Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/12c13e-f675-4882-bbe6-48d3ca161bb0/1/tzYcyLw7P6nn7tKcCjJRkhDG_Uw.roa
File: tzYcyLw7P6nn7tKcCjJRkhDG_Uw.roa (raw, json)
Hash identifier: tLjjhGfNXEhKWf6N7UINFlArR+VZSXFVePqGVyHefo8=
Subject key identifier: B7:36:1C:C8:BC:3B:3F:A9:E7:EE:D2:9C:0A:32:51:92:10:C6:FD:4C
Certificate issuer: /CN=65121c3f9207a37345e38702c89d179bf444aa08
Certificate serial: 01856F94910DF608BD2F77586F9BAC02D99D
Authority key identifier: 65:12:1C:3F:92:07:A3:73:45:E3:87:02:C8:9D:17:9B:F4:44:AA:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZRIcP5IHo3NF44cCyJ0Xm_REqgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/12c13e-f675-4882-bbe6-48d3ca161bb0/1/tzYcyLw7P6nn7tKcCjJRkhDG_Uw.roa
Signing time: Sun 01 Jan 2023 23:04:45 +0000
ROA not before: Sun 01 Jan 2023 23:04:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17621
IP address blocks: 194.138.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:91:0d:f6:08:bd:2f:77:58:6f:9b:ac:02:d9:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65121c3f9207a37345e38702c89d179bf444aa08
Validity
Not Before: Jan 1 23:04:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7361cc8bc3b3fa9e7eed29c0a32519210c6fd4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:0a:0b:20:b1:bd:19:00:05:f8:e6:70:23:af:
61:79:ab:19:49:44:8e:c4:ad:42:3c:23:55:5d:e6:
59:58:53:10:ef:48:b7:de:4e:6c:72:06:a4:a4:4f:
5d:9c:fd:aa:e5:0e:0e:15:46:4c:b2:33:39:49:5a:
2c:3c:2f:a0:3d:53:d5:8a:87:99:fa:0b:6b:54:44:
86:63:e7:ac:49:eb:e3:f7:22:2c:09:38:e4:ee:5f:
bc:af:68:34:9c:04:0a:a3:46:11:d1:22:a8:56:db:
67:27:18:2f:3c:55:cd:16:35:80:e7:af:36:2b:51:
43:4d:c1:0e:ec:27:8a:45:25:fb:ed:b0:dc:ca:41:
f6:e0:ad:eb:6b:4c:76:c9:e5:b6:a5:95:f6:e7:da:
d3:d2:5c:93:9d:0d:ce:06:f3:fd:66:14:91:14:c0:
69:1e:7a:48:fe:47:b5:75:0c:e9:8f:79:65:0e:7b:
8b:be:b5:fb:55:a4:06:58:13:ff:45:3b:d5:80:e0:
0c:db:94:aa:f6:2c:32:22:ab:1a:73:b0:bc:51:77:
ae:fe:1c:3a:5c:b1:8c:40:14:fd:71:55:1d:2a:c3:
84:86:7f:be:18:3c:fc:28:15:11:94:49:8a:fd:de:
a6:a7:15:62:d6:c9:e2:d9:96:4f:d0:0f:ec:82:aa:
e9:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:36:1C:C8:BC:3B:3F:A9:E7:EE:D2:9C:0A:32:51:92:10:C6:FD:4C
X509v3 Authority Key Identifier:
keyid:65:12:1C:3F:92:07:A3:73:45:E3:87:02:C8:9D:17:9B:F4:44:AA:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZRIcP5IHo3NF44cCyJ0Xm_REqgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/12c13e-f675-4882-bbe6-48d3ca161bb0/1/tzYcyLw7P6nn7tKcCjJRkhDG_Uw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/12c13e-f675-4882-bbe6-48d3ca161bb0/1/ZRIcP5IHo3NF44cCyJ0Xm_REqgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.138.203.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:a5:39:2f:71:f6:f9:a1:16:06:bf:ac:5c:2d:d8:16:91:67:
