Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/3bafd8-c34e-4890-b4cf-73db0f2841c9/1/k_zdFMYF5jg_zoBokLqH51trwAw.roa
File: k_zdFMYF5jg_zoBokLqH51trwAw.roa (raw, json)
Hash identifier: BkTDuRiqKbaHWQ/NMPy1hAv/pBDN+J2XamSNT3cxVmg=
Subject key identifier: 93:FC:DD:14:C6:05:E6:38:3F:CE:80:68:90:BA:87:E7:5B:6B:C0:0C
Certificate issuer: /CN=0253b919d75dc204d9ca38db7b28a174834b3b3d
Certificate serial: 018C79AE03D3FBDE154F4771521FFBE3E9BB
Authority key identifier: 02:53:B9:19:D7:5D:C2:04:D9:CA:38:DB:7B:28:A1:74:83:4B:3B:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AlO5GdddwgTZyjjbeyihdINLOz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/3bafd8-c34e-4890-b4cf-73db0f2841c9/1/k_zdFMYF5jg_zoBokLqH51trwAw.roa
Signing time: Sun 17 Dec 2023 21:28:16 +0000
ROA not before: Sun 17 Dec 2023 21:28:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203779
IP address blocks: 185.124.52.0/22 maxlen: 24
2a06:b040::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:79:ae:03:d3:fb:de:15:4f:47:71:52:1f:fb:e3:e9:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0253b919d75dc204d9ca38db7b28a174834b3b3d
Validity
Not Before: Dec 17 21:28:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93fcdd14c605e6383fce806890ba87e75b6bc00c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:16:0b:65:e1:7a:6d:0a:50:82:04:0d:8e:dd:
e3:de:8c:b5:88:9d:b3:84:5b:86:45:92:c2:2d:de:
0b:0b:1c:e4:cf:c1:a3:ad:b0:b2:3e:90:b6:02:d3:
3d:28:90:11:8b:d6:37:9f:24:f8:01:8d:7c:ed:21:
e8:66:79:cf:50:37:03:ad:e5:83:e8:67:43:38:43:
14:31:ef:c5:9e:4a:28:fb:45:c8:98:9e:e9:52:26:
87:d0:ce:0e:f8:87:fd:34:91:8f:28:f6:31:96:d0:
db:79:67:a8:6b:50:1e:88:8c:68:cd:7e:ab:4d:67:
26:82:c8:45:82:1b:3c:e6:60:5d:9d:1e:6c:05:1d:
b0:77:7c:f7:a7:ec:2a:cf:2d:37:f8:02:12:ba:cd:
e8:72:9d:7b:c2:01:2f:10:6c:25:e8:9b:8a:83:25:
b1:34:f9:09:1c:c5:11:ad:2a:ec:f0:25:1e:fe:9f:
0a:96:83:63:ba:77:2e:4a:7b:c1:5d:e1:0c:1b:c0:
71:a2:29:f6:d1:2e:da:7c:fb:32:0c:05:c1:77:9a:
b6:65:40:46:1a:53:cb:cb:33:ad:5e:9d:b9:f3:45:
2e:8e:6a:59:a9:98:f7:ae:7c:26:9e:a9:50:2f:b3:
74:3d:6a:51:a5:00:12:d5:9b:a7:93:3a:46:c8:77:
85:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:FC:DD:14:C6:05:E6:38:3F:CE:80:68:90:BA:87:E7:5B:6B:C0:0C
X509v3 Authority Key Identifier:
keyid:02:53:B9:19:D7:5D:C2:04:D9:CA:38:DB:7B:28:A1:74:83:4B:3B:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AlO5GdddwgTZyjjbeyihdINLOz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/3bafd8-c34e-4890-b4cf-73db0f2841c9/1/k_zdFMYF5jg_zoBokLqH51trwAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/3bafd8-c34e-4890-b4cf-73db0f2841c9/1/AlO5GdddwgTZyjjbeyihdINLOz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.52.0/22
