Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/832147-310e-4bb5-99da-e99a8dc30255/1/zG0Kau0xcmuh8IrWHTcNxjl2K8o.roa
File: zG0Kau0xcmuh8IrWHTcNxjl2K8o.roa (raw, json)
Hash identifier: 5tS+qNAJsDA3/WnQbh61DINDIZja4A6tR53cWHNjO1g=
Subject key identifier: CC:6D:0A:6A:ED:31:72:6B:A1:F0:8A:D6:1D:37:0D:C6:39:76:2B:CA
Certificate issuer: /CN=27d54e4a788d6967a2eef3a6692622626f54efad
Certificate serial: 018DE72F39AEE30EA7510FEDE7A1CA96460C
Authority key identifier: 27:D5:4E:4A:78:8D:69:67:A2:EE:F3:A6:69:26:22:62:6F:54:EF:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J9VOSniNaWei7vOmaSYiYm9U760.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/832147-310e-4bb5-99da-e99a8dc30255/1/zG0Kau0xcmuh8IrWHTcNxjl2K8o.roa
Signing time: Mon 26 Feb 2024 20:50:48 +0000
ROA not before: Mon 26 Feb 2024 20:50:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208871
IP address blocks: 185.156.24.0/22 maxlen: 22
185.156.25.0/24 maxlen: 24
185.156.26.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Mar 2024 19:59:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e7:2f:39:ae:e3:0e:a7:51:0f:ed:e7:a1:ca:96:46:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27d54e4a788d6967a2eef3a6692622626f54efad
Validity
Not Before: Feb 26 20:50:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc6d0a6aed31726ba1f08ad61d370dc639762bca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c2:d8:0e:44:6b:41:51:32:34:21:b5:1e:61:
f7:1e:ba:95:d8:5d:6f:b1:c9:44:ca:b0:ef:91:4c:
1d:c9:c9:35:d1:6e:de:20:13:c9:c6:01:3e:49:d3:
9a:18:e5:a6:62:c5:72:b3:e4:b5:c3:58:44:06:a0:
32:00:92:68:23:b1:db:d2:c3:84:88:cd:36:c1:c8:
e1:05:29:65:34:97:32:fd:16:96:ae:28:89:d1:af:
fb:c8:26:cc:16:fa:23:b3:4b:84:21:8f:72:02:8b:
27:d7:58:70:7d:d3:40:58:61:0d:71:1f:0f:3d:ca:
63:d9:df:a1:ae:a5:12:14:2d:4a:43:94:2d:52:93:
1f:ca:4d:df:39:35:fb:d7:2f:38:c7:03:fc:85:93:
a2:e5:3c:8a:fb:de:e0:4f:d6:09:b6:d1:8a:11:3c:
a2:b8:d8:a2:87:92:3c:4f:74:5c:75:ff:36:f0:86:
e1:8a:df:04:74:61:2a:9c:93:7f:3c:5b:cd:87:8a:
06:16:f6:86:57:0a:63:78:33:b3:26:45:eb:ed:42:
fe:4d:e5:47:c5:0d:f6:1c:c7:b6:4b:80:61:60:8f:
55:ee:16:94:7c:0b:8c:d3:13:cd:01:b8:ea:bf:cf:
5e:3f:39:b0:01:b9:68:84:11:2f:d3:56:c2:d9:d0:
45:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:6D:0A:6A:ED:31:72:6B:A1:F0:8A:D6:1D:37:0D:C6:39:76:2B:CA
X509v3 Authority Key Identifier:
keyid:27:D5:4E:4A:78:8D:69:67:A2:EE:F3:A6:69:26:22:62:6F:54:EF:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J9VOSniNaWei7vOmaSYiYm9U760.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/832147-310e-4bb5-99da-e99a8dc30255/1/zG0Kau0xcmuh8IrWHTcNxjl2K8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/832147-310e-4bb5-99da-e99a8dc30255/1/J9VOSniNaWei7vOmaSYiYm9U760.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.24.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:a7:10:49:63:d1:bd:7e:62:82:ad:57:54:4f:95:73:c0:b8:
