Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/rzUCJip5kJP2r9aFb3A4orPJZfQ.roa
File: rzUCJip5kJP2r9aFb3A4orPJZfQ.roa (raw, json)
Hash identifier: 3bem1SlVg0XjSJluv9hcxygAdtD8o0XYuH2qq+S0JrU=
Subject key identifier: AF:35:02:26:2A:79:90:93:F6:AF:D6:85:6F:70:38:A2:B3:C9:65:F4
Certificate issuer: /CN=62becc4ba8a4d52498a0d2983a68b61383aa7fd7
Certificate serial: 01894FFBD576A91262584BDB747844781114
Authority key identifier: 62:BE:CC:4B:A8:A4:D5:24:98:A0:D2:98:3A:68:B6:13:83:AA:7F:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/rzUCJip5kJP2r9aFb3A4orPJZfQ.roa
Signing time: Thu 13 Jul 2023 16:00:51 +0000
ROA not before: Thu 13 Jul 2023 16:00:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 85.209.206.0/24 maxlen: 24
85.209.205.0/24 maxlen: 24
85.209.204.0/24 maxlen: 24
85.209.207.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4f:fb:d5:76:a9:12:62:58:4b:db:74:78:44:78:11:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62becc4ba8a4d52498a0d2983a68b61383aa7fd7
Validity
Not Before: Jul 13 16:00:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af3502262a799093f6afd6856f7038a2b3c965f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:d8:64:ed:05:08:db:d1:c8:b5:5d:6b:a8:2d:
28:37:c2:f2:ff:37:89:f7:2e:37:c5:e7:e1:9f:db:
a8:cf:88:75:40:b1:db:20:44:4b:32:57:ed:6b:8d:
71:41:99:13:d2:eb:fc:ae:ed:8e:40:a3:c4:6a:3d:
36:8d:31:7a:59:9a:01:d9:53:06:1f:2a:78:91:f1:
03:89:6f:50:c3:cc:9c:28:c5:c0:ef:cf:a0:70:f1:
48:ba:f1:59:c0:e2:26:2d:76:83:4c:f2:fd:87:18:
e4:b3:7d:b5:d4:f0:d1:6e:8c:96:81:cc:aa:eb:9f:
fa:21:eb:f8:63:51:b0:a0:c1:25:36:34:45:23:a5:
54:f4:47:ac:66:9c:13:a4:1b:89:4b:4e:cf:07:c4:
11:be:4f:0a:b2:6e:8c:b3:b0:ab:24:b4:5b:17:b6:
bb:83:81:de:31:e8:af:74:50:14:fa:1e:c2:e0:68:
c1:c9:ae:16:d9:72:38:aa:7d:ed:31:26:75:e4:35:
ad:c0:c3:8e:81:07:75:d0:ac:52:b6:9d:b2:5f:0b:
b3:84:18:ef:d4:22:1d:3f:0e:d5:38:b4:91:e9:27:
a1:be:63:b0:8e:86:b9:78:0e:14:75:db:1e:56:69:
40:1d:7a:9f:15:c7:60:2e:8b:4f:60:7e:c3:6a:67:
df:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:35:02:26:2A:79:90:93:F6:AF:D6:85:6F:70:38:A2:B3:C9:65:F4
X509v3 Authority Key Identifier:
keyid:62:BE:CC:4B:A8:A4:D5:24:98:A0:D2:98:3A:68:B6:13:83:AA:7F:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/rzUCJip5kJP2r9aFb3A4orPJZfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.204.0/22
Signature Algorithm: sha256WithRSAEncryption
33:70:dc:46:98:43:e1:fb:d4:21:5b:15:e2:92:f6:df:7c:15:
