Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/3ZQTi_gxk7KJJjt5HGiRPNmVxrs.roa
File: 3ZQTi_gxk7KJJjt5HGiRPNmVxrs.roa (raw, json)
Hash identifier: /XXsygPxybv81SPDEtrQFvPxZ5L3AYMm76XWxalEAFU=
Subject key identifier: DD:94:13:8B:F8:31:93:B2:89:26:3B:79:1C:68:91:3C:D9:95:C6:BB
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0188718047647D9B79C6FC4B74B0E6AC6E0A
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/3ZQTi_gxk7KJJjt5HGiRPNmVxrs.roa
Signing time: Wed 31 May 2023 11:10:12 +0000
ROA not before: Wed 31 May 2023 11:10:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211059
IP address blocks: 5.178.1.0/24 maxlen: 24
5.10.250.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:71:80:47:64:7d:9b:79:c6:fc:4b:74:b0:e6:ac:6e:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: May 31 11:10:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd94138bf83193b289263b791c68913cd995c6bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f8:8b:ac:02:19:34:41:7f:e3:b2:98:93:32:
0a:38:40:8b:e2:a1:62:65:14:63:78:42:ce:43:8e:
89:ea:be:8b:ef:35:c1:cc:15:92:48:5a:68:4d:93:
e2:38:f1:bd:ad:96:dd:5c:95:45:f9:7b:23:2b:c8:
44:85:a7:d3:24:3a:51:6c:2a:fd:f2:d1:c2:a3:29:
19:0a:04:7c:50:a0:d1:7b:3f:66:41:01:ed:e3:6b:
e4:32:8d:68:30:3f:8a:cb:e3:2a:65:8d:1c:c1:2f:
99:80:89:73:52:dc:3b:26:c2:6b:3a:f8:ad:1e:28:
52:59:b5:c0:aa:d8:ab:79:36:22:da:71:73:5d:2c:
4a:62:f8:c1:6e:b0:e4:59:31:3d:81:f9:6a:3b:92:
c5:0b:02:a2:d2:84:9a:34:26:a2:e8:df:f5:f4:46:
9b:95:d6:11:c5:da:b8:74:8f:75:05:f9:da:89:69:
5a:2c:28:15:43:a0:9d:e8:6d:ea:03:2b:e4:bc:73:
64:1e:1a:24:a3:3f:10:9d:46:c3:33:5f:a9:c8:92:
5a:19:7b:a6:82:81:20:3d:30:f4:1c:62:2d:02:6c:
8b:56:d4:5f:33:9c:bb:77:ae:c2:7f:87:24:f9:15:
6c:18:d9:29:59:9a:5d:ca:ac:7b:7f:c5:3e:01:68:
d5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:94:13:8B:F8:31:93:B2:89:26:3B:79:1C:68:91:3C:D9:95:C6:BB
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/3ZQTi_gxk7KJJjt5HGiRPNmVxrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.250.0/24
5.178.1.0/24
Signature Algorithm: sha256WithRSAEncryption
79:b9:53:20:21:0f:0b:86:60:06:af:1a:e4:48:fe:11:3d:f2:
39:7a:58:f9:31:df:59:3d:bb:c6:57:4c:bd:cd:c5:58:76:2c:
5a:62:63:1a:ee:66:26:2f:f5:79:c9:ea:c6:4d:a3:2d:bf:a1:
5e:ad:9f:01:ad:02:5c:44:f9:2b:03:96:76:c4:29:5e:e8:79:
6f:fa:c2:cc:bf:d5:08:4c:de:ce:94:ac:05:83:60:d4:c1:f3:
bb:36:18:ed:75:7b:94:3b:7b:cb:9e:a2:f7:84:8b:78:c7:27:
4b:39:dc:b3:8f:b1:1c:6d:f1:aa:e9:f2:ef:0b:29:a0:92:4b:
d1:6a:e9:ce:63:30:56:b0:b2:9a:4e:84:73:c4:7a:de:98:6f:
a7:c6:48:e0:25:6d:56:c4:c1:b9:89:a2:14:2a:26:9d:f6:ef:
aa:ee:85:1c:ba:c6:a9:8b:5c:c0:90:12:b9:23:97:c6:12:d1:
18:aa:c1:f7:40:f4:e4:76:fa:dd:cb:75:06:86:7a:10:d1:3f:
ff:ff:1b:d9:6c:96:97:ed:f0:11:0d:90:0f:47:26:6c:e9:9c:
b9:c7:5c:0b:f9:0f:f1:fd:81:69:75:bd:5a:e2:6b:32:b2:c2:
cb:ad:b8:90:e9:36:49:2d:7e:5d:d2:a7:b0:0b:12:7c:0c:dd:
37:c9:ff:aa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYhxgEdkfZt5xvxLdLDmrG4KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwNTMxMTExMDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDk0MTM4YmY4MzE5M2IyODkyNjNiNzkxYzY4OTEzY2Q5OTVjNmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/iLrAIZNEF/47KYkzIKOECL4qFi
ZRRjeELOQ46J6r6L7zXBzBWSSFpoTZPiOPG9rZbdXJVF+XsjK8hEhafTJDpRbCr9
8tHCoykZCgR8UKDRez9mQQHt42vkMo1oMD+Ky+MqZY0cwS+ZgIlzUtw7JsJrOvit
HihSWbXAqtireTYi2nFzXSxKYvjBbrDkWTE9gflqO5LFCwKi0oSaNCai6N/19Eab
ldYRxdq4dI91BfnaiWlaLCgVQ6Cd6G3qAyvkvHNkHhokoz8QnUbDM1+pyJJaGXum
goEgPTD0HGItAmyLVtRfM5y7d67Cf4ck+RVsGNkpWZpdyqx7f8U+AWjVfQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN2UE4v4MZOyiSY7eRxokTzZlca7MB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvM1pRVGlfZ3hrN0tKSmp0NUhHaVJQTm1WeHJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABQr6AwQA
BbIBMA0GCSqGSIb3DQEBCwUAA4IBAQB5uVMgIQ8LhmAGrxrkSP4RPfI5elj5Md9Z
PbvGV0y9zcVYdixaYmMa7mYmL/V5yerGTaMtv6FerZ8BrQJcRPkrA5Z2xCle6Hlv
+sLMv9UITN7OlKwFg2DUwfO7NhjtdXuUO3vLnqL3hIt4xydLOdyzj7EcbfGq6fLv
CymgkkvRaunOYzBWsLKaToRzxHremG+nxkjgJW1WxMG5iaIUKiad9u+q7oUcusap
i1zAkBK5I5fGEtEYqsH3QPTkdvrdy3UGhnoQ0T///xvZbJaX7fARDZAPRyZs6Zy5
x1wL+Q/x/YFpdb1a4msyssLLrbiQ6TZJLX5d0qewCxJ8DN03yf+q
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:17:09 2024 by rpki-client on console-ams.rpki-client.org