Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/847bc8-f7e6-43e0-a5cf-d3e16a163dd3/1/ZXYlI1Rcxz8TJumzc9NiWxbGSOk.roa
File: ZXYlI1Rcxz8TJumzc9NiWxbGSOk.roa (raw, json)
Hash identifier: TAxMnSQddUul1oiAOScV2r4HRj2GWTY7288+0acJLOE=
Subject key identifier: 65:76:25:23:54:5C:C7:3F:13:26:E9:B3:73:D3:62:5B:16:C6:48:E9
Certificate issuer: /CN=b90dfc2a651b5efab2c0cd59322d6d3b55906563
Certificate serial: 018ABDA2CBF91A7C158ED2EFCDD5E4BCDC2E
Authority key identifier: B9:0D:FC:2A:65:1B:5E:FA:B2:C0:CD:59:32:2D:6D:3B:55:90:65:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uQ38KmUbXvqywM1ZMi1tO1WQZWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/847bc8-f7e6-43e0-a5cf-d3e16a163dd3/1/ZXYlI1Rcxz8TJumzc9NiWxbGSOk.roa
Signing time: Fri 22 Sep 2023 16:04:37 +0000
ROA not before: Fri 22 Sep 2023 16:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198046
IP address blocks: 185.238.173.0/24 maxlen: 24
2a01:ad00:8::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bd:a2:cb:f9:1a:7c:15:8e:d2:ef:cd:d5:e4:bc:dc:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b90dfc2a651b5efab2c0cd59322d6d3b55906563
Validity
Not Before: Sep 22 16:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65762523545cc73f1326e9b373d3625b16c648e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ca:84:7e:8a:1a:71:82:53:e8:43:e0:52:27:
91:94:bb:69:8a:ff:0b:da:39:c8:93:e5:88:58:f7:
d7:62:2f:d0:8b:2c:bd:6b:25:f2:89:90:58:78:4f:
c8:43:22:8c:c1:ed:63:0a:42:46:f0:7f:5a:a9:55:
7d:08:bf:69:31:12:37:0c:4c:13:74:d1:c6:98:1b:
a1:eb:ad:56:31:67:8d:47:c2:17:27:4d:49:75:32:
3e:86:9d:dd:27:9b:e8:cd:63:be:ff:76:24:3b:e5:
67:d1:c8:77:dc:5f:b7:e6:28:2a:b7:b2:b3:9b:7c:
84:03:3a:0c:41:0f:0b:bc:ee:10:21:14:66:fd:c7:
ac:bc:03:59:52:b5:fc:25:1d:45:7e:b1:da:7f:5d:
44:60:2e:70:e6:3c:14:bf:0c:8b:04:be:d3:7d:c9:
7d:a2:cf:18:3f:4f:4c:6b:5d:33:99:90:4e:1c:00:
9d:a7:9d:89:ab:90:5a:46:97:56:06:5b:0e:7e:97:
94:51:a2:75:93:bd:82:f1:83:63:c1:1c:d7:30:a3:
2f:30:8e:0d:c9:66:89:e6:d0:4c:63:bc:1f:10:60:
74:a3:62:55:e7:35:d6:72:22:e8:b3:65:eb:48:20:
8c:df:ce:49:c0:8a:0b:fa:81:2c:52:d4:a0:f0:30:
97:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:76:25:23:54:5C:C7:3F:13:26:E9:B3:73:D3:62:5B:16:C6:48:E9
X509v3 Authority Key Identifier:
keyid:B9:0D:FC:2A:65:1B:5E:FA:B2:C0:CD:59:32:2D:6D:3B:55:90:65:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uQ38KmUbXvqywM1ZMi1tO1WQZWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/847bc8-f7e6-43e0-a5cf-d3e16a163dd3/1/ZXYlI1Rcxz8TJumzc9NiWxbGSOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/847bc8-f7e6-43e0-a5cf-d3e16a163dd3/1/uQ38KmUbXvqywM1ZMi1tO1WQZWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.173.0/24
