Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/24e327-7658-463c-8990-b1c9b789aaa9/1/0zXe_tcRAXA1dQdDRswjoJ8Z0e8.roa
File: 0zXe_tcRAXA1dQdDRswjoJ8Z0e8.roa (raw, json)
Hash identifier: 5u6MUp7k1m7URAJWKEkYMyzd5e3dGg/ci84j+zCxgks=
Subject key identifier: D3:35:DE:FE:D7:11:01:70:35:75:07:43:46:CC:23:A0:9F:19:D1:EF
Certificate issuer: /CN=c7e8d959f1c9564a33f28fe44ab614b8f62b001b
Certificate serial: 0185719E996763446B84B66FA59BF51B2887
Authority key identifier: C7:E8:D9:59:F1:C9:56:4A:33:F2:8F:E4:4A:B6:14:B8:F6:2B:00:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x-jZWfHJVkoz8o_kSrYUuPYrABs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/24e327-7658-463c-8990-b1c9b789aaa9/1/0zXe_tcRAXA1dQdDRswjoJ8Z0e8.roa
Signing time: Mon 02 Jan 2023 08:34:57 +0000
ROA not before: Mon 02 Jan 2023 08:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208848
IP address blocks: 37.60.28.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9e:99:67:63:44:6b:84:b6:6f:a5:9b:f5:1b:28:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7e8d959f1c9564a33f28fe44ab614b8f62b001b
Validity
Not Before: Jan 2 08:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d335defed71101703575074346cc23a09f19d1ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:2a:44:8c:48:ff:ce:c6:6a:4e:38:5a:45:1e:
0a:23:a6:a7:84:a2:d1:d7:c6:e1:bf:e4:eb:b8:f4:
7b:6a:7a:7f:c7:74:09:04:47:3b:45:24:51:b6:a7:
85:68:92:93:e6:e7:ab:b4:24:7c:14:88:be:55:82:
12:ae:61:59:68:08:c2:96:09:e0:34:15:13:e1:4f:
5c:4a:9a:0f:98:a9:63:ac:38:8f:50:78:6a:b7:5b:
1d:d7:ee:7a:9c:3e:f3:d9:8a:0e:e6:22:1f:79:ed:
ef:ab:0d:4b:1b:98:69:0c:44:0c:71:92:c1:e9:f5:
a3:1c:80:02:60:f8:c2:14:0d:ae:65:07:97:e3:4d:
c2:e3:34:e5:e7:cb:70:18:fc:33:a8:75:b9:41:d9:
13:9e:2a:af:68:c5:4a:60:5e:b0:bb:49:d1:d1:db:
28:ad:c1:35:f4:c7:ab:a2:fd:eb:32:cd:69:42:fb:
08:43:c6:93:98:9f:0a:13:5e:21:f5:f7:01:95:4d:
36:42:d1:55:06:19:e5:fa:47:3c:44:fd:49:7e:88:
77:30:96:43:4a:cb:94:25:ad:6f:cc:ec:be:79:8c:
bb:6f:b2:34:b3:13:e7:b1:d9:2d:52:2e:d1:95:83:
82:a1:5d:1f:d8:25:42:b5:8b:1f:db:9f:68:bb:04:
49:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:35:DE:FE:D7:11:01:70:35:75:07:43:46:CC:23:A0:9F:19:D1:EF
X509v3 Authority Key Identifier:
keyid:C7:E8:D9:59:F1:C9:56:4A:33:F2:8F:E4:4A:B6:14:B8:F6:2B:00:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x-jZWfHJVkoz8o_kSrYUuPYrABs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/24e327-7658-463c-8990-b1c9b789aaa9/1/0zXe_tcRAXA1dQdDRswjoJ8Z0e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/24e327-7658-463c-8990-b1c9b789aaa9/1/x-jZWfHJVkoz8o_kSrYUuPYrABs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.28.0/24
