Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/ZCEaO9k06u2rsoPnXyeskp4wFAs.roa
File: ZCEaO9k06u2rsoPnXyeskp4wFAs.roa (raw, json)
Hash identifier: IrTFZAliPelJwB6+iQYuRTO28dErMpxgsxg/CBj8OhY=
Subject key identifier: 64:21:1A:3B:D9:34:EA:ED:AB:B2:83:E7:5F:27:AC:92:9E:30:14:0B
Certificate issuer: /CN=27a7d1f0d73fe481c2188d28def0e858e715697e
Certificate serial: 018974EA1DEABEE10C79BDB0856742A48155
Authority key identifier: 27:A7:D1:F0:D7:3F:E4:81:C2:18:8D:28:DE:F0:E8:58:E7:15:69:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6fR8Nc_5IHCGI0o3vDoWOcVaX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/ZCEaO9k06u2rsoPnXyeskp4wFAs.roa
Signing time: Thu 20 Jul 2023 20:07:27 +0000
ROA not before: Thu 20 Jul 2023 20:07:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12679
IP address blocks: 195.34.94.0/23 maxlen: 23
91.204.78.0/24 maxlen: 24
91.204.77.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Jul 2023 10:10:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:74:ea:1d:ea:be:e1:0c:79:bd:b0:85:67:42:a4:81:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a7d1f0d73fe481c2188d28def0e858e715697e
Validity
Not Before: Jul 20 20:07:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64211a3bd934eaedabb283e75f27ac929e30140b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c1:66:27:a4:48:bf:6c:b8:ea:ab:e3:89:11:
59:0d:53:16:6f:ad:50:f6:d0:26:bf:d5:28:7a:6d:
65:73:24:92:e3:06:bb:6c:81:1b:c7:3d:5a:74:9b:
2e:13:9a:74:a3:0b:0f:e2:c7:e6:3e:7f:a7:c3:49:
36:73:2c:59:07:dc:27:f3:48:75:1c:7d:70:16:43:
18:8c:f3:66:47:0b:d5:cd:94:7b:25:60:19:da:7d:
f1:26:ce:ce:6a:38:cc:1d:5e:c4:54:cc:ce:d2:52:
3f:74:25:8e:2e:5b:b8:6c:45:dd:10:56:f9:77:b8:
04:e2:8d:b7:2c:58:aa:ee:0a:df:da:72:24:29:cf:
e4:32:ba:c8:73:5b:17:61:5b:f2:58:e9:0e:2c:f2:
d0:85:be:93:dd:3a:74:22:bb:00:cb:17:5e:33:f1:
83:20:64:cd:3b:08:2e:4f:5d:82:f2:af:e0:2b:5e:
cb:bb:3d:dc:21:c6:49:b0:cf:37:79:0c:69:20:ad:
04:31:ba:0d:5f:52:c3:bc:39:5c:fa:2f:ad:26:84:
0e:33:c3:63:2d:90:cd:ab:8e:7c:57:03:4d:95:b5:
de:25:f8:a8:8d:23:fc:3c:93:d1:44:2f:ed:49:0b:
7e:1d:ed:5b:34:dd:8a:d2:22:6f:70:77:85:ec:d2:
2b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:21:1A:3B:D9:34:EA:ED:AB:B2:83:E7:5F:27:AC:92:9E:30:14:0B
X509v3 Authority Key Identifier:
keyid:27:A7:D1:F0:D7:3F:E4:81:C2:18:8D:28:DE:F0:E8:58:E7:15:69:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6fR8Nc_5IHCGI0o3vDoWOcVaX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/ZCEaO9k06u2rsoPnXyeskp4wFAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/J6fR8Nc_5IHCGI0o3vDoWOcVaX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.77.0-91.204.78.255
