Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/2ebba5-7a0d-4333-b911-0f88d16e1afe/1/zns3IeZQaewY0jmGOHwB-D3QY5w.roa
File: zns3IeZQaewY0jmGOHwB-D3QY5w.roa (raw, json)
Hash identifier: MKh0v3CE87fL3eFg0lb2j1ZW3dqSkpcj1Ug/J4zifko=
Subject key identifier: CE:7B:37:21:E6:50:69:EC:18:D2:39:86:38:7C:01:F8:3D:D0:63:9C
Certificate issuer: /CN=e11aa92850ebfe648ad3d89add8e736ec3675a11
Certificate serial: 0185709510D4BA894F312B1AA40C9E8D4EE6
Authority key identifier: E1:1A:A9:28:50:EB:FE:64:8A:D3:D8:9A:DD:8E:73:6E:C3:67:5A:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4RqpKFDr_mSK09ia3Y5zbsNnWhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/2ebba5-7a0d-4333-b911-0f88d16e1afe/1/zns3IeZQaewY0jmGOHwB-D3QY5w.roa
Signing time: Mon 02 Jan 2023 03:44:55 +0000
ROA not before: Mon 02 Jan 2023 03:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197965
IP address blocks: 194.180.136.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:10:d4:ba:89:4f:31:2b:1a:a4:0c:9e:8d:4e:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e11aa92850ebfe648ad3d89add8e736ec3675a11
Validity
Not Before: Jan 2 03:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce7b3721e65069ec18d23986387c01f83dd0639c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:38:b6:04:56:20:55:2d:b2:ea:dc:f0:1a:f7:
39:7f:33:db:2f:70:2b:17:e3:7e:a1:ff:24:d1:b8:
a6:fa:16:16:1a:e9:6a:ef:ab:da:de:67:c1:2a:67:
0d:f2:3f:88:f5:ff:92:43:39:38:74:21:71:b1:d3:
a7:f4:69:56:fd:33:b5:0f:dd:4c:f1:f5:fd:c7:ae:
f7:fa:56:e7:ae:4f:ae:37:9e:b7:46:6c:fc:ee:02:
34:70:f9:7a:de:4b:b6:2b:a9:24:31:9e:57:7e:4e:
c9:8b:53:b7:bf:e1:f5:8c:f2:04:fb:71:c8:c2:f1:
c2:f8:da:89:e5:2a:1c:f0:df:06:06:da:43:96:1b:
ba:7e:d7:f5:25:42:5e:d0:60:65:8a:6b:19:51:7d:
43:dd:40:b5:71:22:1b:de:47:1a:10:0f:5e:7e:73:
c9:95:e8:29:43:dc:1b:86:c2:4d:ce:53:6d:c0:47:
19:09:67:ef:85:8a:78:3c:1a:98:49:40:ac:a6:2a:
8f:a0:54:88:96:ea:31:3e:f5:f6:f8:05:5e:32:e8:
2a:93:a4:a6:f2:49:d8:d6:f9:b2:69:9c:05:67:b8:
88:90:d0:2c:ae:54:cc:d5:4a:1e:04:0e:2d:06:a8:
a6:95:5b:22:fb:b7:13:96:5c:27:3f:b5:db:61:43:
fc:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:7B:37:21:E6:50:69:EC:18:D2:39:86:38:7C:01:F8:3D:D0:63:9C
X509v3 Authority Key Identifier:
keyid:E1:1A:A9:28:50:EB:FE:64:8A:D3:D8:9A:DD:8E:73:6E:C3:67:5A:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4RqpKFDr_mSK09ia3Y5zbsNnWhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/2ebba5-7a0d-4333-b911-0f88d16e1afe/1/zns3IeZQaewY0jmGOHwB-D3QY5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/2ebba5-7a0d-4333-b911-0f88d16e1afe/1/4RqpKFDr_mSK09ia3Y5zbsNnWhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.180.136.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:af:3d:15:ac:85:23:5c:a5:28:59:e9:2c:31:6f:ad:ff:76:
