Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/731f82-b18f-4d5c-b122-452badfd5a6d/1/DZI_gV7n3wnJ_jlwWExcZq6-GTc.roa
File: DZI_gV7n3wnJ_jlwWExcZq6-GTc.roa (raw, json)
Hash identifier: DzSG6H4ypxUtUaXe/wemmDlza+cRitlzImeaMiGbSYY=
Subject key identifier: 0D:92:3F:81:5E:E7:DF:09:C9:FE:39:70:58:4C:5C:66:AE:BE:19:37
Certificate issuer: /CN=4f149b847d31293f701e1cf99dd8ca0ebbb0b5bd
Certificate serial: 0185714C1DD0870D60F6086657F400D7E9E5
Authority key identifier: 4F:14:9B:84:7D:31:29:3F:70:1E:1C:F9:9D:D8:CA:0E:BB:B0:B5:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxSbhH0xKT9wHhz5ndjKDruwtb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/731f82-b18f-4d5c-b122-452badfd5a6d/1/DZI_gV7n3wnJ_jlwWExcZq6-GTc.roa
Signing time: Mon 02 Jan 2023 07:04:51 +0000
ROA not before: Mon 02 Jan 2023 07:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202311
IP address blocks: 195.26.68.0/22 maxlen: 24
2a07:f680::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:1d:d0:87:0d:60:f6:08:66:57:f4:00:d7:e9:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f149b847d31293f701e1cf99dd8ca0ebbb0b5bd
Validity
Not Before: Jan 2 07:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d923f815ee7df09c9fe3970584c5c66aebe1937
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:aa:67:d9:2c:08:fd:82:ce:14:9d:6d:c0:55:
40:6b:ed:de:e4:3b:7b:3f:6b:ec:7a:54:33:fa:ad:
4d:8f:9f:3d:85:0b:e6:d3:b9:54:42:97:e3:53:c7:
9e:a6:d6:23:18:01:01:b9:9f:c9:06:7c:17:47:71:
85:bc:71:2a:57:f3:db:5a:f1:7c:34:ff:3d:5a:a3:
df:14:7d:0c:68:99:64:ca:a7:a9:35:ae:8d:2d:aa:
56:c5:6d:37:5a:14:bf:7b:3b:10:ec:8a:c6:6b:b1:
22:a0:d1:67:bf:f7:fb:47:83:70:b7:85:43:ea:4e:
c7:fd:cf:24:e5:f2:48:7b:95:88:e1:8d:1b:19:bb:
80:aa:0a:35:a5:31:14:55:3d:07:38:58:f2:39:da:
e7:61:37:cf:3d:44:1c:bb:a7:bd:28:7a:f5:98:21:
78:a5:1c:a0:aa:07:e8:17:98:89:b0:1c:4b:c6:33:
d9:45:82:9d:4f:1e:31:4c:b2:b2:36:71:d4:bd:91:
36:dc:8d:61:b5:d4:55:7f:f2:de:e0:b0:bb:1b:a5:
0d:aa:8a:a8:04:b6:06:e4:d7:8a:39:fb:e3:c9:c4:
9a:a9:d1:6d:00:04:a0:30:7e:88:4d:ef:99:f7:cf:
1f:61:2a:2c:2f:5b:08:33:c6:85:99:0c:d2:1b:f7:
90:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:92:3F:81:5E:E7:DF:09:C9:FE:39:70:58:4C:5C:66:AE:BE:19:37
X509v3 Authority Key Identifier:
keyid:4F:14:9B:84:7D:31:29:3F:70:1E:1C:F9:9D:D8:CA:0E:BB:B0:B5:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxSbhH0xKT9wHhz5ndjKDruwtb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/731f82-b18f-4d5c-b122-452badfd5a6d/1/DZI_gV7n3wnJ_jlwWExcZq6-GTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/731f82-b18f-4d5c-b122-452badfd5a6d/1/TxSbhH0xKT9wHhz5ndjKDruwtb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.26.68.0/22