195.34.94.0/23
Signature Algorithm: sha256WithRSAEncryption
b4:7c:ea:25:71:3d:2d:a3:8c:e6:0e:dc:11:7a:ac:82:9a:0f:
30:4b:c9:36:f2:06:e3:2f:f5:2f:53:ff:d4:6f:03:d9:35:67:
1d:cf:f1:a7:5c:a5:44:83:16:1c:b6:83:08:8c:3c:18:0d:8f:
a9:e8:84:5a:33:75:aa:75:4e:a3:f9:48:d4:83:61:00:ea:cc:
af:eb:a0:41:80:62:cc:b8:b4:82:dc:33:b7:51:cf:4b:79:51:
c5:99:75:be:ee:ab:64:ba:31:9f:fa:d2:f4:07:76:ee:53:d6:
0e:36:c7:d2:00:d2:26:95:dc:ae:44:92:79:f7:25:57:07:be:
11:12:28:0e:2a:ad:65:22:26:67:f4:f5:c2:82:4d:a5:ef:17:
29:a2:6d:a8:56:40:b8:b7:7e:1f:58:0a:58:78:16:a5:ca:b0:
fc:5a:72:c7:97:59:72:64:97:bc:4d:dc:71:4b:d0:b8:c7:ae:
92:9b:d6:38:ed:de:90:a4:72:d2:af:f2:a4:71:7c:56:4b:36:
01:4a:eb:47:94:ac:cc:d6:b9:f7:ba:02:92:76:16:c4:7b:b5:
96:ff:25:21:d1:84:ba:aa:2e:f6:d2:26:75:15:c0:c9:27:31:
a5:6f:69:bc:5b:ee:f5:45:a4:6a:6a:f6:72:ba:8f:59:22:dc:
b9:d2:b5:fc
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYl06h3qvuEMeb2whWdCpIFVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTdkMWYwZDczZmU0ODFjMjE4OGQyOGRlZjBlODU4ZTcx
NTY5N2UwHhcNMjMwNzIwMjAwNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDIxMWEzYmQ5MzRlYWVkYWJiMjgzZTc1ZjI3YWM5MjllMzAxNDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8FmJ6RIv2y46qvjiRFZDVMWb61Q
9tAmv9Uoem1lcySS4wa7bIEbxz1adJsuE5p0owsP4sfmPn+nw0k2cyxZB9wn80h1
HH1wFkMYjPNmRwvVzZR7JWAZ2n3xJs7OajjMHV7EVMzO0lI/dCWOLlu4bEXdEFb5
d7gE4o23LFiq7grf2nIkKc/kMrrIc1sXYVvyWOkOLPLQhb6T3Tp0IrsAyxdeM/GD
IGTNOwguT12C8q/gK17Luz3cIcZJsM83eQxpIK0EMboNX1LDvDlc+i+tJoQOM8Nj
LZDNq458VwNNlbXeJfiojSP8PJPRRC/tSQt+He1bNN2K0iJvcHeF7NIrLwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGQhGjvZNOrtq7KD518nrJKeMBQLMB8GA1UdIwQY
MBaAFCen0fDXP+SBwhiNKN7w6FjnFWl+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZmUjhOY181SUhDR0kwbzN2RG9XT2NWYVg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9kODJlZjYtODM2YS00N2M3LWE2YzEt
ZDZlYWFmYzZiNGY1LzEvWkNFYU85azA2dTJyc29Qblh5ZXNrcDR3RkFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9kODJlZjYtODM2YS00N2M3LWE2YzEtZDZlYWFmYzZiNGY1
LzEvSjZmUjhOY181SUhDR0kwbzN2RG9XT2NWYVg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABbzE0D
BABbzE4DBAHDIl4wDQYJKoZIhvcNAQELBQADggEBALR86iVxPS2jjOYO3BF6rIKa
DzBLyTbyBuMv9S9T/9RvA9k1Zx3P8adcpUSDFhy2gwiMPBgNj6nohFozdap1TqP5
SNSDYQDqzK/roEGAYsy4tILcM7dRz0t5UcWZdb7uq2S6MZ/60vQHdu5T1g42x9IA
0iaV3K5Eknn3JVcHvhESKA4qrWUiJmf09cKCTaXvFymibahWQLi3fh9YClh4FqXK
sPxacseXWXJkl7xN3HFL0LjHrpKb1jjt3pCkctKv8qRxfFZLNgFK60eUrMzWufe6
ApJ2FsR7tZb/JSHRhLqqLvbSJnUVwMknMaVvabxb7vVFpGpq9nK6j1ki3LnStfw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:22 2024 by rpki-client on console-fra.rpki-client.org