Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/e3037f-338b-46f2-8f97-6cef1abab3fc/1/zCOAZT46pEwy5e1qd5FuUZOmrms.roa
File: zCOAZT46pEwy5e1qd5FuUZOmrms.roa (raw, json)
Hash identifier: 0HZLpmTvxUp3DAf+mh20ho0UG9Yit+kxlsrR8Dr9u5c=
Subject key identifier: CC:23:80:65:3E:3A:A4:4C:32:E5:ED:6A:77:91:6E:51:93:A6:AE:6B
Certificate issuer: /CN=a1fd16c247cf466eed31a304bb8f17fa3215aaaa
Certificate serial: 018572E81B1146095D2D151A643489515839
Authority key identifier: A1:FD:16:C2:47:CF:46:6E:ED:31:A3:04:BB:8F:17:FA:32:15:AA:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/of0WwkfPRm7tMaMEu48X-jIVqqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/e3037f-338b-46f2-8f97-6cef1abab3fc/1/zCOAZT46pEwy5e1qd5FuUZOmrms.roa
Signing time: Mon 02 Jan 2023 14:34:51 +0000
ROA not before: Mon 02 Jan 2023 14:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49642
IP address blocks: 194.33.152.0/22 maxlen: 24
193.109.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:e8:1b:11:46:09:5d:2d:15:1a:64:34:89:51:58:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1fd16c247cf466eed31a304bb8f17fa3215aaaa
Validity
Not Before: Jan 2 14:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc2380653e3aa44c32e5ed6a77916e5193a6ae6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:9a:69:0f:29:f9:23:2e:3b:9a:f9:e8:13:ee:
d5:dd:d4:a5:90:cf:fd:19:66:e6:5e:7a:6c:b2:43:
18:5c:b4:ae:fd:6d:ee:11:04:95:76:f7:cd:ce:9d:
c4:95:54:d5:f1:25:5c:4f:3a:ad:48:97:22:bd:16:
fb:2d:d5:ed:ad:cf:39:0f:7e:36:d3:ef:bb:f7:53:
27:fc:ae:cd:cb:83:31:bb:84:7c:ad:32:64:02:9f:
a2:4f:b2:82:d2:04:ba:13:14:0a:08:82:52:c1:e8:
ad:09:11:d3:6a:7b:6f:45:48:bf:89:46:3d:d0:83:
1f:fa:fa:a6:3d:5c:29:28:26:d3:37:5f:d1:f8:24:
86:a7:d2:64:14:04:e1:ed:6f:ef:83:7e:fc:45:d2:
f0:19:55:1a:dd:16:c7:da:4b:4c:7e:55:5f:28:89:
55:d2:83:19:8b:e7:14:98:b8:f4:d1:de:e3:84:50:
f0:e8:16:db:ec:47:a7:e4:7a:17:19:91:c5:c0:23:
47:ae:1a:b8:41:c9:41:fb:01:ef:31:39:e2:31:53:
cc:98:40:a3:2f:3f:ad:37:4e:16:32:bc:c7:e5:26:
52:81:46:4b:fa:18:e4:67:dd:8f:c6:ec:72:de:ea:
b6:ae:e3:fc:cd:85:26:2b:ec:b6:ba:16:b3:64:12:
95:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:23:80:65:3E:3A:A4:4C:32:E5:ED:6A:77:91:6E:51:93:A6:AE:6B
X509v3 Authority Key Identifier:
keyid:A1:FD:16:C2:47:CF:46:6E:ED:31:A3:04:BB:8F:17:FA:32:15:AA:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/of0WwkfPRm7tMaMEu48X-jIVqqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/e3037f-338b-46f2-8f97-6cef1abab3fc/1/zCOAZT46pEwy5e1qd5FuUZOmrms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/e3037f-338b-46f2-8f97-6cef1abab3fc/1/of0WwkfPRm7tMaMEu48X-jIVqqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.95.0/24
