Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/47ada5-183f-446d-b705-023f2be5daa4/1/mzG1nsR0vZtHb1berAiL_lbrh9k.roa
File: mzG1nsR0vZtHb1berAiL_lbrh9k.roa (raw, json)
Hash identifier: PcAVlGsslPjoCfIDPqDCTl0o5n1NWi20j2g3X48VDWk=
Subject key identifier: 9B:31:B5:9E:C4:74:BD:9B:47:6F:56:DE:AC:08:8B:FE:56:EB:87:D9
Certificate issuer: /CN=fdf4b621eeb739d24fc92ad78d2776da7b870027
Certificate serial: 01872DE0A2DBD00C99A905152B85B57C50BD
Authority key identifier: FD:F4:B6:21:EE:B7:39:D2:4F:C9:2A:D7:8D:27:76:DA:7B:87:00:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_fS2Ie63OdJPySrXjSd22nuHACc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/47ada5-183f-446d-b705-023f2be5daa4/1/mzG1nsR0vZtHb1berAiL_lbrh9k.roa
Signing time: Wed 29 Mar 2023 14:58:29 +0000
ROA not before: Wed 29 Mar 2023 14:58:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209043
IP address blocks: 188.95.70.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2d:e0:a2:db:d0:0c:99:a9:05:15:2b:85:b5:7c:50:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdf4b621eeb739d24fc92ad78d2776da7b870027
Validity
Not Before: Mar 29 14:58:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b31b59ec474bd9b476f56deac088bfe56eb87d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:2f:6f:56:14:91:28:c1:60:a2:a7:f8:83:4c:
cc:7f:71:2e:a0:bb:6a:96:ac:47:6a:cc:0d:b6:ec:
86:11:92:42:52:ba:92:56:c6:b3:36:6a:18:d8:5d:
af:f6:cb:48:21:44:70:70:1a:18:b7:bd:a8:4c:c1:
5e:e4:c4:16:5d:8e:f4:96:88:3a:90:3b:20:31:e2:
7f:32:47:2c:1f:27:e8:53:42:bd:bd:20:3f:ca:7f:
e6:55:e3:98:e6:d6:c6:c6:08:2b:06:af:3a:8d:53:
f9:3a:03:88:96:bc:15:d8:c7:67:61:15:e7:46:cc:
9b:f8:2b:f4:c2:7a:8f:a5:1f:fa:69:44:29:ae:f3:
9a:24:d3:56:85:01:be:e3:3e:18:1d:1e:0a:83:af:
7a:5e:ba:73:50:14:4c:3a:f4:51:9f:8c:76:8b:89:
83:39:20:77:6e:f9:79:a3:c7:12:79:a8:46:b9:a3:
ef:70:bc:1e:38:4e:9d:2f:16:de:1f:d5:17:d4:94:
b0:3b:6d:b9:28:26:83:07:45:93:c5:8f:03:a4:14:
52:cd:01:ab:a8:2e:98:56:61:ab:20:97:0f:6e:0c:
15:65:72:9f:4e:c2:02:8e:06:20:c7:b7:bd:45:f4:
2b:f3:27:53:d9:e0:d5:31:05:5a:62:07:df:3f:09:
60:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:31:B5:9E:C4:74:BD:9B:47:6F:56:DE:AC:08:8B:FE:56:EB:87:D9
X509v3 Authority Key Identifier:
keyid:FD:F4:B6:21:EE:B7:39:D2:4F:C9:2A:D7:8D:27:76:DA:7B:87:00:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_fS2Ie63OdJPySrXjSd22nuHACc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/47ada5-183f-446d-b705-023f2be5daa4/1/mzG1nsR0vZtHb1berAiL_lbrh9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/47ada5-183f-446d-b705-023f2be5daa4/1/_fS2Ie63OdJPySrXjSd22nuHACc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.95.70.0/24
