Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/cZVfA7G9zKnASX4PEVYzpWUQFzQ.roa
File: cZVfA7G9zKnASX4PEVYzpWUQFzQ.roa (raw, json)
Hash identifier: j/AdyE7m9bivOM3Kp9P96HqXx41s6J7HSFtRgwUOaew=
Subject key identifier: 71:95:5F:03:B1:BD:CC:A9:C0:49:7E:0F:11:56:33:A5:65:10:17:34
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 018DAF57C9077B8F72A2A4799A3425321915
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/cZVfA7G9zKnASX4PEVYzpWUQFzQ.roa
Signing time: Fri 16 Feb 2024 00:36:22 +0000
ROA not before: Fri 16 Feb 2024 00:36:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 262287
IP address blocks: 192.145.70.0/24 maxlen: 24
2a0a:8f40:4::/48 maxlen: 48
2a0a:8f40:5::/48 maxlen: 48
2a0a:8f40:6::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 22 Mar 2024 16:14:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:af:57:c9:07:7b:8f:72:a2:a4:79:9a:34:25:32:19:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Feb 16 00:36:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71955f03b1bdcca9c0497e0f115633a565101734
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:9e:ba:0c:f7:7a:70:e3:34:a2:ae:5f:e8:64:
02:b1:ad:80:f6:11:e2:71:91:c9:b1:30:f0:8f:d4:
71:4a:d6:7b:62:82:bf:79:d0:b5:e9:ce:69:e9:66:
26:08:e3:a9:37:57:66:50:d4:4a:5d:58:50:49:3e:
41:c0:3e:5e:3b:7c:23:6d:3c:4a:36:49:7c:c2:d7:
bd:12:5e:bc:47:d4:ef:4a:ae:3b:9c:e2:fc:32:a2:
02:eb:16:f0:c2:88:33:ec:df:14:8b:eb:d4:fe:f2:
ac:a7:67:41:55:22:32:4f:4d:cf:42:a2:97:11:cd:
04:af:38:a4:2d:53:5f:9e:82:ca:f3:93:fc:f2:79:
03:02:83:e2:69:d8:09:e0:1f:af:56:2a:a5:0e:c4:
b7:7e:b0:e4:91:6d:55:a1:65:61:a5:bf:43:93:c0:
3b:c1:48:36:4f:bc:c6:70:d8:53:92:75:37:24:b2:
e5:d7:2c:15:dd:42:6a:92:9a:d2:69:95:a5:7e:be:
fe:74:31:d1:9a:4d:f8:74:85:69:6a:ed:7e:28:55:
0f:ea:c2:b6:2e:de:b3:3f:12:29:3d:c8:e2:e3:42:
d0:42:04:04:b9:c7:80:ad:71:78:9f:18:50:a9:44:
55:f0:2d:5e:81:f2:30:9a:13:01:75:a1:37:43:15:
0b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:95:5F:03:B1:BD:CC:A9:C0:49:7E:0F:11:56:33:A5:65:10:17:34
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/cZVfA7G9zKnASX4PEVYzpWUQFzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.70.0/24
IPv6:
2a0a:8f40:4::-2a0a:8f40:6:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3d:3e:b2:d8:5f:3a:55:3f:1c:10:a3:8c:6c:9a:d5:22:63:cd:
85:73:9f:6a:7d:38:e4:1b:d1:64:8e:dc:8d:dc:15:36:fd:2a:
17:b9:03:51:c3:8e:61:d5:f2:66:0e:01:31:20:89:0d:3c:45:
b4:25:20:5a:4b:ec:3f:8d:af:1d:46:e2:9e:0f:6a:e6:3d:37:
e3:ab:10:a3:25:2c:f7:3c:40:5f:85:a2:96:9d:c0:18:cc:f3:
a6:9b:78:d8:2b:46:80:66:9b:d7:eb:79:23:d9:95:5e:5a:e4:
26:db:f4:24:4a:32:46:8b:aa:70:27:a4:dc:d0:ec:22:1e:54:
77:be:15:23:34:fc:62:63:13:b3:2a:85:97:d0:ac:a7:2a:0b:
c7:37:c6:ec:73:5b:03:51:52:b0:7e:89:9b:cb:4a:45:42:06:
4f:fa:e1:58:4f:87:7c:d3:a8:0f:66:10:81:d0:65:f7:82:08:
6c:72:08:d4:11:e1:e2:0a:37:f1:01:9d:e0:96:5c:53:6d:2d:
17:c4:03:c7:0b:02:2f:02:d2:ac:fc:fb:bf:bc:51:78:4d:8c:
e0:26:d0:ec:e4:9d:3b:00:a9:04:5e:87:5e:96:d0:93:a6:d7:
cd:3d:95:76:32:07:4e:c7:e1:52:b0:3f:eb:a6:70:b7:10:2e:
c9:ee:9f:2b
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY2vV8kHe49yoqR5mjQlMhkVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQwMjE2MDAzNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTk1NWYwM2IxYmRjY2E5YzA0OTdlMGYxMTU2MzNhNTY1MTAxNzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Z66DPd6cOM0oq5f6GQCsa2A9hHi
cZHJsTDwj9RxStZ7YoK/edC16c5p6WYmCOOpN1dmUNRKXVhQST5BwD5eO3wjbTxK
Nkl8wte9El68R9TvSq47nOL8MqIC6xbwwogz7N8Ui+vU/vKsp2dBVSIyT03PQqKX
Ec0ErzikLVNfnoLK85P88nkDAoPiadgJ4B+vViqlDsS3frDkkW1VoWVhpb9Dk8A7
wUg2T7zGcNhTknU3JLLl1ywV3UJqkprSaZWlfr7+dDHRmk34dIVpau1+KFUP6sK2
Lt6zPxIpPcji40LQQgQEuceArXF4nxhQqURV8C1egfIwmhMBdaE3QxULKQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFHGVXwOxvcypwEl+DxFWM6VlEBc0MB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvY1pWZkE3Rzl6S25BU1g0UEVWWXpwV1VRRnpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAwJFGMBoE
AgACMBQwEgMHAioKj0AABAMHACoKj0AABjANBgkqhkiG9w0BAQsFAAOCAQEAPT6y
2F86VT8cEKOMbJrVImPNhXOfan045BvRZI7cjdwVNv0qF7kDUcOOYdXyZg4BMSCJ
DTxFtCUgWkvsP42vHUbing9q5j0346sQoyUs9zxAX4Wilp3AGMzzppt42CtGgGab
1+t5I9mVXlrkJtv0JEoyRouqcCek3NDsIh5Ud74VIzT8YmMTsyqFl9CspyoLxzfG
7HNbA1FSsH6Jm8tKRUIGT/rhWE+HfNOoD2YQgdBl94IIbHII1BHh4go38QGd4JZc
U20tF8QDxwsCLwLSrPz7v7xReE2M4CbQ7OSdOwCpBF6HXpbQk6bXzT2VdjIHTsfh
UrA/66ZwtxAuye6fKw==
-----END CERTIFICATE-----
Generated at Fri Mar 22 18:51:31 2024 by rpki-client on console-ams.rpki-client.org