Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/9aa63b-7647-4073-9e66-0d7c52154183/1/z01gVa71-uV1NPQmZvEJH7WmI3o.roa
File: z01gVa71-uV1NPQmZvEJH7WmI3o.roa (raw, json)
Hash identifier: C88yQTrkXaaM0JS46yqWJkEVGmgg8POnWG9Q+XiskwY=
Subject key identifier: CF:4D:60:55:AE:F5:FA:E5:75:34:F4:26:66:F1:09:1F:B5:A6:23:7A
Certificate issuer: /CN=7b24358c4f16c19ffad37f3cafe0c8f6acbf65b1
Certificate serial: 01856CC15A61F55AC23E29E33BC1CDD6B4A1
Authority key identifier: 7B:24:35:8C:4F:16:C1:9F:FA:D3:7F:3C:AF:E0:C8:F6:AC:BF:65:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eyQ1jE8WwZ_60388r-DI9qy_ZbE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/9aa63b-7647-4073-9e66-0d7c52154183/1/z01gVa71-uV1NPQmZvEJH7WmI3o.roa
Signing time: Sun 01 Jan 2023 09:54:49 +0000
ROA not before: Sun 01 Jan 2023 09:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39405
IP address blocks: 213.178.148.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:5a:61:f5:5a:c2:3e:29:e3:3b:c1:cd:d6:b4:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b24358c4f16c19ffad37f3cafe0c8f6acbf65b1
Validity
Not Before: Jan 1 09:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf4d6055aef5fae57534f42666f1091fb5a6237a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:64:08:84:eb:0f:3b:f3:b1:38:47:e9:7c:cd:
b4:42:e7:cd:24:8b:32:0b:1c:5b:65:da:fd:83:53:
d2:6b:e3:c3:d1:9f:6c:a6:9d:5d:c2:9e:0a:5b:5a:
c0:6b:2a:b5:40:e1:b8:26:bb:38:2e:5a:73:c4:16:
fe:b0:ee:1a:53:15:8b:19:dc:db:e3:2e:eb:b7:65:
ef:6a:c6:66:c7:51:32:a3:7e:13:6e:42:b8:18:f6:
59:5d:62:8c:01:03:4a:44:99:dc:1b:91:37:aa:42:
77:bd:4d:aa:c1:a5:15:5c:67:98:40:74:94:f3:bd:
9b:25:f1:07:86:e1:ec:c6:e9:b1:2b:c5:94:ad:34:
a8:88:2c:e5:36:fb:88:7e:d1:dd:41:d5:51:44:9b:
01:88:ea:f3:52:27:c9:b7:a7:84:35:af:ad:83:9f:
94:6c:ef:9f:c9:2e:0b:41:ad:cd:5f:b5:2f:98:52:
d2:dd:5b:ac:f6:2d:d2:ff:5d:df:0c:07:cd:a4:66:
07:c3:96:f6:55:2e:7b:56:3e:c0:fe:0c:96:62:6e:
39:3f:93:09:de:5e:06:90:2a:f9:e2:ee:8f:6c:fe:
b4:bf:7e:40:81:85:d0:d2:5b:40:c5:4f:72:00:27:
9a:77:3c:34:73:91:e8:2a:f1:c6:d5:4c:43:f0:ea:
82:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:4D:60:55:AE:F5:FA:E5:75:34:F4:26:66:F1:09:1F:B5:A6:23:7A
X509v3 Authority Key Identifier:
keyid:7B:24:35:8C:4F:16:C1:9F:FA:D3:7F:3C:AF:E0:C8:F6:AC:BF:65:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eyQ1jE8WwZ_60388r-DI9qy_ZbE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/9aa63b-7647-4073-9e66-0d7c52154183/1/z01gVa71-uV1NPQmZvEJH7WmI3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/9aa63b-7647-4073-9e66-0d7c52154183/1/eyQ1jE8WwZ_60388r-DI9qy_ZbE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.178.148.0/22
