Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ed4da0-0647-446f-b065-db0dcc08f452/1/Czi28_UqSlX3DD8bfCsTEyQJNAY.roa
File: Czi28_UqSlX3DD8bfCsTEyQJNAY.roa (raw, json)
Hash identifier: U3usmIUZJ5/S09+4kHHMMVDGMYSxW4/mpuj56A3xGKE=
Subject key identifier: 0B:38:B6:F3:F5:2A:4A:55:F7:0C:3F:1B:7C:2B:13:13:24:09:34:06
Certificate issuer: /CN=66ef31adac663855b3ddd1931c44cf8064d6a6eb
Certificate serial: 018CC801B8075B0FF31BCEE03DEB22A326A6
Authority key identifier: 66:EF:31:AD:AC:66:38:55:B3:DD:D1:93:1C:44:CF:80:64:D6:A6:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zu8xraxmOFWz3dGTHETPgGTWpus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ed4da0-0647-446f-b065-db0dcc08f452/1/Czi28_UqSlX3DD8bfCsTEyQJNAY.roa
Signing time: Tue 02 Jan 2024 02:30:04 +0000
ROA not before: Tue 02 Jan 2024 02:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 193.160.155.0/24 maxlen: 24
2a0c:9e40:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:b8:07:5b:0f:f3:1b:ce:e0:3d:eb:22:a3:26:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66ef31adac663855b3ddd1931c44cf8064d6a6eb
Validity
Not Before: Jan 2 02:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b38b6f3f52a4a55f70c3f1b7c2b131324093406
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c9:26:91:d3:33:19:6d:67:d9:06:8b:8e:f2:
84:90:25:d1:f1:6d:1f:ce:b7:aa:91:7a:62:d0:63:
08:5a:29:e0:ab:30:0c:aa:31:c0:79:d4:44:a8:90:
ad:a7:9e:14:5c:18:57:ad:57:a9:01:c2:0b:62:d6:
af:0e:3b:0f:b3:56:eb:f7:a4:57:54:75:a2:12:1b:
bc:74:5f:c8:3b:9d:6e:41:6f:13:bd:b7:d2:67:d3:
7a:c0:87:1b:9c:8f:ac:24:90:24:61:96:c2:6a:f0:
7d:7e:e3:68:84:7d:81:94:bc:ce:03:1b:5d:b5:5b:
df:c1:15:71:21:49:19:d2:11:f7:65:6d:96:ff:52:
0b:dc:d4:88:c1:41:c5:45:14:47:53:81:ba:8f:13:
b2:8a:b4:bd:70:c6:c0:51:c0:eb:42:84:b5:6a:7d:
1f:29:1c:d8:0d:85:61:ee:99:8a:f1:a5:ab:7f:97:
e9:b0:c4:1c:68:2c:16:93:59:ab:12:3f:e7:20:fd:
62:83:0d:1b:05:7f:65:c2:86:34:a8:78:83:a6:73:
23:54:95:ce:e5:d4:53:f8:72:a1:12:5e:d9:43:64:
4b:28:d1:6d:ab:e6:46:b0:ad:1d:d1:14:83:6d:6b:
3f:40:5a:75:4f:e8:e7:6a:57:48:c5:57:38:99:52:
cb:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:38:B6:F3:F5:2A:4A:55:F7:0C:3F:1B:7C:2B:13:13:24:09:34:06
X509v3 Authority Key Identifier:
keyid:66:EF:31:AD:AC:66:38:55:B3:DD:D1:93:1C:44:CF:80:64:D6:A6:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zu8xraxmOFWz3dGTHETPgGTWpus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ed4da0-0647-446f-b065-db0dcc08f452/1/Czi28_UqSlX3DD8bfCsTEyQJNAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ed4da0-0647-446f-b065-db0dcc08f452/1/Zu8xraxmOFWz3dGTHETPgGTWpus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.160.155.0/24