13:7f:3c:bc:df:50:3d:bd:b7:d3:43:28:83:d3:25:c9:43:43:
6e:33:36:42:81:f3:40:d2:46:4f:bc:a5:ff:af:b7:9d:f1:5f:
95:e1:96:a2:1f:0d:64:fd:87:a8:2d:6d:45:04:78:f9:29:09:
46:41:0a:a4:3f:3e:74:ed:fb:72:34:03:66:de:43:fd:88:a9:
c6:93:99:c5:c7:59:a4:d1:d4:15:90:f9:53:e8:42:95:77:18:
57:43:37:9b:ec:2d:a5:32:7e:13:88:91:4c:fc:d3:43:94:a0:
3a:67:87:43:e9:64:1e:f4:fd:c6:dd:ee:ba:f4:37:c3:3e:cd:
2e:2d:c8:29:5e:f9:c0:09:76:5f:7c:fd:98:d3:1e:24:00:05:
53:81:62:e0:7a:47:62:64:8d:c9:d6:15:9a:e5:b7:ed:6c:a0:
5f:e6:ad:6a:6c:99:84:c9:75:bb:4e:a0:96:26:51:ec:20:bf:
19:e1:47:7f:8b:54:08:4c:42:a3:cb:a9:c8:88:5a:55:24:be:
88:12:d7:4d:b0:ff:16:57:50:7c:08:35:9a:e2:0a:e7:58:e2:
e8:e1:3e:7d:fc:3d:be:33:3f:f0:25:89:e4:7e:c6:27:6d:ee:
b9:0b:44:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3nLzmu4w6nUQ/t56HKlkYMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZDU0ZTRhNzg4ZDY5NjdhMmVlZjNhNjY5MjYyMjYyNmY1
NGVmYWQwHhcNMjQwMjI2MjA1MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzZkMGE2YWVkMzE3MjZiYTFmMDhhZDYxZDM3MGRjNjM5NzYyYmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcLYDkRrQVEyNCG1HmH3HrqV2F1v
sclEyrDvkUwdyck10W7eIBPJxgE+SdOaGOWmYsVys+S1w1hEBqAyAJJoI7Hb0sOE
iM02wcjhBSllNJcy/RaWriiJ0a/7yCbMFvojs0uEIY9yAosn11hwfdNAWGENcR8P
Pcpj2d+hrqUSFC1KQ5QtUpMfyk3fOTX71y84xwP8hZOi5TyK+97gT9YJttGKETyi
uNiih5I8T3Rcdf828Ibhit8EdGEqnJN/PFvNh4oGFvaGVwpjeDOzJkXr7UL+TeVH
xQ32HMe2S4BhYI9V7haUfAuM0xPNAbjqv89ePzmwAblohBEv01bC2dBFBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMxtCmrtMXJrofCK1h03DcY5divKMB8GA1UdIwQY
MBaAFCfVTkp4jWlnou7zpmkmImJvVO+tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjlWT1NuaU5hV2VpN3ZPbWFTWWlZbTlVNzYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84MzIxNDctMzEwZS00YmI1LTk5ZGEt
ZTk5YThkYzMwMjU1LzEvekcwS2F1MHhjbXVoOElyV0hUY054amwySzhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84MzIxNDctMzEwZS00YmI1LTk5ZGEtZTk5YThkYzMwMjU1
LzEvSjlWT1NuaU5hV2VpN3ZPbWFTWWlZbTlVNzYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZwYMA0G
CSqGSIb3DQEBCwUAA4IBAQCKpxBJY9G9fmKCrVdUT5VzwLgTfzy831A9vbfTQyiD
0yXJQ0NuMzZCgfNA0kZPvKX/r7ed8V+V4ZaiHw1k/YeoLW1FBHj5KQlGQQqkPz50
7ftyNANm3kP9iKnGk5nFx1mk0dQVkPlT6EKVdxhXQzeb7C2lMn4TiJFM/NNDlKA6
Z4dD6WQe9P3G3e669DfDPs0uLcgpXvnACXZffP2Y0x4kAAVTgWLgekdiZI3J1hWa
5bftbKBf5q1qbJmEyXW7TqCWJlHsIL8Z4Ud/i1QITEKjy6nIiFpVJL6IEtdNsP8W
V1B8CDWa4grnWOLo4T59/D2+Mz/wJYnkfsYnbe65C0TM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:49 2024 by rpki-client on console-ams.rpki-client.org