Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/097b01-9470-48eb-850d-afc602714e13/1/S3kOLPrUloozIE9ALohJdB7F0Zo.roa
File: S3kOLPrUloozIE9ALohJdB7F0Zo.roa (raw, json)
Hash identifier: Ym81vTH8udr6xxCma4WVSzw9kpgE0b/Ujj1U8DHhn/E=
Subject key identifier: 4B:79:0E:2C:FA:D4:96:8A:33:20:4F:40:2E:88:49:74:1E:C5:D1:9A
Certificate issuer: /CN=cc6ca05c4cb61d9e2329298d354c2a769bdd05d3
Certificate serial: 0192FD2A4FEF491988A639A635B051A93711
Authority key identifier: CC:6C:A0:5C:4C:B6:1D:9E:23:29:29:8D:35:4C:2A:76:9B:DD:05:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zGygXEy2HZ4jKSmNNUwqdpvdBdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/097b01-9470-48eb-850d-afc602714e13/1/S3kOLPrUloozIE9ALohJdB7F0Zo.roa
Signing time: Tue 05 Nov 2024 16:31:01 +0000
ROA not before: Tue 05 Nov 2024 16:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204025
IP address blocks: 185.71.56.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fd:2a:4f:ef:49:19:88:a6:39:a6:35:b0:51:a9:37:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc6ca05c4cb61d9e2329298d354c2a769bdd05d3
Validity
Not Before: Nov 5 16:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b790e2cfad4968a33204f402e8849741ec5d19a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d5:a4:0a:2b:8f:49:3f:b5:48:8b:b8:46:d1:
12:05:6d:08:83:19:c9:2c:c5:d6:67:22:53:c4:98:
af:8f:03:82:50:92:30:83:a4:96:0d:d1:cb:44:34:
87:13:3c:c0:42:6f:6c:bf:b0:cd:e0:76:c4:52:22:
34:f2:af:ef:10:81:1d:38:d1:d1:f8:fa:7e:8e:1c:
e6:e5:65:9f:20:a7:3b:40:d9:3a:e9:13:15:cf:6b:
e1:e5:10:97:82:da:02:af:dc:36:b5:05:b8:49:8c:
7c:e0:06:47:31:1a:30:34:7d:16:e9:09:ea:87:51:
fc:8b:f0:db:b5:60:65:a6:cf:a3:1a:07:9c:af:9a:
6e:d9:14:37:37:36:93:23:25:37:4d:b7:d8:3f:06:
21:34:b8:ea:e0:83:c9:89:31:81:32:aa:bd:92:75:
ae:56:07:9e:25:76:b5:1b:f5:5a:d7:77:de:04:6e:
db:df:62:51:a3:ed:ae:8e:c1:20:41:8c:5b:b4:9e:
31:f5:38:94:43:7e:9b:1a:62:76:57:9e:a4:f0:e5:
4f:ff:c7:0f:f9:20:9f:f2:15:50:f8:9e:2e:03:4b:
a6:28:55:8b:04:ff:98:bc:7c:b9:43:f3:ae:ad:71:
d7:ad:c5:a1:28:18:0e:f1:4c:1a:63:ac:df:66:d4:
18:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:79:0E:2C:FA:D4:96:8A:33:20:4F:40:2E:88:49:74:1E:C5:D1:9A
X509v3 Authority Key Identifier:
keyid:CC:6C:A0:5C:4C:B6:1D:9E:23:29:29:8D:35:4C:2A:76:9B:DD:05:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zGygXEy2HZ4jKSmNNUwqdpvdBdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/097b01-9470-48eb-850d-afc602714e13/1/S3kOLPrUloozIE9ALohJdB7F0Zo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/097b01-9470-48eb-850d-afc602714e13/1/zGygXEy2HZ4jKSmNNUwqdpvdBdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.56.0/22
