Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/ZDqLmeH8d4mv6HCoEEjdHfoMN58.roa
File: ZDqLmeH8d4mv6HCoEEjdHfoMN58.roa (raw, json)
Hash identifier: 5AC7k4DGQjNKiMwepWHsYXgzLhGi3izgNPy8/46rNtg=
Subject key identifier: 64:3A:8B:99:E1:FC:77:89:AF:E8:70:A8:10:48:DD:1D:FA:0C:37:9F
Certificate issuer: /CN=a608db43964b6986ec740f0b5e33f627589ac560
Certificate serial: 018602E417B8AEDECB4F45778D8E5ABFFD42
Authority key identifier: A6:08:DB:43:96:4B:69:86:EC:74:0F:0B:5E:33:F6:27:58:9A:C5:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/ZDqLmeH8d4mv6HCoEEjdHfoMN58.roa
Signing time: Mon 30 Jan 2023 13:35:47 +0000
ROA not before: Mon 30 Jan 2023 13:35:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41202
IP address blocks: 176.96.236.0/24 maxlen: 24
176.96.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:02:e4:17:b8:ae:de:cb:4f:45:77:8d:8e:5a:bf:fd:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a608db43964b6986ec740f0b5e33f627589ac560
Validity
Not Before: Jan 30 13:35:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=643a8b99e1fc7789afe870a81048dd1dfa0c379f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:17:b1:ed:1f:e0:1b:87:f0:2a:7b:f0:c2:f4:
76:da:b8:ab:d3:8e:a4:fc:c6:f4:75:54:73:56:23:
17:a4:1b:7e:90:7f:a1:0e:5b:72:aa:b8:bd:b6:e3:
56:87:ae:92:16:e3:a2:45:6d:2c:09:03:0e:50:29:
fa:da:d7:32:7f:42:67:eb:3c:be:34:5f:c4:b6:f0:
27:92:d9:12:3d:08:e8:87:ce:91:93:82:a2:fc:f4:
16:00:7e:95:22:f7:b0:64:2a:08:77:75:c3:7c:d4:
f5:1b:5f:87:68:e6:cc:c6:c9:69:44:72:36:fe:ec:
bb:99:74:fb:ba:08:01:a7:91:8d:48:55:2d:3f:52:
2b:a4:fa:01:d1:46:06:65:61:a9:e1:0f:17:59:31:
8b:bf:f4:a8:eb:f7:da:1a:5d:7d:5d:14:54:af:3a:
27:d4:f7:09:4f:ea:74:e1:76:81:79:8c:08:7f:21:
6b:5d:c0:05:89:3e:61:15:e2:60:8c:1e:ab:fc:5a:
a3:e5:0a:25:cd:69:98:b3:b1:2f:8f:cb:a9:a6:50:
cc:58:07:a5:04:42:0c:fb:97:9d:39:ad:11:2b:0f:
da:cc:46:7c:66:81:7b:d1:23:46:2e:3e:56:61:44:
21:16:6f:b3:7d:9e:97:82:e9:5e:76:08:f3:13:1e:
0b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:3A:8B:99:E1:FC:77:89:AF:E8:70:A8:10:48:DD:1D:FA:0C:37:9F
X509v3 Authority Key Identifier:
keyid:A6:08:DB:43:96:4B:69:86:EC:74:0F:0B:5E:33:F6:27:58:9A:C5:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/ZDqLmeH8d4mv6HCoEEjdHfoMN58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.96.236.0/24
176.96.254.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:34:37:3b:ee:b9:c6:18:66:51:3c:63:d6:af:10:55:79:6d:
c9:c1:df:aa:b5:77:45:78:18:8e:56:9b:cf:38:5a:86:43:35:
