Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/4920ff-313a-4bdf-96fb-b3b3fb95337b/1/zr0CVmrjb75s22T3pFs7dYkIviU.roa
File: zr0CVmrjb75s22T3pFs7dYkIviU.roa (raw, json)
Hash identifier: Ac1wXcDrlaID/vktZaiaOKjwvGWlLnUM5XdsjKvY9Jw=
Subject key identifier: CE:BD:02:56:6A:E3:6F:BE:6C:DB:64:F7:A4:5B:3B:75:89:08:BE:25
Certificate issuer: /CN=047ef5d6bd3e3594269cba442b3a8d3a14c5df70
Certificate serial: 018CC3492ADCC66E0A128AC682B1ECACEF2F
Authority key identifier: 04:7E:F5:D6:BD:3E:35:94:26:9C:BA:44:2B:3A:8D:3A:14:C5:DF:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BH711r0-NZQmnLpEKzqNOhTF33A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/4920ff-313a-4bdf-96fb-b3b3fb95337b/1/zr0CVmrjb75s22T3pFs7dYkIviU.roa
Signing time: Mon 01 Jan 2024 04:30:01 +0000
ROA not before: Mon 01 Jan 2024 04:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198537
IP address blocks: 195.14.26.0/24 maxlen: 24
195.14.26.0/23 maxlen: 23
195.14.27.0/24 maxlen: 24
195.14.112.0/24 maxlen: 24
195.14.112.0/23 maxlen: 23
195.14.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Jun 2024 13:04:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:2a:dc:c6:6e:0a:12:8a:c6:82:b1:ec:ac:ef:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=047ef5d6bd3e3594269cba442b3a8d3a14c5df70
Validity
Not Before: Jan 1 04:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cebd02566ae36fbe6cdb64f7a45b3b758908be25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:bb:24:8b:db:1c:47:3c:3d:ac:be:37:cb:e2:
5d:72:90:4a:18:9d:2b:ce:2b:af:99:5f:e3:61:60:
29:56:a2:d7:ed:e5:ed:18:21:4f:39:1b:70:3a:02:
22:6d:54:cc:62:f8:c3:f2:22:3a:c6:5b:9b:19:69:
65:08:ae:f0:03:6e:9d:58:cf:dc:95:f1:19:0d:11:
db:59:07:d3:a7:8e:96:9f:85:73:c2:73:48:1a:98:
4f:97:a3:ac:48:c6:9c:a0:b4:c6:bb:d8:a1:81:96:
df:85:5e:e7:27:6f:f7:a6:f1:b6:86:e9:8e:23:d1:
10:c8:f3:90:f6:86:72:31:e1:26:e0:5a:a5:7b:75:
55:0e:af:68:c9:5c:5c:ed:4c:58:c5:97:86:16:b4:
92:9e:88:74:9f:48:2d:e7:ec:75:d1:e3:6a:dd:37:
f3:17:b1:f4:06:f3:6a:84:f4:8e:08:f9:3c:cf:11:
6f:ec:36:5d:f3:06:ee:65:5b:48:45:7d:66:0b:08:
a4:14:d6:4f:03:6a:ee:c0:62:e4:6f:f5:11:f8:56:
db:f0:6a:0c:f5:d4:2f:54:e7:4a:49:bb:cb:d7:4a:
f6:54:96:50:81:02:4a:95:9c:73:c1:99:6d:2c:07:
b5:f1:12:90:bd:0a:23:28:d4:3f:27:d7:e9:2f:a6:
d0:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:BD:02:56:6A:E3:6F:BE:6C:DB:64:F7:A4:5B:3B:75:89:08:BE:25
X509v3 Authority Key Identifier:
keyid:04:7E:F5:D6:BD:3E:35:94:26:9C:BA:44:2B:3A:8D:3A:14:C5:DF:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BH711r0-NZQmnLpEKzqNOhTF33A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/4920ff-313a-4bdf-96fb-b3b3fb95337b/1/zr0CVmrjb75s22T3pFs7dYkIviU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/4920ff-313a-4bdf-96fb-b3b3fb95337b/1/BH711r0-NZQmnLpEKzqNOhTF33A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.14.26.0/23
