Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/307b98-c222-4835-8381-09c8fe724cd7/1/zKoXUdOL5_D_kFVe_rIJ-BcMPd0.roa
File: zKoXUdOL5_D_kFVe_rIJ-BcMPd0.roa (raw, json)
Hash identifier: LiF59rtybEZGZB+pHWdrFaXu6IqgxZ7547ctWazGxAo=
Subject key identifier: CC:AA:17:51:D3:8B:E7:F0:FF:90:55:5E:FE:B2:09:F8:17:0C:3D:DD
Certificate issuer: /CN=d9f200e2d38683a7cb1ce5cabbee34c068834a0b
Certificate serial: 018C4476902BF83A38C5A20BF48411AF75DA
Authority key identifier: D9:F2:00:E2:D3:86:83:A7:CB:1C:E5:CA:BB:EE:34:C0:68:83:4A:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fIA4tOGg6fLHOXKu-40wGiDSgs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/307b98-c222-4835-8381-09c8fe724cd7/1/zKoXUdOL5_D_kFVe_rIJ-BcMPd0.roa
Signing time: Thu 07 Dec 2023 13:27:50 +0000
ROA not before: Thu 07 Dec 2023 13:27:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 193.134.240.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:44:76:90:2b:f8:3a:38:c5:a2:0b:f4:84:11:af:75:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9f200e2d38683a7cb1ce5cabbee34c068834a0b
Validity
Not Before: Dec 7 13:27:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ccaa1751d38be7f0ff90555efeb209f8170c3ddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:72:ab:ef:36:75:62:3c:b9:c9:24:7d:c7:65:
1b:c9:fb:6b:ba:63:46:85:c7:0c:4c:ef:c1:47:2b:
91:06:ee:c5:4a:9a:00:9b:73:b3:f5:63:55:f2:c1:
b4:01:3c:aa:cf:4f:72:fe:38:e7:08:ed:d4:d5:15:
c5:96:a4:4b:52:cc:7b:6f:9a:a0:5d:e9:68:66:ba:
6e:38:5c:41:9a:30:8a:9b:6d:8d:e9:5c:29:71:47:
aa:24:9f:ff:a5:db:f5:4f:a8:5b:e5:50:a1:18:f9:
fa:9b:34:7f:ed:95:0d:4c:9f:61:46:82:45:e4:50:
de:2c:7d:6f:bf:f8:5a:22:e0:49:c1:c5:c4:d4:99:
eb:c4:c0:de:22:b6:a8:d1:4f:00:76:02:f6:cd:13:
6f:0f:95:5c:31:9b:ea:54:a9:66:06:3a:29:db:dd:
b2:8d:00:6c:9e:78:5c:90:5c:f4:77:b5:24:e8:d5:
87:e7:87:4a:28:d0:d7:e9:2e:78:10:74:db:c4:3b:
a6:8e:6f:ab:0a:21:e9:50:e5:ef:c6:bc:69:ad:7f:
d4:62:73:03:68:45:1f:0e:0f:9d:8f:6c:34:bb:da:
c4:42:79:4e:2e:61:e7:c3:8c:08:f1:46:01:f1:01:
6c:bb:46:cc:a5:14:34:9a:c7:cc:93:b0:72:07:d7:
2b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:AA:17:51:D3:8B:E7:F0:FF:90:55:5E:FE:B2:09:F8:17:0C:3D:DD
X509v3 Authority Key Identifier:
keyid:D9:F2:00:E2:D3:86:83:A7:CB:1C:E5:CA:BB:EE:34:C0:68:83:4A:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fIA4tOGg6fLHOXKu-40wGiDSgs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/307b98-c222-4835-8381-09c8fe724cd7/1/zKoXUdOL5_D_kFVe_rIJ-BcMPd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/307b98-c222-4835-8381-09c8fe724cd7/1/2fIA4tOGg6fLHOXKu-40wGiDSgs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.134.240.0/21