IPv6:
2a0c:9e40:3::/48
Signature Algorithm: sha256WithRSAEncryption
11:48:3c:aa:37:4d:73:0f:ad:65:e7:60:25:d3:3a:ab:56:cf:
94:e2:92:07:d8:21:83:5b:e5:a1:4d:40:44:9b:c1:1e:f2:cc:
1a:7b:d5:eb:33:7f:e3:66:a0:0d:65:e7:ef:c5:1f:e7:6e:18:
6d:3a:9a:02:6e:31:50:f8:39:99:11:82:b8:af:59:c0:40:e0:
69:c0:9b:0a:16:44:3a:d5:01:0e:33:ca:01:cb:48:cc:44:06:
5f:94:e4:2d:c5:1d:2e:19:f7:79:b5:e2:e0:aa:86:c5:51:be:
e5:89:2c:2b:b8:07:14:e4:96:97:ad:5b:b4:d9:d2:9b:9d:66:
00:d5:cb:90:73:cb:5e:cd:85:04:b9:39:09:b3:d9:20:2a:bd:
60:5c:a3:37:3f:88:9a:d9:5a:92:12:21:3e:9f:91:66:ed:2a:
d5:1c:1b:ae:47:8c:45:aa:ad:cf:8f:1e:8b:cb:dd:d5:54:4d:
3c:61:ff:4c:54:31:40:11:a4:78:8b:6c:96:cb:0e:e7:68:b9:
63:43:dd:89:2b:33:f9:7e:c4:d3:d4:a2:40:c9:34:65:58:6a:
cd:c2:35:60:9e:7f:ba:8d:5b:2b:25:55:cc:d8:56:24:28:f6:
47:3b:2a:0a:87:20:01:1d:e7:88:6c:c5:72:8c:9f:8a:66:55:
62:2f:a1:75
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzIAbgHWw/zG87gPesioyamMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZWYzMWFkYWM2NjM4NTViM2RkZDE5MzFjNDRjZjgwNjRk
NmE2ZWIwHhcNMjQwMTAyMDIzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjM4YjZmM2Y1MmE0YTU1ZjcwYzNmMWI3YzJiMTMxMzI0MDkzNDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoskmkdMzGW1n2QaLjvKEkCXR8W0f
zreqkXpi0GMIWingqzAMqjHAedREqJCtp54UXBhXrVepAcILYtavDjsPs1br96RX
VHWiEhu8dF/IO51uQW8TvbfSZ9N6wIcbnI+sJJAkYZbCavB9fuNohH2BlLzOAxtd
tVvfwRVxIUkZ0hH3ZW2W/1IL3NSIwUHFRRRHU4G6jxOyirS9cMbAUcDrQoS1an0f
KRzYDYVh7pmK8aWrf5fpsMQcaCwWk1mrEj/nIP1igw0bBX9lwoY0qHiDpnMjVJXO
5dRT+HKhEl7ZQ2RLKNFtq+ZGsK0d0RSDbWs/QFp1T+jnaldIxVc4mVLLGQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAs4tvP1KkpV9ww/G3wrExMkCTQGMB8GA1UdIwQY
MBaAFGbvMa2sZjhVs93RkxxEz4Bk1qbrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnU4eHJheG1PRld6M2RHVEhFVFBnR1RXcHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9lZDRkYTAtMDY0Ny00NDZmLWIwNjUt
ZGIwZGNjMDhmNDUyLzEvQ3ppMjhfVXFTbFgzREQ4YmZDc1RFeVFKTkFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9lZDRkYTAtMDY0Ny00NDZmLWIwNjUtZGIwZGNjMDhmNDUy
LzEvWnU4eHJheG1PRld6M2RHVEhFVFBnR1RXcHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwaCbMA8E
AgACMAkDBwAqDJ5AAAMwDQYJKoZIhvcNAQELBQADggEBABFIPKo3TXMPrWXnYCXT
OqtWz5TikgfYIYNb5aFNQESbwR7yzBp71eszf+NmoA1l5+/FH+duGG06mgJuMVD4
OZkRgrivWcBA4GnAmwoWRDrVAQ4zygHLSMxEBl+U5C3FHS4Z93m14uCqhsVRvuWJ
LCu4BxTklpetW7TZ0pudZgDVy5Bzy17NhQS5OQmz2SAqvWBcozc/iJrZWpISIT6f
kWbtKtUcG65HjEWqrc+PHovL3dVUTTxh/0xUMUARpHiLbJbLDudouWND3YkrM/l+
xNPUokDJNGVYas3CNWCef7qNWyslVczYViQo9kc7KgqHIAEd54hsxXKMn4pmVWIv
oXU=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:12:59 2025 by rpki-client