Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/27b3b3-4b22-4740-a65a-6e7bae5ff898/1/zWD5wCgjfYVZ9tou8N5mMWq_iFI.roa
File: zWD5wCgjfYVZ9tou8N5mMWq_iFI.roa (raw, json)
Hash identifier: qs52Sk3ijvb4DPJ9F1ZWP7nhUxYsyswG1j1kk5NKof4=
Subject key identifier: CD:60:F9:C0:28:23:7D:85:59:F6:DA:2E:F0:DE:66:31:6A:BF:88:52
Certificate issuer: /CN=2aa8202b4d0c5c111d374f1e98b73db4924d64b1
Certificate serial: 01857139C49E9271AD275A0DE5C2409E9B6D
Authority key identifier: 2A:A8:20:2B:4D:0C:5C:11:1D:37:4F:1E:98:B7:3D:B4:92:4D:64:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqggK00MXBEdN08emLc9tJJNZLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/27b3b3-4b22-4740-a65a-6e7bae5ff898/1/zWD5wCgjfYVZ9tou8N5mMWq_iFI.roa
Signing time: Mon 02 Jan 2023 06:44:49 +0000
ROA not before: Mon 02 Jan 2023 06:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202311
IP address blocks: 185.53.188.0/22 maxlen: 22
185.53.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:c4:9e:92:71:ad:27:5a:0d:e5:c2:40:9e:9b:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa8202b4d0c5c111d374f1e98b73db4924d64b1
Validity
Not Before: Jan 2 06:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd60f9c028237d8559f6da2ef0de66316abf8852
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c5:c3:ee:86:ea:c4:02:c9:a9:a4:7e:d6:c8:
6a:6a:3d:94:c6:75:44:bb:48:33:63:0a:a8:46:d7:
b7:b5:0a:b7:cd:00:18:da:a2:f6:17:9f:85:e9:cd:
5d:9e:f0:4b:91:86:72:24:21:6e:7b:94:3d:28:ab:
20:79:e9:bb:69:c3:f5:72:fe:88:22:4b:da:cd:31:
18:35:58:3d:f9:9e:90:c8:36:7e:83:85:bc:ed:5b:
8d:85:bc:32:e9:79:3a:4e:93:50:68:d3:61:eb:af:
1d:a4:de:df:e2:87:7a:73:f5:e7:da:4b:e2:e4:9f:
a7:ae:74:e5:96:a9:d2:5e:60:6f:b4:f1:56:dc:59:
ad:13:f8:ff:eb:a6:57:67:c0:29:e3:94:16:52:c4:
a8:fd:91:6b:49:7e:aa:c4:d7:0b:76:ca:1e:c8:25:
6b:97:b0:c1:72:b5:bc:8c:5e:40:8a:f4:d2:3f:c8:
35:cb:47:51:99:ce:93:98:5c:d6:41:d6:93:9d:fd:
ea:9a:82:57:bb:88:8e:5e:08:14:3d:89:0f:72:59:
62:a0:5c:53:9c:ff:09:06:14:65:41:7f:d9:29:8e:
35:da:9e:a7:02:24:c7:09:05:20:60:49:de:56:67:
98:f2:04:af:5e:cf:3b:ec:3b:1b:ff:03:6d:4f:35:
81:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:60:F9:C0:28:23:7D:85:59:F6:DA:2E:F0:DE:66:31:6A:BF:88:52
X509v3 Authority Key Identifier:
keyid:2A:A8:20:2B:4D:0C:5C:11:1D:37:4F:1E:98:B7:3D:B4:92:4D:64:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqggK00MXBEdN08emLc9tJJNZLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/27b3b3-4b22-4740-a65a-6e7bae5ff898/1/zWD5wCgjfYVZ9tou8N5mMWq_iFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/27b3b3-4b22-4740-a65a-6e7bae5ff898/1/KqggK00MXBEdN08emLc9tJJNZLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.53.188.0/22