Signature Algorithm: sha256WithRSAEncryption
83:29:c3:99:4b:10:0f:2a:dc:90:a2:c4:88:fb:9c:49:b7:e2:
78:36:83:51:b4:a4:80:ac:0d:c6:d5:42:8a:0a:e1:ab:6d:8d:
24:3e:70:d8:15:b9:19:14:c8:6b:cc:af:ab:8d:2c:26:84:29:
90:b8:08:75:08:41:20:62:4d:18:6e:fb:61:b5:0f:27:82:46:
54:41:aa:55:d0:8b:b1:e0:40:02:0b:73:4a:96:b4:a2:1f:a1:
41:ef:33:cc:2e:55:04:09:e1:25:d7:85:55:b7:58:01:15:43:
70:b5:3b:5a:10:44:9b:20:d3:53:2e:5e:31:2e:5c:33:9f:5b:
ea:7a:63:2a:ef:68:51:37:52:ce:89:dc:91:d7:ae:c3:a7:ee:
b0:38:fe:3b:5e:8f:ca:4c:e9:48:21:98:bd:3e:fe:fd:d6:35:
d6:64:c3:52:31:fb:d2:1c:b2:f9:5a:78:ff:13:ea:cc:89:50:
c1:95:48:73:30:02:5b:51:be:88:ad:08:84:32:84:fc:b4:f9:
d8:16:5f:33:74:f8:cb:d2:24:a1:0b:6c:bd:4a:08:74:b5:8e:
4d:c4:77:84:27:ce:8a:98:6b:fa:cf:37:2c:f7:4c:af:e8:2c:
3b:fd:22:28:aa:40:db:71:2c:bc:a5:6d:1e:e9:03:20:9e:a2:
65:3a:38:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYct4KLb0AyZqQUVK4W1fFC9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZjRiNjIxZWViNzM5ZDI0ZmM5MmFkNzhkMjc3NmRhN2I4
NzAwMjcwHhcNMjMwMzI5MTQ1ODI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjMxYjU5ZWM0NzRiZDliNDc2ZjU2ZGVhYzA4OGJmZTU2ZWI4N2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0S9vVhSRKMFgoqf4g0zMf3EuoLtq
lqxHaswNtuyGEZJCUrqSVsazNmoY2F2v9stIIURwcBoYt72oTMFe5MQWXY70log6
kDsgMeJ/MkcsHyfoU0K9vSA/yn/mVeOY5tbGxggrBq86jVP5OgOIlrwV2MdnYRXn
Rsyb+Cv0wnqPpR/6aUQprvOaJNNWhQG+4z4YHR4Kg696XrpzUBRMOvRRn4x2i4mD
OSB3bvl5o8cSeahGuaPvcLweOE6dLxbeH9UX1JSwO225KCaDB0WTxY8DpBRSzQGr
qC6YVmGrIJcPbgwVZXKfTsICjgYgx7e9RfQr8ydT2eDVMQVaYgffPwlg3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJsxtZ7EdL2bR29W3qwIi/5W64fZMB8GA1UdIwQY
MBaAFP30tiHutznST8kq140ndtp7hwAnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2ZTMkllNjNPZEpQeVNyWGpTZDIybnVIQUNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy80N2FkYTUtMTgzZi00NDZkLWI3MDUt
MDIzZjJiZTVkYWE0LzEvbXpHMW5zUjB2WnRIYjFiZXJBaUxfbGJyaDlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy80N2FkYTUtMTgzZi00NDZkLWI3MDUtMDIzZjJiZTVkYWE0
LzEvX2ZTMkllNjNPZEpQeVNyWGpTZDIybnVIQUNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvF9GMA0G
CSqGSIb3DQEBCwUAA4IBAQCDKcOZSxAPKtyQosSI+5xJt+J4NoNRtKSArA3G1UKK
CuGrbY0kPnDYFbkZFMhrzK+rjSwmhCmQuAh1CEEgYk0YbvthtQ8ngkZUQapV0Iux
4EACC3NKlrSiH6FB7zPMLlUECeEl14VVt1gBFUNwtTtaEESbINNTLl4xLlwzn1vq
emMq72hRN1LOidyR167Dp+6wOP47Xo/KTOlIIZi9Pv791jXWZMNSMfvSHLL5Wnj/
E+rMiVDBlUhzMAJbUb6IrQiEMoT8tPnYFl8zdPjL0iShC2y9Sgh0tY5NxHeEJ86K
mGv6zzcs90yv6Cw7/SIoqkDbcSy8pW0e6QMgnqJlOjiU
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:37 2023 by rpki-client on console-fra.rpki-client.org