Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/2c6590-ab29-46b4-a6ae-da388bc34efb/1/ZqnX6Obi-tJFz8_5YKH4Nk8YLUU.roa
File: ZqnX6Obi-tJFz8_5YKH4Nk8YLUU.roa (raw, json)
Hash identifier: JYVODSzFanHfzivCG6ER7wf495CovPJDqJB3+IrI2j4=
Subject key identifier: 66:A9:D7:E8:E6:E2:FA:D2:45:CF:CF:F9:60:A1:F8:36:4F:18:2D:45
Certificate issuer: /CN=c0c7f1ba3fae71364e932b0560d602c5725dda8e
Certificate serial: 01856F9DEEC94239A48FAFE9D98BBD6758BD
Authority key identifier: C0:C7:F1:BA:3F:AE:71:36:4E:93:2B:05:60:D6:02:C5:72:5D:DA:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wMfxuj-ucTZOkysFYNYCxXJd2o4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/2c6590-ab29-46b4-a6ae-da388bc34efb/1/ZqnX6Obi-tJFz8_5YKH4Nk8YLUU.roa
Signing time: Sun 01 Jan 2023 23:14:59 +0000
ROA not before: Sun 01 Jan 2023 23:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60168
IP address blocks: 194.8.53.0/24 maxlen: 24
195.177.219.0/24 maxlen: 24
195.177.218.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:ee:c9:42:39:a4:8f:af:e9:d9:8b:bd:67:58:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0c7f1ba3fae71364e932b0560d602c5725dda8e
Validity
Not Before: Jan 1 23:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66a9d7e8e6e2fad245cfcff960a1f8364f182d45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:0b:bc:b8:af:02:d4:c8:1b:b7:c9:73:ce:c2:
58:a9:95:b0:aa:ae:fe:34:6d:59:e2:70:df:8f:ab:
92:0a:6d:bb:bd:00:95:5d:45:3e:c3:28:7c:da:d1:
16:2f:77:b9:ca:4b:ec:98:0b:98:61:0b:f5:c7:69:
96:f3:30:30:a2:b7:1a:d6:8a:e0:dc:e3:6a:3d:6c:
25:3e:48:93:6c:b3:f6:f7:ab:a7:46:a5:22:af:00:
03:dd:9f:06:a4:46:be:df:be:2e:3d:fc:81:20:2d:
99:08:33:9d:38:c4:76:d7:d3:dd:bc:3e:94:3b:15:
88:7a:b0:16:70:49:01:f1:e3:fd:cf:70:ea:6f:49:
d7:f1:48:d9:88:8b:68:67:8d:7a:44:31:ca:c5:fc:
04:e0:66:a7:05:5d:18:41:99:79:90:76:60:a6:8c:
c7:8c:d8:27:a5:59:46:cd:ab:91:01:2d:cf:61:fc:
ff:a2:bd:4f:d1:68:20:c5:c4:1d:b5:1b:be:d6:e3:
da:85:d8:fe:6e:9e:2e:60:ca:40:e3:8e:5f:01:07:
c4:b7:d6:4c:47:b5:db:67:ef:7d:ae:9f:fb:f3:cc:
9c:43:d1:a1:c3:c2:f7:df:54:74:2a:8b:c0:da:76:
49:25:24:10:e3:25:c4:08:0c:b3:56:77:bf:81:86:
04:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:A9:D7:E8:E6:E2:FA:D2:45:CF:CF:F9:60:A1:F8:36:4F:18:2D:45
X509v3 Authority Key Identifier:
keyid:C0:C7:F1:BA:3F:AE:71:36:4E:93:2B:05:60:D6:02:C5:72:5D:DA:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wMfxuj-ucTZOkysFYNYCxXJd2o4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/2c6590-ab29-46b4-a6ae-da388bc34efb/1/ZqnX6Obi-tJFz8_5YKH4Nk8YLUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/2c6590-ab29-46b4-a6ae-da388bc34efb/1/wMfxuj-ucTZOkysFYNYCxXJd2o4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.8.53.0/24
