Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/zsEYwXc0uWTeWcueIWn5QDJ-DPo.roa
File: zsEYwXc0uWTeWcueIWn5QDJ-DPo.roa (raw, json)
Hash identifier: aEx82rSbx91a9E/qdwQjCRs8w7Ct3n7fM6+h9EFjjUM=
Subject key identifier: CE:C1:18:C1:77:34:B9:64:DE:59:CB:9E:21:69:F9:40:32:7E:0C:FA
Certificate issuer: /CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Certificate serial: 0185720354CF10A961C4D1B000AA92CAA9C2
Authority key identifier: D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/zsEYwXc0uWTeWcueIWn5QDJ-DPo.roa
Signing time: Mon 02 Jan 2023 10:24:58 +0000
ROA not before: Mon 02 Jan 2023 10:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49767
IP address blocks: 194.31.216.0/22 maxlen: 22
109.72.0.0/20 maxlen: 20
2a02:2930::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:54:cf:10:a9:61:c4:d1:b0:00:aa:92:ca:a9:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Validity
Not Before: Jan 2 10:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cec118c17734b964de59cb9e2169f940327e0cfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f4:8d:5d:c3:a3:9c:f9:61:3a:98:6d:8a:0b:
70:25:0b:39:b8:a4:51:a1:df:3f:bb:76:ce:a9:db:
1b:c9:7a:ec:dc:33:90:11:61:e8:19:c3:30:f6:c1:
6b:50:6e:72:d5:22:36:7e:f4:1a:0c:b7:3b:69:d6:
21:be:f2:d2:f0:cb:2d:65:7e:02:f6:0d:d8:1a:ab:
4d:14:f4:39:f5:48:9f:e0:b9:eb:67:d9:93:a6:a5:
45:eb:8d:77:af:3a:dc:16:57:18:bf:2a:4d:bc:6c:
bb:c9:02:cb:9c:98:51:36:72:56:1d:84:e3:54:f4:
04:20:74:80:cc:27:6e:16:83:44:8f:2e:42:55:bb:
fe:cc:b6:2d:b8:5d:54:a3:4d:31:52:af:07:70:93:
e3:86:df:75:bc:ad:42:cb:22:0e:e9:2a:1c:17:44:
26:a9:dd:ea:7c:d1:26:3c:85:c5:fc:ca:f5:db:e3:
99:99:17:2e:29:d9:4e:65:73:17:65:a4:08:f7:9a:
6e:74:ba:e3:04:b6:f1:92:3f:32:5f:7e:b0:39:76:
c9:9c:8e:a7:f7:75:a9:3e:50:cd:52:4d:35:f4:8a:
12:86:02:41:e8:45:4c:1b:3d:05:95:2f:a1:e9:2d:
13:be:a3:f8:36:17:d2:67:26:60:d1:dd:f7:6b:2f:
8f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:C1:18:C1:77:34:B9:64:DE:59:CB:9E:21:69:F9:40:32:7E:0C:FA
X509v3 Authority Key Identifier:
keyid:D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/zsEYwXc0uWTeWcueIWn5QDJ-DPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/1P8P7Ne_RBSJMXiN_n8g1npnoNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.72.0.0/20
194.31.216.0/22
IPv6:
2a02:2930::/32
Signature Algorithm: sha256WithRSAEncryption
3f:c7:9c:a3:89:a6:d4:5e:c5:1e:7c:e4:f6:9b:c5:f9:e6:8c:
ec:ea:95:48:c9:33:a1:3a:0f:e1:60:8a:e2:23:1a:aa:7f:58:
