Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/zKkyw-cYHWnomwcqIByZeq4T3yE.roa
File: zKkyw-cYHWnomwcqIByZeq4T3yE.roa (raw, json)
Hash identifier: jpRTQAmfZFYIkpm9xSmgcSv+eo0B8eXFtXPEC/kqT4M=
Subject key identifier: CC:A9:32:C3:E7:18:1D:69:E8:9B:07:2A:20:1C:99:7A:AE:13:DF:21
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 01856CB848B6BF824BC2D67E9A9D07EC2BED
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/zKkyw-cYHWnomwcqIByZeq4T3yE.roa
Signing time: Sun 01 Jan 2023 09:44:54 +0000
ROA not before: Sun 01 Jan 2023 09:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31180
IP address blocks: 195.6.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:48:b6:bf:82:4b:c2:d6:7e:9a:9d:07:ec:2b:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 09:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cca932c3e7181d69e89b072a201c997aae13df21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e8:ab:2c:21:98:eb:c2:f8:28:04:f3:fb:ef:
d3:32:8f:27:7c:d3:c7:3c:77:7d:78:9e:10:10:4e:
87:22:18:46:7c:28:4c:2a:83:b7:57:d6:cd:be:c4:
06:cb:ab:d4:f2:5b:7c:1b:02:b2:fa:1d:15:f7:83:
d9:c3:64:35:4c:c9:8e:f8:f6:66:bf:54:1d:b6:eb:
75:20:42:f3:44:f5:ba:61:09:74:37:28:e9:95:52:
72:cf:2b:41:ec:7b:af:6d:38:da:b5:33:ae:b8:5b:
89:3e:9c:42:c3:0c:84:87:86:5f:7a:02:57:12:16:
34:cb:da:78:e7:3a:c6:26:75:44:12:f8:73:c3:e9:
6a:4e:fc:85:42:32:12:98:31:56:da:72:c2:7a:82:
03:10:3a:1a:f2:f9:22:82:a6:d0:d3:c2:dc:3a:86:
6e:9e:3c:72:5b:47:bd:3f:83:8a:c8:29:2d:2b:40:
3a:fe:1e:ed:9d:4c:59:d9:8f:a0:ba:9e:09:c4:9d:
aa:ad:ec:ef:84:16:df:31:19:cd:eb:dd:59:d8:c1:
1c:14:9b:81:25:48:5c:2c:7a:fe:c2:b4:b0:9e:56:
d8:a3:3f:49:99:53:f1:d3:98:15:79:4b:96:17:72:
2e:15:8d:96:fa:c1:f2:c3:64:ee:ee:f4:f0:b2:35:
75:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:A9:32:C3:E7:18:1D:69:E8:9B:07:2A:20:1C:99:7A:AE:13:DF:21
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/zKkyw-cYHWnomwcqIByZeq4T3yE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.6.3.0/24
Signature Algorithm: sha256WithRSAEncryption
74:97:39:39:57:da:de:1a:7f:79:a8:8d:df:08:2d:77:e6:a8:
d2:65:6a:7b:93:bf:62:7d:cb:de:27:39:aa:2f:27:f4:86:4a:
00:ed:1e:6f:fe:24:e1:b2:74:df:7e:6b:fb:08:31:79:fd:98:
8b:b9:c0:80:97:78:a4:8e:78:1c:4a:8d:4b:5f:76:de:2e:e5:
91:f8:a9:b2:de:59:de:19:a3:51:fc:ae:48:87:a9:68:e3:b1:
e6:a5:a1:82:cc:09:2d:30:fc:ae:60:b5:d6:bc:21:d4:cc:f3:
71:3d:2f:ff:0c:88:fc:68:3c:7d:29:dc:ac:9f:68:a1:f1:20:
66:5a:ce:78:d0:4c:52:f4:c3:84:be:e9:0d:a6:2b:7f:23:1a:
13:2e:de:16:ba:e1:58:c3:21:4e:9d:8f:be:2a:3f:4e:5a:5d:
06:05:e6:e7:3a:ff:53:a4:c5:7e:a3:65:ab:c0:72:e5:94:b7:
bf:2d:c6:5c:c5:91:92:af:3b:34:54:cb:d0:0c:b0:a5:ca:96:
40:0d:d2:50:d3:9c:e7:7d:09:73:5b:38:94:52:3b:5b:55:8c:
a0:a4:97:37:3c:65:65:5d:73:51:a9:96:91:47:9a:bf:c6:99:
12:a0:6d:86:26:34:35:0d:66:a6:44:05:f9:4d:7a:fa:b0:ea:
83:d2:f7:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsuEi2v4JLwtZ+mp0H7CvtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwMTAxMDk0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2E5MzJjM2U3MTgxZDY5ZTg5YjA3MmEyMDFjOTk3YWFlMTNkZjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOirLCGY68L4KATz++/TMo8nfNPH
PHd9eJ4QEE6HIhhGfChMKoO3V9bNvsQGy6vU8lt8GwKy+h0V94PZw2Q1TMmO+PZm
v1Qdtut1IELzRPW6YQl0NyjplVJyzytB7HuvbTjatTOuuFuJPpxCwwyEh4ZfegJX
EhY0y9p45zrGJnVEEvhzw+lqTvyFQjISmDFW2nLCeoIDEDoa8vkigqbQ08LcOoZu
njxyW0e9P4OKyCktK0A6/h7tnUxZ2Y+gup4JxJ2qrezvhBbfMRnN691Z2MEcFJuB
JUhcLHr+wrSwnlbYoz9JmVPx05gVeUuWF3IuFY2W+sHyw2Tu7vTwsjV1iQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMypMsPnGB1p6JsHKiAcmXquE98hMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvektreXctY1lIV25vbXdjcUlCeVplcTRUM3lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwYDMA0G
CSqGSIb3DQEBCwUAA4IBAQB0lzk5V9reGn95qI3fCC135qjSZWp7k79ifcveJzmq
Lyf0hkoA7R5v/iThsnTffmv7CDF5/ZiLucCAl3ikjngcSo1LX3beLuWR+Kmy3lne
GaNR/K5Ih6lo47HmpaGCzAktMPyuYLXWvCHUzPNxPS//DIj8aDx9Kdysn2ih8SBm
Ws540ExS9MOEvukNpit/IxoTLt4WuuFYwyFOnY++Kj9OWl0GBebnOv9TpMV+o2Wr
wHLllLe/LcZcxZGSrzs0VMvQDLClypZADdJQ05znfQlzWziUUjtbVYygpJc3PGVl
XXNRqZaRR5q/xpkSoG2GJjQ1DWamRAX5TXr6sOqD0vdi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:52 2024 by rpki-client on console-fra.rpki-client.org