48:4d:02:0a:1f:45:c2:1a:87:ac:07:be:8e:35:0c:3e:23:af:
1b:6a:8d:ba:b7:5a:81:df:c4:b7:90:43:ff:0c:39:e3:0b:97:
4d:80:de:45:92:50:26:0c:00:d4:94:c3:ea:93:63:0f:9d:dc:
9e:67:1e:2e:fa:10:9c:92:25:a0:36:47:e0:b9:b2:81:20:fb:
52:72:85:04:86:e6:73:65:22:56:b4:79:1f:3c:71:9b:81:bf:
57:3c:57:87:57:ca:6f:b0:e7:01:51:91:f5:f2:0e:d3:ff:8e:
a3:4f:90:48:71:9a:84:71:c4:8a:de:bc:77:d3:ea:a2:00:02:
08:0d:b8:a2:72:d0:ff:08:b3:cb:92:53:3a:18:56:e9:5b:98:
d5:ea:f0:59:df:54:14:81:aa:cd:9b:4a:15:7a:6a:63:8a:c8:
81:67:f2:11:a5:16:57:ad:77:48:44:34:89:b0:4a:4c:96:6a:
d3:4c:59:52:1a:f4:7f:3c:58:b8:b5:7f:76:8c:62:3b:08:bb:
53:20:e1:b0:63:06:35:59:ae:23:c5:0d:3f:b0:a3:4a:43:7d:
99:3d:3c:f1:f9:2e:00:14:36:5c:ac:21:67:33:f6:2d:1c:fd:
6d:27:4d:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvlJEN9gi9L3dYb5usAtmdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MTIxYzNmOTIwN2EzNzM0NWUzODcwMmM4OWQxNzliZjQ0
NGFhMDgwHhcNMjMwMTAxMjMwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzM2MWNjOGJjM2IzZmE5ZTdlZWQyOWMwYTMyNTE5MjEwYzZmZDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+QoLILG9GQAF+OZwI69heasZSUSO
xK1CPCNVXeZZWFMQ70i33k5scgakpE9dnP2q5Q4OFUZMsjM5SVosPC+gPVPVioeZ
+gtrVESGY+esSevj9yIsCTjk7l+8r2g0nAQKo0YR0SKoVttnJxgvPFXNFjWA5682
K1FDTcEO7CeKRSX77bDcykH24K3ra0x2yeW2pZX259rT0lyTnQ3OBvP9ZhSRFMBp
HnpI/ke1dQzpj3llDnuLvrX7VaQGWBP/RTvVgOAM25Sq9iwyIqsac7C8UXeu/hw6
XLGMQBT9cVUdKsOEhn++GDz8KBURlEmK/d6mpxVi1sni2ZZP0A/sgqrpZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLc2HMi8Oz+p5+7SnAoyUZIQxv1MMB8GA1UdIwQY
MBaAFGUSHD+SB6NzReOHAsidF5v0RKoIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJJY1A1SUhvM05GNDRjQ3lKMFhtX1JFcWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8xMmMxM2UtZjY3NS00ODgyLWJiZTYt
NDhkM2NhMTYxYmIwLzEvdHpZY3lMdzdQNm5uN3RLY0NqSlJraERHX1V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8xMmMxM2UtZjY3NS00ODgyLWJiZTYtNDhkM2NhMTYxYmIw
LzEvWlJJY1A1SUhvM05GNDRjQ3lKMFhtX1JFcWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAworLMA0G
CSqGSIb3DQEBCwUAA4IBAQBdpTkvcfb5oRYGv6xcLdgWkWdITQIKH0XCGoesB76O
NQw+I68bao26t1qB38S3kEP/DDnjC5dNgN5FklAmDADUlMPqk2MPndyeZx4u+hCc
kiWgNkfgubKBIPtScoUEhuZzZSJWtHkfPHGbgb9XPFeHV8pvsOcBUZH18g7T/46j
T5BIcZqEccSK3rx30+qiAAIIDbiictD/CLPLklM6GFbpW5jV6vBZ31QUgarNm0oV
empjisiBZ/IRpRZXrXdIRDSJsEpMlmrTTFlSGvR/PFi4tX92jGI7CLtTIOGwYwY1
Wa4jxQ0/sKNKQ32ZPTzx+S4AFDZcrCFnM/YtHP1tJ00C
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:11 2024 by rpki-client on console-fra.rpki-client.org