IPv6:
2a01:ad00:8::/48
Signature Algorithm: sha256WithRSAEncryption
7f:e3:cf:a4:6e:42:d5:45:ca:e8:d3:4b:9d:f6:36:d9:d1:6b:
ae:76:4c:42:61:4d:84:8b:47:6e:00:fd:eb:6f:20:99:81:4a:
db:38:ab:47:7e:0d:78:d7:c9:7e:9b:69:f8:b1:57:59:2a:cc:
a8:62:73:ea:2a:bf:6d:e1:fa:30:f6:08:20:88:02:10:93:a1:
46:a2:ba:c3:ad:26:ff:f0:78:f3:0e:63:45:97:73:1d:f7:f3:
25:63:08:cd:2e:46:da:91:59:26:14:f0:85:b7:85:57:0a:b1:
ea:9c:7f:bb:8d:f6:0f:5f:9a:55:d7:42:52:dc:b8:19:8b:a4:
dc:e7:cf:ac:d8:a6:24:00:f3:8f:8a:17:3c:a6:f8:9b:05:57:
ab:52:32:82:c2:b1:74:bd:ee:fd:0c:83:bf:fa:1d:47:2a:34:
d7:dd:7c:52:5f:f8:c0:5c:8b:69:43:50:7d:b5:c3:4d:8c:44:
0f:13:86:02:f6:76:06:04:e5:6b:c8:dd:55:23:65:15:8d:cb:
19:27:da:08:fb:b1:38:3d:05:f3:c8:7f:a5:7f:f2:54:ae:61:
49:2f:a0:50:61:9a:33:9d:86:0a:27:8b:ad:af:5e:46:cb:77:
52:31:17:1d:9a:61:cc:97:69:b3:6b:4d:32:0a:79:e0:3e:47:
c7:2d:db:22
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYq9osv5GnwVjtLvzdXkvNwuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MGRmYzJhNjUxYjVlZmFiMmMwY2Q1OTMyMmQ2ZDNiNTU5
MDY1NjMwHhcNMjMwOTIyMTYwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTc2MjUyMzU0NWNjNzNmMTMyNmU5YjM3M2QzNjI1YjE2YzY0OGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMqEfooacYJT6EPgUieRlLtpiv8L
2jnIk+WIWPfXYi/Qiyy9ayXyiZBYeE/IQyKMwe1jCkJG8H9aqVV9CL9pMRI3DEwT
dNHGmBuh661WMWeNR8IXJ01JdTI+hp3dJ5vozWO+/3YkO+Vn0ch33F+35igqt7Kz
m3yEAzoMQQ8LvO4QIRRm/cesvANZUrX8JR1FfrHaf11EYC5w5jwUvwyLBL7Tfcl9
os8YP09Ma10zmZBOHACdp52Jq5BaRpdWBlsOfpeUUaJ1k72C8YNjwRzXMKMvMI4N
yWaJ5tBMY7wfEGB0o2JV5zXWciLos2XrSCCM385JwIoL+oEsUtSg8DCXAQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGV2JSNUXMc/Eybps3PTYlsWxkjpMB8GA1UdIwQY
MBaAFLkN/CplG176ssDNWTItbTtVkGVjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVEzOEttVWJYdnF5d00xWk1pMXRPMVdRWldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC84NDdiYzgtZjdlNi00M2UwLWE1Y2Yt
ZDNlMTZhMTYzZGQzLzEvWlhZbEkxUmN4ejhUSnVtemM5TmlXeGJHU09rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC84NDdiYzgtZjdlNi00M2UwLWE1Y2YtZDNlMTZhMTYzZGQz
LzEvdVEzOEttVWJYdnF5d00xWk1pMXRPMVdRWldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAue6tMA8E
AgACMAkDBwAqAa0AAAgwDQYJKoZIhvcNAQELBQADggEBAH/jz6RuQtVFyujTS532
NtnRa652TEJhTYSLR24A/etvIJmBSts4q0d+DXjXyX6bafixV1kqzKhic+oqv23h
+jD2CCCIAhCToUaiusOtJv/wePMOY0WXcx338yVjCM0uRtqRWSYU8IW3hVcKseqc
f7uN9g9fmlXXQlLcuBmLpNznz6zYpiQA84+KFzym+JsFV6tSMoLCsXS97v0Mg7/6
HUcqNNfdfFJf+MBci2lDUH21w02MRA8ThgL2dgYE5WvI3VUjZRWNyxkn2gj7sTg9
BfPIf6V/8lSuYUkvoFBhmjOdhgoni62vXkbLd1IxFx2aYcyXabNrTTIKeeA+R8ct
2yI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:46 2024 by rpki-client on console-fra.rpki-client.org