Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/b9e4c4-a3dc-46e8-aa3e-397f36c91982/1/CZnhP9gkC2h64b9qkzRLNHJXTG0.roa
File: CZnhP9gkC2h64b9qkzRLNHJXTG0.roa (raw, json)
Hash identifier: JZvu6sahxcADIC0+D/fMq6CSmfdlsgREJu1ynXnhUM0=
Subject key identifier: 09:99:E1:3F:D8:24:0B:68:7A:E1:BF:6A:93:34:4B:34:72:57:4C:6D
Certificate issuer: /CN=64f873adb6a1f3e81b3343c74998947526c43dcf
Certificate serial: 0185704B9ED7D75386FB7BA978893B8A9BE8
Authority key identifier: 64:F8:73:AD:B6:A1:F3:E8:1B:33:43:C7:49:98:94:75:26:C4:3D:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZPhzrbah8-gbM0PHSZiUdSbEPc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/b9e4c4-a3dc-46e8-aa3e-397f36c91982/1/CZnhP9gkC2h64b9qkzRLNHJXTG0.roa
Signing time: Mon 02 Jan 2023 02:24:42 +0000
ROA not before: Mon 02 Jan 2023 02:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59657
IP address blocks: 195.190.135.0/24 maxlen: 24
194.37.255.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:9e:d7:d7:53:86:fb:7b:a9:78:89:3b:8a:9b:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64f873adb6a1f3e81b3343c74998947526c43dcf
Validity
Not Before: Jan 2 02:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0999e13fd8240b687ae1bf6a93344b3472574c6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3f:0a:9f:7a:b2:53:68:b0:d2:ad:30:83:cb:
0a:20:cb:9f:3c:73:17:23:7c:3a:9d:aa:25:a7:e3:
92:80:44:0c:86:bf:3d:1f:83:f8:f5:64:b7:14:ae:
04:dc:52:15:ac:bc:50:69:2a:99:f7:f1:9a:5b:30:
32:87:7e:d8:4f:69:dd:3b:58:a9:f1:46:47:1a:1c:
eb:af:e4:8d:f8:94:85:28:0d:e4:65:6d:49:a2:aa:
b6:a4:f1:b7:52:47:63:d1:c7:86:73:aa:1a:13:d7:
b3:d6:05:a0:8e:21:c1:cb:e3:e3:3d:8f:4e:c7:cc:
a7:6f:2f:79:8f:57:be:40:a3:e2:6b:0e:c5:d3:3e:
54:60:cc:6d:f5:79:70:24:22:74:f7:b0:16:47:f3:
eb:7d:f8:18:95:cb:d5:b2:54:f1:b9:eb:73:98:7a:
f2:3c:25:63:26:61:b4:bb:e2:46:c6:14:b8:22:a3:
e7:ac:96:b1:fa:48:8b:8c:ff:5a:1e:32:23:90:d7:
66:5f:69:86:95:54:6f:35:24:22:6c:5b:8a:b2:19:
b8:38:c7:36:f8:c3:f6:08:0c:1c:ee:55:20:31:1f:
41:aa:65:16:e6:57:25:05:ad:fd:a6:c6:36:1d:8a:
94:e7:f7:6e:11:63:66:46:a1:d1:0b:3d:3f:f8:b5:
45:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:99:E1:3F:D8:24:0B:68:7A:E1:BF:6A:93:34:4B:34:72:57:4C:6D
X509v3 Authority Key Identifier:
keyid:64:F8:73:AD:B6:A1:F3:E8:1B:33:43:C7:49:98:94:75:26:C4:3D:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZPhzrbah8-gbM0PHSZiUdSbEPc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/b9e4c4-a3dc-46e8-aa3e-397f36c91982/1/CZnhP9gkC2h64b9qkzRLNHJXTG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/b9e4c4-a3dc-46e8-aa3e-397f36c91982/1/ZPhzrbah8-gbM0PHSZiUdSbEPc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.37.255.0/24
