Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/19136e-429f-43ad-94ef-8361a8303522/1/0zfDF7tPNbHCaKi8MFZfZkiP8Dk.roa
File: 0zfDF7tPNbHCaKi8MFZfZkiP8Dk.roa (raw, json)
Hash identifier: wLnTr0LCNgjA7jEnDCPKsSTy18rWj4k0K+rTAEyjKqs=
Subject key identifier: D3:37:C3:17:BB:4F:35:B1:C2:68:A8:BC:30:56:5F:66:48:8F:F0:39
Certificate issuer: /CN=e47521e7b6b38abfb88bf71e9bc5a02b2eccd3b3
Certificate serial: 01856D2F2B39072B93D912D0C1633C75C5F1
Authority key identifier: E4:75:21:E7:B6:B3:8A:BF:B8:8B:F7:1E:9B:C5:A0:2B:2E:CC:D3:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5HUh57azir-4i_cem8WgKy7M07M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/19136e-429f-43ad-94ef-8361a8303522/1/0zfDF7tPNbHCaKi8MFZfZkiP8Dk.roa
Signing time: Sun 01 Jan 2023 11:54:45 +0000
ROA not before: Sun 01 Jan 2023 11:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204248
IP address blocks: 185.109.242.0/24 maxlen: 24
2a04:c007::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:2f:2b:39:07:2b:93:d9:12:d0:c1:63:3c:75:c5:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e47521e7b6b38abfb88bf71e9bc5a02b2eccd3b3
Validity
Not Before: Jan 1 11:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d337c317bb4f35b1c268a8bc30565f66488ff039
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:57:9c:24:78:26:7a:fd:3c:47:f5:c9:47:45:
ae:29:2c:06:a4:5b:b4:ea:45:97:2c:d2:ad:6e:f3:
82:10:b9:57:d7:c3:d7:d3:64:fb:08:e3:39:cc:30:
8b:18:b6:3e:5b:f8:04:c7:b9:36:33:c4:87:f2:88:
42:ee:ae:d7:10:24:54:33:97:d5:de:a8:c9:90:d0:
15:84:a2:c7:f2:b9:3e:6f:2b:18:0a:9c:33:1d:b3:
b0:c9:97:3e:9f:b9:11:a6:88:d9:89:ef:19:91:e4:
11:16:fe:12:b9:42:ab:de:5e:45:05:b8:c9:cd:4c:
ab:2d:68:63:a0:07:24:77:e8:25:5a:83:ea:63:1c:
8e:9d:31:f9:f4:d6:c2:c3:07:5b:39:d5:b1:4d:36:
a9:f6:a8:4b:27:06:4b:0c:67:9a:82:bf:0d:a9:9d:
7b:5e:53:64:8c:96:6c:14:2b:ea:72:c0:5a:1c:e2:
36:27:3c:fd:65:c0:bf:4e:7f:da:92:c4:ab:58:66:
98:d3:78:a5:3a:1c:4d:ae:87:6e:40:a9:15:7c:41:
f0:97:51:c7:b7:b6:96:2f:33:aa:a6:5a:43:46:fc:
e0:4f:97:a3:05:7e:1c:f4:e2:bc:7c:da:5e:02:f0:
32:70:36:12:b2:52:ca:d0:3b:c9:51:84:d6:e3:21:
9a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:37:C3:17:BB:4F:35:B1:C2:68:A8:BC:30:56:5F:66:48:8F:F0:39
X509v3 Authority Key Identifier:
keyid:E4:75:21:E7:B6:B3:8A:BF:B8:8B:F7:1E:9B:C5:A0:2B:2E:CC:D3:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5HUh57azir-4i_cem8WgKy7M07M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/19136e-429f-43ad-94ef-8361a8303522/1/0zfDF7tPNbHCaKi8MFZfZkiP8Dk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/19136e-429f-43ad-94ef-8361a8303522/1/5HUh57azir-4i_cem8WgKy7M07M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.109.242.0/24
