Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/CZPgubIEz9txctctkwi5c1yFFYM.roa
File: CZPgubIEz9txctctkwi5c1yFFYM.roa (raw, json)
Hash identifier: uF8uA4Wdd37eQe9Z4m1RKyDQBqoeo1jGl41BTPX+GqY=
Subject key identifier: 09:93:E0:B9:B2:04:CF:DB:71:72:D7:2D:93:08:B9:73:5C:85:15:83
Certificate issuer: /CN=39911375fcc4859612190ebecc7ae371a01a6a6d
Certificate serial: 01856F82493A0AE767C8C91AF2636B28AF81
Authority key identifier: 39:91:13:75:FC:C4:85:96:12:19:0E:BE:CC:7A:E3:71:A0:1A:6A:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OZETdfzEhZYSGQ6-zHrjcaAaam0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/CZPgubIEz9txctctkwi5c1yFFYM.roa
Signing time: Sun 01 Jan 2023 22:44:47 +0000
ROA not before: Sun 01 Jan 2023 22:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210111
IP address blocks: 185.88.72.0/22 maxlen: 22
2a0d:b0c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:49:3a:0a:e7:67:c8:c9:1a:f2:63:6b:28:af:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39911375fcc4859612190ebecc7ae371a01a6a6d
Validity
Not Before: Jan 1 22:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0993e0b9b204cfdb7172d72d9308b9735c851583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:9b:f1:53:ac:8f:73:1f:31:bb:e7:63:18:5b:
4f:1e:f9:2c:95:6c:c8:45:dd:92:9d:cd:98:75:8b:
f2:68:d2:f4:02:8d:02:73:0f:7e:31:b0:06:04:fc:
17:fd:42:0a:56:9a:cd:83:12:f6:05:70:34:4a:a6:
19:df:56:c1:06:a8:8e:03:f7:97:cb:71:ee:a5:6d:
25:07:c4:0d:45:9c:01:20:7f:ac:aa:76:01:e7:70:
d7:2c:02:3d:24:5c:66:ce:84:8f:e6:fa:a1:65:2c:
67:0f:de:58:a9:d0:ae:69:4c:50:39:83:59:0f:f5:
4a:ff:4e:be:18:6b:74:51:f8:49:ad:f7:38:f5:b3:
d4:e8:83:d2:ca:a9:1f:42:18:b2:c0:73:23:ee:9a:
14:c7:dc:14:26:52:25:e6:b2:62:2c:0d:72:68:34:
a2:73:49:f7:77:8c:4d:90:09:b5:bb:46:e3:d6:6f:
75:1d:70:fb:e8:1a:59:a8:20:4c:a2:fd:5e:de:d7:
c4:62:91:0d:82:d1:8c:fd:bb:3a:89:cd:b0:1a:fb:
de:09:8d:c4:26:94:b0:fd:50:e9:22:3c:5c:53:36:
56:96:47:28:d1:01:76:be:51:ab:d3:fc:7b:d9:a2:
dc:1f:34:99:1c:5b:fa:02:1a:45:a6:44:2e:05:3a:
4b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:93:E0:B9:B2:04:CF:DB:71:72:D7:2D:93:08:B9:73:5C:85:15:83
X509v3 Authority Key Identifier:
keyid:39:91:13:75:FC:C4:85:96:12:19:0E:BE:CC:7A:E3:71:A0:1A:6A:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OZETdfzEhZYSGQ6-zHrjcaAaam0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/CZPgubIEz9txctctkwi5c1yFFYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/OZETdfzEhZYSGQ6-zHrjcaAaam0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.72.0/22
IPv6:
2a0d:b0c0::/29
Signature Algorithm: sha256WithRSAEncryption
