Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/beaf9d-5b28-4df4-b67d-6a7fa82296c9/1/zVtv0NHd2LZ_8E0YjD8qOEizUDo.roa
File: zVtv0NHd2LZ_8E0YjD8qOEizUDo.roa (raw, json)
Hash identifier: yFaVAqGENIG5Bnd8SOvz3wjzYElXXGC1x4ncDVf83to=
Subject key identifier: CD:5B:6F:D0:D1:DD:D8:B6:7F:F0:4D:18:8C:3F:2A:38:48:B3:50:3A
Certificate issuer: /CN=8fd38fb4d3b9a2c7c8fff597718c905b9e2f84cd
Certificate serial: 01856CB86380B8AA221F485ACCAF39A7F86D
Authority key identifier: 8F:D3:8F:B4:D3:B9:A2:C7:C8:FF:F5:97:71:8C:90:5B:9E:2F:84:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j9OPtNO5osfI__WXcYyQW54vhM0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/beaf9d-5b28-4df4-b67d-6a7fa82296c9/1/zVtv0NHd2LZ_8E0YjD8qOEizUDo.roa
Signing time: Sun 01 Jan 2023 09:45:01 +0000
ROA not before: Sun 01 Jan 2023 09:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 193.84.136.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:63:80:b8:aa:22:1f:48:5a:cc:af:39:a7:f8:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fd38fb4d3b9a2c7c8fff597718c905b9e2f84cd
Validity
Not Before: Jan 1 09:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd5b6fd0d1ddd8b67ff04d188c3f2a3848b3503a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:65:63:64:79:e3:0b:b9:67:d9:be:0b:57:57:
37:9b:6b:42:c1:fb:94:39:95:10:d0:2d:d2:88:e8:
00:39:5b:f8:3e:e0:02:6e:df:c1:7e:6b:fe:aa:f2:
7f:2e:a6:bd:7c:9d:3d:32:89:8e:b7:ba:9b:7d:66:
be:6c:0b:9a:02:5c:96:14:11:5c:d0:18:0f:b1:89:
9d:47:3b:dd:fd:2b:a1:fa:4a:d9:82:f1:26:41:05:
f9:44:e9:11:1a:55:96:80:c1:68:83:96:b5:d1:c9:
45:bc:bd:71:e2:d5:f0:76:02:4e:8c:45:3b:e7:76:
10:69:85:51:8d:30:df:f2:74:5c:e9:9d:98:c5:e5:
11:c3:38:fb:d5:9a:81:47:b1:58:21:98:85:ab:36:
9e:88:e4:3c:2a:f0:e1:c5:a6:36:95:b4:f3:61:8b:
d4:12:c7:78:77:41:45:0b:60:25:a8:49:2d:02:ac:
2f:c9:97:0d:14:27:88:bb:e5:78:3b:18:4c:8c:0f:
61:96:7e:9a:20:9e:ab:05:99:93:64:f8:fa:11:a6:
21:9f:89:6f:77:55:8d:83:76:67:3e:91:b7:1b:5c:
aa:a0:46:f1:72:0f:7e:f0:55:8f:8a:49:fb:5c:94:
b0:5b:1a:ad:0f:4e:0f:90:dc:1d:4e:82:77:84:ba:
07:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:5B:6F:D0:D1:DD:D8:B6:7F:F0:4D:18:8C:3F:2A:38:48:B3:50:3A
X509v3 Authority Key Identifier:
keyid:8F:D3:8F:B4:D3:B9:A2:C7:C8:FF:F5:97:71:8C:90:5B:9E:2F:84:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j9OPtNO5osfI__WXcYyQW54vhM0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/beaf9d-5b28-4df4-b67d-6a7fa82296c9/1/zVtv0NHd2LZ_8E0YjD8qOEizUDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/beaf9d-5b28-4df4-b67d-6a7fa82296c9/1/j9OPtNO5osfI__WXcYyQW54vhM0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.84.136.0/22
