Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/zmvXthcomj7UYlJJ04i7Fx6-T3E.roa
File: zmvXthcomj7UYlJJ04i7Fx6-T3E.roa (raw, json)
Hash identifier: AJI4Ot7Ul0N/Aqicu4u5Xow7GQQDIn6opPG4QoiBZSw=
Subject key identifier: CE:6B:D7:B6:17:28:9A:3E:D4:62:52:49:D3:88:BB:17:1E:BE:4F:71
Certificate issuer: /CN=896a82a725ed22bb46847ae568912078de25c108
Certificate serial: 018CC500DC66F0864415C3BE68B596D9E346
Authority key identifier: 89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/zmvXthcomj7UYlJJ04i7Fx6-T3E.roa
Signing time: Mon 01 Jan 2024 12:30:17 +0000
ROA not before: Mon 01 Jan 2024 12:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8841
IP address blocks: 193.220.216.0/22 maxlen: 22
193.220.208.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 31 Jan 2024 18:07:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:dc:66:f0:86:44:15:c3:be:68:b5:96:d9:e3:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896a82a725ed22bb46847ae568912078de25c108
Validity
Not Before: Jan 1 12:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce6bd7b617289a3ed4625249d388bb171ebe4f71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:12:07:46:eb:85:54:03:91:34:bb:1e:bf:d0:
f2:63:ff:69:34:55:fc:3d:fb:6d:6d:44:67:7c:98:
55:13:1d:ac:f7:86:40:a1:ea:30:c3:92:07:df:2e:
e4:fd:c5:27:ec:0a:f2:63:87:ae:c0:c5:46:ba:e1:
aa:79:09:fa:16:ff:82:f1:93:dd:80:b1:2f:09:bd:
e8:0f:94:c7:41:51:fc:78:5a:16:93:c6:7a:c0:ff:
4f:5e:4d:78:82:82:1d:3b:be:1c:82:2d:38:3c:3a:
8b:19:01:7c:74:79:78:87:c5:89:8e:b7:33:03:db:
22:ff:3a:88:23:ab:a4:57:b4:19:95:25:2f:a2:ac:
eb:c1:83:62:b0:01:41:7a:77:dc:06:0d:af:ec:d8:
37:65:09:d4:f2:52:f5:26:a4:c2:1a:a4:d4:2d:7a:
fc:f7:4a:79:8a:92:f4:90:c9:57:ac:ad:60:4a:22:
12:89:d3:49:5d:54:0a:42:16:3f:7e:f6:93:af:e9:
ae:b7:41:67:b5:02:1f:55:8e:29:64:b9:29:90:2d:
01:11:a8:8c:31:93:d5:0d:35:bd:58:8a:20:21:db:
7c:99:c2:ad:64:bc:95:9c:8e:ec:9f:1d:bf:d9:d8:
d3:96:52:a5:f8:4f:a1:38:b2:5e:01:5e:5f:43:dd:
24:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:6B:D7:B6:17:28:9A:3E:D4:62:52:49:D3:88:BB:17:1E:BE:4F:71
X509v3 Authority Key Identifier:
keyid:89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/zmvXthcomj7UYlJJ04i7Fx6-T3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.220.208.0-193.220.219.255
Signature Algorithm: sha256WithRSAEncryption
28:2a:9e:07:1f:65:d5:ca:a1:81:c8:5c:04:c0:e4:e9:25:4e:
52:eb:39:bb:94:cf:d9:45:94:46:45:aa:13:b4:20:31:fb:19:
dd:fd:70:0a:a7:fc:66:c0:1e:4c:37:01:2f:0d:dd:61:f4:60:
9e:80:76:78:71:9d:84:72:c9:11:ab:a4:03:26:d4:ed:0b:11:
4b:e9:03:47:53:5a:4d:8e:19:97:e3:1a:df:fc:10:9f:23:d8:
b7:07:ec:66:a9:cc:44:57:5c:00:f4:07:17:3a:1c:b9:9c:fd:
53:c3:a6:6f:a7:97:79:e4:20:f6:27:7b:4b:08:aa:40:f7:32:
fd:e6:91:0a:c8:96:a0:eb:d8:8f:1c:81:68:e3:3c:ae:18:95:
97:d6:b9:2f:05:59:85:8b:1c:e7:fd:ff:7e:34:99:1b:2a:71:
44:fe:07:f4:f0:8a:15:24:97:76:66:ca:a3:b3:72:f3:93:e1:
13:ef:21:a4:ae:ab:a1:22:fc:80:30:c6:55:6b:c1:e2:21:7c:
dd:98:e8:4f:8a:90:92:30:ce:3e:ca:1b:c8:06:e6:9c:5f:57:
f9:06:7a:dd:80:e9:02:69:88:42:d4:ba:18:fc:85:7a:16:47:
28:eb:96:12:fb:bd:7a:35:67:1c:24:1c:2c:88:b2:11:9a:4c:
1b:cb:80:5c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzFANxm8IZEFcO+aLWW2eNGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmE4MmE3MjVlZDIyYmI0Njg0N2FlNTY4OTEyMDc4ZGUy
NWMxMDgwHhcNMjQwMTAxMTIzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTZiZDdiNjE3Mjg5YTNlZDQ2MjUyNDlkMzg4YmIxNzFlYmU0ZjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBIHRuuFVAORNLsev9DyY/9pNFX8
PfttbURnfJhVEx2s94ZAoeoww5IH3y7k/cUn7AryY4euwMVGuuGqeQn6Fv+C8ZPd
gLEvCb3oD5THQVH8eFoWk8Z6wP9PXk14goIdO74cgi04PDqLGQF8dHl4h8WJjrcz
A9si/zqII6ukV7QZlSUvoqzrwYNisAFBenfcBg2v7Ng3ZQnU8lL1JqTCGqTULXr8
90p5ipL0kMlXrK1gSiISidNJXVQKQhY/fvaTr+mut0FntQIfVY4pZLkpkC0BEaiM
MZPVDTW9WIogIdt8mcKtZLyVnI7snx2/2djTllKl+E+hOLJeAV5fQ90keQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFM5r17YXKJo+1GJSSdOIuxcevk9xMB8GA1UdIwQY
MBaAFIlqgqcl7SK7RoR65WiRIHjeJcEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUt
MDQwMTI3MTAyMjA5LzEvem12WHRoY29tajdVWWxKSjA0aTdGeDYtVDNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUtMDQwMTI3MTAyMjA5
LzEvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBATB3NAD
BALB3NgwDQYJKoZIhvcNAQELBQADggEBACgqngcfZdXKoYHIXATA5OklTlLrObuU
z9lFlEZFqhO0IDH7Gd39cAqn/GbAHkw3AS8N3WH0YJ6AdnhxnYRyyRGrpAMm1O0L
EUvpA0dTWk2OGZfjGt/8EJ8j2LcH7GapzERXXAD0Bxc6HLmc/VPDpm+nl3nkIPYn
e0sIqkD3Mv3mkQrIlqDr2I8cgWjjPK4YlZfWuS8FWYWLHOf9/340mRsqcUT+B/Tw
ihUkl3ZmyqOzcvOT4RPvIaSuq6Ei/IAwxlVrweIhfN2Y6E+KkJIwzj7KG8gG5pxf
V/kGet2A6QJpiELUuhj8hXoWRyjrlhL7vXo1ZxwkHCyIshGaTBvLgFw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:31 2024 by rpki-client on console-ams.rpki-client.org