195.190.135.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:a5:37:e6:8b:28:5e:57:e2:8d:8e:bb:76:3f:e5:d9:e7:69:
3b:99:be:d0:1b:40:b8:2b:b2:e7:53:ff:9a:81:c6:5e:67:94:
cc:09:20:2a:76:6a:f4:b6:d8:c9:82:7f:d7:ec:9f:76:b8:2e:
80:cb:ec:ba:62:59:30:0e:7e:35:f5:cc:95:2f:a9:7e:c8:21:
9b:a3:7b:f7:5f:f0:31:6e:05:77:22:db:0c:1e:92:3d:f7:43:
9d:30:e4:a3:c1:39:4a:72:fe:94:44:a9:80:39:c6:fa:ad:c6:
40:f2:75:32:51:39:d4:2d:7b:4d:0c:a9:5c:1c:12:8e:f0:3c:
1b:9a:e7:e1:d3:0d:36:48:52:16:19:3f:22:ea:7b:e5:3a:36:
04:00:c4:e9:b3:8a:96:45:ee:22:71:9a:cd:c9:d0:ba:1f:61:
33:5c:83:a6:e1:b7:f0:16:a1:23:18:a6:b8:39:c9:50:de:96:
07:74:5a:da:83:77:60:36:09:fe:f9:c6:2e:e5:01:2e:95:66:
f5:fe:0e:be:b9:e7:3d:da:d5:1c:2f:d2:57:99:80:8b:f3:45:
b2:be:6c:1b:6e:81:58:0d:a6:78:76:62:97:d1:2e:05:31:ed:
e7:7d:3a:37:8c:0a:8c:ad:cc:53:b2:12:05:1b:80:9d:4c:3b:
3f:04:fc:b9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwS57X11OG+3upeIk7ipvoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0Zjg3M2FkYjZhMWYzZTgxYjMzNDNjNzQ5OTg5NDc1MjZj
NDNkY2YwHhcNMjMwMTAyMDIyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTk5ZTEzZmQ4MjQwYjY4N2FlMWJmNmE5MzM0NGIzNDcyNTc0YzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArT8Kn3qyU2iw0q0wg8sKIMufPHMX
I3w6naolp+OSgEQMhr89H4P49WS3FK4E3FIVrLxQaSqZ9/GaWzAyh37YT2ndO1ip
8UZHGhzrr+SN+JSFKA3kZW1Joqq2pPG3Ukdj0ceGc6oaE9ez1gWgjiHBy+PjPY9O
x8ynby95j1e+QKPiaw7F0z5UYMxt9XlwJCJ097AWR/PrffgYlcvVslTxuetzmHry
PCVjJmG0u+JGxhS4IqPnrJax+kiLjP9aHjIjkNdmX2mGlVRvNSQibFuKshm4OMc2
+MP2CAwc7lUgMR9BqmUW5lclBa39psY2HYqU5/duEWNmRqHRCz0/+LVFmQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAmZ4T/YJAtoeuG/apM0SzRyV0xtMB8GA1UdIwQY
MBaAFGT4c622ofPoGzNDx0mYlHUmxD3PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlBoenJiYWg4LWdiTTBQSFNaaVVkU2JFUGM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9iOWU0YzQtYTNkYy00NmU4LWFhM2Ut
Mzk3ZjM2YzkxOTgyLzEvQ1puaFA5Z2tDMmg2NGI5cWt6UkxOSEpYVEcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9iOWU0YzQtYTNkYy00NmU4LWFhM2UtMzk3ZjM2YzkxOTgy
LzEvWlBoenJiYWg4LWdiTTBQSFNaaVVkU2JFUGM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwiX/AwQA
w76HMA0GCSqGSIb3DQEBCwUAA4IBAQCqpTfmiyheV+KNjrt2P+XZ52k7mb7QG0C4
K7LnU/+agcZeZ5TMCSAqdmr0ttjJgn/X7J92uC6Ay+y6YlkwDn419cyVL6l+yCGb
o3v3X/AxbgV3ItsMHpI990OdMOSjwTlKcv6URKmAOcb6rcZA8nUyUTnULXtNDKlc
HBKO8Dwbmufh0w02SFIWGT8i6nvlOjYEAMTps4qWRe4icZrNydC6H2EzXIOm4bfw
FqEjGKa4OclQ3pYHdFrag3dgNgn++cYu5QEulWb1/g6+uec92tUcL9JXmYCL80Wy
vmwbboFYDaZ4dmKX0S4FMe3nfTo3jAqMrcxTshIFG4CdTDs/BPy5
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:30 2024 by rpki-client on console-ams.rpki-client.org