:3c:83:57:df:7d:5f:8a:50:f5:98:11:10:
62:40:e3:5f:0c:f1:b0:6d:9a:b6:04:d4:f6:fd:6f:
03:9c:16:85:11:d6:b3:ac:bb:82:ad:75:57:4e:8f:
c9:ee:d9:2c:5b:28:83:ea:d1:b1:3c:78:3f:44:92:
d9:02:74:77:7a:e1:a3:3c:7f:d2:cd:05:da:d9:82:
39:7b:94:e0:db:74:f0:43:62:60:a0:ef:11:ec:30:
de:a4:c5:df:80:76:71:3a:5a:c4:05:a8:b0:d4:21:
bd:ad:a5:af:60:9f:47:ad:0a:01:ba:46:e2:dd:04:
fe:68:0f:f9:34:33:45:90:e3:60:bf:18:7f:63:25:
c7:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:21:E6:3C:93:A2:06:E3:71:70:4E:D6:5D:74:19:3B:BB:AE:C8:DF
X509v3 Authority Key Identifier:
keyid:4B:01:B0:85:1B:7F:89:EA:4B:B1:32:A7:F5:39:5B:9D:2A:CA:1C:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SwGwhRt_iepLsTKn9TlbnSrKHAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/zCHmPJOiBuNxcE7WXXQZO7uuyN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/SwGwhRt_iepLsTKn9TlbnSrKHAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.205.0/24
IPv6:
2a05:4500::/29
Signature Algorithm: sha256WithRSAEncryption
4f:2d:0a:f1:7c:f4:5e:13:d8:9e:dc:c8:57:fa:38:d2:20:41:
36:92:2d:18:ac:2e:5a:1c:16:7a:e0:dd:f5:e2:b1:ed:d3:9e:
70:39:6c:91:dc:0c:1b:cf:3c:0c:58:10:b0:d7:e7:36:7a:7f:
2a:6b:b3:e3:8d:3d:87:47:dc:ef:e6:2c:f7:4d:b8:34:6a:33:
8b:72:73:6c:5c:32:be:c0:3d:be:51:f3:2c:ff:ee:f2:f5:ff:
f3:37:fa:e8:86:72:78:6f:5d:b1:e7:20:c6:38:28:46:5d:58:
a8:42:b5:6a:9d:db:1e:73:82:d7:02:c0:ac:a9:cc:8d:7f:3a:
5d:a5:e4:22:17:0f:dc:a1:92:b7:33:b9:68:f8:8c:c6:bc:c4:
9b:62:0e:bb:c3:93:71:61:fe:41:df:c8:66:73:42:e9:49:a0:
3d:23:f4:26:0c:cb:c6:e9:c9:8c:e9:1f:c2:f7:a0:e8:df:c4:
7e:34:32:d8:83:5d:01:cb:47:d4:e5:05:47:08:07:3e:86:4e:
e3:dc:96:4a:c2:77:e7:6a:77:c2:c2:c5:a4:7c:90:a0:9d:92:
46:40:43:61:d2:07:a7:65:a4:bf:77:19:e3:fe:43:44:1f:33:
76:32:1d:ec:b7:11:6f:14:41:65:e7:dd:c4:55:44:44:0d:17:
c3:91:9c:07
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxuhLMfg0//B4ejbZ4PuJGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiMDFiMDg1MWI3Zjg5ZWE0YmIxMzJhN2Y1Mzk1YjlkMmFj
YTFjMDIwHhcNMjMwMTAyMDkwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzIxZTYzYzkzYTIwNmUzNzE3MDRlZDY1ZDc0MTkzYmJiYWVjOGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQkneHWMC/POztZQ9gTlrCuidwlH
wZiqGJ7/S1jwzH/SKKPRW2UsNknjc5iiWtsCmATGAbyPmbhvKcAZ+tsFiXheLs8b
X2yttui7qQGupe5isc3w//J9+LBZbthSJSm0AwfZtlL/+GKNTIazScUJ/aFMd+zB
I5ShEAA8g1fffV+KUPWYERBiQONfDPGwbZq2BNT2/W8DnBaFEdazrLuCrXVXTo/J
7tksWyiD6tGxPHg/RJLZAnR3euGjPH/SzQXa2YI5e5Tg23TwQ2JgoO8R7DDepMXf
gHZxOlrEBaiw1CG9raWvYJ9HrQoBukbi3QT+aA/5NDNFkONgvxh/YyXHjwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMwh5jyTogbjcXBO1l10GTu7rsjfMB8GA1UdIwQY
MBaAFEsBsIUbf4nqS7Eyp/U5W50qyhwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3dHd2hSdF9pZXBMc1RLbjlUbGJuU3JLSEFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jYjlkN2YtYWZkZi00NDg3LTllMDgt
YmQ1MDQzYzBkMWZiLzEvekNIbVBKT2lCdU54Y0U3V1hYUVpPN3V1eU44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jYjlkN2YtYWZkZi00NDg3LTllMDgtYmQ1MDQzYzBkMWZi
LzEvU3dHd2hSdF9pZXBMc1RLbjlUbGJuU3JLSEFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAsHfNMA0E
AgACMAcDBQMqBUUAMA0GCSqGSIb3DQEBCwUAA4IBAQBPLQrxfPReE9ie3MhX+jjS
IEE2ki0YrC5aHBZ64N314rHt055wOWyR3AwbzzwMWBCw1+c2en8qa7PjjT2HR9zv
5iz3Tbg0ajOLcnNsXDK+wD2+UfMs/+7y9f/zN/rohnJ4b12x5yDGOChGXVioQrVq
ndsec4LXAsCsqcyNfzpdpeQiFw/coZK3M7lo+IzGvMSbYg67w5NxYf5B38hmc0Lp
SaA9I/QmDMvG6cmM6R/C96Do38R+NDLYg10By0fU5QVHCAc+hk7j3JZKwnfnanfC
wsWkfJCgnZJGQENh0genZaS/dxnj/kNEHzN2Mh3stxFvFEFl593EVUREDRfDkZwH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:15 2024 by rpki-client on console-fra.rpki-client.org