Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/ZArhxgEtbTWE8P8CN2_QDNhjXTU.roa
File: ZArhxgEtbTWE8P8CN2_QDNhjXTU.roa (raw, json)
Hash identifier: lQsDnSBX1COR7I62jUSZLrtjR+UsCnh2+T09YQ9XNxA=
Subject key identifier: 64:0A:E1:C6:01:2D:6D:35:84:F0:FF:02:37:6F:D0:0C:D8:63:5D:35
Certificate issuer: /CN=7c45672fc42bdd33e545338a7417e8171a04ee3f
Certificate serial: 018B858C72F75934D2096A7BFB35D292A7C1
Authority key identifier: 7C:45:67:2F:C4:2B:DD:33:E5:45:33:8A:74:17:E8:17:1A:04:EE:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fEVnL8Qr3TPlRTOKdBfoFxoE7j8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/ZArhxgEtbTWE8P8CN2_QDNhjXTU.roa
Signing time: Tue 31 Oct 2023 11:44:16 +0000
ROA not before: Tue 31 Oct 2023 11:44:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29695
IP address blocks: 185.197.211.0/24 maxlen: 24
2a0c:1bc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:85:8c:72:f7:59:34:d2:09:6a:7b:fb:35:d2:92:a7:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c45672fc42bdd33e545338a7417e8171a04ee3f
Validity
Not Before: Oct 31 11:44:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=640ae1c6012d6d3584f0ff02376fd00cd8635d35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:60:61:35:f3:3a:0e:e0:42:a6:4b:ab:15:36:
cc:ab:4a:d7:67:58:e3:e5:4c:7c:72:42:46:c3:c1:
91:d3:fe:2d:2a:b7:47:68:f3:a6:58:5d:c7:5a:51:
c2:49:ac:5f:ee:1d:26:89:8c:76:e3:bd:dc:ef:75:
5c:12:18:98:63:22:ce:b8:2e:05:8c:78:b5:f9:c8:
55:47:17:b2:9b:d3:5b:ba:7c:00:25:b6:4b:15:b5:
46:2e:b1:8e:05:11:15:4a:f9:62:bd:81:34:38:79:
cc:06:47:34:dd:47:5f:89:91:41:53:bb:5d:47:58:
fc:4a:ea:a4:ef:7a:e4:12:b4:01:e0:31:8b:4c:b5:
78:27:bb:6c:95:a4:85:55:81:4b:f7:96:5e:21:29:
73:10:5f:65:77:9e:57:dd:f9:6a:b3:bc:c1:c8:df:
65:2d:d9:be:08:63:cc:7f:3c:42:71:92:d4:c6:bf:
05:ea:01:61:f7:47:4f:0a:8c:2d:ad:e9:c2:f2:1a:
e3:47:d3:aa:a8:59:1f:7d:9b:40:68:1c:df:46:97:
e1:5a:b5:05:98:1f:31:8e:12:53:40:40:76:55:1e:
7f:f7:e6:01:f6:d0:8f:ce:8a:e1:1b:28:50:8f:23:
81:12:1a:1f:7a:b7:5c:de:ef:df:60:6b:4c:85:e9:
1b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:0A:E1:C6:01:2D:6D:35:84:F0:FF:02:37:6F:D0:0C:D8:63:5D:35
X509v3 Authority Key Identifier:
keyid:7C:45:67:2F:C4:2B:DD:33:E5:45:33:8A:74:17:E8:17:1A:04:EE:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fEVnL8Qr3TPlRTOKdBfoFxoE7j8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/ZArhxgEtbTWE8P8CN2_QDNhjXTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/fEVnL8Qr3TPlRTOKdBfoFxoE7j8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.211.0/24
IPv6:
2a0c:1bc0::/32
