Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/ATSq5ZLzVITUH-BZ97mlpLjVdkM.roa
File: ATSq5ZLzVITUH-BZ97mlpLjVdkM.roa (raw, json)
Hash identifier: 8bdb63MweWgAdwAD9GTPrh0SLndPMxGpLO8a+Y8ZCec=
Subject key identifier: 01:34:AA:E5:92:F3:54:84:D4:1F:E0:59:F7:B9:A5:A4:B8:D5:76:43
Certificate issuer: /CN=dede91a0fb1f4dd17900d06db6e88336f78b5c05
Certificate serial: 01876FAB9420EAE22DCCF51770CC0301DBB8
Authority key identifier: DE:DE:91:A0:FB:1F:4D:D1:79:00:D0:6D:B6:E8:83:36:F7:8B:5C:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3t6RoPsfTdF5ANBttuiDNveLXAU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/ATSq5ZLzVITUH-BZ97mlpLjVdkM.roa
Signing time: Tue 11 Apr 2023 09:35:28 +0000
ROA not before: Tue 11 Apr 2023 09:35:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210544
IP address blocks: 192.124.252.0/24 maxlen: 24
193.28.64.0/23 maxlen: 24
2a12:6900::/32 maxlen: 64
Validation: Failed, certificate revoked on Wed 11 Oct 2023 13:19:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6f:ab:94:20:ea:e2:2d:cc:f5:17:70:cc:03:01:db:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dede91a0fb1f4dd17900d06db6e88336f78b5c05
Validity
Not Before: Apr 11 09:35:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0134aae592f35484d41fe059f7b9a5a4b8d57643
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0c:e5:83:c7:8e:93:d6:9d:2d:82:1e:e2:b7:
ac:37:b0:39:ed:ea:42:20:1a:d3:34:af:f4:5c:ac:
5f:58:9b:52:b4:f1:64:f2:28:57:f0:51:a9:2d:d9:
37:02:93:aa:29:55:17:52:0a:30:93:c6:a9:32:0b:
13:78:cc:f3:6f:fd:a8:6f:cd:a2:d0:78:e3:eb:75:
e5:90:eb:8a:59:5e:7d:2d:01:02:7a:70:b0:f8:00:
b4:77:4f:43:a8:60:45:8d:9a:d9:47:62:9c:ae:b2:
36:cc:f8:84:ff:75:08:d5:6b:96:90:21:8e:4b:af:
4b:3d:3e:04:54:2f:a9:b6:f9:99:43:a0:84:e6:6c:
11:bd:90:a1:db:c4:d8:5d:d6:3b:7a:6d:2b:44:70:
b4:ce:dd:bb:94:2c:cc:41:fd:f4:87:16:30:ec:10:
33:93:32:63:f6:c1:fa:4b:55:70:d2:06:99:0c:99:
f7:4a:d6:78:c5:4d:65:ff:b1:42:81:fc:a7:da:be:
30:78:7a:83:35:c0:d2:54:21:f4:45:81:82:4b:5a:
ca:01:c9:7b:8a:f8:ed:5a:7f:53:bb:83:88:7b:3a:
02:bd:4a:b3:35:cf:c1:25:6a:b7:9e:79:b5:07:83:
41:4c:7e:7c:e3:2f:bf:e6:f6:6d:e2:42:ad:9f:e9:
f3:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:34:AA:E5:92:F3:54:84:D4:1F:E0:59:F7:B9:A5:A4:B8:D5:76:43
X509v3 Authority Key Identifier:
keyid:DE:DE:91:A0:FB:1F:4D:D1:79:00:D0:6D:B6:E8:83:36:F7:8B:5C:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3t6RoPsfTdF5ANBttuiDNveLXAU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/ATSq5ZLzVITUH-BZ97mlpLjVdkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/3t6RoPsfTdF5ANBttuiDNveLXAU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.252.0/24
