Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/Z31xv9MoshPseMEQGe6LTpCqX7M.roa
File: Z31xv9MoshPseMEQGe6LTpCqX7M.roa (raw, json)
Hash identifier: oE0QKpFA3f0F5LhbU5NJFdogTf2WhGzK5/PPzlhuW+c=
Subject key identifier: 67:7D:71:BF:D3:28:B2:13:EC:78:C1:10:19:EE:8B:4E:90:AA:5F:B3
Certificate issuer: /CN=81fa48f40bc84540c46bd23be9b90897aa184f4d
Certificate serial: 01856E2FCEBDE8EE716AA76038C49EDEE407
Authority key identifier: 81:FA:48:F4:0B:C8:45:40:C4:6B:D2:3B:E9:B9:08:97:AA:18:4F:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gfpI9AvIRUDEa9I76bkIl6oYT00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/Z31xv9MoshPseMEQGe6LTpCqX7M.roa
Signing time: Sun 01 Jan 2023 16:35:04 +0000
ROA not before: Sun 01 Jan 2023 16:35:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211250
IP address blocks: 195.64.229.0/24 maxlen: 24
195.64.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:ce:bd:e8:ee:71:6a:a7:60:38:c4:9e:de:e4:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81fa48f40bc84540c46bd23be9b90897aa184f4d
Validity
Not Before: Jan 1 16:35:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=677d71bfd328b213ec78c11019ee8b4e90aa5fb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:90:9f:94:c5:9f:33:b9:a1:48:32:b9:bd:f3:
2c:ca:81:04:94:7d:e7:6e:fc:ef:ff:08:34:fb:4e:
36:1e:79:65:ba:f0:09:aa:07:6e:e8:a2:f2:53:78:
21:bd:59:37:4c:67:09:a8:ee:79:62:8b:c8:b2:e1:
77:e9:b5:17:2c:c8:55:6b:07:1d:b1:61:42:ad:12:
ba:3a:6d:3b:a5:fb:98:94:82:07:24:64:38:68:94:
eb:4a:83:d1:57:70:b4:98:2e:0e:53:2f:be:f5:c9:
1b:c5:27:06:cd:19:bb:19:8c:0b:1f:4b:a8:1b:dc:
16:84:6a:b9:0a:90:af:09:79:42:28:a1:2b:95:3f:
2f:e3:8f:cb:0f:fa:c3:5f:f9:63:16:a0:f9:19:a1:
1e:6c:16:f5:96:1c:69:58:75:a7:10:83:ca:f3:ab:
76:1e:a9:97:2d:bc:85:97:07:3d:cf:54:37:bc:68:
b0:e0:d8:e2:cb:af:7d:9b:2b:b3:7f:b9:38:39:ac:
b4:48:22:de:57:40:ce:0c:06:a1:4d:d3:cd:34:c2:
cb:40:29:cd:ef:8d:b1:df:a9:93:d6:4d:e8:59:d1:
b6:41:ac:c1:ff:aa:c7:b9:bc:e1:40:b0:6c:b0:cd:
de:9f:af:4f:02:73:3f:f9:45:fe:0a:1c:96:1f:ae:
f1:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:7D:71:BF:D3:28:B2:13:EC:78:C1:10:19:EE:8B:4E:90:AA:5F:B3
X509v3 Authority Key Identifier:
keyid:81:FA:48:F4:0B:C8:45:40:C4:6B:D2:3B:E9:B9:08:97:AA:18:4F:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gfpI9AvIRUDEa9I76bkIl6oYT00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/Z31xv9MoshPseMEQGe6LTpCqX7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/gfpI9AvIRUDEa9I76bkIl6oYT00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.229.0/24