7f:69:94:c2:6f:ba:ff:cf:df:e4:8e:43:b6:b4:4f:3a:71:1c:
32:a2:49:24:06:a8:21:c7:6c:97:a1:a7:4c:9f:87:fe:f5:f4:
02:dc:07:97:c7:bb:8f:a8:47:0d:0b:33:1d:72:c9:48:94:af:
e9:f4:a0:94:a7:86:40:91:0c:d6:01:10:da:92:6e:f3:36:4e:
7e:79:d8:16:bb:d7:ac:14:4f:13:a2:13:50:aa:a4:2b:06:73:
61:73:5d:98:9a:fc:7c:3d:43:b8:dd:93:49:96:14:1e:cf:78:
c6:95:fe:c1:6d:48:a2:7c:91:4c:9b:5c:dc:cf:f4:3c:61:d6:
23:49:4a:d7:c1:df:fa:9d:97:bf:9c:bd:7f:6c:b9:2e:02:73:
9d:ae:29:25:9a:8a:78:f2:b2:5b:d5:05:b8:cd:51:96:a4:40:
93:d9:30:95:84:ff:c6:41:70:6d:36:32:a1:72:f8:c2:6a:29:
33:b9:86:ff:63:31:c3:cc:5a:7a:50:8f:b5:b4:29:be:c6:e9:
77:13:67:95:d3:52:ac:cf:1f:b3:54:8a:85:77:72:0a:00:7b:
f0:19:82:f4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYYC5Be4rt7LT0V3jY5av/1CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MDhkYjQzOTY0YjY5ODZlYzc0MGYwYjVlMzNmNjI3NTg5
YWM1NjAwHhcNMjMwMTMwMTMzNTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDNhOGI5OWUxZmM3Nzg5YWZlODcwYTgxMDQ4ZGQxZGZhMGMzNzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixex7R/gG4fwKnvwwvR22rir046k
/Mb0dVRzViMXpBt+kH+hDltyqri9tuNWh66SFuOiRW0sCQMOUCn62tcyf0Jn6zy+
NF/EtvAnktkSPQjoh86Rk4Ki/PQWAH6VIvewZCoId3XDfNT1G1+HaObMxslpRHI2
/uy7mXT7uggBp5GNSFUtP1IrpPoB0UYGZWGp4Q8XWTGLv/So6/faGl19XRRUrzon
1PcJT+p04XaBeYwIfyFrXcAFiT5hFeJgjB6r/Fqj5QolzWmYs7Evj8upplDMWAel
BEIM+5edOa0RKw/azEZ8ZoF70SNGLj5WYUQhFm+zfZ6XguledgjzEx4LJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGQ6i5nh/HeJr+hwqBBI3R36DDefMB8GA1UdIwQY
MBaAFKYI20OWS2mG7HQPC14z9idYmsVgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGdqYlE1WkxhWWJzZEE4TFhqUDJKMWlheFdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81MDAxNTAtMTU1MS00N2RlLWI1MDQt
ZDY0NjgzY2VlMTZmLzEvWkRxTG1lSDhkNG12NkhDb0VFamRIZm9NTjU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81MDAxNTAtMTU1MS00N2RlLWI1MDQtZDY0NjgzY2VlMTZm
LzEvcGdqYlE1WkxhWWJzZEE4TFhqUDJKMWlheFdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsGDsAwQA
sGD+MA0GCSqGSIb3DQEBCwUAA4IBAQChNDc77rnGGGZRPGPWrxBVeW3Jwd+qtXdF
eBiOVpvPOFqGQzV/aZTCb7r/z9/kjkO2tE86cRwyokkkBqghx2yXoadMn4f+9fQC
3AeXx7uPqEcNCzMdcslIlK/p9KCUp4ZAkQzWARDakm7zNk5+edgWu9esFE8TohNQ
qqQrBnNhc12Ymvx8PUO43ZNJlhQez3jGlf7BbUiifJFMm1zcz/Q8YdYjSUrXwd/6
nZe/nL1/bLkuAnOdriklmop48rJb1QW4zVGWpECT2TCVhP/GQXBtNjKhcvjCaikz
uYb/YzHDzFp6UI+1tCm+xul3E2eV01Kszx+zVIqFd3IKAHvwGYL0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:54 2024 by rpki-client on console-ams.rpki-client.org