IPv6:
2a04:c007::/32
Signature Algorithm: sha256WithRSAEncryption
9d:af:9e:d4:0f:b3:16:79:c4:61:93:99:8d:d0:a8:ab:a4:aa:
24:01:5e:37:1b:69:31:e4:3f:49:88:d5:68:c5:f3:40:13:da:
52:59:da:87:69:3e:40:38:02:ca:dc:a4:85:5c:5c:c9:50:c7:
ff:19:5f:e0:57:0a:dc:cf:fb:c1:18:53:f0:eb:4b:03:9b:56:
45:22:42:95:e3:5f:a5:ed:09:6d:d3:6c:20:b7:60:b5:01:83:
11:43:95:2b:43:95:c9:8e:fa:38:fa:94:be:7f:19:4e:40:de:
ba:a3:e3:a0:67:c0:1e:d4:5c:bb:7d:24:2f:af:dd:b9:14:41:
ca:d1:87:20:70:bd:77:0b:03:08:18:1a:e1:9b:fe:0a:03:3b:
ed:88:f4:85:33:3f:9a:f8:6a:46:a6:1b:92:92:7d:75:ef:0a:
f1:99:45:ac:db:08:9c:1e:16:52:fc:98:55:fb:2f:96:0c:17:
81:ee:fa:85:4c:9a:8e:63:b8:69:37:cc:82:f4:07:f3:78:5d:
73:39:ee:a3:4e:79:07:36:d0:42:f4:87:f8:52:78:34:4a:bd:
c2:d6:3c:ee:00:cd:6b:a6:7f:a4:13:2c:96:68:4f:52:f9:a2:
9b:b8:a2:29:6f:3e:e7:78:c9:3d:56:33:ef:87:d9:cd:84:07:
c2:a8:fb:6d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtLys5ByuT2RLQwWM8dcXxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0NzUyMWU3YjZiMzhhYmZiODhiZjcxZTliYzVhMDJiMmVj
Y2QzYjMwHhcNMjMwMTAxMTE1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzM3YzMxN2JiNGYzNWIxYzI2OGE4YmMzMDU2NWY2NjQ4OGZmMDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlecJHgmev08R/XJR0WuKSwGpFu0
6kWXLNKtbvOCELlX18PX02T7COM5zDCLGLY+W/gEx7k2M8SH8ohC7q7XECRUM5fV
3qjJkNAVhKLH8rk+bysYCpwzHbOwyZc+n7kRpojZie8ZkeQRFv4SuUKr3l5FBbjJ
zUyrLWhjoAckd+glWoPqYxyOnTH59NbCwwdbOdWxTTap9qhLJwZLDGeagr8NqZ17
XlNkjJZsFCvqcsBaHOI2Jzz9ZcC/Tn/aksSrWGaY03ilOhxNroduQKkVfEHwl1HH
t7aWLzOqplpDRvzgT5ejBX4c9OK8fNpeAvAycDYSslLK0DvJUYTW4yGarQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNM3wxe7TzWxwmiovDBWX2ZIj/A5MB8GA1UdIwQY
MBaAFOR1Iee2s4q/uIv3HpvFoCsuzNOzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUhVaDU3YXppci00aV9jZW04V2dLeTdNMDdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8xOTEzNmUtNDI5Zi00M2FkLTk0ZWYt
ODM2MWE4MzAzNTIyLzEvMHpmREY3dFBOYkhDYUtpOE1GWmZaa2lQOERrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8xOTEzNmUtNDI5Zi00M2FkLTk0ZWYtODM2MWE4MzAzNTIy
LzEvNUhVaDU3YXppci00aV9jZW04V2dLeTdNMDdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuW3yMA0E
AgACMAcDBQAqBMAHMA0GCSqGSIb3DQEBCwUAA4IBAQCdr57UD7MWecRhk5mN0Kir
pKokAV43G2kx5D9JiNVoxfNAE9pSWdqHaT5AOALK3KSFXFzJUMf/GV/gVwrcz/vB
GFPw60sDm1ZFIkKV41+l7Qlt02wgt2C1AYMRQ5UrQ5XJjvo4+pS+fxlOQN66o+Og
Z8Ae1Fy7fSQvr925FEHK0YcgcL13CwMIGBrhm/4KAzvtiPSFMz+a+GpGphuSkn11
7wrxmUWs2wicHhZS/JhV+y+WDBeB7vqFTJqOY7hpN8yC9AfzeF1zOe6jTnkHNtBC
9If4Ung0Sr3C1jzuAM1rpn+kEyyWaE9S+aKbuKIpbz7neMk9VjPvh9nNhAfCqPtt
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:54 2023 by rpki-client on console-ams.rpki-client.org