Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/kzfEoAWsBg533sqIQbaHlmUZ9M0.roa
File: kzfEoAWsBg533sqIQbaHlmUZ9M0.roa (raw, json)
Hash identifier: us7ZxXxOhGS5fKFPBDfIYP3PRwZTsZwFvUWQpbxH86A=
Subject key identifier: 93:37:C4:A0:05:AC:06:0E:77:DE:CA:88:41:B6:87:96:65:19:F4:CD
Certificate issuer: /CN=3cdcc8bcdb6c744acdf43dd72d68d20451a179f6
Certificate serial: 01875108A8177E5A7EE68276616B4DF2689B
Authority key identifier: 3C:DC:C8:BC:DB:6C:74:4A:CD:F4:3D:D7:2D:68:D2:04:51:A1:79:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PNzIvNtsdErN9D3XLWjSBFGhefY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/kzfEoAWsBg533sqIQbaHlmUZ9M0.roa
Signing time: Wed 05 Apr 2023 10:48:54 +0000
ROA not before: Wed 05 Apr 2023 10:48:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 152.89.193.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:51:08:a8:17:7e:5a:7e:e6:82:76:61:6b:4d:f2:68:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cdcc8bcdb6c744acdf43dd72d68d20451a179f6
Validity
Not Before: Apr 5 10:48:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9337c4a005ac060e77deca8841b687966519f4cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:84:69:49:72:f5:79:67:07:9b:b1:72:a7:bd:
2c:be:6a:13:d2:cb:5a:11:03:cb:0e:14:e3:2b:ad:
49:8d:a0:e6:52:cc:8c:99:d6:c1:a4:f0:a0:5e:91:
47:99:36:11:b7:6a:df:af:8f:90:ca:d7:03:d6:eb:
ce:f8:8a:ba:ae:84:4b:d1:87:5c:13:d2:08:a1:29:
33:44:f0:e7:a0:84:84:05:fa:16:37:20:9b:88:4b:
58:fc:e6:34:15:e8:d2:97:97:28:7c:0f:5f:80:88:
fc:ea:36:f6:f1:d0:a0:06:77:b8:20:d6:ca:10:fd:
9c:52:8f:1d:26:a9:1b:41:97:99:67:0c:56:a6:07:
22:b6:4b:28:39:55:9d:e8:79:59:ac:79:e7:6b:16:
05:d7:00:99:2a:32:c3:f3:90:23:35:f9:a4:4c:9e:
ee:a7:29:90:55:d6:35:9b:fd:0d:1d:3d:bb:5f:7e:
5f:d0:0d:9d:ec:09:b4:5d:fc:1b:f0:eb:9d:92:b5:
55:0b:96:98:38:de:06:e2:bb:f7:75:8d:34:7e:22:
b6:21:57:c7:95:53:3f:41:d0:82:0b:a7:5f:26:c5:
2b:60:f0:8a:f4:c0:93:89:c7:93:3d:4f:1b:00:2a:
e7:a9:53:f7:5d:70:3f:ac:25:24:5b:59:a0:06:49:
11:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:37:C4:A0:05:AC:06:0E:77:DE:CA:88:41:B6:87:96:65:19:F4:CD
X509v3 Authority Key Identifier:
keyid:3C:DC:C8:BC:DB:6C:74:4A:CD:F4:3D:D7:2D:68:D2:04:51:A1:79:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNzIvNtsdErN9D3XLWjSBFGhefY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/kzfEoAWsBg533sqIQbaHlmUZ9M0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/PNzIvNtsdErN9D3XLWjSBFGhefY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.193.0/24
Signature Algorithm: sha256WithRSAEncryption
