Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/73f36c-f4f7-4065-9d46-8be4ad57773b/1/DI-fzJtdNahj83-iHupj2YRC5Bg.roa
File: DI-fzJtdNahj83-iHupj2YRC5Bg.roa (raw, json)
Hash identifier: lr5P9s0CS2YKyZZxnWKeZasgsoa+ncTIPc5LbwL8BFw=
Subject key identifier: 0C:8F:9F:CC:9B:5D:35:A8:63:F3:7F:A2:1E:EA:63:D9:84:42:E4:18
Certificate issuer: /CN=65d7f0fd622afd6bd4a2d6ce0f1cbcc07a9c41f1
Certificate serial: 0187B78A8877985C46584463FDD87AE4B298
Authority key identifier: 65:D7:F0:FD:62:2A:FD:6B:D4:A2:D6:CE:0F:1C:BC:C0:7A:9C:41:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zdfw_WIq_WvUotbODxy8wHqcQfE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/73f36c-f4f7-4065-9d46-8be4ad57773b/1/DI-fzJtdNahj83-iHupj2YRC5Bg.roa
Signing time: Tue 25 Apr 2023 08:32:02 +0000
ROA not before: Tue 25 Apr 2023 08:32:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15404
IP address blocks: 194.59.96.0/19 maxlen: 19
194.59.121.0/24 maxlen: 24
2001:67c:67c::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b7:8a:88:77:98:5c:46:58:44:63:fd:d8:7a:e4:b2:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65d7f0fd622afd6bd4a2d6ce0f1cbcc07a9c41f1
Validity
Not Before: Apr 25 08:32:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c8f9fcc9b5d35a863f37fa21eea63d98442e418
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:1d:8d:e0:48:17:04:bd:24:11:3b:bb:d1:14:
31:aa:02:ec:29:99:ea:2c:40:f6:61:21:eb:46:b3:
3a:28:ab:20:0b:4b:9b:66:7e:dc:23:1a:79:f0:83:
64:03:8e:cf:1d:2c:05:94:e9:f3:37:ba:61:ce:94:
b3:b3:22:64:48:e1:b7:ba:2e:6a:ef:94:1c:16:97:
36:d4:87:db:0b:b3:a2:1b:28:48:a8:39:3d:ff:72:
76:0b:4a:7c:60:d0:23:09:8f:aa:5f:22:5c:de:cc:
b9:f5:0e:e8:7f:6f:30:c6:57:01:76:a7:52:5d:96:
5b:52:d5:4c:a5:9a:44:7c:0a:81:0f:79:a9:58:10:
c1:50:7e:4b:85:6e:fc:38:7b:55:a7:1b:38:6f:07:
00:cf:39:19:6e:72:9f:ba:01:99:e0:7c:99:0e:7a:
fe:6a:b1:8f:f2:66:6b:fd:41:3b:df:91:ad:25:60:
dd:74:e5:53:79:94:ba:5a:38:3c:65:07:24:ff:f9:
39:a6:76:eb:da:a1:f8:82:f6:ca:d6:bf:a0:69:2f:
25:39:4b:39:70:6e:e8:71:13:0d:47:2c:38:43:60:
7e:dd:3d:ad:53:95:e8:5d:1d:dc:b4:6e:bd:99:79:
6e:e9:8b:9c:6d:58:3f:d8:9f:47:4d:f0:e3:2e:84:
25:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:8F:9F:CC:9B:5D:35:A8:63:F3:7F:A2:1E:EA:63:D9:84:42:E4:18
X509v3 Authority Key Identifier:
keyid:65:D7:F0:FD:62:2A:FD:6B:D4:A2:D6:CE:0F:1C:BC:C0:7A:9C:41:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zdfw_WIq_WvUotbODxy8wHqcQfE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/73f36c-f4f7-4065-9d46-8be4ad57773b/1/DI-fzJtdNahj83-iHupj2YRC5Bg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/73f36c-f4f7-4065-9d46-8be4ad57773b/1/Zdfw_WIq_WvUotbODxy8wHqcQfE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.96.0/19
