Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/Z-DHdJkiP5LxzX4prXBhmnD2w8U.roa
File: Z-DHdJkiP5LxzX4prXBhmnD2w8U.roa (raw, json)
Hash identifier: Ak0/9tGCaP7slAZhWRYyRG5aZxNYstMnybWwdiLAgiI=
Subject key identifier: 67:E0:C7:74:99:22:3F:92:F1:CD:7E:29:AD:70:61:9A:70:F6:C3:C5
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 018BDD95DF89731609AE36363105F46358EB
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/Z-DHdJkiP5LxzX4prXBhmnD2w8U.roa
Signing time: Fri 17 Nov 2023 14:01:08 +0000
ROA not before: Fri 17 Nov 2023 14:01:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211373
IP address blocks: 146.19.154.0/24 maxlen: 24
88.151.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dd:95:df:89:73:16:09:ae:36:36:31:05:f4:63:58:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Nov 17 14:01:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67e0c77499223f92f1cd7e29ad70619a70f6c3c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f7:01:46:80:8d:4a:1e:ba:84:5b:59:fb:7f:
94:1a:4d:28:bb:14:1b:79:4e:9e:6b:27:fc:e0:b7:
50:9c:2a:5b:7b:51:8d:4b:8c:a8:c6:f9:17:48:06:
88:4f:6d:9c:70:e4:c7:03:4d:5b:96:a3:2a:79:b0:
43:b2:b1:da:96:bf:c7:4e:f0:f3:bd:64:09:8c:b1:
ea:1e:8a:30:fb:6a:da:e8:aa:5f:15:3e:f5:a6:ef:
df:6b:ff:53:24:95:89:fd:44:ac:9d:cf:6f:49:94:
dd:12:44:7c:23:87:f4:d8:ff:7f:83:9c:5f:f8:95:
47:23:4f:c8:b0:08:17:90:c1:08:95:33:f0:aa:2a:
ae:ed:f3:dc:f9:94:2e:19:78:80:61:7d:84:01:d2:
50:d1:c7:73:23:89:ce:20:86:ba:d7:77:6a:05:bc:
56:2e:7c:2a:2a:17:af:95:da:b2:33:d6:76:6a:9a:
db:41:8c:f2:b5:14:e4:66:1f:a7:6f:18:7d:a0:c4:
6e:3d:bd:56:49:5d:5f:a0:1f:c5:e3:2a:bb:57:ec:
bc:24:9e:78:e1:b0:9e:8a:ba:48:21:77:fd:c1:29:
0c:84:4e:be:c1:a5:00:51:cd:de:c0:66:b3:b2:e9:
55:16:4f:ca:05:82:84:b4:66:4c:50:7c:00:94:a4:
57:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:E0:C7:74:99:22:3F:92:F1:CD:7E:29:AD:70:61:9A:70:F6:C3:C5
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/Z-DHdJkiP5LxzX4prXBhmnD2w8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.10.0/24
146.19.154.0/24
Signature Algorithm: sha256WithRSAEncryption
78:49:fb:3b:b0:b4:40:88:91:9c:3c:69:69:00:4c:ed:cc:a9:
94:26:55:cb:a6:14:6d:17:1c:73:55:f3:0d:ef:d9:bb:3a:e3:
a7:ea:95:99:62:0f:c5:e4:7f:ab:31:c3:73:14:1e:52:79:91:
66:09:bf:ff:fd:7f:3e:61:7e:09:ec:8b:ea:e5:9c:6b:12:aa:
d8:78:6c:de:80:0f:d8:d2:7a:00:25:6d:e6:65:48:56:f4:e3:
2c:81:ea:2e:f0:69:11:5e:f0:46:0c:7c:0f:97:c8:11:9e:fe:
1a:df:ea:48:4b:e1:a9:66:5c:6d:a5:b5:41:43:7b:2e:32:2a:
eb:e9:b0:23:ec:cf:58:73:b0:e3:bf:dc:08:6e:79:32:c9:1a:
c4:53:11:e0:5c:bf:c5:e7:8f:59:b4:fb:bf:1d:cf:8a:3c:a1:
70:9a:b6:d2:d5:66:3e:de:87:12:2c:1e:83:9f:c6:87:c5:01:
15:76:b7:e6:18:f1:c0:f6:fa:65:bc:24:ea:73:e0:e3:10:c9:
7b:ae:92:72:14:61:88:d6:84:7c:c4:44:df:51:80:eb:85:f3:
2d:21:8b:3b:fa:29:82:d5:af:ce:52:a9:a8:e2:fb:14:55:8e:
8d:00:8b:76:a7:d2:8c:33:9d:2f:16:86:c6:5c:c4:40:66:b7:
ab:82:a6:65
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvdld+JcxYJrjY2MQX0Y1jrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjMxMTE3MTQwMTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2UwYzc3NDk5MjIzZjkyZjFjZDdlMjlhZDcwNjE5YTcwZjZjM2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/cBRoCNSh66hFtZ+3+UGk0ouxQb
eU6eayf84LdQnCpbe1GNS4yoxvkXSAaIT22ccOTHA01blqMqebBDsrHalr/HTvDz
vWQJjLHqHoow+2ra6KpfFT71pu/fa/9TJJWJ/USsnc9vSZTdEkR8I4f02P9/g5xf
+JVHI0/IsAgXkMEIlTPwqiqu7fPc+ZQuGXiAYX2EAdJQ0cdzI4nOIIa613dqBbxW
LnwqKhevldqyM9Z2aprbQYzytRTkZh+nbxh9oMRuPb1WSV1foB/F4yq7V+y8JJ54
4bCeirpIIXf9wSkMhE6+waUAUc3ewGazsulVFk/KBYKEtGZMUHwAlKRX+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGfgx3SZIj+S8c1+Ka1wYZpw9sPFMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvWi1ESGRKa2lQNUx4elg0cHJYQmhtbkQydzhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWJcKAwQA
khOaMA0GCSqGSIb3DQEBCwUAA4IBAQB4Sfs7sLRAiJGcPGlpAEztzKmUJlXLphRt
FxxzVfMN79m7OuOn6pWZYg/F5H+rMcNzFB5SeZFmCb///X8+YX4J7Ivq5ZxrEqrY
eGzegA/Y0noAJW3mZUhW9OMsgeou8GkRXvBGDHwPl8gRnv4a3+pIS+GpZlxtpbVB
Q3suMirr6bAj7M9Yc7Djv9wIbnkyyRrEUxHgXL/F549ZtPu/Hc+KPKFwmrbS1WY+
3ocSLB6Dn8aHxQEVdrfmGPHA9vplvCTqc+DjEMl7rpJyFGGI1oR8xETfUYDrhfMt
IYs7+imC1a/OUqmo4vsUVY6NAIt2p9KMM50vFobGXMRAZrergqZl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:48 2024 by rpki-client on console-ams.rpki-client.org