99:54:f7:ee:4f:0d:a8:40:77:87:4f:dc:56:e4:4d:da:fe:72:
02:4b:3a:bf:38:dd:da:9d:02:71:0a:51:12:e4:b3:b9:15:1b:
ce:7c:d2:d6:0a:1c:aa:1a:24:d2:9a:26:b2:2b:57:0e:c8:9c:
3c:0c:6b:84:12:38:0c:0f:ca:f0:a2:86:0c:dc:58:47:b8:59:
77:71:6b:27:e4:65:54:4e:03:d8:fa:c8:e0:d8:6a:bb:c4:f2:
23:fd:40:52:43:97:19:9e:32:ac:a1:25:82:6f:2c:3c:44:de:
b9:fe:38:a9:e3:5a:9f:57:14:2a:ff:d4:76:f6:77:df:ef:f0:
99:c6:a7:3c:3e:f3:67:b1:70:c1:fe:f0:be:6e:6c:96:45:50:
c4:2b:c1:8b:b5:97:59:66:b3:21:a7:b3:7b:0a:56:1f:a6:99:
5a:b2:f6:19:d6:af:ab:f8:52:46:22:3a:33:75:99:ec:65:0d:
83:3c:66:f5:74:b5:c4:4e:5f:c3:eb:63:cd:e5:4d:6d:99:43:
9e:11:51:71:87:33:e2:f9:04:a5:6a:07:ca:7d:c3:dc:cc:57:
e2:26:62:e5:9d:fd:25:c9:5a:2b:bb:95:60:00:b7:2b:a1:e2:
03:5b:77:2c:0e:29:ff:bf:08:37:88:2b:1e:b1:40:01:d0:c3:
f9:cc:83:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdRCKgXflp+5oJ2YWtN8mibMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZGNjOGJjZGI2Yzc0NGFjZGY0M2RkNzJkNjhkMjA0NTFh
MTc5ZjYwHhcNMjMwNDA1MTA0ODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzM3YzRhMDA1YWMwNjBlNzdkZWNhODg0MWI2ODc5NjY1MTlmNGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYRpSXL1eWcHm7Fyp70svmoT0sta
EQPLDhTjK61JjaDmUsyMmdbBpPCgXpFHmTYRt2rfr4+QytcD1uvO+Iq6roRL0Ydc
E9IIoSkzRPDnoISEBfoWNyCbiEtY/OY0FejSl5cofA9fgIj86jb28dCgBne4INbK
EP2cUo8dJqkbQZeZZwxWpgcitksoOVWd6HlZrHnnaxYF1wCZKjLD85AjNfmkTJ7u
pymQVdY1m/0NHT27X35f0A2d7Am0Xfwb8OudkrVVC5aYON4G4rv3dY00fiK2IVfH
lVM/QdCCC6dfJsUrYPCK9MCTiceTPU8bACrnqVP3XXA/rCUkW1mgBkkRBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJM3xKAFrAYOd97KiEG2h5ZlGfTNMB8GA1UdIwQY
MBaAFDzcyLzbbHRKzfQ91y1o0gRRoXn2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE56SXZOdHNkRXJOOUQzWExXalNCRkdoZWZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8zNTY4MjYtZmMxMC00YWE5LTk2YTQt
NjM3YjM3MWRhOGU2LzEva3pmRW9BV3NCZzUzM3NxSVFiYUhsbVVaOU0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8zNTY4MjYtZmMxMC00YWE5LTk2YTQtNjM3YjM3MWRhOGU2
LzEvUE56SXZOdHNkRXJOOUQzWExXalNCRkdoZWZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFnBMA0G
CSqGSIb3DQEBCwUAA4IBAQCZVPfuTw2oQHeHT9xW5E3a/nICSzq/ON3anQJxClES
5LO5FRvOfNLWChyqGiTSmiayK1cOyJw8DGuEEjgMD8rwooYM3FhHuFl3cWsn5GVU
TgPY+sjg2Gq7xPIj/UBSQ5cZnjKsoSWCbyw8RN65/jip41qfVxQq/9R29nff7/CZ
xqc8PvNnsXDB/vC+bmyWRVDEK8GLtZdZZrMhp7N7ClYfpplasvYZ1q+r+FJGIjoz
dZnsZQ2DPGb1dLXETl/D62PN5U1tmUOeEVFxhzPi+QSlagfKfcPczFfiJmLlnf0l
yVoru5VgALcroeIDW3csDin/vwg3iCsesUAB0MP5zINo
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:28 2023 by rpki-client on console-ams.rpki-client.org