Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/d216ed-9a76-4a93-b6a9-468f498faf1c/1/0z1zcJACNk-AqVVNlAg_J-wstCk.roa
File: 0z1zcJACNk-AqVVNlAg_J-wstCk.roa (raw, json)
Hash identifier: 20ezlhRPb3HvHkDGEzd8T4fvbAGpnsoaLtIwyFsAO3w=
Subject key identifier: D3:3D:73:70:90:02:36:4F:80:A9:55:4D:94:08:3F:27:EC:2C:B4:29
Certificate issuer: /CN=22c5feb2d25fac4dd8baa4f71d8dc2268186a039
Certificate serial: 018CC349267FC3847B3D1C4891FF5C6AE52C
Authority key identifier: 22:C5:FE:B2:D2:5F:AC:4D:D8:BA:A4:F7:1D:8D:C2:26:81:86:A0:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsX-stJfrE3YuqT3HY3CJoGGoDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/d216ed-9a76-4a93-b6a9-468f498faf1c/1/0z1zcJACNk-AqVVNlAg_J-wstCk.roa
Signing time: Mon 01 Jan 2024 04:30:00 +0000
ROA not before: Mon 01 Jan 2024 04:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48399
IP address blocks: 178.170.223.0/24 maxlen: 24
85.193.70.0/23 maxlen: 23
192.70.198.0/23 maxlen: 23
192.70.196.0/23 maxlen: 23
185.190.118.0/23 maxlen: 23
185.190.116.0/23 maxlen: 23
2a07:ecc0::/30 maxlen: 30
2a07:ecc4::/30 maxlen: 30
Validation: Failed, certificate revoked on Tue 16 Jul 2024 12:49:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:26:7f:c3:84:7b:3d:1c:48:91:ff:5c:6a:e5:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c5feb2d25fac4dd8baa4f71d8dc2268186a039
Validity
Not Before: Jan 1 04:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d33d73709002364f80a9554d94083f27ec2cb429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5d:30:73:fc:d7:e7:42:62:41:90:a9:a1:d6:
e1:63:3a:ce:c0:dd:c9:b0:e2:71:c0:fd:6f:80:4a:
1e:69:e3:4c:ff:6a:47:f0:91:80:79:a7:28:06:dc:
d7:a8:e2:d9:e5:84:76:ac:84:6d:e8:b9:63:b6:b8:
f0:56:42:76:2f:8d:7d:aa:22:c2:cb:71:21:08:72:
00:db:7a:73:12:38:75:e7:ef:9a:51:e2:97:4b:1a:
5d:65:2e:e1:b1:e1:de:7b:2f:6b:10:97:d9:cc:6b:
e6:b2:7c:d3:e9:8f:f0:00:3e:23:26:02:0b:0c:bc:
b3:c3:c0:d4:41:bc:de:9a:d5:97:8a:06:b0:da:15:
2e:81:3e:36:20:ee:2c:50:6d:57:15:08:99:6c:5c:
ea:80:e1:3b:ee:30:39:0e:91:bc:d8:ea:f3:e2:0f:
05:aa:6f:f2:1d:cb:44:d6:b2:59:6b:de:7d:5f:a8:
0f:6a:d3:98:e8:59:2a:1d:bb:81:a1:a3:23:06:95:
5e:3f:51:97:83:18:3e:44:4d:b5:96:a9:bf:05:54:
4d:d4:95:80:2d:10:b4:ff:c7:27:13:f1:f1:c7:15:
70:7c:0f:ee:60:c6:6d:d4:a6:14:b8:fd:ab:00:35:
6a:2f:56:97:74:95:6f:80:60:8b:e3:df:5c:46:23:
b4:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:3D:73:70:90:02:36:4F:80:A9:55:4D:94:08:3F:27:EC:2C:B4:29
X509v3 Authority Key Identifier:
keyid:22:C5:FE:B2:D2:5F:AC:4D:D8:BA:A4:F7:1D:8D:C2:26:81:86:A0:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsX-stJfrE3YuqT3HY3CJoGGoDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d216ed-9a76-4a93-b6a9-468f498faf1c/1/0z1zcJACNk-AqVVNlAg_J-wstCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d216ed-9a76-4a93-b6a9-468f498faf1c/1/IsX-stJfrE3YuqT3HY3CJoGGoDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.193.70.0/23
