Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/zJTeJ9-Yi-eooHUNjGHSn5cRFJo.roa
File: zJTeJ9-Yi-eooHUNjGHSn5cRFJo.roa (raw, json)
Hash identifier: QNm05MSVPsdRmwbE5cRxrQjx4YNZDZqj14SwODr5o4U=
Subject key identifier: CC:94:DE:27:DF:98:8B:E7:A8:A0:75:0D:8C:61:D2:9F:97:11:14:9A
Certificate issuer: /CN=f1b8bbb1e186a599d4cc058cabf4df0e252f31fa
Certificate serial: 01856DCAD03BDFED361B4C175724F7D7E7FE
Authority key identifier: F1:B8:BB:B1:E1:86:A5:99:D4:CC:05:8C:AB:F4:DF:0E:25:2F:31:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8bi7seGGpZnUzAWMq_TfDiUvMfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/zJTeJ9-Yi-eooHUNjGHSn5cRFJo.roa
Signing time: Sun 01 Jan 2023 14:44:46 +0000
ROA not before: Sun 01 Jan 2023 14:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41717
IP address blocks: 193.242.106.0/24 maxlen: 32
193.242.109.0/24 maxlen: 32
193.43.79.0/24 maxlen: 32
193.43.91.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:d0:3b:df:ed:36:1b:4c:17:57:24:f7:d7:e7:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1b8bbb1e186a599d4cc058cabf4df0e252f31fa
Validity
Not Before: Jan 1 14:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc94de27df988be7a8a0750d8c61d29f9711149a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a3:35:f6:41:c4:8d:31:8a:a1:eb:b4:b9:01:
46:40:ed:e9:07:b0:d4:24:59:4d:56:78:72:75:c7:
27:06:6b:1e:97:8b:53:e1:c9:6a:cb:90:be:59:b2:
f6:37:d4:6d:19:ed:ff:87:43:f7:26:fb:62:e4:4e:
62:b2:56:af:c1:77:a2:5b:84:a0:4c:f3:44:f8:59:
52:1b:61:b9:63:d9:c7:70:36:8f:02:0c:d9:cf:cd:
11:07:bd:6b:a3:2e:d5:4a:14:ad:27:30:28:17:ed:
72:8f:82:79:9c:aa:7c:3e:49:c4:a6:17:0d:00:2a:
86:43:d0:c0:ae:89:66:f9:f8:27:b5:83:de:8d:59:
78:90:a5:95:98:b3:79:7b:a5:6a:34:db:c9:bf:26:
be:12:92:ee:88:e0:7d:64:8e:9a:12:8a:ef:c6:2c:
af:22:15:b1:79:ef:8c:53:3e:bc:b3:c1:50:07:26:
cd:d9:d4:15:d8:e8:16:02:3d:f0:d4:97:11:42:3a:
8a:0f:99:f0:f2:36:a6:d3:fb:42:d7:49:e9:8c:04:
81:8d:2f:31:0c:45:e6:92:09:b8:3b:63:8d:28:9a:
f7:ed:d8:89:fe:ce:82:8b:73:7c:9a:c7:81:b0:98:
7a:46:1d:50:63:d5:f4:0c:42:29:7b:a5:d1:a4:56:
6a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:94:DE:27:DF:98:8B:E7:A8:A0:75:0D:8C:61:D2:9F:97:11:14:9A
X509v3 Authority Key Identifier:
keyid:F1:B8:BB:B1:E1:86:A5:99:D4:CC:05:8C:AB:F4:DF:0E:25:2F:31:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8bi7seGGpZnUzAWMq_TfDiUvMfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/zJTeJ9-Yi-eooHUNjGHSn5cRFJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/8bi7seGGpZnUzAWMq_TfDiUvMfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.43.79.0/24
193.43.91.0/24
193.242.106.0/24