Signature Algorithm: sha256WithRSAEncryption
19:f6:0a:40:02:7d:09:7f:01:38:a6:bf:b4:af:1c:8c:4d:8e:
7a:a4:77:53:74:ca:d1:d8:ba:b5:8d:14:8c:82:b5:40:50:33:
41:1d:fa:5f:87:05:c9:14:3c:80:4a:f3:85:31:67:e9:c5:22:
bc:a5:92:c9:71:d4:59:8b:e3:cc:0b:7f:71:a6:70:cf:1c:52:
80:06:20:97:5e:2c:af:b1:1b:8e:46:12:94:c6:18:af:18:7d:
bc:b3:06:7e:49:73:56:93:c0:e1:dc:36:eb:d2:fd:e0:7d:e2:
52:7e:ee:c6:8e:60:be:5a:07:79:40:34:70:b2:47:f3:ca:0e:
12:7e:f3:23:fb:8a:b7:a4:29:9c:64:43:63:ea:77:28:ed:d5:
ee:fc:c8:8a:b3:cc:58:f8:39:94:be:1f:82:3e:f9:03:ae:54:
2c:72:a0:cf:11:fa:fd:b7:f0:83:fc:3d:ef:1f:76:41:bc:30:
99:e9:87:d6:12:92:a4:c5:08:13:b4:c2:d7:e2:47:77:ca:63:
49:7d:45:bd:ef:df:f3:2d:fe:68:d2:b3:84:e2:f0:42:66:a3:
64:85:74:76:38:03:03:53:44:59:42:9b:9e:7f:08:d4:37:5c:
41:69:c6:6a:01:b7:b3:1c:c8:0c:5f:ee:69:07:25:b0:79:f9:
ba:a3:1a:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZL9Kk/vSRmIpjmmNbBRqTcRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNmNhMDVjNGNiNjFkOWUyMzI5Mjk4ZDM1NGMyYTc2OWJk
ZDA1ZDMwHhcNMjQxMTA1MTYzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yjc5MGUyY2ZhZDQ5NjhhMzMyMDRmNDAyZTg4NDk3NDFlYzVkMTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNWkCiuPST+1SIu4RtESBW0IgxnJ
LMXWZyJTxJivjwOCUJIwg6SWDdHLRDSHEzzAQm9sv7DN4HbEUiI08q/vEIEdONHR
+Pp+jhzm5WWfIKc7QNk66RMVz2vh5RCXgtoCr9w2tQW4SYx84AZHMRowNH0W6Qnq
h1H8i/DbtWBlps+jGgecr5pu2RQ3NzaTIyU3TbfYPwYhNLjq4IPJiTGBMqq9knWu
VgeeJXa1G/Va13feBG7b32JRo+2ujsEgQYxbtJ4x9TiUQ36bGmJ2V56k8OVP/8cP
+SCf8hVQ+J4uA0umKFWLBP+YvHy5Q/OurXHXrcWhKBgO8UwaY6zfZtQY1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEt5Diz61JaKMyBPQC6ISXQexdGaMB8GA1UdIwQY
MBaAFMxsoFxMth2eIykpjTVMKnab3QXTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekd5Z1hFeTJIWjRqS1NtTk5Vd3FkcHZkQmRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8wOTdiMDEtOTQ3MC00OGViLTg1MGQt
YWZjNjAyNzE0ZTEzLzEvUzNrT0xQclVsb296SUU5QUxvaEpkQjdGMFpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8wOTdiMDEtOTQ3MC00OGViLTg1MGQtYWZjNjAyNzE0ZTEz
LzEvekd5Z1hFeTJIWjRqS1NtTk5Vd3FkcHZkQmRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUc4MA0G
CSqGSIb3DQEBCwUAA4IBAQAZ9gpAAn0JfwE4pr+0rxyMTY56pHdTdMrR2Lq1jRSM
grVAUDNBHfpfhwXJFDyASvOFMWfpxSK8pZLJcdRZi+PMC39xpnDPHFKABiCXXiyv
sRuORhKUxhivGH28swZ+SXNWk8Dh3Dbr0v3gfeJSfu7GjmC+Wgd5QDRwskfzyg4S
fvMj+4q3pCmcZENj6nco7dXu/MiKs8xY+DmUvh+CPvkDrlQscqDPEfr9t/CD/D3v
H3ZBvDCZ6YfWEpKkxQgTtMLX4kd3ymNJfUW979/zLf5o0rOE4vBCZqNkhXR2OAMD
U0RZQpuefwjUN1xBacZqAbezHMgMX+5pByWwefm6oxqY
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:28 2025 by rpki-client