Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/ZvDIX1OpupYs54wNXJRHVaQUt34.roa
File: ZvDIX1OpupYs54wNXJRHVaQUt34.roa (raw, json)
Hash identifier: XDaVek0DTo+bVph11wZBTBpsJLR+9XINugjTDmmEil4=
Subject key identifier: 66:F0:C8:5F:53:A9:BA:96:2C:E7:8C:0D:5C:94:47:55:A4:14:B7:7E
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 01856ED4D0E5637587970F6F2B177BB8BEDF
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/ZvDIX1OpupYs54wNXJRHVaQUt34.roa
Signing time: Sun 01 Jan 2023 19:35:18 +0000
ROA not before: Sun 01 Jan 2023 19:35:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203704
IP address blocks: 89.190.152.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:d0:e5:63:75:87:97:0f:6f:2b:17:7b:b8:be:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 1 19:35:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66f0c85f53a9ba962ce78c0d5c944755a414b77e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:8e:dc:fa:a8:9f:15:ff:6f:9c:06:a1:29:ba:
24:bb:0f:42:a2:e6:58:b2:a2:d7:04:12:32:29:61:
a9:36:32:65:75:42:96:4c:e8:47:52:2e:23:13:e0:
f4:36:5a:f5:3a:85:31:6f:51:15:43:a9:4e:eb:62:
e7:82:e4:05:3e:80:eb:08:cc:01:00:e9:5f:04:e7:
40:08:ca:f2:14:60:d5:60:53:2e:64:e7:46:7b:4d:
77:47:e0:9a:d0:01:16:7d:5d:78:2d:93:b8:4f:8f:
57:32:34:06:ee:45:4a:52:cd:89:9c:2d:c1:59:ed:
fe:99:b0:39:b8:f6:83:4b:2a:0c:43:3e:a9:82:87:
b4:4c:8b:c0:d5:0c:5a:cd:9c:9a:a3:8d:01:2a:cf:
4d:cb:c7:52:87:a6:7f:48:7d:6c:2a:7f:ba:f5:83:
47:d8:a7:d6:07:fb:f5:03:45:b4:2b:51:9b:e6:d4:
74:81:f3:12:14:75:f5:ae:49:51:db:26:bf:d1:27:
14:63:82:80:b3:67:b1:d9:71:a6:cb:97:55:80:cf:
47:c3:82:ad:f9:d3:30:aa:08:b8:8d:1e:d3:33:62:
31:40:c9:53:7a:09:02:e3:7d:55:95:8f:f7:33:5d:
f3:9a:55:a0:ea:7f:36:e4:e8:73:3b:fa:43:c4:ec:
34:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:F0:C8:5F:53:A9:BA:96:2C:E7:8C:0D:5C:94:47:55:A4:14:B7:7E
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/ZvDIX1OpupYs54wNXJRHVaQUt34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.190.152.0/22
Signature Algorithm: sha256WithRSAEncryption
55:91:dc:28:74:53:dc:ca:6c:c2:3d:0b:4b:56:75:d8:24:e1:
7e:06:7b:e4:57:8f:f4:f2:79:bc:4a:d6:f6:24:29:ad:a1:fd:
54:f0:11:32:f5:8d:50:be:ed:d6:90:e1:2c:8e:15:ec:ac:f4:
67:c0:2e:75:41:67:33:dd:71:5d:6c:08:1a:25:54:aa:b1:ec:
ca:28:76:f2:25:b8:e4:f9:97:c4:5a:19:cd:04:c1:58:c5:22:
ea:b5:96:f7:57:d4:a8:e3:27:5c:65:62:37:d8:fe:1e:41:91:
38:89:3b:75:a8:29:8f:76:86:c9:68:10:d4:94:cb:10:54:6c:
87:f2:1a:c7:3c:4b:56:1b:52:7a:0a:15:25:75:0c:61:84:38:
23:40:c9:63:30:88:6d:05:af:2f:f2:70:dd:42:57:78:e2:dd:
62:4b:cf:e0:f1:0a:34:42:1e:2d:c8:a3:e8:3c:28:b4:43:c3:
5a:cf:f3:7c:9e:e7:5a:a1:28:0d:53:4e:7b:60:52:d2:03:b8:
f1:83:30:dc:56:55:ae:f6:20:a3:30:7b:96:6a:90:73:68:f6:
31:90:f0:fa:4f:bc:9d:3f:0a:8c:9b:4e:b5:26:34:d6:52:94:
0d:88:3c:b1:ed:6a:c0:c9:81:4e:f1:51:b0:12:b3:3c:ef:00:
0c:8c:5a:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1NDlY3WHlw9vKxd7uL7fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwMTAxMTkzNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmYwYzg1ZjUzYTliYTk2MmNlNzhjMGQ1Yzk0NDc1NWE0MTRiNzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApY7c+qifFf9vnAahKbokuw9CouZY
sqLXBBIyKWGpNjJldUKWTOhHUi4jE+D0Nlr1OoUxb1EVQ6lO62LnguQFPoDrCMwB
AOlfBOdACMryFGDVYFMuZOdGe013R+Ca0AEWfV14LZO4T49XMjQG7kVKUs2JnC3B
We3+mbA5uPaDSyoMQz6pgoe0TIvA1QxazZyao40BKs9Ny8dSh6Z/SH1sKn+69YNH
2KfWB/v1A0W0K1Gb5tR0gfMSFHX1rklR2ya/0ScUY4KAs2ex2XGmy5dVgM9Hw4Kt
+dMwqgi4jR7TM2IxQMlTegkC431VlY/3M13zmlWg6n825OhzO/pDxOw07wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGbwyF9TqbqWLOeMDVyUR1WkFLd+MB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvWnZESVgxT3B1cFlzNTR3TlhKUkhWYVFVdDM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWb6YMA0G
CSqGSIb3DQEBCwUAA4IBAQBVkdwodFPcymzCPQtLVnXYJOF+BnvkV4/08nm8Stb2
JCmtof1U8BEy9Y1Qvu3WkOEsjhXsrPRnwC51QWcz3XFdbAgaJVSqsezKKHbyJbjk
+ZfEWhnNBMFYxSLqtZb3V9So4ydcZWI32P4eQZE4iTt1qCmPdobJaBDUlMsQVGyH
8hrHPEtWG1J6ChUldQxhhDgjQMljMIhtBa8v8nDdQld44t1iS8/g8Qo0Qh4tyKPo
PCi0Q8Naz/N8nudaoSgNU057YFLSA7jxgzDcVlWu9iCjMHuWapBzaPYxkPD6T7yd
PwqMm061JjTWUpQNiDyx7WrAyYFO8VGwErM87wAMjFrv
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:47 2024 by rpki-client on console-fra.rpki-client.org