193.28.64.0/23
IPv6:
2a12:6900::/32
Signature Algorithm: sha256WithRSAEncryption
24:b8:32:51:ae:07:27:2f:fb:d2:5b:ef:e3:08:87:82:b5:2a:
f1:d7:bd:a1:7a:97:92:af:22:bd:ae:f0:86:2b:ac:22:46:c5:
89:f1:7a:25:6b:f4:b6:7d:29:ae:c6:07:e2:05:38:7c:7e:8b:
3a:f3:a1:99:b9:a7:45:48:f3:f1:8f:19:c1:e6:0e:b6:32:fb:
72:84:11:c6:de:2e:f3:43:88:a9:92:bb:03:d4:aa:2c:8b:1c:
0d:f8:d4:5b:74:49:3b:a6:17:85:91:14:93:e3:a6:bd:7c:27:
6b:54:01:3c:cd:d4:bd:36:75:20:a2:2d:5e:e4:5d:0f:82:64:
56:69:cc:94:d5:bb:69:73:f6:13:e9:85:4d:a4:38:11:1c:2a:
28:b6:c3:d7:93:4b:89:4a:aa:8c:9d:a7:28:68:df:b0:cf:2b:
3a:95:36:54:da:62:12:5a:3e:20:c1:f4:d3:21:8f:a5:f1:3a:
8e:40:d6:aa:fe:8c:5d:e5:a2:50:0d:83:d4:31:52:5c:62:e4:
96:d1:26:eb:28:d1:df:b5:89:2e:1f:38:e7:26:9c:e2:ea:a6:
a7:3d:d4:4f:79:a9:06:48:89:f4:d6:b2:37:83:03:19:2a:fb:
91:8c:ea:a3:83:00:2e:fb:65:4f:97:b4:c1:0a:ed:46:f8:4a:
4f:bf:0a:b7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYdvq5Qg6uItzPUXcMwDAdu4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZGU5MWEwZmIxZjRkZDE3OTAwZDA2ZGI2ZTg4MzM2Zjc4
YjVjMDUwHhcNMjMwNDExMDkzNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTM0YWFlNTkyZjM1NDg0ZDQxZmUwNTlmN2I5YTVhNGI4ZDU3NjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwzlg8eOk9adLYIe4resN7A57epC
IBrTNK/0XKxfWJtStPFk8ihX8FGpLdk3ApOqKVUXUgowk8apMgsTeMzzb/2ob82i
0Hjj63XlkOuKWV59LQECenCw+AC0d09DqGBFjZrZR2KcrrI2zPiE/3UI1WuWkCGO
S69LPT4EVC+ptvmZQ6CE5mwRvZCh28TYXdY7em0rRHC0zt27lCzMQf30hxYw7BAz
kzJj9sH6S1Vw0gaZDJn3StZ4xU1l/7FCgfyn2r4weHqDNcDSVCH0RYGCS1rKAcl7
ivjtWn9Tu4OIezoCvUqzNc/BJWq3nnm1B4NBTH584y+/5vZt4kKtn+nzbwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAE0quWS81SE1B/gWfe5paS41XZDMB8GA1UdIwQY
MBaAFN7ekaD7H03ReQDQbbbogzb3i1wFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3Q2Um9Qc2ZUZEY1QU5CdHR1aUROdmVMWEFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8yMzIxZDYtYmQ2Yy00YjJhLWFmODMt
MjFhNzAwYzcxMTlmLzEvQVRTcTVaTHpWSVRVSC1CWjk3bWxwTGpWZGtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8yMzIxZDYtYmQ2Yy00YjJhLWFmODMtMjFhNzAwYzcxMTlm
LzEvM3Q2Um9Qc2ZUZEY1QU5CdHR1aUROdmVMWEFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwHz8AwQB
wRxAMA0EAgACMAcDBQAqEmkAMA0GCSqGSIb3DQEBCwUAA4IBAQAkuDJRrgcnL/vS
W+/jCIeCtSrx172hepeSryK9rvCGK6wiRsWJ8Xola/S2fSmuxgfiBTh8fos686GZ
uadFSPPxjxnB5g62MvtyhBHG3i7zQ4ipkrsD1KosixwN+NRbdEk7pheFkRST46a9
fCdrVAE8zdS9NnUgoi1e5F0PgmRWacyU1btpc/YT6YVNpDgRHCootsPXk0uJSqqM
nacoaN+wzys6lTZU2mISWj4gwfTTIY+l8TqOQNaq/oxd5aJQDYPUMVJcYuSW0Sbr
KNHftYkuHzjnJpzi6qanPdRPeakGSIn01rI3gwMZKvuRjOqjgwAu+2VPl7TBCu1G
+EpPvwq3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:08 2024 by rpki-client on console-fra.rpki-client.org