Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/f7235c-5205-469b-8088-052e1f6a02a3/1/z2W09RQkkTJf74p8ySoVXeGZMt4.roa
File: z2W09RQkkTJf74p8ySoVXeGZMt4.roa (raw, json)
Hash identifier: KfG7k5mHfoFm47lizf6ZDNF0NqhAqkh3nuJ92BXGsMQ=
Subject key identifier: CF:65:B4:F5:14:24:91:32:5F:EF:8A:7C:C9:2A:15:5D:E1:99:32:DE
Certificate issuer: /CN=2145c7418668c725392fc63e632f4615fab3a346
Certificate serial: 01856EAFDF2B2097313D9A6A7EE900C03358
Authority key identifier: 21:45:C7:41:86:68:C7:25:39:2F:C6:3E:63:2F:46:15:FA:B3:A3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IUXHQYZoxyU5L8Y-Yy9GFfqzo0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/f7235c-5205-469b-8088-052e1f6a02a3/1/z2W09RQkkTJf74p8ySoVXeGZMt4.roa
Signing time: Sun 01 Jan 2023 18:54:57 +0000
ROA not before: Sun 01 Jan 2023 18:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60538
IP address blocks: 193.36.1.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:df:2b:20:97:31:3d:9a:6a:7e:e9:00:c0:33:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2145c7418668c725392fc63e632f4615fab3a346
Validity
Not Before: Jan 1 18:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf65b4f5142491325fef8a7cc92a155de19932de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:b2:61:d1:02:8a:b8:50:f3:54:e6:e0:91:d0:
82:2d:b3:f6:50:3b:36:18:80:d1:2b:c7:88:7a:f2:
2b:9d:3c:2a:4a:61:a8:0d:74:45:07:16:1b:ae:80:
32:88:9f:bd:9b:f2:2c:1a:38:48:57:29:ed:b4:b2:
9f:ca:01:f1:b3:b9:df:69:2e:66:90:99:f1:8a:65:
ca:08:75:f9:8e:82:85:27:14:d9:ce:d9:7b:b6:f0:
8f:f1:a6:fa:98:ae:f5:7d:db:40:e7:4b:0a:d8:68:
13:a6:f3:00:24:b2:66:b7:3d:9e:f6:06:54:94:e7:
e0:f3:f2:9c:59:f6:2d:35:e7:bd:aa:e8:c2:ce:00:
1b:b0:2c:e3:2a:d3:fe:9b:e9:5e:d6:a0:04:5c:15:
9b:9b:eb:06:26:85:2e:43:7d:5b:5f:ef:f0:e1:0c:
15:e9:fc:81:e3:dc:16:ab:fe:c2:1c:75:d3:5f:f2:
a3:97:21:c8:a0:7c:d7:6c:31:7b:64:42:79:75:26:
c4:fc:c1:d7:de:6b:40:89:55:74:42:54:16:13:dc:
07:dd:49:11:fa:97:44:5a:6d:d7:e4:75:b0:dd:35:
88:bb:01:52:68:e1:2d:3f:26:c0:ed:75:4b:8b:c5:
18:57:b8:e4:57:08:38:41:d8:dd:f1:bf:3d:72:c4:
3f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:65:B4:F5:14:24:91:32:5F:EF:8A:7C:C9:2A:15:5D:E1:99:32:DE
X509v3 Authority Key Identifier:
keyid:21:45:C7:41:86:68:C7:25:39:2F:C6:3E:63:2F:46:15:FA:B3:A3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IUXHQYZoxyU5L8Y-Yy9GFfqzo0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f7235c-5205-469b-8088-052e1f6a02a3/1/z2W09RQkkTJf74p8ySoVXeGZMt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f7235c-5205-469b-8088-052e1f6a02a3/1/IUXHQYZoxyU5L8Y-Yy9GFfqzo0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.36.1.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:19:d6:7b:be:0c:62:66:53:3d:28:e0:06:41:14:0b:01:8f:
