Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/43e959-397e-4e95-9978-9e128cf3c3ad/1/ZawEQoGzlKGxYQZqVXneRN9VOeA.roa
File: ZawEQoGzlKGxYQZqVXneRN9VOeA.roa (raw, json)
Hash identifier: Vm6MhduAxZxCTxWzQcCGxhunMc+caqBjTVaFabYG2FM=
Subject key identifier: 65:AC:04:42:81:B3:94:A1:B1:61:06:6A:55:79:DE:44:DF:55:39:E0
Certificate issuer: /CN=efd60cec53b3a0cfc8cb4543a2d0a8a59e6096ee
Certificate serial: 018C1158BEF1AF009EFB3151770871A84492
Authority key identifier: EF:D6:0C:EC:53:B3:A0:CF:C8:CB:45:43:A2:D0:A8:A5:9E:60:96:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/79YM7FOzoM_Iy0VDotCopZ5glu4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/43e959-397e-4e95-9978-9e128cf3c3ad/1/ZawEQoGzlKGxYQZqVXneRN9VOeA.roa
Signing time: Mon 27 Nov 2023 15:14:37 +0000
ROA not before: Mon 27 Nov 2023 15:14:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2613
IP address blocks: 193.135.150.0/24 maxlen: 24
91.218.38.0/24 maxlen: 24
2a07:e640:666::/48 maxlen: 48
2001:678:298::/48 maxlen: 48
2a07:e640::/29 maxlen: 29
2001:678:294::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:11:58:be:f1:af:00:9e:fb:31:51:77:08:71:a8:44:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efd60cec53b3a0cfc8cb4543a2d0a8a59e6096ee
Validity
Not Before: Nov 27 15:14:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65ac044281b394a1b161066a5579de44df5539e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:74:d5:11:17:eb:0e:b0:39:71:68:4b:46:7f:
1a:e4:5d:65:c0:34:dd:60:38:bc:60:c8:68:bd:52:
31:d7:35:da:36:2c:2a:d4:93:34:83:47:ff:cb:1b:
9d:80:ed:52:3c:8c:18:58:2c:7a:7d:17:d2:de:33:
84:25:be:94:f3:db:8f:02:ac:c9:c8:5b:86:63:7f:
6f:cd:cf:08:20:c1:ca:a4:35:2c:0e:e3:cf:b5:70:
b1:97:6f:fb:57:ba:1e:20:7a:52:66:f1:d0:dc:c8:
1d:25:94:28:d1:6f:3f:9a:7c:68:7b:db:1e:f3:92:
8c:e0:03:90:f9:ab:8d:42:6b:5d:73:6a:b2:12:76:
7d:c6:fd:ed:b2:f1:8c:b3:a1:e0:c0:fa:de:11:10:
48:8a:e1:d5:3c:0e:16:b2:26:84:15:d2:60:ae:ba:
75:a3:23:9c:74:08:66:46:78:c3:a0:64:76:01:98:
37:68:8a:2f:e9:71:f9:d8:de:8f:7c:8f:23:76:02:
bd:f5:a3:7a:2b:88:6a:b0:64:9d:37:7e:35:d9:dd:
5c:5a:8f:08:6f:a0:09:f9:4e:13:e4:d4:85:9a:95:
80:aa:a5:22:2e:cc:13:c0:c8:ed:68:8e:a1:7f:b4:
df:80:ec:8f:fb:e3:b9:f9:0e:ce:8f:76:4c:1c:17:
38:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:AC:04:42:81:B3:94:A1:B1:61:06:6A:55:79:DE:44:DF:55:39:E0
X509v3 Authority Key Identifier:
keyid:EF:D6:0C:EC:53:B3:A0:CF:C8:CB:45:43:A2:D0:A8:A5:9E:60:96:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/79YM7FOzoM_Iy0VDotCopZ5glu4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/43e959-397e-4e95-9978-9e128cf3c3ad/1/ZawEQoGzlKGxYQZqVXneRN9VOeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/43e959-397e-4e95-9978-9e128cf3c3ad/1/79YM7FOzoM_Iy0VDotCopZ5glu4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.38.0/24
