Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/avz-7FZw0OFR98Ein_jYmeZrEYg.roa
File: avz-7FZw0OFR98Ein_jYmeZrEYg.roa (raw, json)
Hash identifier: qjVcTkVhwQRAoYQHi2DYtC7OriUzfuxEPOjoV4ETcT4=
Subject key identifier: 6A:FC:FE:EC:56:70:D0:E1:51:F7:C1:22:9F:F8:D8:99:E6:6B:11:88
Certificate issuer: /CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Certificate serial: 018B1F31BED02CED26500B60B33693E254EA
Authority key identifier: 62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/avz-7FZw0OFR98Ein_jYmeZrEYg.roa
Signing time: Wed 11 Oct 2023 14:43:55 +0000
ROA not before: Wed 11 Oct 2023 14:43:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6830
IP address blocks: 93.89.219.0/24 maxlen: 24
93.89.223.0/24 maxlen: 24
93.89.222.0/24 maxlen: 24
93.89.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Nov 2023 12:40:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1f:31:be:d0:2c:ed:26:50:0b:60:b3:36:93:e2:54:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Validity
Not Before: Oct 11 14:43:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6afcfeec5670d0e151f7c1229ff8d899e66b1188
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:2d:4f:22:06:01:b5:50:2e:a0:0b:34:4e:9a:
f4:3f:7a:51:23:c6:94:12:51:7e:03:c1:80:cd:b8:
b6:94:9c:05:9b:1c:5b:01:4b:fc:6d:bd:dc:aa:46:
a6:38:61:1b:8a:46:5a:ce:99:d1:46:0d:b2:b9:ef:
2b:f9:f6:df:54:e7:c1:0d:65:ff:02:98:18:c2:bb:
7d:ff:d0:a6:da:07:63:13:0c:bd:73:ea:f7:b0:09:
06:a2:21:5a:4c:c9:7e:70:2e:a8:ec:9d:eb:d9:82:
60:89:58:c4:73:6e:67:d8:5a:39:6b:47:76:46:93:
41:0f:c7:a1:79:b3:cf:66:28:a6:55:a7:a7:61:c2:
60:63:64:33:b2:bd:81:57:0a:59:08:66:9e:cb:5f:
2f:99:61:58:73:56:77:5b:7b:29:1c:81:a2:bd:ca:
a0:1d:d8:0a:85:72:8f:5b:f7:8a:01:b9:89:e1:e5:
d7:d5:66:1d:3f:72:74:b8:f1:ef:b1:1b:34:07:10:
c2:fc:09:e9:a0:7d:0f:25:dd:ec:d5:19:c3:0e:72:
a0:be:fc:c3:8a:a4:74:6d:15:a5:10:ee:6e:8a:70:
dc:99:33:87:7a:0f:ba:75:ad:f0:e7:c7:74:9b:44:
f7:fa:76:4e:c9:8d:71:fd:45:d7:7f:aa:40:86:07:
63:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:FC:FE:EC:56:70:D0:E1:51:F7:C1:22:9F:F8:D8:99:E6:6B:11:88
X509v3 Authority Key Identifier:
keyid:62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/avz-7FZw0OFR98Ein_jYmeZrEYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.89.219.0/24
93.89.221.0-93.89.223.255
Signature Algorithm: sha256WithRSAEncryption
ba:a6:9a:e0:ab:5c:e1:50:d1:21:b2:fc:de:07:8b:c0:0d:44:
8b:9d:25:7c:6d:fd:42:12:35:32:3a:01:8a:31:53:2e:b0:78:
18:43:f2:ae:16:26:66:15:d4:8c:43:1c:54:d0:92:39:ce:3c:
3e:ce:5a:ba:04:e6:1b:ac:d2:06:98:e4:3e:a9:b3:90:58:63:
b2:e4:cc:ab:99:cf:60:21:61:66:39:5f:a0:3b:c2:e2:d8:3f:
e5:41:2b:f1:28:4c:56:77:65:e6:0c:ed:f4:1a:ea:fc:c5:b1:
27:50:1a:55:6c:18:a9:60:b5:a1:fe:1a:d3:22:95:42:65:ba:
81:33:b0:04:c0:27:8b:ec:08:90:85:7e:59:09:e7:0c:f6:44:
e5:02:4c:57:84:26:d4:8b:fa:08:cb:e3:cb:37:58:94:bc:da:
66:32:41:dd:44:a5:46:9a:6c:a2:f3:fe:18:34:63:cc:1c:c9:
94:ea:a7:ad:d3:4b:6c:cc:0f:3d:b8:23:fd:bc:08:2e:52:1d:
1e:f9:85:c3:af:87:7d:65:74:23:97:26:42:0a:ec:0a:39:a7:
7b:d4:62:98:8e:6e:28:8a:5e:18:6a:71:36:18:b6:ba:aa:71:
b1:08:ec:9d:ff:bf:af:10:ba:e7:33:e8:f6:18:0a:24:be:5b:
92:56:c3:1e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYsfMb7QLO0mUAtgszaT4lTqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYTE1Y2M4ODY1OWY1NzhjYzE1OWM1MmIzYTdlOWVjNTgx
OWZiMjAwHhcNMjMxMDExMTQ0MzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWZjZmVlYzU2NzBkMGUxNTFmN2MxMjI5ZmY4ZDg5OWU2NmIxMTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhC1PIgYBtVAuoAs0Tpr0P3pRI8aU
ElF+A8GAzbi2lJwFmxxbAUv8bb3cqkamOGEbikZazpnRRg2yue8r+fbfVOfBDWX/
ApgYwrt9/9Cm2gdjEwy9c+r3sAkGoiFaTMl+cC6o7J3r2YJgiVjEc25n2Fo5a0d2
RpNBD8ehebPPZiimVaenYcJgY2Qzsr2BVwpZCGaey18vmWFYc1Z3W3spHIGivcqg
HdgKhXKPW/eKAbmJ4eXX1WYdP3J0uPHvsRs0BxDC/AnpoH0PJd3s1RnDDnKgvvzD
iqR0bRWlEO5uinDcmTOHeg+6da3w58d0m0T3+nZOyY1x/UXXf6pAhgdjhwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGr8/uxWcNDhUffBIp/42JnmaxGIMB8GA1UdIwQY
MBaAFGKhXMiGWfV4zBWcUrOn6exYGfsgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAt
NDI2OWI1NmJmN2Q0LzEvYXZ6LTdGWncwT0ZSOThFaW5falltZVpyRVlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAtNDI2OWI1NmJmN2Q0
LzEvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAXVnbMAwD
BABdWd0DBAVdWcAwDQYJKoZIhvcNAQELBQADggEBALqmmuCrXOFQ0SGy/N4Hi8AN
RIudJXxt/UISNTI6AYoxUy6weBhD8q4WJmYV1IxDHFTQkjnOPD7OWroE5hus0gaY
5D6ps5BYY7LkzKuZz2AhYWY5X6A7wuLYP+VBK/EoTFZ3ZeYM7fQa6vzFsSdQGlVs
GKlgtaH+GtMilUJluoEzsATAJ4vsCJCFflkJ5wz2ROUCTFeEJtSL+gjL48s3WJS8
2mYyQd1EpUaabKLz/hg0Y8wcyZTqp63TS2zMDz24I/28CC5SHR75hcOvh31ldCOX
JkIK7Ao5p3vUYpiObiiKXhhqcTYYtrqqcbEI7J3/v68Quucz6PYYCiS+W5JWwx4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:05 2024 by rpki-client on console-fra.rpki-client.org