Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/z49DswMzm05fhc-9ZsrZA4AII5A.roa
File: z49DswMzm05fhc-9ZsrZA4AII5A.roa (raw, json)
Hash identifier: Gv++1GWX208Cxu00j5UMQ+KSAV4Lj4oy2AmQRfJdfdQ=
Subject key identifier: CF:8F:43:B3:03:33:9B:4E:5F:85:CF:BD:66:CA:D9:03:80:08:23:90
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018D08CEB42A6DB5810340BBA1CE86D9F147
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/z49DswMzm05fhc-9ZsrZA4AII5A.roa
Signing time: Sun 14 Jan 2024 16:29:40 +0000
ROA not before: Sun 14 Jan 2024 16:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211619
IP address blocks: 213.209.129.0/24 maxlen: 24
185.230.13.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 10 Feb 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:08:ce:b4:2a:6d:b5:81:03:40:bb:a1:ce:86:d9:f1:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 14 16:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf8f43b303339b4e5f85cfbd66cad90380082390
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:44:6c:80:c9:a4:3c:f7:10:83:0e:72:af:1f:
ba:fc:4e:e7:51:33:83:32:d3:f0:f7:d6:43:ff:fd:
53:92:a9:7b:57:5f:ad:d6:9a:d9:08:81:66:52:56:
3a:29:92:b4:f4:7b:38:99:da:5a:9c:6b:a8:5b:43:
05:f1:6a:e3:40:59:4e:71:2a:8b:98:15:4b:c1:90:
fe:ee:7e:eb:d7:1f:6b:0d:40:f5:ad:75:4e:af:98:
69:fe:18:88:fe:a5:a5:5b:ae:b8:2d:b6:fa:74:d8:
f7:c9:56:de:29:bb:35:74:ad:c7:d9:e0:fd:4b:57:
64:13:f0:97:08:e5:43:c1:5c:f3:c0:97:a9:32:0e:
6a:cd:49:dc:cc:e5:4e:b3:91:d5:08:0c:f0:48:a2:
d5:b6:9f:40:70:87:c6:50:bc:40:e0:8e:59:d9:59:
0c:8a:f6:78:29:99:2f:d5:f9:42:bc:63:da:7c:b9:
5d:9e:71:a3:be:2a:b9:0f:f5:55:2b:b2:46:cd:12:
26:03:83:39:f7:d0:ae:4e:45:a5:a3:1a:cb:2f:bf:
84:29:06:b6:91:de:69:88:d1:fb:9f:99:68:fa:22:
a8:61:57:3e:fc:4b:92:15:00:43:15:74:05:31:5c:
66:f1:ab:93:b7:a8:ff:55:17:17:2d:c7:78:23:7d:
6c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:8F:43:B3:03:33:9B:4E:5F:85:CF:BD:66:CA:D9:03:80:08:23:90
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/z49DswMzm05fhc-9ZsrZA4AII5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.13.0/24
213.209.129.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:94:08:17:62:63:2e:2a:eb:e1:3b:8f:f1:d3:e4:5c:5b:92:
9d:57:0e:71:64:6b:67:76:4d:a3:81:e8:02:18:af:d6:21:2e:
de:b7:61:ac:fc:1d:42:b3:7d:26:f8:6d:77:18:38:b9:9b:dd:
d8:c2:5f:6c:00:70:5d:68:cf:fb:d0:27:c4:e0:d4:d9:3b:62:
8d:70:d6:78:45:42:14:3e:17:bb:c9:5b:dd:7c:a3:3e:32:59:
32:24:57:62:fe:bb:c8:b8:eb:66:e7:9d:13:26:bb:68:8a:70:
03:a7:82:45:78:18:7e:5c:bd:8f:e6:ac:0c:92:53:f5:a5:7b:
65:e7:a1:77:d0:1c:2b:15:15:40:53:88:f1:49:a1:a5:7f:34:
d3:08:78:a8:51:c4:df:b0:dc:12:4c:84:eb:d6:c4:13:53:7d:
5a:05:cd:fb:cd:93:7d:f1:87:74:d0:21:98:8f:56:75:ae:23:
c5:c4:b2:23:fc:af:e2:1b:b2:8d:19:a3:03:b0:bd:df:85:e0:
89:09:bd:d6:6e:f8:66:83:af:b4:16:18:98:cc:88:fb:b8:65:
37:ab:c7:a5:a2:75:8f:b1:44:7a:a3:7b:42:77:9f:bc:7a:85:
0c:bf:82:75:15:e8:3d:08:1f:07:89:6f:55:e3:a6:4c:06:25:
8e:96:d2:d3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0IzrQqbbWBA0C7oc6G2fFHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwMTE0MTYyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjhmNDNiMzAzMzM5YjRlNWY4NWNmYmQ2NmNhZDkwMzgwMDgyMzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4URsgMmkPPcQgw5yrx+6/E7nUTOD
MtPw99ZD//1Tkql7V1+t1prZCIFmUlY6KZK09Hs4mdpanGuoW0MF8WrjQFlOcSqL
mBVLwZD+7n7r1x9rDUD1rXVOr5hp/hiI/qWlW664Lbb6dNj3yVbeKbs1dK3H2eD9
S1dkE/CXCOVDwVzzwJepMg5qzUnczOVOs5HVCAzwSKLVtp9AcIfGULxA4I5Z2VkM
ivZ4KZkv1flCvGPafLldnnGjviq5D/VVK7JGzRImA4M599CuTkWloxrLL7+EKQa2
kd5piNH7n5lo+iKoYVc+/EuSFQBDFXQFMVxm8auTt6j/VRcXLcd4I31szQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM+PQ7MDM5tOX4XPvWbK2QOACCOQMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvejQ5RHN3TXptMDVmaGMtOVpzclpBNEFJSTVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAueYNAwQA
1dGBMA0GCSqGSIb3DQEBCwUAA4IBAQC1lAgXYmMuKuvhO4/x0+RcW5KdVw5xZGtn
dk2jgegCGK/WIS7et2Gs/B1Cs30m+G13GDi5m93Ywl9sAHBdaM/70CfE4NTZO2KN
cNZ4RUIUPhe7yVvdfKM+MlkyJFdi/rvIuOtm550TJrtoinADp4JFeBh+XL2P5qwM
klP1pXtl56F30BwrFRVAU4jxSaGlfzTTCHioUcTfsNwSTITr1sQTU31aBc37zZN9
8Yd00CGYj1Z1riPFxLIj/K/iG7KNGaMDsL3fheCJCb3Wbvhmg6+0FhiYzIj7uGU3
q8elonWPsUR6o3tCd5+8eoUMv4J1Feg9CB8HiW9V46ZMBiWOltLT
-----END CERTIFICATE-----
Generated at Sat Feb 10 17:02:53 2024 by rpki-client on console-fra.rpki-client.org