54:29:47:3e:9c:04:5b:21:33:f2:44:59:aa:8e:21:04:87:02:
46:5f:a1:e7:58:85:95:4b:24:b1:3d:e1:65:91:f2:63:d7:f7:
5f:44:97:08:de:37:57:4e:a2:20:b4:fd:8a:32:6c:71:4c:b9:
ed:39:04:3c:cb:a7:2f:fc:e1:63:69:7a:75:a9:ea:30:5c:2a:
e4:64:7e:8e:a6:72:f8:03:56:27:af:62:85:14:6e:ae:7d:a7:
fd:06:7a:95:2a:bc:54:30:f4:15:eb:db:94:ba:e3:54:7f:bf:
3d:a0:de:ce:7b:34:f7:b0:2c:54:ff:43:52:c6:23:5a:fa:57:
ef:53:17:d8:9b:de:06:33:9c:db:39:81:24:b0:ad:d7:4c:c3:
d6:86:95:75:a8:e5:9b:9e:98:c4:10:5e:80:51:16:8c:aa:9d:
4f:23:bd:dd:66:c8:0f:93:38:cc:ee:37:9c:eb:33:54:24:8d:
b4:f6:7c:0a:17:10:62:93:58:39:aa:7a:67:06:a6:98:fc:a1:
f0:29:78:17:5a:61:6e:ea:d2:d6:b6:66:7b:8b:bf:d7:bd:85:
48:40:a3:d3:88:19:57:36:0e:96:66:79:6e:12:5a:e7:db:6c:
53:ff:63:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlRDUuolPMSsapAyejU7mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMWFhOTI4NTBlYmZlNjQ4YWQzZDg5YWRkOGU3MzZlYzM2
NzVhMTEwHhcNMjMwMTAyMDM0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTdiMzcyMWU2NTA2OWVjMThkMjM5ODYzODdjMDFmODNkZDA2MzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDi2BFYgVS2y6tzwGvc5fzPbL3Ar
F+N+of8k0bim+hYWGulq76va3mfBKmcN8j+I9f+SQzk4dCFxsdOn9GlW/TO1D91M
8fX9x673+lbnrk+uN563Rmz87gI0cPl63ku2K6kkMZ5Xfk7Ji1O3v+H1jPIE+3HI
wvHC+NqJ5Soc8N8GBtpDlhu6ftf1JUJe0GBlimsZUX1D3UC1cSIb3kcaEA9efnPJ
legpQ9wbhsJNzlNtwEcZCWfvhYp4PBqYSUCspiqPoFSIluoxPvX2+AVeMugqk6Sm
8knY1vmyaZwFZ7iIkNAsrlTM1UoeBA4tBqimlVsi+7cTllwnP7XbYUP8awIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM57NyHmUGnsGNI5hjh8Afg90GOcMB8GA1UdIwQY
MBaAFOEaqShQ6/5kitPYmt2Oc27DZ1oRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFJxcEtGRHJfbVNLMDlpYTNZNXpic05uV2hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8yZWJiYTUtN2EwZC00MzMzLWI5MTEt
MGY4OGQxNmUxYWZlLzEvem5zM0llWlFhZXdZMGptR09Id0ItRDNRWTV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8yZWJiYTUtN2EwZC00MzMzLWI5MTEtMGY4OGQxNmUxYWZl
LzEvNFJxcEtGRHJfbVNLMDlpYTNZNXpic05uV2hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwrSIMA0G
CSqGSIb3DQEBCwUAA4IBAQB6rz0VrIUjXKUoWeksMW+t/3ZUKUc+nARbITPyRFmq
jiEEhwJGX6HnWIWVSySxPeFlkfJj1/dfRJcI3jdXTqIgtP2KMmxxTLntOQQ8y6cv
/OFjaXp1qeowXCrkZH6OpnL4A1Ynr2KFFG6ufaf9BnqVKrxUMPQV69uUuuNUf789
oN7OezT3sCxU/0NSxiNa+lfvUxfYm94GM5zbOYEksK3XTMPWhpV1qOWbnpjEEF6A
URaMqp1PI73dZsgPkzjM7jec6zNUJI209nwKFxBik1g5qnpnBqaY/KHwKXgXWmFu
6tLWtmZ7i7/XvYVIQKPTiBlXNg6WZnluElrn22xT/2O1
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:34 2024 by rpki-client on console-fra.rpki-client.org