Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/bd3a46-727b-476c-a789-c8c991cd89d5/1/zRRV-yH_mWoOVUHdaX9EUdovjTM.roa
File: zRRV-yH_mWoOVUHdaX9EUdovjTM.roa (raw, json)
Hash identifier: QoyLsDPa2vD7TAiO2ioD2h6x+8laAGdT4Yp6xeg16cg=
Subject key identifier: CD:14:55:FB:21:FF:99:6A:0E:55:41:DD:69:7F:44:51:DA:2F:8D:33
Certificate issuer: /CN=074ad23a4cfa31b6d55ebca16c5d14c404ba6cad
Certificate serial: 018572712DC1C8563B31F1AF5CD89B7E8B3D
Authority key identifier: 07:4A:D2:3A:4C:FA:31:B6:D5:5E:BC:A1:6C:5D:14:C4:04:BA:6C:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B0rSOkz6MbbVXryhbF0UxAS6bK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/bd3a46-727b-476c-a789-c8c991cd89d5/1/zRRV-yH_mWoOVUHdaX9EUdovjTM.roa
Signing time: Mon 02 Jan 2023 12:24:57 +0000
ROA not before: Mon 02 Jan 2023 12:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211678
IP address blocks: 193.239.202.0/24 maxlen: 24
5.145.178.0/23 maxlen: 23
2a10:a8c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:2d:c1:c8:56:3b:31:f1:af:5c:d8:9b:7e:8b:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=074ad23a4cfa31b6d55ebca16c5d14c404ba6cad
Validity
Not Before: Jan 2 12:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd1455fb21ff996a0e5541dd697f4451da2f8d33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:3b:5b:76:93:74:31:fd:81:8f:37:f5:6b:75:
66:77:96:f5:45:24:b5:a4:5d:f2:6f:4f:63:d2:2f:
4b:a3:2d:5a:99:9b:1f:43:33:5c:5d:84:2b:46:e2:
f7:5e:05:f1:1b:65:a1:88:a5:11:90:e9:e2:0a:20:
10:06:80:34:dd:d3:23:0d:71:d9:de:96:36:81:cb:
6b:32:db:bd:a5:82:a4:ce:41:30:fd:b7:dd:ac:85:
ae:52:27:de:17:5e:aa:52:7f:23:ac:c0:ec:78:c8:
ab:9c:e4:bf:03:1c:24:d9:10:51:a8:5b:d8:d1:c6:
3d:c4:7f:fd:b0:f7:1a:2c:8c:f6:5d:5b:00:38:9e:
b1:e1:56:b9:8b:4e:3f:0d:87:2b:a4:76:ab:5c:3a:
f1:57:92:d2:03:e1:a6:bd:f7:fb:b2:ff:e3:5c:7a:
6d:f0:83:09:50:6b:17:c4:2d:c6:36:ca:a7:db:73:
1b:9b:8b:4c:f3:df:46:40:2f:f2:f8:3b:af:75:d4:
e9:93:ad:d3:09:77:ba:2b:35:60:00:72:bc:93:4b:
4a:af:32:97:85:1b:46:5b:2f:04:cd:b6:16:64:5c:
b9:d9:0d:b8:c2:94:25:b1:3e:48:11:ce:4c:f0:fa:
96:fe:c9:57:f5:fe:63:eb:ee:eb:e0:93:b5:16:2d:
b9:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:14:55:FB:21:FF:99:6A:0E:55:41:DD:69:7F:44:51:DA:2F:8D:33
X509v3 Authority Key Identifier:
keyid:07:4A:D2:3A:4C:FA:31:B6:D5:5E:BC:A1:6C:5D:14:C4:04:BA:6C:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B0rSOkz6MbbVXryhbF0UxAS6bK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/bd3a46-727b-476c-a789-c8c991cd89d5/1/zRRV-yH_mWoOVUHdaX9EUdovjTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/bd3a46-727b-476c-a789-c8c991cd89d5/1/B0rSOkz6MbbVXryhbF0UxAS6bK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.178.0/23
