Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Z3NpoZ9CIMXO_RY2i81zu7eFgww.roa
File: Z3NpoZ9CIMXO_RY2i81zu7eFgww.roa (raw, json)
Hash identifier: VXUv+mi1fFTjuPLfRNjxCUU8Yq6LQY+vf5IryB5h0M4=
Subject key identifier: 67:73:69:A1:9F:42:20:C5:CE:FD:16:36:8B:CD:73:BB:B7:85:83:0C
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0186B6926874A7EFF82402C17E3A3294CA5E
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Z3NpoZ9CIMXO_RY2i81zu7eFgww.roa
Signing time: Mon 06 Mar 2023 10:58:13 +0000
ROA not before: Mon 06 Mar 2023 10:58:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3280
IP address blocks: 2.56.166.0/24 maxlen: 24
78.108.217.0/24 maxlen: 24
2a0b:b86::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 06 Mar 2023 22:54:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b6:92:68:74:a7:ef:f8:24:02:c1:7e:3a:32:94:ca:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Mar 6 10:58:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=677369a19f4220c5cefd16368bcd73bbb785830c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e6:6a:d5:94:90:fd:2a:c2:61:fb:24:1e:f1:
e9:e8:9f:03:e9:0f:5c:0a:1f:4a:89:3e:a5:d9:4b:
49:fd:87:97:f5:4c:00:56:4b:40:eb:d9:65:7f:0b:
97:30:3a:51:21:9f:a9:b3:79:d0:71:99:ac:1d:30:
42:b7:23:c3:e7:fd:c3:07:dd:03:ad:95:77:95:f3:
c7:59:19:f5:25:09:69:ab:d9:52:99:ba:9f:47:86:
1f:bf:39:8d:b7:de:9a:c0:bd:51:24:bc:f2:50:00:
c0:1c:45:83:4f:8d:55:29:b0:27:ab:f9:50:be:04:
0f:32:1d:1d:aa:5b:a8:34:28:6d:9b:94:68:9e:7e:
7b:a3:bd:e2:e6:5b:23:49:61:52:37:08:4b:72:10:
7a:1f:b8:16:a1:06:1c:7f:e5:a9:c9:74:06:5b:f7:
bc:88:70:f4:0c:56:53:bb:de:ce:b8:c4:dd:26:92:
31:a1:09:68:28:33:09:8e:7e:8d:c0:47:78:3e:9c:
06:6a:76:dc:e0:7a:8f:20:a1:5b:46:c5:da:52:f8:
d7:c5:3b:26:d7:c0:f8:d7:c7:45:dd:8b:dd:b6:7a:
f7:78:11:e6:a7:ac:b4:57:85:fc:1c:8b:3c:57:5a:
fb:07:6c:20:d7:56:5c:95:0d:37:30:46:1c:14:32:
fe:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:73:69:A1:9F:42:20:C5:CE:FD:16:36:8B:CD:73:BB:B7:85:83:0C
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Z3NpoZ9CIMXO_RY2i81zu7eFgww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.166.0/24
78.108.217.0/24
IPv6:
2a0b:b86::/40
Signature Algorithm: sha256WithRSAEncryption
42:15:d1:c2:21:fd:65:42:74:c5:a0:01:3a:82:f6:af:fb:55:
3a:18:5f:b4:b9:dc:20:dc:e9:4a:4c:62:25:f3:81:99:51:9a:
60:12:6f:23:40:55:30:19:ca:63:32:71:87:dd:81:45:29:12:
53:98:54:c1:10:1a:d7:9f:11:a5:b5:20:ad:ec:18:34:d8:fb:
43:c5:21:bd:b1:c3:51:d8:c4:66:d3:0d:d2:77:d1:fc:d5:59:
b7:6b:20:86:9c:7c:0b:d7:f6:32:db:08:2c:4e:03:ac:83:6f:
0b:32:a3:4d:fd:0b:f0:82:fd:75:c1:f5:6e:2e:f2:cf:66:96:
bc:c9:84:64:c7:65:9d:56:cb:ff:52:05:26:e0:1c:78:e3:2f:
9e:91:20:83:0a:2e:b7:8e:04:e4:93:9b:62:bf:8b:cb:03:c3:
d3:7c:7b:ec:84:52:5e:c3:3c:85:4a:19:b2:88:83:96:e8:30:
4e:af:d5:2e:8f:1d:b6:fd:17:e8:80:07:c7:67:c1:89:6d:cc:
25:83:e7:b1:3a:18:4e:31:05:b0:3f:6d:8f:8f:97:d6:e3:0b:
04:b6:1a:e5:63:a2:dd:30:c6:33:41:94:2d:ea:12:f5:bc:2f:
aa:4f:6f:ae:f2:45:0b:6d:ef:4f:6b:9f:1b:19:0f:e4:20:74:
ac:1d:71:b4
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYa2kmh0p+/4JALBfjoylMpeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMzA2MTA1ODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzczNjlhMTlmNDIyMGM1Y2VmZDE2MzY4YmNkNzNiYmI3ODU4MzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOZq1ZSQ/SrCYfskHvHp6J8D6Q9c
Ch9KiT6l2UtJ/YeX9UwAVktA69llfwuXMDpRIZ+ps3nQcZmsHTBCtyPD5/3DB90D
rZV3lfPHWRn1JQlpq9lSmbqfR4YfvzmNt96awL1RJLzyUADAHEWDT41VKbAnq/lQ
vgQPMh0dqluoNChtm5Ronn57o73i5lsjSWFSNwhLchB6H7gWoQYcf+WpyXQGW/e8
iHD0DFZTu97OuMTdJpIxoQloKDMJjn6NwEd4PpwGanbc4HqPIKFbRsXaUvjXxTsm
18D418dF3Yvdtnr3eBHmp6y0V4X8HIs8V1r7B2wg11ZclQ03MEYcFDL+xQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFGdzaaGfQiDFzv0WNovNc7u3hYMMMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvWjNOcG9aOUNJTVhPX1JZMmk4MXp1N2VGZ3d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQAAjimAwQA
TmzZMA4EAgACMAgDBgAqCwuGADANBgkqhkiG9w0BAQsFAAOCAQEAQhXRwiH9ZUJ0
xaABOoL2r/tVOhhftLncINzpSkxiJfOBmVGaYBJvI0BVMBnKYzJxh92BRSkSU5hU
wRAa158RpbUgrewYNNj7Q8UhvbHDUdjEZtMN0nfR/NVZt2sghpx8C9f2MtsILE4D
rINvCzKjTf0L8IL9dcH1bi7yz2aWvMmEZMdlnVbL/1IFJuAceOMvnpEggwout44E
5JObYr+LywPD03x77IRSXsM8hUoZsoiDlugwTq/VLo8dtv0X6IAHx2fBiW3MJYPn
sToYTjEFsD9tj4+X1uMLBLYa5WOi3TDGM0GULeoS9bwvqk9vrvJFC23vT2ufGxkP
5CB0rB1xtA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:39 2024 by rpki-client on console-ams.rpki-client.org