Signature Algorithm: sha256WithRSAEncryption
0e:03:9c:3e:c8:fd:fb:89:9a:65:be:dc:9d:02:7d:e4:32:df:
80:dc:d7:3c:32:66:1e:be:2a:03:3a:e4:c4:ce:73:7a:f4:8c:
3f:af:4c:84:1d:90:8a:cd:e7:62:59:55:d2:54:9e:59:ae:06:
fa:c0:95:ba:c5:03:3a:59:1b:4c:8f:2d:14:53:6d:a4:99:47:
7d:ab:46:af:8f:d4:b9:10:62:99:80:c9:26:37:06:4c:0e:ff:
11:4e:bc:85:c9:fd:0b:fc:df:09:cf:99:9c:ff:ff:e3:2b:23:
d5:e9:4e:2c:cb:26:2c:f0:4e:a4:ba:d7:16:88:a5:c4:27:a9:
d2:12:8d:40:1a:82:3f:3a:81:11:54:bb:e0:4d:f8:b8:df:4d:
84:e8:41:14:19:6d:5a:5b:32:dc:c7:74:da:b1:92:8d:ac:ab:
5b:b6:c6:aa:c8:82:b0:96:a8:2f:0f:90:f3:72:e3:79:3f:64:
73:75:d3:0c:83:56:f5:9e:de:69:e3:ed:e5:70:98:37:4e:ff:
ec:cb:07:bd:54:6d:67:db:98:0f:8b:db:ee:e3:9c:6b:21:ff:
8c:e9:ad:0b:6b:9d:5b:5d:a1:cf:cd:fb:8b:e9:17:b1:97:4d:
43:52:a1:94:83:00:21:01:5a:80:74:c3:8f:43:b7:1a:dc:30:
38:5e:71:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxEdpAr+Do4xaIL9IQRr3XaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZjIwMGUyZDM4NjgzYTdjYjFjZTVjYWJiZWUzNGMwNjg4
MzRhMGIwHhcNMjMxMjA3MTMyNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2FhMTc1MWQzOGJlN2YwZmY5MDU1NWVmZWIyMDlmODE3MGMzZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3Kr7zZ1Yjy5ySR9x2UbyftrumNG
hccMTO/BRyuRBu7FSpoAm3Oz9WNV8sG0ATyqz09y/jjnCO3U1RXFlqRLUsx7b5qg
XeloZrpuOFxBmjCKm22N6VwpcUeqJJ//pdv1T6hb5VChGPn6mzR/7ZUNTJ9hRoJF
5FDeLH1vv/haIuBJwcXE1JnrxMDeIrao0U8AdgL2zRNvD5VcMZvqVKlmBjop292y
jQBsnnhckFz0d7Uk6NWH54dKKNDX6S54EHTbxDumjm+rCiHpUOXvxrxprX/UYnMD
aEUfDg+dj2w0u9rEQnlOLmHnw4wI8UYB8QFsu0bMpRQ0msfMk7ByB9crSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMyqF1HTi+fw/5BVXv6yCfgXDD3dMB8GA1UdIwQY
MBaAFNnyAOLThoOnyxzlyrvuNMBog0oLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZJQTR0T0dnNmZMSE9YS3UtNDB3R2lEU2dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMDdiOTgtYzIyMi00ODM1LTgzODEt
MDljOGZlNzI0Y2Q3LzEvektvWFVkT0w1X0Rfa0ZWZV9ySUotQmNNUGQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMDdiOTgtYzIyMi00ODM1LTgzODEtMDljOGZlNzI0Y2Q3
LzEvMmZJQTR0T0dnNmZMSE9YS3UtNDB3R2lEU2dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwYbwMA0G
CSqGSIb3DQEBCwUAA4IBAQAOA5w+yP37iZplvtydAn3kMt+A3Nc8MmYevioDOuTE
znN69Iw/r0yEHZCKzediWVXSVJ5Zrgb6wJW6xQM6WRtMjy0UU22kmUd9q0avj9S5
EGKZgMkmNwZMDv8RTryFyf0L/N8Jz5mc///jKyPV6U4syyYs8E6kutcWiKXEJ6nS
Eo1AGoI/OoERVLvgTfi4302E6EEUGW1aWzLcx3TasZKNrKtbtsaqyIKwlqgvD5Dz
cuN5P2RzddMMg1b1nt5p4+3lcJg3Tv/sywe9VG1n25gPi9vu45xrIf+M6a0La51b
XaHPzfuL6Rexl01DUqGUgwAhAVqAdMOPQ7ca3DA4XnGx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org