193.239.202.0/24
IPv6:
2a10:a8c0::/29
Signature Algorithm: sha256WithRSAEncryption
82:46:7f:df:10:ac:ef:38:a2:93:e5:56:9d:d4:1a:c9:7f:16:
b5:db:41:28:c8:be:82:75:9d:2c:df:68:21:18:8d:ca:1f:78:
9e:1a:b9:0d:82:5a:56:15:30:12:73:91:bd:1b:9f:a5:29:d6:
ad:4a:31:64:4c:33:07:b3:d4:31:3f:b1:6f:78:60:59:05:f9:
66:f1:69:ee:80:05:c4:41:b3:af:da:13:35:24:b4:5b:d2:fc:
7e:86:36:67:cd:d5:75:9d:81:a3:37:34:fa:e8:fa:ae:87:e5:
60:f9:fd:8d:b5:26:33:d2:1b:dc:5c:73:2f:24:09:4f:9b:28:
f3:52:62:41:36:86:71:a1:0c:01:b7:4e:46:76:23:73:6b:52:
26:c3:4a:5f:93:4c:19:86:b7:a8:fd:93:d6:c7:b2:94:88:d0:
a6:52:aa:32:34:96:71:86:7f:49:1c:8d:d4:55:35:b6:44:d3:
02:1f:7d:f1:8d:9e:d5:3f:5e:63:ac:9e:37:75:8f:00:61:3c:
07:38:a7:13:b7:3a:50:ac:40:76:5f:1b:90:3a:54:40:aa:db:
ec:cc:39:1b:45:20:1a:9d:b7:43:b8:e7:b8:13:e6:66:0c:e4:
79:a4:31:a6:1a:1d:09:bd:54:8a:1d:2d:52:3d:3f:21:35:5d:
2c:00:e9:43
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVycS3ByFY7MfGvXNibfos9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3NGFkMjNhNGNmYTMxYjZkNTVlYmNhMTZjNWQxNGM0MDRi
YTZjYWQwHhcNMjMwMTAyMTIyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDE0NTVmYjIxZmY5OTZhMGU1NTQxZGQ2OTdmNDQ1MWRhMmY4ZDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTtbdpN0Mf2Bjzf1a3Vmd5b1RSS1
pF3yb09j0i9Loy1amZsfQzNcXYQrRuL3XgXxG2WhiKURkOniCiAQBoA03dMjDXHZ
3pY2gctrMtu9pYKkzkEw/bfdrIWuUifeF16qUn8jrMDseMirnOS/Axwk2RBRqFvY
0cY9xH/9sPcaLIz2XVsAOJ6x4Va5i04/DYcrpHarXDrxV5LSA+Gmvff7sv/jXHpt
8IMJUGsXxC3GNsqn23Mbm4tM899GQC/y+DuvddTpk63TCXe6KzVgAHK8k0tKrzKX
hRtGWy8EzbYWZFy52Q24wpQlsT5IEc5M8PqW/slX9f5j6+7r4JO1Fi25pQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM0UVfsh/5lqDlVB3Wl/RFHaL40zMB8GA1UdIwQY
MBaAFAdK0jpM+jG21V68oWxdFMQEumytMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjByU09rejZNYmJWWHJ5aGJGMFV4QVM2YkswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9iZDNhNDYtNzI3Yi00NzZjLWE3ODkt
YzhjOTkxY2Q4OWQ1LzEvelJSVi15SF9tV29PVlVIZGFYOUVVZG92alRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9iZDNhNDYtNzI3Yi00NzZjLWE3ODktYzhjOTkxY2Q4OWQ1
LzEvQjByU09rejZNYmJWWHJ5aGJGMFV4QVM2YkswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBBZGyAwQA
we/KMA0EAgACMAcDBQMqEKjAMA0GCSqGSIb3DQEBCwUAA4IBAQCCRn/fEKzvOKKT
5Vad1BrJfxa120EoyL6CdZ0s32ghGI3KH3ieGrkNglpWFTASc5G9G5+lKdatSjFk
TDMHs9QxP7FveGBZBflm8WnugAXEQbOv2hM1JLRb0vx+hjZnzdV1nYGjNzT66Pqu
h+Vg+f2NtSYz0hvcXHMvJAlPmyjzUmJBNoZxoQwBt05GdiNza1Imw0pfk0wZhreo
/ZPWx7KUiNCmUqoyNJZxhn9JHI3UVTW2RNMCH33xjZ7VP15jrJ43dY8AYTwHOKcT
tzpQrEB2XxuQOlRAqtvszDkbRSAanbdDuOe4E+ZmDOR5pDGmGh0JvVSKHS1SPT8h
NV0sAOlD
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:20 2024 by rpki-client on console-fra.rpki-client.org