Signature Algorithm: sha256WithRSAEncryption
12:7f:36:5e:68:d0:d6:97:b1:59:f6:67:59:fb:8f:7a:f5:7a:
f5:75:13:d9:41:22:86:c7:44:3e:ad:76:34:24:af:e7:4a:68:
b6:84:3c:28:f0:86:30:0a:b3:aa:ab:54:1a:9e:a7:7b:83:d1:
e1:23:ea:84:3e:9d:61:2c:8e:da:c3:37:5c:ca:db:8e:f6:4c:
8b:90:40:4f:8b:c5:16:1e:a6:d1:66:d8:2f:59:b0:ed:e1:dd:
64:17:98:01:62:23:e3:5a:31:b9:f6:bf:4b:ca:f3:80:d8:7f:
fb:4a:3d:2e:e3:ca:09:4f:5c:bf:60:95:5b:4e:13:ff:5d:22:
ed:09:45:4c:3d:05:7d:0b:8b:5d:5a:09:6c:b5:2a:31:32:55:
de:5e:fd:8f:91:3e:70:20:70:e9:af:f7:8c:36:0d:4d:a2:e7:
97:85:85:c2:7d:88:97:10:d6:1a:b3:74:7a:0b:51:d4:3c:22:
1f:21:90:76:f8:0d:13:a2:93:04:a6:e8:27:47:f8:5c:25:9a:
61:b8:93:e0:73:35:ef:92:3f:8a:aa:15:b8:10:f7:4c:a7:af:
d5:95:82:2b:2f:eb:75:ed:b6:36:ed:ff:93:00:36:08:20:82:
18:98:ef:e2:10:de:5d:36:69:a6:af:aa:0e:9c:80:04:4d:90:
09:be:50:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxOcSeknGtJ1oN5cJAnpttMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYTgyMDJiNGQwYzVjMTExZDM3NGYxZTk4YjczZGI0OTI0
ZDY0YjEwHhcNMjMwMTAyMDY0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDYwZjljMDI4MjM3ZDg1NTlmNmRhMmVmMGRlNjYzMTZhYmY4ODUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8XD7obqxALJqaR+1shqaj2UxnVE
u0gzYwqoRte3tQq3zQAY2qL2F5+F6c1dnvBLkYZyJCFue5Q9KKsgeem7acP1cv6I
IkvazTEYNVg9+Z6QyDZ+g4W87VuNhbwy6Xk6TpNQaNNh668dpN7f4od6c/Xn2kvi
5J+nrnTllqnSXmBvtPFW3FmtE/j/66ZXZ8Ap45QWUsSo/ZFrSX6qxNcLdsoeyCVr
l7DBcrW8jF5AivTSP8g1y0dRmc6TmFzWQdaTnf3qmoJXu4iOXggUPYkPcllioFxT
nP8JBhRlQX/ZKY412p6nAiTHCQUgYEneVmeY8gSvXs877Dsb/wNtTzWBjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM1g+cAoI32FWfbaLvDeZjFqv4hSMB8GA1UdIwQY
MBaAFCqoICtNDFwRHTdPHpi3PbSSTWSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FnZ0swME1YQkVkTjA4ZW1MYzl0SkpOWkxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8yN2IzYjMtNGIyMi00NzQwLWE2NWEt
NmU3YmFlNWZmODk4LzEveldENXdDZ2pmWVZaOXRvdThONW1NV3FfaUZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8yN2IzYjMtNGIyMi00NzQwLWE2NWEtNmU3YmFlNWZmODk4
LzEvS3FnZ0swME1YQkVkTjA4ZW1MYzl0SkpOWkxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTW8MA0G
CSqGSIb3DQEBCwUAA4IBAQASfzZeaNDWl7FZ9mdZ+4969Xr1dRPZQSKGx0Q+rXY0
JK/nSmi2hDwo8IYwCrOqq1Qanqd7g9HhI+qEPp1hLI7awzdcytuO9kyLkEBPi8UW
HqbRZtgvWbDt4d1kF5gBYiPjWjG59r9LyvOA2H/7Sj0u48oJT1y/YJVbThP/XSLt
CUVMPQV9C4tdWglstSoxMlXeXv2PkT5wIHDpr/eMNg1NoueXhYXCfYiXENYas3R6
C1HUPCIfIZB2+A0TopMEpugnR/hcJZphuJPgczXvkj+KqhW4EPdMp6/VlYIrL+t1
7bY27f+TADYIIIIYmO/iEN5dNmmmr6oOnIAETZAJvlDe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:38 2024 by rpki-client on console-fra.rpki-client.org