f8:af:5f:fe:b2:d1:a7:2c:c9:68:6f:c5:76:9d:fe:14:a8:f6:
05:94:b1:34:f5:ed:a8:43:eb:44:0a:ea:27:cf:f3:66:c4:2f:
25:e3:c3:1f:4e:36:7a:80:fc:1a:a3:e7:f5:dd:21:17:f6:62:
61:38:b1:49:0d:84:18:28:a7:02:f8:9a:ad:81:61:b5:2d:f0:
7c:70:3a:78:4a:b4:e0:16:03:15:26:b6:08:c2:16:9a:43:b6:
85:3b:10:18:7d:03:56:20:57:54:07:0b:44:c7:70:d4:b7:b9:
dd:c6:0d:55:c1:7f:13:f4:87:6d:78:ba:18:e3:7e:c9:64:a4:
8a:63:cc:a0:ec:86:a7:3e:34:25:39:b6:ea:68:d9:63:f2:e5:
e3:34:2c:10:b0:de:99:df:57:3e:b2:0c:50:02:43:47:9a:2f:
89:b9:a2:9a:2b:bf:a2:9c:9c:4d:eb:38:14:a9:59:4d:fe:6f:
c6:28:c3:bf:c6:98:ec:99:e9:0c:5c:1b:80:72:1d:87:c2:43:
cf:0a:4f:63:2b:e1:d6:06:20:18:5d:b6:75:cc:c1:1e:6b:8e:
9d:a5:8a:05:ec:28:4b:0d:c6:7b:6c:a7:a2:71:9a:e0:c7:a7:
dd:6d:92:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVur98rIJcxPZpqfukAwDNYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNDVjNzQxODY2OGM3MjUzOTJmYzYzZTYzMmY0NjE1ZmFi
M2EzNDYwHhcNMjMwMTAxMTg1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjY1YjRmNTE0MjQ5MTMyNWZlZjhhN2NjOTJhMTU1ZGUxOTkzMmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17Jh0QKKuFDzVObgkdCCLbP2UDs2
GIDRK8eIevIrnTwqSmGoDXRFBxYbroAyiJ+9m/IsGjhIVynttLKfygHxs7nfaS5m
kJnximXKCHX5joKFJxTZztl7tvCP8ab6mK71fdtA50sK2GgTpvMAJLJmtz2e9gZU
lOfg8/KcWfYtNee9qujCzgAbsCzjKtP+m+le1qAEXBWbm+sGJoUuQ31bX+/w4QwV
6fyB49wWq/7CHHXTX/KjlyHIoHzXbDF7ZEJ5dSbE/MHX3mtAiVV0QlQWE9wH3UkR
+pdEWm3X5HWw3TWIuwFSaOEtPybA7XVLi8UYV7jkVwg4Qdjd8b89csQ/LQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM9ltPUUJJEyX++KfMkqFV3hmTLeMB8GA1UdIwQY
MBaAFCFFx0GGaMclOS/GPmMvRhX6s6NGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVVYSFFZWm94eVU1TDhZLVl5OUdGZnF6bzBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9mNzIzNWMtNTIwNS00NjliLTgwODgt
MDUyZTFmNmEwMmEzLzEvejJXMDlSUWtrVEpmNzRwOHlTb1ZYZUdaTXQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9mNzIzNWMtNTIwNS00NjliLTgwODgtMDUyZTFmNmEwMmEz
LzEvSVVYSFFZWm94eVU1TDhZLVl5OUdGZnF6bzBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSQBMA0G
CSqGSIb3DQEBCwUAA4IBAQCjGdZ7vgxiZlM9KOAGQRQLAY/4r1/+stGnLMlob8V2
nf4UqPYFlLE09e2oQ+tECuonz/NmxC8l48MfTjZ6gPwao+f13SEX9mJhOLFJDYQY
KKcC+JqtgWG1LfB8cDp4SrTgFgMVJrYIwhaaQ7aFOxAYfQNWIFdUBwtEx3DUt7nd
xg1VwX8T9IdteLoY437JZKSKY8yg7IanPjQlObbqaNlj8uXjNCwQsN6Z31c+sgxQ
AkNHmi+JuaKaK7+inJxN6zgUqVlN/m/GKMO/xpjsmekMXBuAch2HwkPPCk9jK+HW
BiAYXbZ1zMEea46dpYoF7ChLDcZ7bKeicZrgx6fdbZJK
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:55 2024 by rpki-client on console-fra.rpki-client.org