Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-ZzbvYGDVnAOHIg8r8ON67IOGV4.roa
File: 1-ZzbvYGDVnAOHIg8r8ON67IOGV4.roa (raw, json)
Hash identifier: mjaMq6PxTnLGefQ3raGOfCAzJBJbNEHt/XFXlCuYt2E=
Subject key identifier: F9:9C:DB:BD:81:83:56:70:0E:1C:88:3C:AF:C3:8D:EB:B2:0E:19:5E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018BB0B952F74DA94D48E6897CBD1B95064B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-ZzbvYGDVnAOHIg8r8ON67IOGV4.roa
Signing time: Wed 08 Nov 2023 20:56:57 +0000
ROA not before: Wed 08 Nov 2023 20:56:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 94.156.14.0/24 maxlen: 24
87.120.158.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b0:b9:52:f7:4d:a9:4d:48:e6:89:7c:bd:1b:95:06:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 8 20:56:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f99cdbbd818356700e1c883cafc38debb20e195e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:56:1c:65:5a:48:41:25:6c:aa:af:a3:4f:53:
e6:27:a3:58:1d:aa:be:35:4f:84:a9:2a:9c:49:86:
ab:43:4c:d3:ef:86:72:9c:20:c2:f9:bb:7d:c8:ee:
a5:eb:14:2a:1d:bb:ae:4f:bb:c5:de:10:77:1a:95:
9c:b9:0b:33:20:46:d6:06:0c:db:c9:52:4a:0c:91:
ca:f8:70:fc:83:e1:1b:a2:df:97:27:88:7a:61:0a:
5d:77:d7:53:a8:49:9a:17:b1:c3:5d:d3:57:d7:c0:
1c:0f:cf:23:4c:c4:d8:69:25:58:1d:5a:de:8b:52:
14:29:c5:2a:38:d9:3f:45:c3:ca:c6:63:70:df:dd:
1e:45:17:e8:f1:7b:2b:40:b2:e7:09:06:98:24:c1:
a6:30:7a:8b:5c:33:49:97:e1:8d:a8:1b:b9:e8:ae:
af:c3:17:1a:87:f0:a5:5a:74:56:26:57:59:ff:c5:
8b:b0:33:32:f2:c9:33:bc:86:fc:77:05:0c:37:f8:
31:0d:17:71:81:c9:cb:57:04:0d:b4:2c:4c:f9:f7:
4b:ca:7d:07:f7:8e:cc:57:8a:01:e4:c8:fb:09:08:
95:bb:10:cc:78:4a:17:77:ba:7e:cc:4c:dd:82:4c:
2b:8c:1c:8e:ba:e9:11:81:6f:5d:07:69:d9:d5:a3:
a9:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:9C:DB:BD:81:83:56:70:0E:1C:88:3C:AF:C3:8D:EB:B2:0E:19:5E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-ZzbvYGDVnAOHIg8r8ON67IOGV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.158.0/23
94.156.14.0/24
Signature Algorithm: sha256WithRSAEncryption
73:34:d9:96:a5:ac:11:79:e7:55:2d:ee:a0:99:f1:66:43:8c:
e9:02:8a:fc:92:f6:fe:1b:3e:aa:f7:17:5d:01:ca:ff:87:1d:
8f:fa:f9:5e:23:ef:65:fa:cd:be:cc:fe:11:24:7b:46:22:e4:
6a:04:64:72:fd:f7:f4:56:05:ca:6d:b4:ee:f7:77:dd:09:9f:
c4:7d:e1:15:a5:8b:da:c3:bb:df:46:5e:f5:3a:6c:df:6f:a5:
9e:40:98:0b:83:0c:fd:d2:55:5c:3e:ec:44:02:e5:b8:3e:62:
e0:31:e1:41:b4:04:50:0f:33:13:37:75:d5:f0:e6:4e:68:4c:
3a:71:cd:bd:35:9a:6b:af:e2:91:92:a7:4e:5f:60:bf:c9:16:
16:ce:13:d9:b2:bc:21:ad:58:ea:c9:27:9a:0f:42:41:5a:be:
5e:fb:d4:74:c8:80:84:4f:88:b9:8d:94:ec:c3:41:20:7c:a5:
8f:1a:7c:7c:6f:b4:8b:ee:70:2e:90:86:14:77:01:b3:4a:17:
e3:e6:ba:ba:8d:ca:9a:8c:a0:df:bc:d1:04:d7:87:d8:d2:89:
08:a9:92:62:d9:b6:c3:1c:25:a2:4d:a8:73:3b:bf:68:5c:f1:
4e:3a:c7:5a:b9:49:63:75:93:57:eb:cb:d5:a4:a7:22:b2:f5:
52:dd:fd:d9
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYuwuVL3TalNSOaJfL0blQZLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTA4MjA1NjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTljZGJiZDgxODM1NjcwMGUxYzg4M2NhZmMzOGRlYmIyMGUxOTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1YcZVpIQSVsqq+jT1PmJ6NYHaq+
NU+EqSqcSYarQ0zT74ZynCDC+bt9yO6l6xQqHbuuT7vF3hB3GpWcuQszIEbWBgzb
yVJKDJHK+HD8g+Ebot+XJ4h6YQpdd9dTqEmaF7HDXdNX18AcD88jTMTYaSVYHVre
i1IUKcUqONk/RcPKxmNw390eRRfo8XsrQLLnCQaYJMGmMHqLXDNJl+GNqBu56K6v
wxcah/ClWnRWJldZ/8WLsDMy8skzvIb8dwUMN/gxDRdxgcnLVwQNtCxM+fdLyn0H
947MV4oB5Mj7CQiVuxDMeEoXd7p+zEzdgkwrjByOuukRgW9dB2nZ1aOp0wIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPmc272Bg1ZwDhyIPK/DjeuyDhleMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMS1aemJ2WUdEVm5BT0hJZzhyOE9ONjdJT0dWNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcx
Mi8xL0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAVd4ngME
AF6cDjANBgkqhkiG9w0BAQsFAAOCAQEAczTZlqWsEXnnVS3uoJnxZkOM6QKK/JL2
/hs+qvcXXQHK/4cdj/r5XiPvZfrNvsz+ESR7RiLkagRkcv339FYFym207vd33Qmf
xH3hFaWL2sO730Ze9Tps32+lnkCYC4MM/dJVXD7sRALluD5i4DHhQbQEUA8zEzd1
1fDmTmhMOnHNvTWaa6/ikZKnTl9gv8kWFs4T2bK8Ia1Y6sknmg9CQVq+XvvUdMiA
hE+IuY2U7MNBIHyljxp8fG+0i+5wLpCGFHcBs0oX4+a6uo3Kmoyg37zRBNeH2NKJ
CKmSYtm2wxwlok2oczu/aFzxTjrHWrlJY3WTV+vL1aSnIrL1Ut392Q==
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:08 2024 by rpki-client on console-ams.rpki-client.org