Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rzrg9vj-JCYB-xmw6KdT3gpdPSw.roa
File: rzrg9vj-JCYB-xmw6KdT3gpdPSw.roa (raw, json)
Hash identifier: +Dad84pAoR0VtB+D++nMVv4ltP9lb7GQSq6JH7AuHfY=
Subject key identifier: AF:3A:E0:F6:F8:FE:24:26:01:FB:19:B0:E8:A7:53:DE:0A:5D:3D:2C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018A086BEFCB2C999AAFBC3942204B1D9B2E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rzrg9vj-JCYB-xmw6KdT3gpdPSw.roa
Signing time: Fri 18 Aug 2023 11:33:26 +0000
ROA not before: Fri 18 Aug 2023 11:33:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213200
IP address blocks: 94.156.236.0/24 maxlen: 24
94.156.177.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:08:6b:ef:cb:2c:99:9a:af:bc:39:42:20:4b:1d:9b:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 18 11:33:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af3ae0f6f8fe242601fb19b0e8a753de0a5d3d2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:5f:ae:00:ec:57:00:22:b6:4b:ca:0a:d3:80:
7c:33:48:a5:3c:d2:6f:92:53:5a:7a:ca:18:6f:10:
4a:ab:62:7e:53:0c:f2:9b:39:f7:3d:5a:e2:8f:7f:
46:ef:37:5e:f1:e5:3c:6e:56:07:65:0f:ce:9c:f3:
e0:01:9c:be:14:d8:d2:d2:cf:c7:18:92:e9:51:79:
0d:da:ec:08:15:f8:00:76:cc:2e:36:c6:15:07:fe:
7f:0f:1c:13:97:12:7d:49:3b:10:f3:37:da:41:c5:
f2:69:90:2e:61:7a:07:59:6e:f2:62:93:9f:fd:fd:
6c:bd:7e:b6:c8:cd:3b:1c:03:56:68:16:35:a3:1c:
cd:47:d2:f0:cb:39:70:60:c6:28:26:73:0c:ef:08:
90:fa:25:5b:04:03:a4:a4:cc:86:8f:0a:66:52:f9:
f7:3e:71:e2:f0:47:9c:7f:80:3f:9f:4e:2e:ba:d4:
55:50:80:03:c7:df:51:2f:3f:dc:dc:3c:66:f4:68:
7a:cd:ac:14:50:47:5c:7f:c5:bf:c2:6a:ac:4a:ec:
28:1a:80:82:1b:ee:23:e8:30:d8:9e:8e:08:35:d4:
fc:73:e1:c8:c2:d3:e9:03:63:2d:d5:4b:2c:79:58:
e2:a9:76:c7:7c:c8:32:07:40:ce:74:33:71:57:d4:
c9:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:3A:E0:F6:F8:FE:24:26:01:FB:19:B0:E8:A7:53:DE:0A:5D:3D:2C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rzrg9vj-JCYB-xmw6KdT3gpdPSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.177.0/24
94.156.236.0/24
Signature Algorithm: sha256WithRSAEncryption
18:0d:5b:59:b7:0f:d6:ba:bd:e4:23:15:cc:50:62:e8:bb:4e:
9f:cf:b9:ec:75:9b:db:e5:a9:17:7c:0f:3a:3d:d6:1d:da:60:
43:bc:6e:f4:86:b3:43:bf:ed:e8:19:98:21:f7:49:b8:02:a7:
38:5b:a9:74:32:11:d9:37:12:53:be:84:b8:60:11:11:70:8c:
72:97:5c:cc:59:2f:79:a4:ba:38:7b:b3:5a:82:af:a8:c3:b2:
70:46:f5:88:38:0f:e8:d2:be:ad:f9:f8:bc:46:1b:8a:a0:91:
88:c2:ae:cb:21:04:11:53:6d:85:37:60:3d:d1:5b:30:c1:75:
31:02:61:93:2d:8c:cc:6a:cc:98:c6:5d:f1:19:58:cf:a1:be:
67:cc:c7:b0:e5:51:c8:40:f9:f4:81:fe:67:5c:79:3b:27:bc:
42:69:1f:ee:b7:9b:c5:cd:b0:3d:44:d6:a7:87:e2:c1:01:30:
ec:e6:d9:05:6a:bc:a5:aa:8d:a0:2c:7a:66:d3:68:62:80:01:
c7:66:12:db:f5:3a:ee:b9:9e:cf:67:b9:67:97:7b:a7:9b:14:
d7:0b:92:2d:29:e2:ec:65:9c:d6:e8:e4:7d:cc:e3:b0:f5:91:
4f:fb:2d:39:b7:af:4a:0e:b7:7a:17:9c:99:98:7e:dd:85:68:
f2:67:5a:bc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYoIa+/LLJmar7w5QiBLHZsuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwODE4MTEzMzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjNhZTBmNmY4ZmUyNDI2MDFmYjE5YjBlOGE3NTNkZTBhNWQzZDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmV+uAOxXACK2S8oK04B8M0ilPNJv
klNaesoYbxBKq2J+Uwzymzn3PVrij39G7zde8eU8blYHZQ/OnPPgAZy+FNjS0s/H
GJLpUXkN2uwIFfgAdswuNsYVB/5/DxwTlxJ9STsQ8zfaQcXyaZAuYXoHWW7yYpOf
/f1svX62yM07HANWaBY1oxzNR9LwyzlwYMYoJnMM7wiQ+iVbBAOkpMyGjwpmUvn3
PnHi8Eecf4A/n04uutRVUIADx99RLz/c3Dxm9Gh6zawUUEdcf8W/wmqsSuwoGoCC
G+4j6DDYno4INdT8c+HIwtPpA2Mt1UsseVjiqXbHfMgyB0DOdDNxV9TJEQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK864Pb4/iQmAfsZsOinU94KXT0sMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcnpyZzl2ai1KQ1lCLXhtdzZLZFQzZ3BkUFN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXpyxAwQA
XpzsMA0GCSqGSIb3DQEBCwUAA4IBAQAYDVtZtw/Wur3kIxXMUGLou06fz7nsdZvb
5akXfA86PdYd2mBDvG70hrNDv+3oGZgh90m4Aqc4W6l0MhHZNxJTvoS4YBERcIxy
l1zMWS95pLo4e7Nagq+ow7JwRvWIOA/o0r6t+fi8RhuKoJGIwq7LIQQRU22FN2A9
0VswwXUxAmGTLYzMasyYxl3xGVjPob5nzMew5VHIQPn0gf5nXHk7J7xCaR/ut5vF
zbA9RNanh+LBATDs5tkFarylqo2gLHpm02higAHHZhLb9TruuZ7PZ7lnl3unmxTX
C5ItKeLsZZzW6OR9zOOw9ZFP+y05t69KDrd6F5yZmH7dhWjyZ1q8
-----END CERTIFICATE-----
Generated at Fri Aug 18 12:52:23 2023 by rpki-client on console-ams.rpki-client.org