195.64.239.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:58:ba:32:42:63:9b:0f:0f:4b:54:57:a3:ef:78:84:33:68:
23:f4:36:bc:32:e0:97:44:fc:b1:da:7a:4f:ed:dc:ce:43:d6:
9c:40:f5:aa:88:5a:3a:64:8b:aa:20:d4:27:a8:3b:cd:4c:ee:
ea:32:79:35:81:57:01:ba:eb:1a:2a:be:9d:6d:65:a2:27:c0:
e5:f4:e1:91:14:8c:83:93:85:89:95:89:98:f5:c1:47:6a:82:
23:97:ce:5d:74:d3:f6:1d:fa:dc:94:20:e4:b2:00:0c:29:ce:
03:e1:80:06:60:55:86:9a:bf:9b:2c:12:67:f3:1c:fe:ed:37:
c5:a4:95:c5:2a:a6:62:9e:4e:35:b8:f3:e8:8f:da:a7:37:73:
50:96:5c:10:40:6d:6b:19:0e:d3:6a:c2:4c:36:fc:bb:db:b5:
2f:60:68:7f:ea:ad:b8:4a:5a:72:1e:c6:36:1e:19:78:33:0c:
d3:36:7c:79:15:d7:b0:cd:30:28:3d:bb:cd:1c:8d:f2:66:ab:
54:d3:77:83:d1:c8:eb:10:eb:a1:80:79:1e:68:42:dc:e7:9e:
22:a6:15:f8:d4:4c:ec:03:3d:17:3c:3d:47:02:63:8a:c2:6a:
b9:6a:80:e3:8b:d1:c4:45:96:d9:00:3d:59:6c:ad:99:f9:e7:
b3:49:22:94
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuL8696O5xaqdgOMSe3uQHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZmE0OGY0MGJjODQ1NDBjNDZiZDIzYmU5YjkwODk3YWEx
ODRmNGQwHhcNMjMwMTAxMTYzNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzdkNzFiZmQzMjhiMjEzZWM3OGMxMTAxOWVlOGI0ZTkwYWE1ZmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypCflMWfM7mhSDK5vfMsyoEElH3n
bvzv/wg0+042HnlluvAJqgdu6KLyU3ghvVk3TGcJqO55YovIsuF36bUXLMhVawcd
sWFCrRK6Om07pfuYlIIHJGQ4aJTrSoPRV3C0mC4OUy++9ckbxScGzRm7GYwLH0uo
G9wWhGq5CpCvCXlCKKErlT8v44/LD/rDX/ljFqD5GaEebBb1lhxpWHWnEIPK86t2
HqmXLbyFlwc9z1Q3vGiw4Njiy699myuzf7k4Oay0SCLeV0DODAahTdPNNMLLQCnN
742x36mT1k3oWdG2QazB/6rHubzhQLBssM3en69PAnM/+UX+ChyWH67xnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGd9cb/TKLIT7HjBEBnui06Qql+zMB8GA1UdIwQY
MBaAFIH6SPQLyEVAxGvSO+m5CJeqGE9NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2ZwSTlBdklSVURFYTlJNzZia0lsNm9ZVDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8xNDYwNzgtZjliMi00MTYzLWFmMWEt
OGU5M2NiNWM1MzU1LzEvWjMxeHY5TW9zaFBzZU1FUUdlNkxUcENxWDdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8xNDYwNzgtZjliMi00MTYzLWFmMWEtOGU5M2NiNWM1MzU1
LzEvZ2ZwSTlBdklSVURFYTlJNzZia0lsNm9ZVDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw0DlAwQA
w0DvMA0GCSqGSIb3DQEBCwUAA4IBAQBqWLoyQmObDw9LVFej73iEM2gj9Da8MuCX
RPyx2npP7dzOQ9acQPWqiFo6ZIuqINQnqDvNTO7qMnk1gVcBuusaKr6dbWWiJ8Dl
9OGRFIyDk4WJlYmY9cFHaoIjl85ddNP2HfrclCDksgAMKc4D4YAGYFWGmr+bLBJn
8xz+7TfFpJXFKqZink41uPPoj9qnN3NQllwQQG1rGQ7TasJMNvy727UvYGh/6q24
SlpyHsY2Hhl4MwzTNnx5FdewzTAoPbvNHI3yZqtU03eD0cjrEOuhgHkeaELc554i
phX41EzsAz0XPD1HAmOKwmq5aoDji9HERZbZAD1ZbK2Z+eezSSKU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:52 2024 by rpki-client on console-ams.rpki-client.org