178.170.223.0/24
185.190.116.0/22
192.70.196.0/22
IPv6:
2a07:ecc0::/29
Signature Algorithm: sha256WithRSAEncryption
0c:68:4d:43:12:49:f8:75:16:67:4b:77:21:b2:08:f5:c2:09:
9e:b0:67:28:d7:00:87:47:c6:3f:24:7a:9b:35:6f:9a:b1:4f:
75:c6:da:b4:1e:88:2e:f1:90:da:97:e0:04:f1:b8:5e:2c:b3:
b1:5b:24:b8:06:74:f0:14:ae:98:d0:ab:34:5c:46:4e:eb:66:
8a:12:68:30:71:87:ab:17:7a:8a:bc:ad:ea:56:21:68:23:b6:
b2:d6:81:fe:0a:4f:5e:cd:d8:5d:f7:cf:c0:d3:bc:a7:0b:9c:
31:01:4f:79:6f:d4:53:f1:7c:ef:af:e4:e4:f6:c2:66:81:9f:
1f:7b:fa:37:2c:60:66:9e:b6:01:05:25:4a:f3:8a:2d:3b:40:
02:4b:82:e3:c3:72:4f:6d:58:fa:ab:bf:75:24:b5:2b:f9:21:
a8:bd:2a:12:c9:1e:27:13:d5:ac:bb:d3:66:f6:0f:f2:f0:02:
9a:03:29:6c:48:de:19:8e:90:c0:cb:c3:37:d4:80:50:b3:17:
6a:c2:bc:86:6d:32:e1:ae:be:9c:d3:fa:d6:83:82:93:a8:a2:
27:9d:67:26:73:6f:b7:a6:b0:a1:db:47:bf:4c:4d:e3:34:77:
89:28:26:57:1d:a8:88:10:12:d7:1c:4e:6d:3d:17:01:89:45:
8e:bd:18:c1
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzDSSZ/w4R7PRxIkf9cauUsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzVmZWIyZDI1ZmFjNGRkOGJhYTRmNzFkOGRjMjI2ODE4
NmEwMzkwHhcNMjQwMTAxMDQzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzNkNzM3MDkwMDIzNjRmODBhOTU1NGQ5NDA4M2YyN2VjMmNiNDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqV0wc/zX50JiQZCpodbhYzrOwN3J
sOJxwP1vgEoeaeNM/2pH8JGAeacoBtzXqOLZ5YR2rIRt6LljtrjwVkJ2L419qiLC
y3EhCHIA23pzEjh15++aUeKXSxpdZS7hseHeey9rEJfZzGvmsnzT6Y/wAD4jJgIL
DLyzw8DUQbzemtWXigaw2hUugT42IO4sUG1XFQiZbFzqgOE77jA5DpG82Orz4g8F
qm/yHctE1rJZa959X6gPatOY6FkqHbuBoaMjBpVeP1GXgxg+RE21lqm/BVRN1JWA
LRC0/8cnE/HxxxVwfA/uYMZt1KYUuP2rADVqL1aXdJVvgGCL499cRiO0LwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNM9c3CQAjZPgKlVTZQIPyfsLLQpMB8GA1UdIwQY
MBaAFCLF/rLSX6xN2Lqk9x2NwiaBhqA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNYLXN0SmZyRTNZdXFUM0hZM0NKb0dHb0RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kMjE2ZWQtOWE3Ni00YTkzLWI2YTkt
NDY4ZjQ5OGZhZjFjLzEvMHoxemNKQUNOay1BcVZWTmxBZ19KLXdzdENrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9kMjE2ZWQtOWE3Ni00YTkzLWI2YTktNDY4ZjQ5OGZhZjFj
LzEvSXNYLXN0SmZyRTNZdXFUM0hZM0NKb0dHb0RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBVcFGAwQA
sqrfAwQCub50AwQCwEbEMA0EAgACMAcDBQMqB+zAMA0GCSqGSIb3DQEBCwUAA4IB
AQAMaE1DEkn4dRZnS3chsgj1wgmesGco1wCHR8Y/JHqbNW+asU91xtq0Hogu8ZDa
l+AE8bheLLOxWyS4BnTwFK6Y0Ks0XEZO62aKEmgwcYerF3qKvK3qViFoI7ay1oH+
Ck9ezdhd98/A07ynC5wxAU95b9RT8Xzvr+Tk9sJmgZ8fe/o3LGBmnrYBBSVK84ot
O0ACS4Ljw3JPbVj6q791JLUr+SGovSoSyR4nE9Wsu9Nm9g/y8AKaAylsSN4ZjpDA
y8M31IBQsxdqwryGbTLhrr6c0/rWg4KTqKInnWcmc2+3prCh20e/TE3jNHeJKCZX
HaiIEBLXHE5tPRcBiUWOvRjB
-----END CERTIFICATE-----
Generated at Tue Jul 16 15:47:32 2024 by rpki-client on console-ams.rpki-client.org