194.33.152.0/22
Signature Algorithm: sha256WithRSAEncryption
b3:63:0f:11:82:93:96:d4:89:06:40:db:47:b1:7d:56:23:dd:
71:f2:3d:94:63:34:42:5e:d7:f5:40:3c:86:86:5a:51:88:71:
8c:8a:64:0c:33:97:ed:f8:7b:40:29:b2:67:1d:9f:ac:13:d5:
51:a7:08:19:e5:c2:cc:ed:00:69:6a:b8:11:36:47:27:4a:7a:
7c:d7:a8:b3:e9:66:b0:ab:44:fb:29:a7:dd:ab:10:9e:52:4d:
da:bb:a9:55:e7:76:63:f6:e6:6a:a8:e2:29:78:b9:5a:13:d6:
76:73:8e:bf:00:31:84:d5:ec:7d:03:7b:24:bb:95:68:3b:bf:
9e:f4:a8:3d:66:01:68:87:12:86:40:fb:4c:70:b1:27:cc:9f:
62:51:c7:fa:da:30:68:83:1d:f8:cd:21:5f:73:20:ad:8d:ef:
57:72:03:e5:64:92:96:7a:7f:f1:2a:ad:5b:32:ce:a2:f9:05:
fd:30:d1:92:05:0d:7f:a0:23:b1:a6:89:44:5f:ac:c0:6e:2f:
65:aa:bf:d2:25:6c:0e:24:d1:40:05:65:f8:88:b5:e6:e8:9f:
f0:2b:4a:51:3c:f8:c5:d7:9d:11:4f:f0:97:fb:07:da:33:9a:
6f:ea:83:ce:08:4a:2d:84:88:9a:e4:16:90:06:31:14:5b:ba:
32:37:05:b9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVy6BsRRgldLRUaZDSJUVg5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZmQxNmMyNDdjZjQ2NmVlZDMxYTMwNGJiOGYxN2ZhMzIx
NWFhYWEwHhcNMjMwMTAyMTQzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzIzODA2NTNlM2FhNDRjMzJlNWVkNmE3NzkxNmU1MTkzYTZhZTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2JppDyn5Iy47mvnoE+7V3dSlkM/9
GWbmXnpsskMYXLSu/W3uEQSVdvfNzp3ElVTV8SVcTzqtSJcivRb7LdXtrc85D342
0++791Mn/K7Ny4Mxu4R8rTJkAp+iT7KC0gS6ExQKCIJSweitCRHTantvRUi/iUY9
0IMf+vqmPVwpKCbTN1/R+CSGp9JkFATh7W/vg378RdLwGVUa3RbH2ktMflVfKIlV
0oMZi+cUmLj00d7jhFDw6Bbb7Een5HoXGZHFwCNHrhq4QclB+wHvMTniMVPMmECj
Lz+tN04WMrzH5SZSgUZL+hjkZ92Pxuxy3uq2ruP8zYUmK+y2uhazZBKVZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMwjgGU+OqRMMuXtaneRblGTpq5rMB8GA1UdIwQY
MBaAFKH9FsJHz0Zu7TGjBLuPF/oyFaqqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2YwV3drZlBSbTd0TWFNRXU0OFgtaklWcXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9lMzAzN2YtMzM4Yi00NmYyLThmOTct
NmNlZjFhYmFiM2ZjLzEvekNPQVpUNDZwRXd5NWUxcWQ1RnVVWk9tcm1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9lMzAzN2YtMzM4Yi00NmYyLThmOTctNmNlZjFhYmFiM2Zj
LzEvb2YwV3drZlBSbTd0TWFNRXU0OFgtaklWcXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwW1fAwQC
wiGYMA0GCSqGSIb3DQEBCwUAA4IBAQCzYw8RgpOW1IkGQNtHsX1WI91x8j2UYzRC
Xtf1QDyGhlpRiHGMimQMM5ft+HtAKbJnHZ+sE9VRpwgZ5cLM7QBpargRNkcnSnp8
16iz6Wawq0T7KafdqxCeUk3au6lV53Zj9uZqqOIpeLlaE9Z2c46/ADGE1ex9A3sk
u5VoO7+e9Kg9ZgFohxKGQPtMcLEnzJ9iUcf62jBogx34zSFfcyCtje9XcgPlZJKW
en/xKq1bMs6i+QX9MNGSBQ1/oCOxpolEX6zAbi9lqr/SJWwOJNFABWX4iLXm6J/w
K0pRPPjF150RT/CX+wfaM5pv6oPOCEothIia5BaQBjEUW7oyNwW5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:20 2024 by rpki-client on console-fra.rpki-client.org