193.135.150.0/24
IPv6:
2001:678:294::/48
2001:678:298::/48
2a07:e640::/29
Signature Algorithm: sha256WithRSAEncryption
1b:3a:09:2e:3c:38:70:d2:dc:1d:b6:6a:bc:1b:cf:08:76:39:
85:e7:c9:3a:21:07:ce:bc:9c:68:f1:a2:54:27:4b:6a:68:d1:
cb:f4:64:a8:4b:87:95:a0:0e:7d:ed:e8:09:cf:c5:09:35:cc:
d5:b6:7c:32:74:ee:a8:50:42:a9:ad:ea:43:d8:98:5d:d3:f9:
cf:8a:20:77:f1:25:71:55:cc:cb:a6:31:d5:40:01:c1:28:77:
82:e3:0f:22:89:65:e0:11:35:fa:ff:36:4e:f0:61:1d:a1:fe:
7b:22:2b:71:b5:e9:3e:6b:09:75:62:8f:ab:6b:7d:14:5a:59:
3a:ca:ba:28:04:ac:ff:8d:6c:16:55:67:48:2f:7e:af:3e:e1:
85:d9:69:f6:99:97:e1:a6:8b:42:32:f7:be:e8:29:e4:e3:e8:
a0:05:63:50:03:75:71:a8:bf:35:9d:22:92:d2:b4:37:e8:df:
fa:28:ed:93:ae:3c:c3:ee:1e:30:e3:ec:b3:8e:82:46:f8:3d:
50:05:54:33:b4:9f:7d:bb:72:4a:da:60:0a:fc:a6:b2:ac:66:
cc:80:40:50:13:22:ac:04:2e:b6:aa:85:41:8d:d2:8a:a8:9d:
f0:a2:dc:68:53:cf:2e:8d:66:01:47:c3:06:68:26:fa:84:c3:
94:46:2c:c1
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYwRWL7xrwCe+zFRdwhxqESSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmZDYwY2VjNTNiM2EwY2ZjOGNiNDU0M2EyZDBhOGE1OWU2
MDk2ZWUwHhcNMjMxMTI3MTUxNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWFjMDQ0MjgxYjM5NGExYjE2MTA2NmE1NTc5ZGU0NGRmNTUzOWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHTVERfrDrA5cWhLRn8a5F1lwDTd
YDi8YMhovVIx1zXaNiwq1JM0g0f/yxudgO1SPIwYWCx6fRfS3jOEJb6U89uPAqzJ
yFuGY39vzc8IIMHKpDUsDuPPtXCxl2/7V7oeIHpSZvHQ3MgdJZQo0W8/mnxoe9se
85KM4AOQ+auNQmtdc2qyEnZ9xv3tsvGMs6HgwPreERBIiuHVPA4WsiaEFdJgrrp1
oyOcdAhmRnjDoGR2AZg3aIov6XH52N6PfI8jdgK99aN6K4hqsGSdN3412d1cWo8I
b6AJ+U4T5NSFmpWAqqUiLswTwMjtaI6hf7TfgOyP++O5+Q7Oj3ZMHBc4iQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFGWsBEKBs5ShsWEGalV53kTfVTngMB8GA1UdIwQY
MBaAFO/WDOxTs6DPyMtFQ6LQqKWeYJbuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzlZTTdGT3pvTV9JeTBWRG90Q29wWjVnbHU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS80M2U5NTktMzk3ZS00ZTk1LTk5Nzgt
OWUxMjhjZjNjM2FkLzEvWmF3RVFvR3psS0d4WVFacVZYbmVSTjlWT2VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS80M2U5NTktMzk3ZS00ZTk1LTk5NzgtOWUxMjhjZjNjM2Fk
LzEvNzlZTTdGT3pvTV9JeTBWRG90Q29wWjVnbHU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTASBAIAATAMAwQAW9omAwQA
wYeWMB8EAgACMBkDBwAgAQZ4ApQDBwAgAQZ4ApgDBQMqB+ZAMA0GCSqGSIb3DQEB
CwUAA4IBAQAbOgkuPDhw0twdtmq8G88IdjmF58k6IQfOvJxo8aJUJ0tqaNHL9GSo
S4eVoA597egJz8UJNczVtnwydO6oUEKprepD2Jhd0/nPiiB38SVxVczLpjHVQAHB
KHeC4w8iiWXgETX6/zZO8GEdof57Iitxtek+awl1Yo+ra30UWlk6yrooBKz/jWwW
VWdIL36vPuGF2Wn2mZfhpotCMve+6Cnk4+igBWNQA3VxqL81nSKS0rQ36N/6KO2T
rjzD7h4w4+yzjoJG+D1QBVQztJ99u3JK2mAK/KayrGbMgEBQEyKsBC62qoVBjdKK
qJ3wotxoU88ujWYBR8MGaCb6hMOURizB
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:15 2024 by rpki-client on console-ams.rpki-client.org