Signature Algorithm: sha256WithRSAEncryption
72:57:35:a0:8c:48:67:01:2d:4d:78:24:e9:c2:a1:7c:5c:a3:
94:42:2e:a1:e8:6e:9d:31:ab:e5:cd:26:35:b3:cb:3a:f0:37:
27:76:db:fe:47:11:71:5a:42:a2:82:95:2d:5c:67:86:9a:78:
ba:52:72:65:5a:fc:7c:93:0b:3c:ed:ed:1e:49:12:c2:73:a8:
78:57:6e:1f:2e:3b:51:fe:86:78:26:36:b6:ca:f1:18:13:4e:
c3:a7:50:c9:06:d8:cd:e5:15:2a:4d:1a:07:9a:ea:95:e7:9a:
5b:40:c7:8f:4d:fb:c4:bb:e6:75:47:10:7e:74:49:c5:8c:44:
3f:ac:cc:4b:14:d7:7b:35:cd:3f:d3:4b:06:a6:c4:9e:26:c6:
20:28:16:22:53:88:c0:eb:30:2f:2d:11:32:31:e6:1f:e1:c3:
47:a1:3a:5f:4f:0d:28:36:85:c5:7a:d3:48:5b:bf:2c:0a:31:
80:06:84:4d:d0:a7:10:cb:bd:9f:81:04:49:27:b4:cb:fd:fa:
c9:62:95:c5:78:86:6b:c6:fc:c2:52:3d:f0:13:40:ad:6b:7d:
b6:2b:ae:8c:f9:30:b5:77:a6:de:96:7d:4a:f9:16:e7:18:1b:
97:64:ea:1a:ae:95:17:87:7c:e3:7e:55:a6:aa:b5:6b:57:3f:
7d:7c:2b:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsuGOAuKoiH0hazK85p/htMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmZDM4ZmI0ZDNiOWEyYzdjOGZmZjU5NzcxOGM5MDViOWUy
Zjg0Y2QwHhcNMjMwMTAxMDk0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDViNmZkMGQxZGRkOGI2N2ZmMDRkMTg4YzNmMmEzODQ4YjM1MDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymVjZHnjC7ln2b4LV1c3m2tCwfuU
OZUQ0C3SiOgAOVv4PuACbt/Bfmv+qvJ/Lqa9fJ09MomOt7qbfWa+bAuaAlyWFBFc
0BgPsYmdRzvd/Suh+krZgvEmQQX5ROkRGlWWgMFog5a10clFvL1x4tXwdgJOjEU7
53YQaYVRjTDf8nRc6Z2YxeURwzj71ZqBR7FYIZiFqzaeiOQ8KvDhxaY2lbTzYYvU
Esd4d0FFC2AlqEktAqwvyZcNFCeIu+V4OxhMjA9hln6aIJ6rBZmTZPj6EaYhn4lv
d1WNg3ZnPpG3G1yqoEbxcg9+8FWPikn7XJSwWxqtD04PkNwdToJ3hLoHBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM1bb9DR3di2f/BNGIw/KjhIs1A6MB8GA1UdIwQY
MBaAFI/Tj7TTuaLHyP/1l3GMkFueL4TNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajlPUHROTzVvc2ZJX19XWGNZeVFXNTR2aE0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9iZWFmOWQtNWIyOC00ZGY0LWI2N2Qt
NmE3ZmE4MjI5NmM5LzEvelZ0djBOSGQyTFpfOEUwWWpEOHFPRWl6VURvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9iZWFmOWQtNWIyOC00ZGY0LWI2N2QtNmE3ZmE4MjI5NmM5
LzEvajlPUHROTzVvc2ZJX19XWGNZeVFXNTR2aE0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwVSIMA0G
CSqGSIb3DQEBCwUAA4IBAQByVzWgjEhnAS1NeCTpwqF8XKOUQi6h6G6dMavlzSY1
s8s68Dcndtv+RxFxWkKigpUtXGeGmni6UnJlWvx8kws87e0eSRLCc6h4V24fLjtR
/oZ4Jja2yvEYE07Dp1DJBtjN5RUqTRoHmuqV55pbQMePTfvEu+Z1RxB+dEnFjEQ/
rMxLFNd7Nc0/00sGpsSeJsYgKBYiU4jA6zAvLREyMeYf4cNHoTpfTw0oNoXFetNI
W78sCjGABoRN0KcQy72fgQRJJ7TL/frJYpXFeIZrxvzCUj3wE0Cta322K66M+TC1
d6beln1K+RbnGBuXZOoarpUXh3zjflWmqrVrVz99fCuQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:51 2024 by rpki-client on console-fra.rpki-client.org