IPv6:
2a07:f680::/29
Signature Algorithm: sha256WithRSAEncryption
a5:00:fb:95:41:49:fd:4c:62:b9:b2:09:89:63:5e:1a:35:6e:
51:1d:28:7c:66:50:1d:62:4f:be:8f:54:7c:65:19:4d:bf:7c:
c0:20:cd:9c:4c:5f:6f:c5:ce:72:24:f8:f9:9d:0d:4f:45:7c:
8a:fa:df:ab:98:8b:32:27:58:4e:32:74:08:82:53:c6:7c:de:
c7:dd:88:86:9d:73:6e:a1:c2:2a:fb:79:fd:74:32:e2:6f:7e:
19:08:72:4f:56:36:5c:12:0d:a9:47:d9:aa:a7:8c:cc:91:d2:
54:c1:dc:14:36:b5:ca:5b:17:91:0f:d9:cf:c7:e5:3e:ed:90:
9d:8a:a5:fa:37:1e:bc:c2:e9:87:71:5a:9f:69:79:e6:93:04:
df:d5:0a:3f:f6:9b:4d:97:af:35:a2:c1:ce:c8:ca:8c:07:7f:
b4:d8:4c:98:f3:82:2c:2a:70:51:cb:28:c3:69:76:d3:26:b4:
1e:fd:fa:1a:a1:dc:50:af:26:d2:d0:dc:c2:9a:d2:7d:1d:7d:
bb:21:9e:19:66:e9:fc:af:a3:99:a9:6e:95:fd:24:ec:73:4f:
96:c6:df:7b:b6:5a:ae:6c:91:3b:6d:c1:30:46:63:d1:0b:84:
46:80:23:24:28:2b:78:dd:ec:8f:cd:c6:77:dc:06:9f:6f:e2:
75:cd:e9:e7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxTB3Qhw1g9ghmV/QA1+nlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQ5Yjg0N2QzMTI5M2Y3MDFlMWNmOTlkZDhjYTBlYmJi
MGI1YmQwHhcNMjMwMTAyMDcwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDkyM2Y4MTVlZTdkZjA5YzlmZTM5NzA1ODRjNWM2NmFlYmUxOTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6pn2SwI/YLOFJ1twFVAa+3e5Dt7
P2vselQz+q1Nj589hQvm07lUQpfjU8eeptYjGAEBuZ/JBnwXR3GFvHEqV/PbWvF8
NP89WqPfFH0MaJlkyqepNa6NLapWxW03WhS/ezsQ7IrGa7EioNFnv/f7R4Nwt4VD
6k7H/c8k5fJIe5WI4Y0bGbuAqgo1pTEUVT0HOFjyOdrnYTfPPUQcu6e9KHr1mCF4
pRygqgfoF5iJsBxLxjPZRYKdTx4xTLKyNnHUvZE23I1htdRVf/Le4LC7G6UNqoqo
BLYG5NeKOfvjycSaqdFtAASgMH6ITe+Z988fYSosL1sIM8aFmQzSG/eQ6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFA2SP4Fe598Jyf45cFhMXGauvhk3MB8GA1UdIwQY
MBaAFE8Um4R9MSk/cB4c+Z3Yyg67sLW9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhTYmhIMHhLVDl3SGh6NW5kaktEcnV3dGIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy83MzFmODItYjE4Zi00ZDVjLWIxMjIt
NDUyYmFkZmQ1YTZkLzEvRFpJX2dWN24zd25KX2psd1dFeGNacTYtR1RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy83MzFmODItYjE4Zi00ZDVjLWIxMjItNDUyYmFkZmQ1YTZk
LzEvVHhTYmhIMHhLVDl3SGh6NW5kaktEcnV3dGIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwxpEMA0E
AgACMAcDBQMqB/aAMA0GCSqGSIb3DQEBCwUAA4IBAQClAPuVQUn9TGK5sgmJY14a
NW5RHSh8ZlAdYk++j1R8ZRlNv3zAIM2cTF9vxc5yJPj5nQ1PRXyK+t+rmIsyJ1hO
MnQIglPGfN7H3YiGnXNuocIq+3n9dDLib34ZCHJPVjZcEg2pR9mqp4zMkdJUwdwU
NrXKWxeRD9nPx+U+7ZCdiqX6Nx68wumHcVqfaXnmkwTf1Qo/9ptNl681osHOyMqM
B3+02EyY84IsKnBRyyjDaXbTJrQe/foaodxQrybS0NzCmtJ9HX27IZ4ZZun8r6OZ
qW6V/STsc0+Wxt97tlqubJE7bcEwRmPRC4RGgCMkKCt43eyPzcZ33Aafb+J1zenn
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:33 2024 by rpki-client on console-fra.rpki-client.org