195.14.112.0/23
Signature Algorithm: sha256WithRSAEncryption
70:0c:df:3d:0c:b5:c1:a7:ea:c4:42:25:6d:a0:f8:be:09:d2:
a7:2d:0c:60:f6:34:d0:d7:6e:d7:6f:5f:23:a0:42:fa:4d:bc:
91:ac:d2:e5:d5:88:56:c2:ee:6d:53:07:9a:ca:d2:0b:a5:53:
c3:68:b5:8f:69:64:d2:90:82:45:03:72:0f:4a:54:13:99:de:
d5:70:d3:5d:96:a9:72:20:df:2a:4d:d6:80:83:96:21:98:41:
ef:0a:b3:df:45:c0:c1:eb:2d:c7:e9:d5:06:e6:8f:4b:15:72:
4a:fa:ff:cc:2c:8b:77:dd:73:0e:d3:3a:48:81:90:f3:e1:43:
49:fd:ec:97:54:a0:53:4f:39:f2:f1:25:16:0a:fe:2b:a9:0e:
58:73:67:41:5f:d1:58:85:f0:26:8f:4e:e5:66:4b:f4:11:7d:
c1:6f:99:54:72:ee:ca:4e:0f:f2:0b:5e:0b:b4:1d:70:79:a7:
43:c0:35:8e:92:1b:b6:c6:c3:e8:b5:78:08:06:0b:be:7a:07:
9e:ac:1e:37:2e:84:85:78:43:34:92:07:94:5c:5f:45:d6:29:
f2:af:be:cd:92:75:6d:5b:c6:ef:da:d7:03:21:f8:88:cc:3a:
c4:08:30:24:36:3c:68:42:37:dd:ea:b4:d4:74:fb:5b:79:a6:
56:72:f2:6c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSSrcxm4KEorGgrHsrO8vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0N2VmNWQ2YmQzZTM1OTQyNjljYmE0NDJiM2E4ZDNhMTRj
NWRmNzAwHhcNMjQwMTAxMDQzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWJkMDI1NjZhZTM2ZmJlNmNkYjY0ZjdhNDViM2I3NTg5MDhiZTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLski9scRzw9rL43y+JdcpBKGJ0r
ziuvmV/jYWApVqLX7eXtGCFPORtwOgIibVTMYvjD8iI6xlubGWllCK7wA26dWM/c
lfEZDRHbWQfTp46Wn4VzwnNIGphPl6OsSMacoLTGu9ihgZbfhV7nJ2/3pvG2humO
I9EQyPOQ9oZyMeEm4Fqle3VVDq9oyVxc7UxYxZeGFrSSnoh0n0gt5+x10eNq3Tfz
F7H0BvNqhPSOCPk8zxFv7DZd8wbuZVtIRX1mCwikFNZPA2ruwGLkb/UR+Fbb8GoM
9dQvVOdKSbvL10r2VJZQgQJKlZxzwZltLAe18RKQvQojKNQ/J9fpL6bQ7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM69AlZq42++bNtk96RbO3WJCL4lMB8GA1UdIwQY
MBaAFAR+9da9PjWUJpy6RCs6jToUxd9wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkg3MTFyMC1OWlFtbkxwRUt6cU5PaFRGMzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi80OTIwZmYtMzEzYS00YmRmLTk2ZmIt
YjNiM2ZiOTUzMzdiLzEvenIwQ1ZtcmpiNzVzMjJUM3BGczdkWWtJdmlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi80OTIwZmYtMzEzYS00YmRmLTk2ZmItYjNiM2ZiOTUzMzdi
LzEvQkg3MTFyMC1OWlFtbkxwRUt6cU5PaFRGMzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBww4aAwQB
ww5wMA0GCSqGSIb3DQEBCwUAA4IBAQBwDN89DLXBp+rEQiVtoPi+CdKnLQxg9jTQ
127Xb18joEL6TbyRrNLl1YhWwu5tUweaytILpVPDaLWPaWTSkIJFA3IPSlQTmd7V
cNNdlqlyIN8qTdaAg5YhmEHvCrPfRcDB6y3H6dUG5o9LFXJK+v/MLIt33XMO0zpI
gZDz4UNJ/eyXVKBTTzny8SUWCv4rqQ5Yc2dBX9FYhfAmj07lZkv0EX3Bb5lUcu7K
Tg/yC14LtB1weadDwDWOkhu2xsPotXgIBgu+egeerB43LoSFeEM0kgeUXF9F1iny
r77NknVtW8bv2tcDIfiIzDrECDAkNjxoQjfd6rTUdPtbeaZWcvJs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:40 2024 by rpki-client on console-fra.rpki-client.org