Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/zo1gUgHwMTB7feVdYz1nhKZAuKA.roa
File: zo1gUgHwMTB7feVdYz1nhKZAuKA.roa (raw, json)
Hash identifier: nin4DLPF+AHhhtVNuwuHtTGpYvi7DAK4zArWpNknG5U=
Subject key identifier: CE:8D:60:52:01:F0:31:30:7B:7D:E5:5D:63:3D:67:84:A6:40:B8:A0
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 01856E14260C8AFAE2D3FAFC4A75510F0EC8
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/zo1gUgHwMTB7feVdYz1nhKZAuKA.roa
Signing time: Sun 01 Jan 2023 16:04:52 +0000
ROA not before: Sun 01 Jan 2023 16:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212598
IP address blocks: 193.111.78.0/24 maxlen: 24
193.17.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:26:0c:8a:fa:e2:d3:fa:fc:4a:75:51:0f:0e:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Jan 1 16:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce8d605201f031307b7de55d633d6784a640b8a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d6:56:a9:fc:c7:1f:4b:24:c2:43:99:f5:df:
96:4b:fb:9b:bf:14:d5:6f:9f:05:94:75:a9:6e:17:
b8:aa:24:45:11:29:c7:52:b3:98:f3:7b:4f:4a:b8:
e3:1d:c0:0d:3e:31:76:7b:1d:77:10:8d:49:80:0e:
ea:c8:79:0a:49:ff:4c:54:e9:87:f9:b5:66:48:ff:
34:f9:99:46:9e:78:54:7d:01:64:fb:09:20:0c:d7:
7f:31:a8:c9:10:70:8e:a0:f0:c1:ea:99:16:cc:18:
00:f1:c6:1c:9c:20:86:d5:36:a0:6a:a4:77:d7:56:
37:0f:1c:9f:9b:01:97:90:51:73:aa:fc:7a:b6:d1:
82:fc:4f:dd:5a:b6:bd:fa:68:9a:b1:ef:9a:fc:28:
7f:b3:4a:fc:57:c9:02:7f:b5:ca:cc:87:80:bd:69:
90:80:c9:6d:1f:22:71:13:9d:e0:cb:05:fa:10:a1:
f7:8a:1d:8d:2a:ea:5a:cd:2f:07:a0:02:56:06:83:
db:1d:da:b2:bd:a1:5b:2d:98:c5:85:51:04:3d:de:
1b:4a:61:44:fb:00:30:70:19:ed:d6:ed:45:91:b0:
d3:63:81:df:a1:a4:21:d6:33:10:4e:f2:01:1c:22:
74:e1:bd:88:4a:68:f6:81:08:17:11:6f:2c:d1:a5:
57:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:8D:60:52:01:F0:31:30:7B:7D:E5:5D:63:3D:67:84:A6:40:B8:A0
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/zo1gUgHwMTB7feVdYz1nhKZAuKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.6.0/24
193.111.78.0/24
Signature Algorithm: sha256WithRSAEncryption
37:01:95:1b:94:94:0d:12:e0:75:0e:d1:ba:9e:10:03:bc:2d:
f1:a4:a3:d6:4c:e4:fc:3f:57:28:97:7f:e1:c7:67:1a:0e:17:
0e:e2:9a:c6:42:6f:a5:54:6b:1c:ba:eb:aa:45:65:76:bc:98:
c2:df:b7:10:76:68:7d:ac:a6:1f:e5:b7:ba:fa:b4:ce:f2:16:
ee:c5:0d:87:e1:9e:2d:ce:14:6e:42:12:dc:fc:52:e9:9b:d2:
00:4a:f8:0a:a8:f8:f6:d4:7f:3e:ba:26:2d:61:9e:16:b6:7d:
6b:6d:9f:69:64:44:87:ee:32:bb:a6:d0:40:22:56:60:75:e7:
91:1c:61:80:b9:25:6d:43:2a:64:8b:01:29:9d:c6:85:bb:68:
27:06:19:2c:45:55:61:f6:f9:2d:06:f3:85:7f:9e:83:d2:c4:
c4:ba:f8:a2:1f:69:34:92:b3:9f:26:ab:28:72:5a:e6:8e:7d:
58:ab:ec:68:71:03:90:90:b1:2d:3a:48:5c:99:11:53:28:6e:
51:65:99:0f:67:a7:8b:74:b2:e6:6c:9d:bd:3b:1a:42:d6:fe:
c5:ac:c6:55:63:2c:33:3e:a0:60:d9:5b:c7:49:1a:c2:56:93:
b1:5f:b2:72:6d:d1:e7:fd:86:e1:a1:cb:c1:ec:39:ad:52:99:
0d:a2:b3:6f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuFCYMivri0/r8SnVRDw7IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMwMTAxMTYwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZThkNjA1MjAxZjAzMTMwN2I3ZGU1NWQ2MzNkNjc4NGE2NDBiOGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtZWqfzHH0skwkOZ9d+WS/ubvxTV
b58FlHWpbhe4qiRFESnHUrOY83tPSrjjHcANPjF2ex13EI1JgA7qyHkKSf9MVOmH
+bVmSP80+ZlGnnhUfQFk+wkgDNd/MajJEHCOoPDB6pkWzBgA8cYcnCCG1TagaqR3
11Y3DxyfmwGXkFFzqvx6ttGC/E/dWra9+miase+a/Ch/s0r8V8kCf7XKzIeAvWmQ
gMltHyJxE53gywX6EKH3ih2NKupazS8HoAJWBoPbHdqyvaFbLZjFhVEEPd4bSmFE
+wAwcBnt1u1FkbDTY4HfoaQh1jMQTvIBHCJ04b2ISmj2gQgXEW8s0aVXTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM6NYFIB8DEwe33lXWM9Z4SmQLigMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvem8xZ1VnSHdNVEI3ZmVWZFl6MW5oS1pBdUtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwREGAwQA
wW9OMA0GCSqGSIb3DQEBCwUAA4IBAQA3AZUblJQNEuB1DtG6nhADvC3xpKPWTOT8
P1col3/hx2caDhcO4prGQm+lVGscuuuqRWV2vJjC37cQdmh9rKYf5be6+rTO8hbu
xQ2H4Z4tzhRuQhLc/FLpm9IASvgKqPj21H8+uiYtYZ4Wtn1rbZ9pZESH7jK7ptBA
IlZgdeeRHGGAuSVtQypkiwEpncaFu2gnBhksRVVh9vktBvOFf56D0sTEuviiH2k0
krOfJqsoclrmjn1Yq+xocQOQkLEtOkhcmRFTKG5RZZkPZ6eLdLLmbJ29OxpC1v7F
rMZVYywzPqBg2VvHSRrCVpOxX7JybdHn/YbhocvB7DmtUpkNorNv
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:49 2024 by rpki-client on console-ams.rpki-client.org