Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/zssdYi2QlJUSzLUijqDjIbNWTEI.roa
File: zssdYi2QlJUSzLUijqDjIbNWTEI.roa (raw, json)
Hash identifier: VUKslmveoZuxfL/ZV49zhhA/9FwpVz7xsrGCVLB76NA=
Subject key identifier: CE:CB:1D:62:2D:90:94:95:12:CC:B5:22:8E:A0:E3:21:B3:56:4C:42
Certificate issuer: /CN=0d87142bdc2b3f0d0848a0d800b6930b1abb34bc
Certificate serial: 01856F14E57BC198D8F5345018F896AE6C54
Authority key identifier: 0D:87:14:2B:DC:2B:3F:0D:08:48:A0:D8:00:B6:93:0B:1A:BB:34:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/zssdYi2QlJUSzLUijqDjIbNWTEI.roa
Signing time: Sun 01 Jan 2023 20:45:18 +0000
ROA not before: Sun 01 Jan 2023 20:45:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35523
IP address blocks: 193.239.216.0/23 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:e5:7b:c1:98:d8:f5:34:50:18:f8:96:ae:6c:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d87142bdc2b3f0d0848a0d800b6930b1abb34bc
Validity
Not Before: Jan 1 20:45:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cecb1d622d90949512ccb5228ea0e321b3564c42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:8a:cd:4e:df:4e:fc:b5:b0:0a:e1:2d:fa:db:
51:f4:c0:4d:6b:2d:23:04:4f:c5:b7:c5:b6:c0:ab:
47:ff:2d:2c:15:d4:f5:b2:6d:5f:ba:be:ba:35:b4:
ba:e2:4a:ff:12:2d:33:35:15:06:17:6d:58:3e:30:
a5:03:12:4a:19:20:44:92:89:f4:e3:0a:0a:67:d4:
79:71:68:93:f3:44:59:f0:fc:24:78:7a:83:01:b3:
27:22:4c:1e:4a:55:1d:6b:e8:22:72:a4:c9:6f:7e:
45:a2:1e:02:be:c6:94:25:67:be:35:83:11:0a:aa:
1f:cc:d1:ac:b4:04:4f:17:5a:d6:6e:a6:20:d6:7f:
af:58:49:65:2f:dd:1a:b5:e2:de:80:83:24:ac:95:
cc:98:22:bc:69:97:5f:27:54:02:54:a6:7c:8c:4b:
e9:1b:6c:3a:ff:55:08:c4:91:0a:d0:28:34:21:12:
bb:a5:43:f9:b9:01:cb:f4:73:b4:db:69:d5:93:23:
60:d2:a5:62:81:2a:24:0a:a6:39:ff:24:b1:29:dd:
a7:1e:ae:df:3f:ab:6a:89:39:cf:19:67:c1:43:4d:
4a:a3:09:31:98:41:17:34:57:26:5a:03:a8:71:dc:
e3:09:48:1f:61:71:06:ce:f6:bc:4e:e5:f6:43:aa:
5d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:CB:1D:62:2D:90:94:95:12:CC:B5:22:8E:A0:E3:21:B3:56:4C:42
X509v3 Authority Key Identifier:
keyid:0D:87:14:2B:DC:2B:3F:0D:08:48:A0:D8:00:B6:93:0B:1A:BB:34:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/zssdYi2QlJUSzLUijqDjIbNWTEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/DYcUK9wrPw0ISKDYALaTCxq7NLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.239.216.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:96:77:d9:b5:a5:2a:d4:7f:6a:29:8b:3f:f0:70:3a:06:ee:
08:c0:dc:17:e7:53:ce:a2:aa:68:0f:60:03:79:a0:f5:c4:d5:
0d:68:86:8c:8b:91:e3:9b:4f:7d:37:5e:ee:bc:6b:0d:c0:f3:
3d:d1:f6:3f:33:d0:29:cd:d8:ad:29:8a:86:2a:fb:0a:36:fe:
b0:4b:c7:74:0a:0c:72:97:b9:eb:2b:65:b8:d1:0c:9c:b9:9d:
af:e2:07:8c:7c:e3:04:3e:ce:9a:22:ff:36:b2:43:10:64:77:
19:6a:78:40:3c:19:9a:2a:d7:54:ff:09:9b:fd:bd:03:3d:46:
a7:99:f3:f6:ec:c7:de:18:a8:a0:3c:4f:b7:38:d1:dc:a6:a9:
1b:37:ba:39:8c:9d:f0:db:96:ee:7a:96:7e:fc:07:97:7b:8f:
41:22:ef:04:f9:e2:5c:0b:48:e8:7e:34:03:a7:b7:70:ff:c3:
29:a2:29:1e:36:e7:66:c8:eb:79:17:88:b4:ad:9b:06:14:d0:
cd:a6:3c:7c:03:4a:9b:2a:03:9d:25:27:e3:81:84:2c:dc:cb:
67:41:29:44:c8:a3:4d:d4:18:50:c9:66:31:8c:3f:7e:ef:a9:
9e:c6:9e:7f:10:92:58:7e:f7:b7:b7:fa:78:36:0a:63:3e:96:
d5:bb:1d:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFOV7wZjY9TRQGPiWrmxUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkODcxNDJiZGMyYjNmMGQwODQ4YTBkODAwYjY5MzBiMWFi
YjM0YmMwHhcNMjMwMTAxMjA0NTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWNiMWQ2MjJkOTA5NDk1MTJjY2I1MjI4ZWEwZTMyMWIzNTY0YzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYrNTt9O/LWwCuEt+ttR9MBNay0j
BE/Ft8W2wKtH/y0sFdT1sm1fur66NbS64kr/Ei0zNRUGF21YPjClAxJKGSBEkon0
4woKZ9R5cWiT80RZ8PwkeHqDAbMnIkweSlUda+gicqTJb35Foh4CvsaUJWe+NYMR
CqofzNGstARPF1rWbqYg1n+vWEllL90ateLegIMkrJXMmCK8aZdfJ1QCVKZ8jEvp
G2w6/1UIxJEK0Cg0IRK7pUP5uQHL9HO022nVkyNg0qVigSokCqY5/ySxKd2nHq7f
P6tqiTnPGWfBQ01KowkxmEEXNFcmWgOocdzjCUgfYXEGzva8TuX2Q6pdsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM7LHWItkJSVEsy1Io6g4yGzVkxCMB8GA1UdIwQY
MBaAFA2HFCvcKz8NCEig2AC2kwsauzS8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFljVUs5d3JQdzBJU0tEWUFMYVRDeHE3Tkx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC84ZjhjYzAtZjY5My00MjFjLWJjNTQt
YTMxNzA4ZDQwMzkxLzEvenNzZFlpMlFsSlVTekxVaWpxRGpJYk5XVEVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC84ZjhjYzAtZjY5My00MjFjLWJjNTQtYTMxNzA4ZDQwMzkx
LzEvRFljVUs5d3JQdzBJU0tEWUFMYVRDeHE3Tkx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwe/YMA0G
CSqGSIb3DQEBCwUAA4IBAQA/lnfZtaUq1H9qKYs/8HA6Bu4IwNwX51POoqpoD2AD
eaD1xNUNaIaMi5Hjm099N17uvGsNwPM90fY/M9ApzditKYqGKvsKNv6wS8d0Cgxy
l7nrK2W40QycuZ2v4geMfOMEPs6aIv82skMQZHcZanhAPBmaKtdU/wmb/b0DPUan
mfP27MfeGKigPE+3ONHcpqkbN7o5jJ3w25buepZ+/AeXe49BIu8E+eJcC0jofjQD
p7dw/8MpoikeNudmyOt5F4i0rZsGFNDNpjx8A0qbKgOdJSfjgYQs3MtnQSlEyKNN
1BhQyWYxjD9+76mexp5/EJJYfve3t/p4NgpjPpbVux0T
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:00 2024 by rpki-client on console-ams.rpki-client.org