da:75:4d:bb:58:00:9f:14:7e:12:48:03:e7:a8:cf:10:5c:8d:
0a:47:3f:ad:d2:df:c9:2f:fe:88:96:3e:04:a6:e3:a1:6c:a6:
08:6a:78:a6:1e:e4:7b:fb:d7:7d:65:4a:33:f5:2a:19:f8:6c:
24:41:8e:93:f8:2e:46:c3:51:62:8b:6b:f3:2b:3b:8c:1c:f5:
35:fd:51:13:ab:6a:3c:5c:9e:c5:53:1e:c9:b9:a1:a8:4c:e6:
a8:96:21:d0:25:3c:75:cc:40:3d:fe:22:f3:c8:7e:79:4d:4c:
9a:d7:d1:8e:04:c6:60:25:41:50:47:4a:b3:93:ab:81:94:72:
19:14:f9:83:e9:bc:ea:fa:4e:b8:43:e7:af:d9:40:d7:e6:cb:
56:a0:19:ec:44:c9:b9:11:2f:f0:6d:62:fa:dd:b0:99:70:29:
39:25:8e:64:57:b8:07:45:5d:e9:93:87:4e:a9:d2:a5:14:e3:
4d:90:13:9f:28:fe:b8:52:0d:f1:d5:88:68:85:93:af:46:61:
e7:11:ed:7a:bf:96:3b:e1:ed:02:94:0e:6b:8d:e5:0d:27:49:
dc:28:6c:69:2f:ef:47:85:2b:d8:cd:49:35:b5:85:46:83:92:
91:0e:be:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlP+9V2qRJiWEvbdHhEeBEUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYmVjYzRiYThhNGQ1MjQ5OGEwZDI5ODNhNjhiNjEzODNh
YTdmZDcwHhcNMjMwNzEzMTYwMDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjM1MDIyNjJhNzk5MDkzZjZhZmQ2ODU2ZjcwMzhhMmIzYzk2NWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA79hk7QUI29HItV1rqC0oN8Ly/zeJ
9y43xefhn9uoz4h1QLHbIERLMlfta41xQZkT0uv8ru2OQKPEaj02jTF6WZoB2VMG
Hyp4kfEDiW9Qw8ycKMXA78+gcPFIuvFZwOImLXaDTPL9hxjks3211PDRboyWgcyq
65/6Iev4Y1GwoMElNjRFI6VU9EesZpwTpBuJS07PB8QRvk8Ksm6Ms7CrJLRbF7a7
g4HeMeivdFAU+h7C4GjBya4W2XI4qn3tMSZ15DWtwMOOgQd10KxStp2yXwuzhBjv
1CIdPw7VOLSR6SehvmOwjoa5eA4UddseVmlAHXqfFcdgLotPYH7Damff8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK81AiYqeZCT9q/WhW9wOKKzyWX0MB8GA1UdIwQY
MBaAFGK+zEuopNUkmKDSmDpothODqn/XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXI3TVM2aWsxU1NZb05LWU9taTJFNE9xZjljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85YzQ5M2ItNDE3Yi00YWY2LTlmNDMt
MmZmMTRjMjE4NzE5LzEvcnpVQ0ppcDVrSlAycjlhRmIzQTRvclBKWmZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85YzQ5M2ItNDE3Yi00YWY2LTlmNDMtMmZmMTRjMjE4NzE5
LzEvWXI3TVM2aWsxU1NZb05LWU9taTJFNE9xZjljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVdHMMA0G
CSqGSIb3DQEBCwUAA4IBAQAzcNxGmEPh+9QhWxXikvbffBXadU27WACfFH4SSAPn
qM8QXI0KRz+t0t/JL/6Ilj4EpuOhbKYIanimHuR7+9d9ZUoz9SoZ+GwkQY6T+C5G
w1Fii2vzKzuMHPU1/VETq2o8XJ7FUx7JuaGoTOaoliHQJTx1zEA9/iLzyH55TUya
19GOBMZgJUFQR0qzk6uBlHIZFPmD6bzq+k64Q+ev2UDX5stWoBnsRMm5ES/wbWL6
3bCZcCk5JY5kV7gHRV3pk4dOqdKlFONNkBOfKP64Ug3x1YhohZOvRmHnEe16v5Y7
4e0ClA5rjeUNJ0ncKGxpL+9HhSvYzUk1tYVGg5KRDr6x
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:40 2024 by rpki-client on console-ams.rpki-client.org