193.242.109.0/24
Signature Algorithm: sha256WithRSAEncryption
29:be:63:e9:2c:f1:cc:a1:2a:e9:18:aa:c2:22:f3:e7:91:10:
4f:72:aa:e4:cd:11:7d:6d:49:4d:c6:8e:53:f0:49:63:ad:3b:
62:22:e4:8d:8f:95:d2:7f:64:8c:a0:c1:fd:36:23:66:eb:6c:
1b:1e:29:1f:21:6b:35:3c:34:65:1c:17:b4:f1:4e:ee:e9:d7:
aa:c6:7c:cf:f0:4a:b9:f3:2d:ec:ef:d5:7c:21:bd:de:17:fc:
4a:79:e7:9a:bd:60:39:ce:89:cd:56:32:42:d2:b8:47:8d:5a:
6b:87:86:31:60:20:01:d4:0b:0d:2c:51:dd:1d:fe:9c:da:97:
88:a6:ab:6e:fd:b2:e9:1c:7c:92:93:4d:b8:5e:0a:d0:14:de:
db:d1:4e:86:b6:2d:02:c1:30:cf:4d:26:d3:da:e7:cd:68:89:
c8:cd:61:81:f5:1c:03:90:56:0b:22:ad:ab:58:87:a1:48:1e:
fe:16:37:1b:66:03:3e:a8:e6:35:4c:32:ff:0d:de:ad:ce:eb:
3c:11:3d:f0:a4:20:77:92:ff:c6:c9:6d:45:3a:01:26:b4:7b:
eb:44:eb:d1:7b:11:33:04:72:1c:9a:d5:76:c6:b1:26:08:29:
f7:66:ec:12:be:9b:b7:ee:5d:31:aa:d8:77:c6:b3:11:54:2b:
81:0e:25:99
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVtytA73+02G0wXVyT31+f+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxYjhiYmIxZTE4NmE1OTlkNGNjMDU4Y2FiZjRkZjBlMjUy
ZjMxZmEwHhcNMjMwMTAxMTQ0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzk0ZGUyN2RmOTg4YmU3YThhMDc1MGQ4YzYxZDI5Zjk3MTExNDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqaM19kHEjTGKoeu0uQFGQO3pB7DU
JFlNVnhydccnBmsel4tT4clqy5C+WbL2N9RtGe3/h0P3Jvti5E5islavwXeiW4Sg
TPNE+FlSG2G5Y9nHcDaPAgzZz80RB71roy7VShStJzAoF+1yj4J5nKp8PknEphcN
ACqGQ9DArolm+fgntYPejVl4kKWVmLN5e6VqNNvJvya+EpLuiOB9ZI6aEorvxiyv
IhWxee+MUz68s8FQBybN2dQV2OgWAj3w1JcRQjqKD5nw8jam0/tC10npjASBjS8x
DEXmkgm4O2ONKJr37diJ/s6Ci3N8mseBsJh6Rh1QY9X0DEIpe6XRpFZq1QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMyU3iffmIvnqKB1DYxh0p+XERSaMB8GA1UdIwQY
MBaAFPG4u7HhhqWZ1MwFjKv03w4lLzH6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGJpN3NlR0dwWm5VekFXTXFfVGZEaVV2TWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zMjFlYTYtZWZmNy00NTE0LWFiMmQt
NWI0Yjg1ZmQ1YWU1LzEvekpUZUo5LVlpLWVvb0hVTmpHSFNuNWNSRkpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zMjFlYTYtZWZmNy00NTE0LWFiMmQtNWI0Yjg1ZmQ1YWU1
LzEvOGJpN3NlR0dwWm5VekFXTXFfVGZEaVV2TWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwStPAwQA
wStbAwQAwfJqAwQAwfJtMA0GCSqGSIb3DQEBCwUAA4IBAQApvmPpLPHMoSrpGKrC
IvPnkRBPcqrkzRF9bUlNxo5T8EljrTtiIuSNj5XSf2SMoMH9NiNm62wbHikfIWs1
PDRlHBe08U7u6deqxnzP8Eq58y3s79V8Ib3eF/xKeeeavWA5zonNVjJC0rhHjVpr
h4YxYCAB1AsNLFHdHf6c2peIpqtu/bLpHHySk024XgrQFN7b0U6Gti0CwTDPTSbT
2ufNaInIzWGB9RwDkFYLIq2rWIehSB7+FjcbZgM+qOY1TDL/Dd6tzus8ET3wpCB3
kv/GyW1FOgEmtHvrROvRexEzBHIcmtV2xrEmCCn3ZuwSvpu37l0xqth3xrMRVCuB
DiWZ
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:39 2024 by rpki-client on console-fra.rpki-client.org