Signature Algorithm: sha256WithRSAEncryption
14:a2:40:ca:43:f2:eb:c6:8b:7c:80:87:a0:67:a6:c1:59:04:
11:2d:88:15:5f:e3:1b:f2:db:7f:75:03:f6:b9:6e:a2:d7:67:
d2:87:71:31:07:d1:b4:b3:89:d8:ec:cc:3b:19:58:1b:75:83:
4d:35:7d:ee:08:87:32:6f:38:ce:fc:f4:61:80:81:32:fa:cc:
ba:ab:55:fa:b7:86:f2:12:15:f3:c6:e6:64:5e:1b:50:96:ec:
e4:a9:7d:1a:a6:f5:45:0d:36:a8:f1:ee:45:ea:01:c9:03:ac:
d0:8f:64:8e:7f:bb:11:2c:55:fc:89:26:69:27:b6:51:5e:e9:
74:8c:bf:7e:91:b3:77:e8:bd:b9:4b:9b:e6:b7:1d:4f:0e:3f:
23:2e:7e:9c:e0:5d:b4:8b:45:8b:0e:25:c6:39:1e:96:a7:8c:
08:95:f3:49:76:f4:be:e2:4a:6a:0c:a9:67:8e:cf:3d:01:9d:
da:a2:0f:0d:98:48:0f:34:9c:21:60:50:59:64:b9:a7:74:e1:
8b:9a:3c:6b:4c:88:84:26:7f:74:40:fe:dc:c0:1c:e3:8a:5f:
ca:92:e2:37:f9:1b:47:73:fc:c7:14:8c:c7:7b:ac:dd:69:9a:
55:3b:bf:e3:d3:eb:c7:9e:cb:34:01:d8:6d:e6:89:c1:a0:e9:
50:19:99:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVswVph9VrCPinjO8HN1rShMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMjQzNThjNGYxNmMxOWZmYWQzN2YzY2FmZTBjOGY2YWNi
ZjY1YjEwHhcNMjMwMTAxMDk1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjRkNjA1NWFlZjVmYWU1NzUzNGY0MjY2NmYxMDkxZmI1YTYyMzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGQIhOsPO/OxOEfpfM20QufNJIsy
CxxbZdr9g1PSa+PD0Z9spp1dwp4KW1rAayq1QOG4Jrs4LlpzxBb+sO4aUxWLGdzb
4y7rt2XvasZmx1Eyo34TbkK4GPZZXWKMAQNKRJncG5E3qkJ3vU2qwaUVXGeYQHSU
872bJfEHhuHsxumxK8WUrTSoiCzlNvuIftHdQdVRRJsBiOrzUifJt6eENa+tg5+U
bO+fyS4LQa3NX7UvmFLS3Vus9i3S/13fDAfNpGYHw5b2VS57Vj7A/gyWYm45P5MJ
3l4GkCr54u6PbP60v35AgYXQ0ltAxU9yACeadzw0c5HoKvHG1UxD8OqCpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM9NYFWu9frldTT0JmbxCR+1piN6MB8GA1UdIwQY
MBaAFHskNYxPFsGf+tN/PK/gyPasv2WxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXlRMWpFOFd3Wl82MDM4OHItREk5cXlfWmJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS85YWE2M2ItNzY0Ny00MDczLTllNjYt
MGQ3YzUyMTU0MTgzLzEvejAxZ1ZhNzEtdVYxTlBRbVp2RUpIN1dtSTNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS85YWE2M2ItNzY0Ny00MDczLTllNjYtMGQ3YzUyMTU0MTgz
LzEvZXlRMWpFOFd3Wl82MDM4OHItREk5cXlfWmJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1bKUMA0G
CSqGSIb3DQEBCwUAA4IBAQAUokDKQ/Lrxot8gIegZ6bBWQQRLYgVX+Mb8tt/dQP2
uW6i12fSh3ExB9G0s4nY7Mw7GVgbdYNNNX3uCIcybzjO/PRhgIEy+sy6q1X6t4by
EhXzxuZkXhtQluzkqX0apvVFDTao8e5F6gHJA6zQj2SOf7sRLFX8iSZpJ7ZRXul0
jL9+kbN36L25S5vmtx1PDj8jLn6c4F20i0WLDiXGOR6Wp4wIlfNJdvS+4kpqDKln
js89AZ3aog8NmEgPNJwhYFBZZLmndOGLmjxrTIiEJn90QP7cwBzjil/KkuI3+RtH
c/zHFIzHe6zdaZpVO7/j0+vHnss0Adht5onBoOlQGZnY
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:06 2024 by rpki-client on console-fra.rpki-client.org