Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/CZpOKd2j_X47Cnb8I8qUci1SkA0.roa
File: CZpOKd2j_X47Cnb8I8qUci1SkA0.roa (raw, json)
Hash identifier: Kpazp7F8NphDwopq6QF0GLsd+qPzsVA0nGfnniaFcWw=
Subject key identifier: 09:9A:4E:29:DD:A3:FD:7E:3B:0A:76:FC:23:CA:94:72:2D:52:90:0D
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018AEF7D9706EB6AB470ABBD6C3E32C21EA3
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/CZpOKd2j_X47Cnb8I8qUci1SkA0.roa
Signing time: Mon 02 Oct 2023 08:24:59 +0000
ROA not before: Mon 02 Oct 2023 08:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51765
IP address blocks: 82.97.240.0/20 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Oct 2023 12:14:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:7d:97:06:eb:6a:b4:70:ab:bd:6c:3e:32:c2:1e:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Oct 2 08:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=099a4e29dda3fd7e3b0a76fc23ca94722d52900d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:91:28:47:e0:7b:46:c3:6e:0d:f2:5f:73:00:
ce:cc:38:73:11:81:6b:bf:28:fd:45:c4:96:3b:ba:
18:98:37:73:fd:cb:cf:3f:bb:50:48:e8:cf:a4:77:
8f:5f:4e:d5:38:a0:2f:a6:76:95:48:48:3d:ab:4f:
e3:df:06:54:58:1e:f1:7f:ba:7c:58:9c:36:07:56:
55:24:ec:84:1b:1e:ae:0f:e7:85:f6:64:45:01:82:
3f:7f:40:38:8a:4d:3e:e0:be:98:0d:cd:6d:76:1a:
02:ef:6a:37:19:70:c3:41:48:aa:45:ea:10:80:84:
f7:ed:20:42:e7:e2:5a:8e:1e:16:ba:e6:f2:45:a4:
9b:7f:fc:39:29:d6:fa:63:41:f4:4d:2e:e9:c8:02:
b8:69:77:bb:d2:38:cf:06:19:9a:7c:e2:41:e2:db:
f5:c9:64:f1:49:04:2d:a0:91:b4:de:27:c6:90:11:
ab:f7:0d:47:e7:65:84:ba:92:1f:0a:fc:db:25:5c:
77:62:32:ee:0d:f8:e8:3b:32:b3:10:64:58:02:78:
60:f5:fc:d4:aa:62:f0:a3:b0:b0:72:98:c7:18:1c:
eb:ac:d5:91:8a:21:35:c1:fd:20:ea:b4:13:50:5c:
43:2b:b3:a0:2c:97:6b:4d:35:44:fd:24:d3:22:86:
7e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:9A:4E:29:DD:A3:FD:7E:3B:0A:76:FC:23:CA:94:72:2D:52:90:0D
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/CZpOKd2j_X47Cnb8I8qUci1SkA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.97.240.0/20
Signature Algorithm: sha256WithRSAEncryption
2e:e6:23:f1:2e:d1:2b:12:f3:d9:46:0d:7c:60:35:18:15:f3:
1d:0c:4f:1f:ab:34:20:45:98:95:da:43:c6:76:eb:a9:ec:3d:
44:3d:81:b9:98:2f:31:01:75:05:64:1d:35:8f:73:42:2b:f9:
9e:44:f3:14:26:0e:68:4b:b6:03:43:aa:0a:c4:e6:e0:7c:0f:
52:12:78:d3:73:9f:da:6a:a5:9b:96:a9:37:31:b3:fe:e6:67:
26:89:2d:3d:c0:20:3c:43:be:b7:cf:cb:08:de:ff:a4:77:3f:
3d:81:00:bc:24:52:3f:35:eb:11:d1:c4:d6:9a:0b:c5:e5:31:
c1:0a:8d:49:19:04:fb:3f:54:67:f2:f0:9e:88:82:30:d1:8a:
d9:79:6f:63:49:b0:b0:6f:26:44:b3:19:ec:f6:8c:7a:ad:42:
e5:e3:31:a8:ec:ab:4d:4e:ec:45:f6:9b:d7:35:e5:87:ab:35:
89:46:b7:49:7b:69:4f:e0:41:99:5a:3c:53:06:bc:2d:1b:c1:
ce:7e:90:9d:b0:11:f6:45:d0:f9:ec:3f:43:df:c7:e4:b8:a2:
5e:3a:31:d7:3a:b9:f3:6a:2d:0c:01:f1:63:ab:c0:7e:a5:0e:
03:5a:62:33:0d:a3:0e:0c:aa:ae:c9:c8:a5:3f:9e:a0:d4:9f:
98:d0:40:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrvfZcG62q0cKu9bD4ywh6jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMxMDAyMDgyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTlhNGUyOWRkYTNmZDdlM2IwYTc2ZmMyM2NhOTQ3MjJkNTI5MDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5EoR+B7RsNuDfJfcwDOzDhzEYFr
vyj9RcSWO7oYmDdz/cvPP7tQSOjPpHePX07VOKAvpnaVSEg9q0/j3wZUWB7xf7p8
WJw2B1ZVJOyEGx6uD+eF9mRFAYI/f0A4ik0+4L6YDc1tdhoC72o3GXDDQUiqReoQ
gIT37SBC5+Jajh4WuubyRaSbf/w5Kdb6Y0H0TS7pyAK4aXe70jjPBhmafOJB4tv1
yWTxSQQtoJG03ifGkBGr9w1H52WEupIfCvzbJVx3YjLuDfjoOzKzEGRYAnhg9fzU
qmLwo7CwcpjHGBzrrNWRiiE1wf0g6rQTUFxDK7OgLJdrTTVE/STTIoZ+FwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAmaTindo/1+Owp2/CPKlHItUpANMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvQ1pwT0tkMmpfWDQ3Q25iOEk4cVVjaTFTa0EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUmHwMA0G
CSqGSIb3DQEBCwUAA4IBAQAu5iPxLtErEvPZRg18YDUYFfMdDE8fqzQgRZiV2kPG
duup7D1EPYG5mC8xAXUFZB01j3NCK/meRPMUJg5oS7YDQ6oKxObgfA9SEnjTc5/a
aqWblqk3MbP+5mcmiS09wCA8Q763z8sI3v+kdz89gQC8JFI/NesR0cTWmgvF5THB
Co1JGQT7P1Rn8vCeiIIw0YrZeW9jSbCwbyZEsxns9ox6rULl4zGo7KtNTuxF9pvX
NeWHqzWJRrdJe2lP4EGZWjxTBrwtG8HOfpCdsBH2RdD57D9D38fkuKJeOjHXOrnz
ai0MAfFjq8B+pQ4DWmIzDaMODKquycilP56g1J+Y0EA6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:34 2024 by rpki-client on console-fra.rpki-client.org