Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/zsTRaJKOpAeU_T6pzQNamcixoLU.roa
File: zsTRaJKOpAeU_T6pzQNamcixoLU.roa (raw, json)
Hash identifier: xV6vnViVqUF7hFlRoCLw58ZzpmndXhTghYvvTEImVZE=
Subject key identifier: CE:C4:D1:68:92:8E:A4:07:94:FD:3E:A9:CD:03:5A:99:C8:B1:A0:B5
Certificate issuer: /CN=ea22f4fb955d79f093d7e87b182c3440ac4be06c
Certificate serial: 01856C6F0F8384FE02DC45890AEEE5213A38
Authority key identifier: EA:22:F4:FB:95:5D:79:F0:93:D7:E8:7B:18:2C:34:40:AC:4B:E0:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6iL0-5VdefCT1-h7GCw0QKxL4Gw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/zsTRaJKOpAeU_T6pzQNamcixoLU.roa
Signing time: Sun 01 Jan 2023 08:24:55 +0000
ROA not before: Sun 01 Jan 2023 08:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48526
IP address blocks: 94.252.0.0/17 maxlen: 24
185.3.44.0/22 maxlen: 24
185.40.60.0/22 maxlen: 24
212.66.64.0/19 maxlen: 24
31.204.88.0/21 maxlen: 24
2a04:81c0::/29 maxlen: 48
2a00:4180::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6f:0f:83:84:fe:02:dc:45:89:0a:ee:e5:21:3a:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea22f4fb955d79f093d7e87b182c3440ac4be06c
Validity
Not Before: Jan 1 08:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cec4d168928ea40794fd3ea9cd035a99c8b1a0b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:30:1b:5b:28:08:ad:0f:73:dd:ef:96:73:6e:
b3:f3:3d:4e:30:a3:39:98:4e:52:05:f2:a2:8a:25:
5b:02:7b:f5:a3:a8:3f:35:fe:f0:6f:ed:0c:2d:bc:
a8:c8:ba:78:da:59:55:08:02:7f:bb:c8:de:41:80:
45:e5:72:29:97:7b:4e:6b:05:d8:c2:a0:59:2d:7f:
24:70:e5:b4:b2:b0:3f:e9:ac:9a:19:96:21:f9:e1:
57:2b:40:6e:9a:eb:d3:23:2d:ac:e4:3d:5e:c6:34:
3b:d1:c2:ed:82:61:2b:85:da:d2:d0:2e:c0:bf:a1:
8c:97:49:77:95:9c:77:6a:57:26:f3:b1:e1:b1:27:
bc:d1:23:ba:c8:ec:60:89:bd:2b:31:d7:4a:a1:9d:
8c:3e:ed:ac:bf:2d:af:3d:fe:1d:3d:10:53:7e:0e:
c0:8c:af:4c:2f:cc:6a:3b:6d:8f:d4:7f:ed:9e:1e:
f7:54:cd:ea:3e:19:18:cc:c7:da:e0:04:7c:dc:84:
8e:ee:e8:c0:6a:86:c3:69:b4:d0:67:a0:db:ef:36:
93:60:c9:32:b4:4c:c9:01:52:d2:fe:3f:05:d7:1a:
38:dd:c6:c1:cd:90:00:ee:e0:73:1d:86:77:0f:0d:
95:53:87:2b:57:30:91:38:27:42:65:14:0a:ec:96:
44:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:C4:D1:68:92:8E:A4:07:94:FD:3E:A9:CD:03:5A:99:C8:B1:A0:B5
X509v3 Authority Key Identifier:
keyid:EA:22:F4:FB:95:5D:79:F0:93:D7:E8:7B:18:2C:34:40:AC:4B:E0:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6iL0-5VdefCT1-h7GCw0QKxL4Gw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/zsTRaJKOpAeU_T6pzQNamcixoLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/6iL0-5VdefCT1-h7GCw0QKxL4Gw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.204.88.0/21
94.252.0.0/17
185.3.44.0/22
185.40.60.0/22
