Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/zws2J3FkSyvpV7GSz-jym_1mbRk.roa
File: zws2J3FkSyvpV7GSz-jym_1mbRk.roa (raw, json)
Hash identifier: x684yFuqrvQfHcQM25a4ZkKsk1Dx3MKHTvTO+qNik/E=
Subject key identifier: CF:0B:36:27:71:64:4B:2B:E9:57:B1:92:CF:E8:F2:9B:FD:66:6D:19
Certificate issuer: /CN=84695c825129e3654a508b3bc529fe3a5b3839b1
Certificate serial: 01856C7847A92E20970A53B6C4D231823F8E
Authority key identifier: 84:69:5C:82:51:29:E3:65:4A:50:8B:3B:C5:29:FE:3A:5B:38:39:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hGlcglEp42VKUIs7xSn-Ols4ObE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/zws2J3FkSyvpV7GSz-jym_1mbRk.roa
Signing time: Sun 01 Jan 2023 08:34:59 +0000
ROA not before: Sun 01 Jan 2023 08:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 194.56.216.0/23 maxlen: 23
194.56.222.0/23 maxlen: 23
2a0f:13c6::/31 maxlen: 31
2a0f:13c0::/31 maxlen: 31
2a0f:13c2::/31 maxlen: 31
2a0f:13c4::/31 maxlen: 31
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:47:a9:2e:20:97:0a:53:b6:c4:d2:31:82:3f:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84695c825129e3654a508b3bc529fe3a5b3839b1
Validity
Not Before: Jan 1 08:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf0b362771644b2be957b192cfe8f29bfd666d19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:51:9b:57:28:a1:2e:6f:1e:70:ae:78:5b:62:
2b:b8:24:dd:2b:4d:05:c7:68:45:5a:ec:ba:34:dd:
dc:35:f6:09:8e:43:24:eb:9c:6d:f3:08:08:1e:2c:
cd:de:ae:f0:41:d3:5e:b6:d6:89:ce:01:d5:81:0a:
f7:3b:fc:53:7e:54:f2:d5:60:88:e0:0a:6f:da:d8:
11:25:f7:50:7f:16:31:f5:8d:e2:37:de:6f:40:7c:
9c:69:b4:ba:fe:cb:ca:85:2a:40:56:ad:19:35:19:
65:6b:18:95:3b:2f:07:c4:df:58:e2:a9:1c:b7:f8:
03:7e:64:cc:a2:74:63:6e:d2:66:a2:e9:a4:7d:c6:
40:e8:85:16:74:35:4f:f3:e3:c6:cd:cc:c8:7e:65:
df:8f:7a:57:df:64:65:40:85:d8:d3:a3:4a:f4:d1:
c4:c5:dc:a5:80:be:c9:11:17:01:38:12:49:cf:29:
96:f5:d0:5e:d8:5d:d1:53:1a:31:95:40:b9:1c:3b:
7b:3a:f2:06:01:74:a3:61:d9:b9:0e:9f:6b:8e:7b:
4a:b1:eb:1e:f4:fb:fc:72:11:bc:08:b7:a3:1f:11:
69:03:38:97:77:0c:46:c3:a5:85:a5:cc:43:65:1a:
61:a6:0c:f5:07:e5:b3:d7:6a:f6:47:8c:38:fb:03:
f6:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:0B:36:27:71:64:4B:2B:E9:57:B1:92:CF:E8:F2:9B:FD:66:6D:19
X509v3 Authority Key Identifier:
keyid:84:69:5C:82:51:29:E3:65:4A:50:8B:3B:C5:29:FE:3A:5B:38:39:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hGlcglEp42VKUIs7xSn-Ols4ObE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/zws2J3FkSyvpV7GSz-jym_1mbRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/hGlcglEp42VKUIs7xSn-Ols4ObE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.56.216.0/23
194.56.222.0/23
