Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/zWtS1V86NxhV6o7sVLZmkBp8f-0.roa
File: zWtS1V86NxhV6o7sVLZmkBp8f-0.roa (raw, json)
Hash identifier: 2JCb6SdRzuLiBHVFl2tFIFAna55CiXGCpkbhDTWHw2s=
Subject key identifier: CD:6B:52:D5:5F:3A:37:18:55:EA:8E:EC:54:B6:66:90:1A:7C:7F:ED
Certificate issuer: /CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Certificate serial: 018CC42456EA074B2304C789429A53882D79
Authority key identifier: C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/zWtS1V86NxhV6o7sVLZmkBp8f-0.roa
Signing time: Mon 01 Jan 2024 08:29:24 +0000
ROA not before: Mon 01 Jan 2024 08:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58074
IP address blocks: 195.245.82.0/23 maxlen: 23
193.138.99.0/24 maxlen: 24
194.6.201.0/24 maxlen: 24
195.78.124.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 08 Apr 2024 15:30:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:56:ea:07:4b:23:04:c7:89:42:9a:53:88:2d:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Validity
Not Before: Jan 1 08:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd6b52d55f3a371855ea8eec54b666901a7c7fed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e6:f3:d0:ff:f2:86:94:99:2a:96:bc:76:41:
be:ab:96:52:84:c6:83:03:42:d2:73:5d:c2:c4:06:
b2:cc:ac:85:fc:65:4f:96:3f:a2:59:4d:7b:81:7a:
b9:b9:42:2b:ec:7c:5c:83:0b:d6:c5:33:1f:f6:28:
af:c0:22:5a:4b:3c:93:05:d2:56:d0:07:ec:be:8f:
79:1a:9c:22:e3:54:c0:f1:d2:bc:ca:26:8b:51:ab:
cb:9a:8f:9c:e6:d2:5e:c7:1f:23:76:e8:b8:1b:7c:
8d:fe:f3:70:1b:cc:d7:9d:4c:a8:da:4f:1e:07:fc:
dd:c6:d7:6c:9c:9a:69:a7:c4:0a:d2:de:21:60:71:
e4:98:ab:6c:ec:93:f3:d6:4b:43:2b:40:14:5c:d4:
2c:3c:e1:9f:9c:8d:97:47:2c:1a:71:2d:2e:65:34:
4e:32:69:33:8a:e4:9e:55:b4:a0:86:2b:69:ad:f3:
12:76:c2:c9:28:e6:ff:a8:ab:3f:e6:53:ee:3b:3b:
14:cc:fe:09:ce:97:da:00:07:3b:8e:bd:01:c5:88:
f4:ff:9a:f8:4b:06:e0:c0:97:4b:06:f5:f5:3e:c9:
cb:b3:0f:59:1e:3a:95:0e:e9:c4:08:3c:9d:52:9b:
b4:41:5a:76:50:6e:b4:e7:cf:a5:3a:89:59:b2:a7:
6e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:6B:52:D5:5F:3A:37:18:55:EA:8E:EC:54:B6:66:90:1A:7C:7F:ED
X509v3 Authority Key Identifier:
keyid:C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/zWtS1V86NxhV6o7sVLZmkBp8f-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/wE23YjJB1-Znj8JXUfpOC2ZlGGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.138.99.0/24
194.6.201.0/24
195.78.124.0/23
195.245.82.0/23