IPv6:
2001:67c:67c::/48
Signature Algorithm: sha256WithRSAEncryption
8b:ff:f5:66:89:4d:85:c4:b2:96:4d:ec:34:af:1e:ca:67:96:
bf:a3:46:84:87:01:e2:67:e8:eb:0e:e9:7a:b6:41:4f:7f:d5:
90:b1:46:97:e3:90:b2:14:3b:07:61:5c:10:8b:93:81:e6:20:
b3:9d:e2:dd:e4:01:5b:f7:de:90:dc:83:a8:20:52:fe:da:55:
27:23:0d:1e:80:30:f5:6e:8b:12:27:08:2b:14:2b:bc:50:3b:
3d:62:87:6d:af:e2:c3:1c:b3:4d:7b:35:6b:12:14:d4:f4:1c:
5a:40:84:34:4c:c1:54:44:cd:cb:74:3d:40:2c:9b:17:75:15:
12:bc:cf:73:eb:e5:19:0c:54:d0:4e:c2:ad:c7:38:78:df:fc:
95:bf:9e:d0:3e:84:f2:99:d0:e1:4f:cd:95:b2:15:90:36:07:
1d:50:f4:e4:cd:0d:a4:91:1c:c5:04:0f:59:90:67:cd:22:e2:
dc:33:12:a8:25:e8:10:08:35:5b:17:8c:aa:30:57:92:c5:87:
6a:0a:3f:0a:10:79:c8:aa:8b:7e:ab:1d:a3:75:db:6f:af:7d:
b5:13:89:84:8c:5e:ec:77:c6:3f:26:2d:17:26:29:f6:ea:18:
3d:df:b9:f2:2d:d8:47:6d:6e:85:67:f2:5b:8d:7b:65:1d:8d:
76:13:52:12
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYe3ioh3mFxGWERj/dh65LKYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ZDdmMGZkNjIyYWZkNmJkNGEyZDZjZTBmMWNiY2MwN2E5
YzQxZjEwHhcNMjMwNDI1MDgzMjAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzhmOWZjYzliNWQzNWE4NjNmMzdmYTIxZWVhNjNkOTg0NDJlNDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkR2N4EgXBL0kETu70RQxqgLsKZnq
LED2YSHrRrM6KKsgC0ubZn7cIxp58INkA47PHSwFlOnzN7phzpSzsyJkSOG3ui5q
75QcFpc21IfbC7OiGyhIqDk9/3J2C0p8YNAjCY+qXyJc3sy59Q7of28wxlcBdqdS
XZZbUtVMpZpEfAqBD3mpWBDBUH5LhW78OHtVpxs4bwcAzzkZbnKfugGZ4HyZDnr+
arGP8mZr/UE735GtJWDddOVTeZS6Wjg8ZQck//k5pnbr2qH4gvbK1r+gaS8lOUs5
cG7ocRMNRyw4Q2B+3T2tU5XoXR3ctG69mXlu6YucbVg/2J9HTfDjLoQlwQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAyPn8ybXTWoY/N/oh7qY9mEQuQYMB8GA1UdIwQY
MBaAFGXX8P1iKv1r1KLWzg8cvMB6nEHxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmRmd19XSXFfV3ZVb3RiT0R4eTh3SHFjUWZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC83M2YzNmMtZjRmNy00MDY1LTlkNDYt
OGJlNGFkNTc3NzNiLzEvREktZnpKdGROYWhqODMtaUh1cGoyWVJDNUJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC83M2YzNmMtZjRmNy00MDY1LTlkNDYtOGJlNGFkNTc3NzNi
LzEvWmRmd19XSXFfV3ZVb3RiT0R4eTh3SHFjUWZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQFwjtgMA8E
AgACMAkDBwAgAQZ8BnwwDQYJKoZIhvcNAQELBQADggEBAIv/9WaJTYXEspZN7DSv
Hspnlr+jRoSHAeJn6OsO6Xq2QU9/1ZCxRpfjkLIUOwdhXBCLk4HmILOd4t3kAVv3
3pDcg6ggUv7aVScjDR6AMPVuixInCCsUK7xQOz1ih22v4sMcs017NWsSFNT0HFpA
hDRMwVREzct0PUAsmxd1FRK8z3Pr5RkMVNBOwq3HOHjf/JW/ntA+hPKZ0OFPzZWy
FZA2Bx1Q9OTNDaSRHMUED1mQZ80i4twzEqgl6BAINVsXjKowV5LFh2oKPwoQeciq
i36rHaN122+vfbUTiYSMXux3xj8mLRcmKfbqGD3fufIt2EdtboVn8luNe2UdjXYT
UhI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:19 2024 by rpki-client on console-fra.rpki-client.org