Signature Algorithm: sha256WithRSAEncryption
f0:53:68:1b:c4:e8:6f:1a:10:ec:7e:b4:e4:7f:92:9f:c6:09:
65:47:7d:67:b5:44:86:30:f2:8c:4e:ab:6e:ad:45:a1:1c:5e:
4d:5d:2f:19:c1:f0:73:22:b2:80:f6:92:f0:93:40:e3:32:c4:
83:60:a9:c6:d9:05:c9:2c:ed:07:1b:7b:5a:65:90:ae:16:c2:
4d:1a:9a:31:7c:ca:43:51:bb:2f:d4:f4:da:f7:e9:dd:48:2f:
74:b4:50:f5:73:56:3d:fc:05:3d:35:5d:c7:52:c2:9a:10:df:
58:18:ab:cd:e8:9b:b4:3f:28:f5:90:9a:32:7e:64:98:19:7a:
dd:89:52:47:a0:c5:7f:81:cc:ae:b0:63:72:2c:da:c7:62:f8:
b7:12:c7:c2:f8:64:6f:a2:fd:19:70:cf:07:a3:94:e4:66:6a:
d6:83:85:cf:c2:38:01:e5:15:fa:84:fd:71:b7:35:82:1e:61:
24:3b:24:df:fe:c8:5b:85:c7:8b:c5:fa:79:a1:d8:62:e4:20:
42:66:e8:d6:27:fa:17:cf:a6:97:13:34:cd:73:6f:08:57:42:
3b:5b:7f:b7:cb:bd:de:64:5d:b3:1b:86:fe:18:57:e4:17:0f:
88:8f:68:8f:9c:fa:eb:94:85:6d:e8:dc:2e:dd:c4:cb:f0:11:
79:61:d1:b1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYuFjHL3WTTSCWp7+zXSkqfBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjNDU2NzJmYzQyYmRkMzNlNTQ1MzM4YTc0MTdlODE3MWEw
NGVlM2YwHhcNMjMxMDMxMTE0NDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDBhZTFjNjAxMmQ2ZDM1ODRmMGZmMDIzNzZmZDAwY2Q4NjM1ZDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmBhNfM6DuBCpkurFTbMq0rXZ1jj
5Ux8ckJGw8GR0/4tKrdHaPOmWF3HWlHCSaxf7h0miYx2473c73VcEhiYYyLOuC4F
jHi1+chVRxeym9NbunwAJbZLFbVGLrGOBREVSvlivYE0OHnMBkc03UdfiZFBU7td
R1j8Suqk73rkErQB4DGLTLV4J7tslaSFVYFL95ZeISlzEF9ld55X3flqs7zByN9l
Ldm+CGPMfzxCcZLUxr8F6gFh90dPCowtrenC8hrjR9OqqFkffZtAaBzfRpfhWrUF
mB8xjhJTQEB2VR5/9+YB9tCPzorhGyhQjyOBEhoferdc3u/fYGtMhekbfQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGQK4cYBLW01hPD/Ajdv0AzYY101MB8GA1UdIwQY
MBaAFHxFZy/EK90z5UUzinQX6BcaBO4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkVWbkw4UXIzVFBsUlRPS2RCZm9GeG9FN2o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8wOGFmMjItZmZjOS00YzFiLWE5ZDct
OTRiZWRiNWQwMzM0LzEvWkFyaHhnRXRiVFdFOFA4Q04yX1FETmhqWFRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8wOGFmMjItZmZjOS00YzFiLWE5ZDctOTRiZWRiNWQwMzM0
LzEvZkVWbkw4UXIzVFBsUlRPS2RCZm9GeG9FN2o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAucXTMA0E
AgACMAcDBQAqDBvAMA0GCSqGSIb3DQEBCwUAA4IBAQDwU2gbxOhvGhDsfrTkf5Kf
xgllR31ntUSGMPKMTqturUWhHF5NXS8ZwfBzIrKA9pLwk0DjMsSDYKnG2QXJLO0H
G3taZZCuFsJNGpoxfMpDUbsv1PTa9+ndSC90tFD1c1Y9/AU9NV3HUsKaEN9YGKvN
6Ju0Pyj1kJoyfmSYGXrdiVJHoMV/gcyusGNyLNrHYvi3EsfC+GRvov0ZcM8Ho5Tk
ZmrWg4XPwjgB5RX6hP1xtzWCHmEkOyTf/shbhceLxfp5odhi5CBCZujWJ/oXz6aX
EzTNc28IV0I7W3+3y73eZF2zG4b+GFfkFw+Ij2iPnPrrlIVt6Nwu3cTL8BF5YdGx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:10 2024 by rpki-client on console-ams.rpki-client.org