Signature Algorithm: sha256WithRSAEncryption
43:25:d2:cc:85:ad:82:ea:4e:47:82:2a:98:cf:70:ec:22:ad:
71:76:bb:ff:4d:ae:3e:d0:2c:ad:5e:48:3f:2f:ce:85:26:8c:
74:d3:04:d6:ad:35:60:d7:5c:eb:96:6c:40:a7:b6:0d:02:b9:
db:38:c8:44:f5:87:3e:87:74:f2:0e:a6:4c:85:b9:c9:ac:f0:
23:f4:df:47:67:32:bf:3f:52:aa:87:0d:68:d1:63:0f:91:2e:
61:6b:05:ac:73:12:ff:b6:a6:71:e7:d7:a7:f2:22:50:e5:7f:
e7:e8:b6:cb:79:1f:a6:1e:51:29:1b:b4:03:db:96:fd:1d:8b:
e7:54:5f:8d:f1:6c:c2:6c:77:da:19:36:58:c7:57:a7:75:d1:
fd:38:ab:97:fe:b1:3a:cf:dc:d8:77:bb:e9:d6:30:cb:55:fe:
fe:7f:78:d3:a2:e4:1e:e5:f5:da:b8:de:75:82:d4:47:3f:e1:
ea:0f:fd:1b:02:3e:3e:0d:d0:1f:b8:81:4c:55:2c:2d:b8:95:
74:ee:28:cc:33:8e:c1:d9:6c:c0:84:d8:e5:39:67:ba:42:8e:
f9:43:55:5c:8a:82:62:75:fa:f0:06:32:e4:09:ab:16:f0:dd:
e8:58:33:cd:04:5a:8c:49:6e:0a:0e:fe:5b:c4:5f:67:c9:13:
a4:c0:a4:d9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEJFbqB0sjBMeJQppTiC15MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNGRiNzYyMzI0MWQ3ZTY2NzhmYzI1NzUxZmE0ZTBiNjY2
NTE4NmIwHhcNMjQwMTAxMDgyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDZiNTJkNTVmM2EzNzE4NTVlYThlZWM1NGI2NjY5MDFhN2M3ZmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiObz0P/yhpSZKpa8dkG+q5ZShMaD
A0LSc13CxAayzKyF/GVPlj+iWU17gXq5uUIr7HxcgwvWxTMf9iivwCJaSzyTBdJW
0Afsvo95Gpwi41TA8dK8yiaLUavLmo+c5tJexx8jdui4G3yN/vNwG8zXnUyo2k8e
B/zdxtdsnJppp8QK0t4hYHHkmKts7JPz1ktDK0AUXNQsPOGfnI2XRywacS0uZTRO
MmkziuSeVbSghitprfMSdsLJKOb/qKs/5lPuOzsUzP4JzpfaAAc7jr0BxYj0/5r4
SwbgwJdLBvX1PsnLsw9ZHjqVDunECDydUpu0QVp2UG6058+lOolZsqdutwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM1rUtVfOjcYVeqO7FS2ZpAafH/tMB8GA1UdIwQY
MBaAFMBNt2IyQdfmZ4/CV1H6TgtmZRhrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMt
MDQyM2YyNjNmMmNiLzEveld0UzFWODZOeGhWNm83c1ZMWm1rQnA4Zi0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMtMDQyM2YyNjNmMmNi
LzEvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwYpjAwQA
wgbJAwQBw058AwQBw/VSMA0GCSqGSIb3DQEBCwUAA4IBAQBDJdLMha2C6k5HgiqY
z3DsIq1xdrv/Ta4+0CytXkg/L86FJox00wTWrTVg11zrlmxAp7YNArnbOMhE9Yc+
h3TyDqZMhbnJrPAj9N9HZzK/P1Kqhw1o0WMPkS5hawWscxL/tqZx59en8iJQ5X/n
6LbLeR+mHlEpG7QD25b9HYvnVF+N8WzCbHfaGTZYx1enddH9OKuX/rE6z9zYd7vp
1jDLVf7+f3jTouQe5fXauN51gtRHP+HqD/0bAj4+DdAfuIFMVSwtuJV07ijMM47B
2WzAhNjlOWe6Qo75Q1VcioJidfrwBjLkCasW8N3oWDPNBFqMSW4KDv5bxF9nyROk
wKTZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:46 2024 by rpki-client on console-fra.rpki-client.org