195.177.218.0/23
Signature Algorithm: sha256WithRSAEncryption
97:53:91:15:6a:06:17:19:44:a8:a5:47:69:c7:cf:27:f2:24:
39:83:6f:83:aa:5e:01:c8:3d:83:9d:82:6a:44:ad:a6:16:66:
d1:86:73:47:e1:1f:ae:fe:81:97:78:6c:f6:54:c5:cd:46:46:
2f:0f:93:33:92:11:a6:62:42:14:78:6d:19:a8:ec:22:e9:6b:
4b:22:56:b6:19:3a:b8:47:66:2b:c6:ed:10:9a:28:33:cc:b8:
a9:90:1a:0a:e4:62:a4:b0:71:0d:96:df:30:5a:3f:0e:42:6d:
7c:5c:91:6a:e7:29:4e:e6:a8:d5:29:d4:ee:c1:8c:a6:4b:eb:
3d:8c:0a:d7:c5:a8:13:3f:9b:9e:79:6b:8d:2f:93:41:76:72:
71:1f:54:cc:5a:b6:e3:79:f5:07:e4:b4:65:2a:af:ba:a7:be:
6e:03:51:20:3e:a7:e9:ea:fb:e4:af:2c:b2:75:5e:b6:e2:5f:
7b:b7:51:2b:5d:c8:49:38:80:09:d7:1b:ec:5e:a1:0f:1a:81:
0d:09:94:cf:1d:68:b4:f4:e1:c0:0f:34:9a:7e:23:ab:87:41:
71:fc:17:7e:8c:0f:5c:42:66:db:4f:78:ba:ec:4e:94:9b:78:
27:0f:fd:8f:a2:c6:a4:16:a1:03:ba:c1:5a:69:74:88:0e:79:
43:80:8b:68
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvne7JQjmkj6/p2Yu9Z1i9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwYzdmMWJhM2ZhZTcxMzY0ZTkzMmIwNTYwZDYwMmM1NzI1
ZGRhOGUwHhcNMjMwMTAxMjMxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmE5ZDdlOGU2ZTJmYWQyNDVjZmNmZjk2MGExZjgzNjRmMTgyZDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngu8uK8C1Mgbt8lzzsJYqZWwqq7+
NG1Z4nDfj6uSCm27vQCVXUU+wyh82tEWL3e5ykvsmAuYYQv1x2mW8zAworca1org
3ONqPWwlPkiTbLP296unRqUirwAD3Z8GpEa+374uPfyBIC2ZCDOdOMR219PdvD6U
OxWIerAWcEkB8eP9z3Dqb0nX8UjZiItoZ416RDHKxfwE4GanBV0YQZl5kHZgpozH
jNgnpVlGzauRAS3PYfz/or1P0WggxcQdtRu+1uPahdj+bp4uYMpA445fAQfEt9ZM
R7XbZ+99rp/788ycQ9Ghw8L331R0KovA2nZJJSQQ4yXECAyzVne/gYYE+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGap1+jm4vrSRc/P+WCh+DZPGC1FMB8GA1UdIwQY
MBaAFMDH8bo/rnE2TpMrBWDWAsVyXdqOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd01meHVqLXVjVFpPa3lzRllOWUN4WEpkMm80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8yYzY1OTAtYWIyOS00NmI0LWE2YWUt
ZGEzODhiYzM0ZWZiLzEvWnFuWDZPYmktdEpGejhfNVlLSDROazhZTFVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8yYzY1OTAtYWIyOS00NmI0LWE2YWUtZGEzODhiYzM0ZWZi
LzEvd01meHVqLXVjVFpPa3lzRllOWUN4WEpkMm80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwgg1AwQB
w7HaMA0GCSqGSIb3DQEBCwUAA4IBAQCXU5EVagYXGUSopUdpx88n8iQ5g2+Dql4B
yD2DnYJqRK2mFmbRhnNH4R+u/oGXeGz2VMXNRkYvD5MzkhGmYkIUeG0ZqOwi6WtL
Ila2GTq4R2Yrxu0QmigzzLipkBoK5GKksHENlt8wWj8OQm18XJFq5ylO5qjVKdTu
wYymS+s9jArXxagTP5ueeWuNL5NBdnJxH1TMWrbjefUH5LRlKq+6p75uA1EgPqfp
6vvkryyydV624l97t1ErXchJOIAJ1xvsXqEPGoENCZTPHWi09OHADzSafiOrh0Fx
/Bd+jA9cQmbbT3i67E6Um3gnD/2PosakFqEDusFaaXSIDnlDgIto
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:47 2024 by rpki-client on console-fra.rpki-client.org