Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/rz_M0SN80zde1KRAbfLKrmmJu5w.roa
File: rz_M0SN80zde1KRAbfLKrmmJu5w.roa (raw, json)
Hash identifier: CwRWDzDYu5zCarOOM3Q9oxCpsOGcZLf6XCBdnOPFtcE=
Subject key identifier: AF:3F:CC:D1:23:7C:D3:37:5E:D4:A4:40:6D:F2:CA:AE:69:89:BB:9C
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 01856F9DB7172713AB9037F88AE9D24D53C3
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/rz_M0SN80zde1KRAbfLKrmmJu5w.roa
Signing time: Sun 01 Jan 2023 23:14:45 +0000
ROA not before: Sun 01 Jan 2023 23:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5458
IP address blocks: 212.252.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:b7:17:27:13:ab:90:37:f8:8a:e9:d2:4d:53:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 23:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af3fccd1237cd3375ed4a4406df2caae6989bb9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4e:92:2d:74:48:0c:ea:1d:0d:a3:13:00:00:
06:70:6c:e7:84:73:3a:d9:62:e4:04:5d:7b:7f:27:
ce:25:25:5a:1c:c0:36:52:fe:f0:52:a4:08:d4:cc:
69:15:c3:76:b3:8a:07:e9:67:47:01:f2:23:47:7b:
7c:e3:ab:e9:9e:47:97:dd:64:c7:a6:e9:eb:7d:33:
40:47:d8:08:a4:88:56:27:87:fa:c1:ef:30:80:c2:
8f:b9:79:38:0d:af:fa:9f:51:8c:ad:e1:2c:63:5c:
e3:02:77:f2:60:1b:9f:bb:65:3a:1b:bb:52:23:a8:
ed:a5:fa:43:10:f5:85:99:75:f1:87:8e:22:6f:99:
3a:0b:b8:cb:cd:f7:3b:fc:ef:ac:ab:81:bf:0a:78:
22:55:52:25:82:22:f0:06:2b:3a:2d:c3:fb:fb:df:
1a:b0:98:e2:b5:ae:77:6f:58:01:5b:9f:a7:12:69:
43:4f:a8:62:52:75:4f:ac:8c:33:80:bc:21:d9:fc:
cf:e1:e6:ad:c8:d5:cd:c4:48:f6:dc:92:fe:fe:f7:
66:1c:82:14:6e:98:ce:b2:f0:99:73:9a:30:02:84:
ba:0a:68:4a:f8:2e:86:04:54:d0:00:94:42:58:a5:
23:c3:3a:ea:90:3b:5a:53:3e:9c:ea:29:41:b9:08:
47:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:3F:CC:D1:23:7C:D3:37:5E:D4:A4:40:6D:F2:CA:AE:69:89:BB:9C
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/rz_M0SN80zde1KRAbfLKrmmJu5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.252.33.0/24
Signature Algorithm: sha256WithRSAEncryption
18:ba:c5:8d:55:3d:d3:b6:27:4e:ea:23:18:14:c5:fa:82:a8:
40:b3:d1:7e:60:e6:9e:54:e8:f5:cf:57:4c:d9:ed:5d:8d:31:
67:57:85:3d:f4:b5:ef:92:df:95:62:14:da:bd:e1:2e:d8:8f:
0e:dd:a7:26:24:38:ca:ed:43:f3:8f:39:85:1f:a8:b7:0e:c7:
a0:23:1d:07:8b:fb:ea:64:b4:a4:14:a1:05:58:ab:e0:0f:7d:
d4:b3:14:a7:9c:62:79:14:74:b8:0f:b3:b6:3d:ed:8f:a6:1a:
ff:45:d7:98:72:a9:c9:13:54:18:aa:d4:c2:82:e2:52:94:5d:
5a:c9:95:5f:29:e2:a4:66:dc:fd:52:0b:be:7a:49:f3:74:e9:
5d:1e:31:2c:3c:1f:33:bc:4c:15:91:fd:9d:13:47:08:6c:fc:
fb:de:45:1a:d6:92:82:0c:3a:8e:f6:dd:59:c8:03:51:30:38:
a5:13:1d:94:b9:4e:14:bc:90:8b:22:2a:40:fc:c1:3e:0c:02:
65:b0:14:6e:5b:d5:72:0d:d3:4d:49:97:d4:cf:52:44:47:83:
a5:e1:25:4b:f2:01:f0:e2:3d:7d:56:bc:7a:3f:ff:99:cb:9f:
3e:54:a4:c3:a8:c8:5a:b6:18:5e:84:aa:e5:5b:05:ae:51:a9:
53:27:be:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvnbcXJxOrkDf4iunSTVPDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjMwMTAxMjMxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjNmY2NkMTIzN2NkMzM3NWVkNGE0NDA2ZGYyY2FhZTY5ODliYjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqE6SLXRIDOodDaMTAAAGcGznhHM6
2WLkBF17fyfOJSVaHMA2Uv7wUqQI1MxpFcN2s4oH6WdHAfIjR3t846vpnkeX3WTH
punrfTNAR9gIpIhWJ4f6we8wgMKPuXk4Da/6n1GMreEsY1zjAnfyYBufu2U6G7tS
I6jtpfpDEPWFmXXxh44ib5k6C7jLzfc7/O+sq4G/CngiVVIlgiLwBis6LcP7+98a
sJjita53b1gBW5+nEmlDT6hiUnVPrIwzgLwh2fzP4eatyNXNxEj23JL+/vdmHIIU
bpjOsvCZc5owAoS6CmhK+C6GBFTQAJRCWKUjwzrqkDtaUz6c6ilBuQhHJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK8/zNEjfNM3XtSkQG3yyq5pibucMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvcnpfTTBTTjgwemRlMUtSQWJmTEtybW1KdTV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1PwhMA0G
CSqGSIb3DQEBCwUAA4IBAQAYusWNVT3TtidO6iMYFMX6gqhAs9F+YOaeVOj1z1dM
2e1djTFnV4U99LXvkt+VYhTaveEu2I8O3acmJDjK7UPzjzmFH6i3DsegIx0Hi/vq
ZLSkFKEFWKvgD33UsxSnnGJ5FHS4D7O2Pe2Pphr/RdeYcqnJE1QYqtTCguJSlF1a
yZVfKeKkZtz9Ugu+eknzdOldHjEsPB8zvEwVkf2dE0cIbPz73kUa1pKCDDqO9t1Z
yANRMDilEx2UuU4UvJCLIipA/ME+DAJlsBRuW9VyDdNNSZfUz1JER4Ol4SVL8gHw
4j19Vrx6P/+Zy58+VKTDqMhathhehKrlWwWuUalTJ75u
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:22 2024 by rpki-client on console-ams.rpki-client.org