74:d9:54:c4:f6:ce:74:1c:6a:3f:79:69:93:23:ab:e9:9a:fa:
3e:2e:c9:1c:89:fa:25:12:0e:87:77:82:5b:e2:3c:13:65:35:
54:cf:70:a3:e8:52:bf:a7:e5:2b:07:10:43:3e:46:f2:d0:e9:
fb:07:5c:f8:a0:c6:e4:b5:79:a9:d3:1c:9c:63:d8:26:f7:50:
69:ea:6e:1d:86:d7:16:0c:dd:ac:41:2c:b0:ed:cd:d7:d2:74:
5d:44:dd:76:50:3b:67:ee:c5:2c:cb:d3:50:24:97:c9:bf:7f:
35:4e:80:ca:fd:fa:9e:20:93:03:8f:b2:5d:42:70:7d:77:fc:
53:0b:b5:4b:b7:4c:f3:10:f0:5d:bc:1c:2b:ee:85:ae:78:be:
e2:01:cb:56:cd:0f:f0:8a:37:c1:69:d1:d3:17:ef:6e:cf:4f:
3e:ac:84:09:d7:dc:d8:0e:fb:60:03:5b:b6:3b:61:f4:da:a1:
c4:0a:fa:07:37:91:71:ba:98:f4:4b:0c:d1:b4:a8:86:af:5e:
bb:99:8d:20:02:a1:d5:7b:f4:1f:61:dc:a8:a5:94:75:41:80:
09:b7:1e:83:bc:16:fe:cc:04:f2:f4:7f:c3:88:eb:25:a2:8d:
14:ad:9b:37:96:d3:90:1d:5d:5a:c8:6a:68:2b:b6:39:bf:7c:
e8:ff:c2:17
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvgkk6CudnyMka8mNrKK+BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5OTExMzc1ZmNjNDg1OTYxMjE5MGViZWNjN2FlMzcxYTAx
YTZhNmQwHhcNMjMwMTAxMjI0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTkzZTBiOWIyMDRjZmRiNzE3MmQ3MmQ5MzA4Yjk3MzVjODUxNTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5vxU6yPcx8xu+djGFtPHvkslWzI
Rd2Snc2YdYvyaNL0Ao0Ccw9+MbAGBPwX/UIKVprNgxL2BXA0SqYZ31bBBqiOA/eX
y3HupW0lB8QNRZwBIH+sqnYB53DXLAI9JFxmzoSP5vqhZSxnD95YqdCuaUxQOYNZ
D/VK/06+GGt0UfhJrfc49bPU6IPSyqkfQhiywHMj7poUx9wUJlIl5rJiLA1yaDSi
c0n3d4xNkAm1u0bj1m91HXD76BpZqCBMov1e3tfEYpENgtGM/bs6ic2wGvveCY3E
JpSw/VDpIjxcUzZWlkco0QF2vlGr0/x72aLcHzSZHFv6AhpFpkQuBTpLUwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAmT4LmyBM/bcXLXLZMIuXNchRWDMB8GA1UdIwQY
MBaAFDmRE3X8xIWWEhkOvsx643GgGmptMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1pFVGRmekVoWllTR1E2LXpIcmpjYUFhYW0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82MWMwYzUtNTI1Ny00NTNjLThlNzQt
OTMzZDkyZDAwMDBjLzEvQ1pQZ3ViSUV6OXR4Y3RjdGt3aTVjMXlGRllNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC82MWMwYzUtNTI1Ny00NTNjLThlNzQtOTMzZDkyZDAwMDBj
LzEvT1pFVGRmekVoWllTR1E2LXpIcmpjYUFhYW0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVhIMA0E
AgACMAcDBQMqDbDAMA0GCSqGSIb3DQEBCwUAA4IBAQB02VTE9s50HGo/eWmTI6vp
mvo+LskcifolEg6Hd4Jb4jwTZTVUz3Cj6FK/p+UrBxBDPkby0On7B1z4oMbktXmp
0xycY9gm91Bp6m4dhtcWDN2sQSyw7c3X0nRdRN12UDtn7sUsy9NQJJfJv381ToDK
/fqeIJMDj7JdQnB9d/xTC7VLt0zzEPBdvBwr7oWueL7iActWzQ/wijfBadHTF+9u
z08+rIQJ19zYDvtgA1u2O2H02qHECvoHN5Fxupj0SwzRtKiGr167mY0gAqHVe/Qf
YdyopZR1QYAJtx6DvBb+zATy9H/DiOsloo0UrZs3ltOQHV1ayGpoK7Y5v3zo/8IX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:55 2024 by rpki-client on console-ams.rpki-client.org