IPv6:
2a0f:13c0::/29
Signature Algorithm: sha256WithRSAEncryption
8a:bb:5b:f7:1f:0e:d7:d3:f7:76:90:d1:f8:45:f5:f9:11:2f:
4d:0a:17:df:3c:c9:84:58:73:f5:bc:14:f8:da:8f:5d:ad:7b:
d8:d7:8d:7e:9f:4f:41:94:cd:fe:0a:fd:eb:30:51:a7:ba:c8:
22:4d:37:be:ce:01:48:08:46:99:59:21:78:c3:46:9e:e1:ca:
2f:f3:d6:3e:7a:3b:7c:d1:de:57:ec:cf:f9:fb:29:22:12:f3:
89:5c:67:f0:8f:c7:25:fe:ba:6d:a1:46:82:fc:b5:c6:24:10:
0e:c7:40:46:e2:5c:cd:95:ca:fa:e2:69:ad:95:d0:af:2a:df:
a1:52:0f:85:2f:ec:b7:fa:49:fb:01:40:86:0f:e9:94:76:e8:
ff:2f:73:7f:e3:71:74:e9:7c:98:f3:0c:2d:29:12:49:ba:81:
2f:47:d9:0b:c5:05:7b:9d:72:b2:2b:20:6e:1a:4e:19:eb:b6:
3d:c2:1b:31:08:10:76:fe:58:76:c8:6f:10:e0:87:8a:de:49:
a8:35:dc:f4:03:4f:f3:39:b4:27:20:eb:cb:2b:45:16:fc:20:
d1:99:bb:2e:8b:a1:d9:a5:d2:91:9d:84:ad:0a:02:18:89:fe:
14:cf:20:7d:e0:c4:6f:98:51:13:21:8f:45:27:79:5e:b9:0b:
fd:d8:d8:fe
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVseEepLiCXClO2xNIxgj+OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0Njk1YzgyNTEyOWUzNjU0YTUwOGIzYmM1MjlmZTNhNWIz
ODM5YjEwHhcNMjMwMTAxMDgzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjBiMzYyNzcxNjQ0YjJiZTk1N2IxOTJjZmU4ZjI5YmZkNjY2ZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFGbVyihLm8ecK54W2IruCTdK00F
x2hFWuy6NN3cNfYJjkMk65xt8wgIHizN3q7wQdNettaJzgHVgQr3O/xTflTy1WCI
4Apv2tgRJfdQfxYx9Y3iN95vQHycabS6/svKhSpAVq0ZNRllaxiVOy8HxN9Y4qkc
t/gDfmTMonRjbtJmoumkfcZA6IUWdDVP8+PGzczIfmXfj3pX32RlQIXY06NK9NHE
xdylgL7JERcBOBJJzymW9dBe2F3RUxoxlUC5HDt7OvIGAXSjYdm5Dp9rjntKsese
9Pv8chG8CLejHxFpAziXdwxGw6WFpcxDZRphpgz1B+Wz12r2R4w4+wP2bwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM8LNidxZEsr6Vexks/o8pv9Zm0ZMB8GA1UdIwQY
MBaAFIRpXIJRKeNlSlCLO8Up/jpbODmxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEdsY2dsRXA0MlZLVUlzN3hTbi1PbHM0T2JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9hMGU5MGYtMjE5OC00NDJlLTk1ZmMt
YjdmNjM0MjNmMTkyLzEvendzMkozRmtTeXZwVjdHU3otanltXzFtYlJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9hMGU5MGYtMjE5OC00NDJlLTk1ZmMtYjdmNjM0MjNmMTky
LzEvaEdsY2dsRXA0MlZLVUlzN3hTbi1PbHM0T2JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwjjYAwQB
wjjeMA0EAgACMAcDBQMqDxPAMA0GCSqGSIb3DQEBCwUAA4IBAQCKu1v3Hw7X0/d2
kNH4RfX5ES9NChffPMmEWHP1vBT42o9drXvY141+n09BlM3+Cv3rMFGnusgiTTe+
zgFICEaZWSF4w0ae4cov89Y+ejt80d5X7M/5+ykiEvOJXGfwj8cl/rptoUaC/LXG
JBAOx0BG4lzNlcr64mmtldCvKt+hUg+FL+y3+kn7AUCGD+mUduj/L3N/43F06XyY
8wwtKRJJuoEvR9kLxQV7nXKyKyBuGk4Z67Y9whsxCBB2/lh2yG8Q4IeK3kmoNdz0
A0/zObQnIOvLK0UW/CDRmbsui6HZpdKRnYStCgIYif4UzyB94MRvmFETIY9FJ3le
uQv92Nj+
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:10 2024 by rpki-client on console-ams.rpki-client.org