72:6a:f3:6b:b9:30:a6:6a:2d:a8:cf:f5:cf:a0:66:65:5b:69:
8c:a4:3a:46:63:5c:b4:a1:e1:bf:ad:fd:b0:4c:fc:aa:cb:e6:
f1:92:50:fc:72:1e:59:27:33:52:ec:97:a8:63:2f:43:11:1f:
40:18:b0:3c:0b:84:1d:9c:53:91:59:27:b4:96:d3:80:f1:6d:
6b:44:e4:d1:a7:15:b4:1e:d9:dc:7e:66:d8:eb:f6:d4:d3:b9:
23:f9:8a:7b:b7:e6:b9:33:c5:63:46:d5:39:ae:f9:a7:9d:e1:
4d:ac:e9:4a:da:9b:8f:72:98:40:28:cb:96:28:26:91:76:40:
46:c5:10:b4:c2:45:d5:22:56:b7:b0:e4:25:81:34:1c:09:59:
a3:46:3f:14:ea:57:fd:d1:cf:41:ba:32:75:ab:27:e4:38:5b:
ff:b5:ac:19:12:07:9a:61:c8:db:9f:40:8c:22:13:1d:eb:9a:
f5:88:0c:c2:ad:0d:fa:af:79:7c:8f:85:b1:98:80:40:a4:51:
bb:c1:04:9a:86:8e:c7:c9:62:95:59:b5:62:94:e6:64:65:18:
7e:a9:ce:95
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyA1TPEKlhxNGwAKqSyqnCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZmYwZmVjZDdiZjQ0MTQ4OTMxNzg4ZGZlN2YyMGQ2N2E2
N2EwZGIwHhcNMjMwMTAyMTAyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWMxMThjMTc3MzRiOTY0ZGU1OWNiOWUyMTY5Zjk0MDMyN2UwY2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfSNXcOjnPlhOphtigtwJQs5uKRR
od8/u3bOqdsbyXrs3DOQEWHoGcMw9sFrUG5y1SI2fvQaDLc7adYhvvLS8MstZX4C
9g3YGqtNFPQ59Uif4LnrZ9mTpqVF6413rzrcFlcYvypNvGy7yQLLnJhRNnJWHYTj
VPQEIHSAzCduFoNEjy5CVbv+zLYtuF1Uo00xUq8HcJPjht91vK1CyyIO6SocF0Qm
qd3qfNEmPIXF/Mr12+OZmRcuKdlOZXMXZaQI95pudLrjBLbxkj8yX36wOXbJnI6n
93WpPlDNUk019IoShgJB6EVMGz0FlS+h6S0TvqP4NhfSZyZg0d33ay+PJwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM7BGMF3NLlk3lnLniFp+UAyfgz6MB8GA1UdIwQY
MBaAFNT/D+zXv0QUiTF4jf5/INZ6Z6DbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVA4UDdOZV9SQlNKTVhpTl9uOGcxbnBub05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wYzBjNjUtOWY4Mi00NDUwLTkxNjUt
ZjBjMjFmODE4NmYwLzEvenNFWXdYYzB1V1RlV2N1ZUlXbjVRREotRFBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wYzBjNjUtOWY4Mi00NDUwLTkxNjUtZjBjMjFmODE4NmYw
LzEvMVA4UDdOZV9SQlNKTVhpTl9uOGcxbnBub05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEbUgAAwQC
wh/YMA0EAgACMAcDBQAqAikwMA0GCSqGSIb3DQEBCwUAA4IBAQA/x5yjiabUXsUe
fOT2m8X55ozs6pVIyTOhOg/hYIriIxqqf1hyavNruTCmai2oz/XPoGZlW2mMpDpG
Y1y0oeG/rf2wTPyqy+bxklD8ch5ZJzNS7JeoYy9DER9AGLA8C4QdnFORWSe0ltOA
8W1rROTRpxW0HtncfmbY6/bU07kj+Yp7t+a5M8VjRtU5rvmnneFNrOlK2puPcphA
KMuWKCaRdkBGxRC0wkXVIla3sOQlgTQcCVmjRj8U6lf90c9BujJ1qyfkOFv/tawZ
EgeaYcjbn0CMIhMd65r1iAzCrQ36r3l8j4WxmIBApFG7wQSaho7HyWKVWbVilOZk
ZRh+qc6V
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:21 2024 by rpki-client on console-ams.rpki-client.org