212.66.64.0/19
IPv6:
2a00:4180::/32
2a04:81c0::/29
Signature Algorithm: sha256WithRSAEncryption
8b:c7:a3:78:36:39:d8:28:58:36:8e:ed:bc:26:44:78:24:c6:
e8:4e:e2:84:e4:62:6e:b0:df:12:ef:19:d4:ef:b0:7a:e4:10:
b7:8a:ea:ad:81:ee:40:ff:ea:1d:6c:40:56:33:48:16:26:b6:
ad:b2:8d:ed:ff:03:8d:70:38:ac:0a:b6:81:07:f6:1b:44:1c:
f9:77:40:38:53:37:a8:9b:9d:9d:34:cd:ab:a9:cc:35:d9:c5:
fe:1c:62:78:d8:59:36:01:2a:17:6a:50:24:e4:a1:6b:99:ab:
89:07:df:49:91:37:1c:fb:e6:66:58:01:11:41:f7:bb:a0:bc:
51:59:7b:e6:ab:92:26:6a:4c:57:8b:5f:ea:4d:eb:b1:37:40:
f6:2e:fd:38:07:0e:3c:43:97:39:7e:ef:ff:65:ad:9e:f6:06:
4a:37:a6:10:a9:9d:a5:b3:cd:e9:b2:d5:bd:91:4d:30:29:42:
6a:ab:e8:2d:50:5c:2f:8d:36:00:1c:36:ff:46:a2:46:35:44:
45:40:1f:6b:1d:e6:30:6b:6b:c2:02:8e:05:07:ca:ef:aa:27:
80:42:c8:ce:12:ea:93:be:44:47:ac:ba:fb:18:ec:cb:be:9f:
60:11:b3:e6:c3:c4:ad:4e:f9:79:53:5f:a0:a7:a3:3b:71:50:
e5:05:5a:28
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYVsbw+DhP4C3EWJCu7lITo4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMjJmNGZiOTU1ZDc5ZjA5M2Q3ZTg3YjE4MmMzNDQwYWM0
YmUwNmMwHhcNMjMwMTAxMDgyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWM0ZDE2ODkyOGVhNDA3OTRmZDNlYTljZDAzNWE5OWM4YjFhMGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTAbWygIrQ9z3e+Wc26z8z1OMKM5
mE5SBfKiiiVbAnv1o6g/Nf7wb+0MLbyoyLp42llVCAJ/u8jeQYBF5XIpl3tOawXY
wqBZLX8kcOW0srA/6ayaGZYh+eFXK0BumuvTIy2s5D1exjQ70cLtgmErhdrS0C7A
v6GMl0l3lZx3alcm87HhsSe80SO6yOxgib0rMddKoZ2MPu2svy2vPf4dPRBTfg7A
jK9ML8xqO22P1H/tnh73VM3qPhkYzMfa4AR83ISO7ujAaobDabTQZ6Db7zaTYMky
tEzJAVLS/j8F1xo43cbBzZAA7uBzHYZ3Dw2VU4crVzCROCdCZRQK7JZEYwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFM7E0WiSjqQHlP0+qc0DWpnIsaC1MB8GA1UdIwQY
MBaAFOoi9PuVXXnwk9foexgsNECsS+BsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmlMMC01VmRlZkNUMS1oN0dDdzBRS3hMNEd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9mYzgwMzctMmI3Yy00MWZjLTlkYmYt
OTNkMWZiNzJkMzgzLzEvenNUUmFKS09wQWVVX1Q2cHpRTmFtY2l4b0xVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9mYzgwMzctMmI3Yy00MWZjLTlkYmYtOTNkMWZiNzJkMzgz
LzEvNmlMMC01VmRlZkNUMS1oN0dDdzBRS3hMNEd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQDH8xYAwQH
XvwAAwQCuQMsAwQCuSg8AwQF1EJAMBQEAgACMA4DBQAqAEGAAwUDKgSBwDANBgkq
hkiG9w0BAQsFAAOCAQEAi8ejeDY52ChYNo7tvCZEeCTG6E7ihORibrDfEu8Z1O+w
euQQt4rqrYHuQP/qHWxAVjNIFia2rbKN7f8DjXA4rAq2gQf2G0Qc+XdAOFM3qJud
nTTNq6nMNdnF/hxieNhZNgEqF2pQJOSha5mriQffSZE3HPvmZlgBEUH3u6C8UVl7
5quSJmpMV4tf6k3rsTdA9i79OAcOPEOXOX7v/2WtnvYGSjemEKmdpbPN6bLVvZFN
MClCaqvoLVBcL402ABw2/0aiRjVERUAfax3mMGtrwgKOBQfK76ongELIzhLqk75E
R6y6+xjsy76fYBGz5sPErU75eVNfoKejO3FQ5QVaKA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:23:41 2024 by rpki-client on console-fra.rpki-client.org