Signature Algorithm: sha256WithRSAEncryption
06:66:41:ac:4c:fa:5c:ff:3b:0a:d7:b5:d1:02:64:39:1e:d2:
aa:75:28:bc:cc:4f:07:f7:ac:13:73:91:e7:5e:08:af:9a:d3:
f5:cd:9f:5f:10:f8:99:4b:07:b4:56:bc:47:ff:09:80:46:3f:
b8:79:dc:80:cb:4e:9d:c6:46:a0:92:a3:81:d0:55:f2:a6:63:
2f:1e:85:c0:7d:01:4f:02:25:e6:c0:63:29:57:ab:51:22:d6:
42:73:0c:58:a5:37:69:64:24:22:d4:c7:cf:7e:a5:45:43:2e:
51:29:12:4e:bd:da:37:0f:96:45:68:1e:50:22:ca:cf:e7:35:
b1:0f:33:39:74:b2:f2:aa:22:c0:c9:a3:65:97:b5:aa:ca:0a:
6a:54:11:3e:61:71:5a:7d:ec:1f:37:44:6d:8c:a6:a2:df:79:
2d:95:17:26:4f:a5:8b:d3:74:f4:b6:e0:f0:00:5c:bb:42:df:
92:93:8b:9a:9e:ad:a6:41:49:88:08:05:6a:3a:00:a3:de:98:
76:c2:3b:34:51:d3:e3:5f:43:a7:d0:15:5d:eb:67:68:40:d1:
72:0d:c0:a0:55:3e:05:16:71:7e:73:61:f7:96:2a:5f:6e:66:
2e:a6:56:8a:f5:5f:69:c5:9f:0d:0d:9f:bb:fa:77:4c:2c:b2:
87:a7:24:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxnplnY0RrhLZvpZv1GyiHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ZThkOTU5ZjFjOTU2NGEzM2YyOGZlNDRhYjYxNGI4ZjYy
YjAwMWIwHhcNMjMwMTAyMDgzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzM1ZGVmZWQ3MTEwMTcwMzU3NTA3NDM0NmNjMjNhMDlmMTlkMWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnypEjEj/zsZqTjhaRR4KI6anhKLR
18bhv+TruPR7anp/x3QJBEc7RSRRtqeFaJKT5uertCR8FIi+VYISrmFZaAjClgng
NBUT4U9cSpoPmKljrDiPUHhqt1sd1+56nD7z2YoO5iIfee3vqw1LG5hpDEQMcZLB
6fWjHIACYPjCFA2uZQeX403C4zTl58twGPwzqHW5QdkTniqvaMVKYF6wu0nR0dso
rcE19Merov3rMs1pQvsIQ8aTmJ8KE14h9fcBlU02QtFVBhnl+kc8RP1Jfoh3MJZD
SsuUJa1vzOy+eYy7b7I0sxPnsdktUi7RlYOCoV0f2CVCtYsf259ouwRJLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNM13v7XEQFwNXUHQ0bMI6CfGdHvMB8GA1UdIwQY
MBaAFMfo2VnxyVZKM/KP5Eq2FLj2KwAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveC1qWldmSEpWa296OG9fa1NyWVV1UFlyQUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8yNGUzMjctNzY1OC00NjNjLTg5OTAt
YjFjOWI3ODlhYWE5LzEvMHpYZV90Y1JBWEExZFFkRFJzd2pvSjhaMGU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8yNGUzMjctNzY1OC00NjNjLTg5OTAtYjFjOWI3ODlhYWE5
LzEveC1qWldmSEpWa296OG9fa1NyWVV1UFlyQUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJTwcMA0G
CSqGSIb3DQEBCwUAA4IBAQAGZkGsTPpc/zsK17XRAmQ5HtKqdSi8zE8H96wTc5Hn
XgivmtP1zZ9fEPiZSwe0VrxH/wmARj+4edyAy06dxkagkqOB0FXypmMvHoXAfQFP
AiXmwGMpV6tRItZCcwxYpTdpZCQi1MfPfqVFQy5RKRJOvdo3D5ZFaB5QIsrP5zWx
DzM5dLLyqiLAyaNll7WqygpqVBE+YXFafewfN0RtjKai33ktlRcmT6WL03T0tuDw
AFy7Qt+Sk4uanq2mQUmICAVqOgCj3ph2wjs0UdPjX0On0BVd62doQNFyDcCgVT4F
FnF+c2H3lipfbmYuplaK9V9pxZ8NDZ+7+ndMLLKHpySJ
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:36 2024 by rpki-client on console-ams.rpki-client.org