IPv6:
2a06:b040::/29
Signature Algorithm: sha256WithRSAEncryption
09:41:7a:43:4e:fb:56:49:cf:68:d1:83:d4:54:3c:78:81:fc:
95:9d:b2:fc:8a:61:11:a9:7f:54:70:81:0d:4b:1f:57:40:4c:
b0:70:01:07:68:55:ad:45:06:9d:e1:72:ef:23:f6:45:31:80:
57:40:ff:93:2a:e0:e6:bd:87:e4:7f:ac:1c:6c:de:2a:31:d7:
37:0b:39:6d:7f:fd:23:32:0c:ae:56:d3:f5:a2:61:4f:ed:aa:
09:18:46:6d:f3:4f:74:58:e5:f0:d6:5b:4a:f0:14:ca:0c:ea:
56:0c:f5:91:00:9f:71:1d:be:76:f9:1a:74:10:75:b3:79:57:
2a:ce:00:2c:fb:ba:9f:bf:1c:f4:7b:b9:92:5f:0a:c2:99:32:
de:a3:b6:58:33:88:7d:fc:60:b2:b2:01:4a:00:b5:30:c3:8f:
42:fc:6f:63:67:73:e0:1d:22:48:66:39:4c:53:a3:8a:ae:3d:
a6:a1:cc:6d:08:d9:af:87:d5:f1:dc:cb:60:30:1d:5c:7c:be:
91:e3:2f:11:14:09:19:c3:ae:de:a4:92:1c:64:ef:9a:83:eb:
20:fa:c8:ec:35:6d:9c:22:2a:9d:79:d5:4d:41:bf:7c:62:d3:
ea:c6:75:bf:51:53:40:5e:35:32:6b:e1:71:73:83:bd:01:55:
0f:3b:43:7a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYx5rgPT+94VT0dxUh/74+m7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNTNiOTE5ZDc1ZGMyMDRkOWNhMzhkYjdiMjhhMTc0ODM0
YjNiM2QwHhcNMjMxMjE3MjEyODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2ZjZGQxNGM2MDVlNjM4M2ZjZTgwNjg5MGJhODdlNzViNmJjMDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRYLZeF6bQpQggQNjt3j3oy1iJ2z
hFuGRZLCLd4LCxzkz8GjrbCyPpC2AtM9KJARi9Y3nyT4AY187SHoZnnPUDcDreWD
6GdDOEMUMe/Fnkoo+0XImJ7pUiaH0M4O+If9NJGPKPYxltDbeWeoa1AeiIxozX6r
TWcmgshFghs85mBdnR5sBR2wd3z3p+wqzy03+AISus3ocp17wgEvEGwl6JuKgyWx
NPkJHMURrSrs8CUe/p8KloNjuncuSnvBXeEMG8Bxoin20S7afPsyDAXBd5q2ZUBG
GlPLyzOtXp2580UujmpZqZj3rnwmnqlQL7N0PWpRpQAS1ZunkzpGyHeFbQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJP83RTGBeY4P86AaJC6h+dba8AMMB8GA1UdIwQY
MBaAFAJTuRnXXcIE2co423sooXSDSzs9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWxPNUdkZGR3Z1RaeWpqYmV5aWhkSU5MT3owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8zYmFmZDgtYzM0ZS00ODkwLWI0Y2Yt
NzNkYjBmMjg0MWM5LzEva196ZEZNWUY1amdfem9Cb2tMcUg1MXRyd0F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8zYmFmZDgtYzM0ZS00ODkwLWI0Y2YtNzNkYjBmMjg0MWM5
LzEvQWxPNUdkZGR3Z1RaeWpqYmV5aWhkSU5MT3owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXw0MA0E
AgACMAcDBQMqBrBAMA0GCSqGSIb3DQEBCwUAA4IBAQAJQXpDTvtWSc9o0YPUVDx4
gfyVnbL8imERqX9UcIENSx9XQEywcAEHaFWtRQad4XLvI/ZFMYBXQP+TKuDmvYfk
f6wcbN4qMdc3Czltf/0jMgyuVtP1omFP7aoJGEZt8090WOXw1ltK8BTKDOpWDPWR
AJ9xHb52+Rp0EHWzeVcqzgAs+7qfvxz0e7mSXwrCmTLeo7ZYM4h9/GCysgFKALUw
w49C/G9jZ3PgHSJIZjlMU6OKrj2mocxtCNmvh9Xx3MtgMB1cfL6R4y8RFAkZw67e
pJIcZO+ag+sg+sjsNW2cIiqdedVNQb98YtPqxnW/UVNAXjUya+Fxc4O9AVUPO0N6
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:26 2024 by rpki-client on console-fra.rpki-client.org