Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/b49f81-8536-4a67-899f-d5e63856d55d/1/Pz9zsby_X08-j8FtLTBeQbd3U54.roa
File: Pz9zsby_X08-j8FtLTBeQbd3U54.roa (raw, json)
Hash identifier: CQbSCllV42X4KmlqoX4TZYq1lXm82ikOjcZldSX4hGI=
Subject key identifier: 3F:3F:73:B1:BC:BF:5F:4F:3E:8F:C1:6D:2D:30:5E:41:B7:77:53:9E
Certificate issuer: /CN=c285a1474e38627e301a551be34efa4582a5cf39
Certificate serial: 01856FA6FA7310D54FEBDED1F28241AB8C1D
Authority key identifier: C2:85:A1:47:4E:38:62:7E:30:1A:55:1B:E3:4E:FA:45:82:A5:CF:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/woWhR044Yn4wGlUb4076RYKlzzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/b49f81-8536-4a67-899f-d5e63856d55d/1/Pz9zsby_X08-j8FtLTBeQbd3U54.roa
Signing time: Sun 01 Jan 2023 23:24:52 +0000
ROA not before: Sun 01 Jan 2023 23:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201822
IP address blocks: 185.62.160.0/23 maxlen: 23
81.173.42.0/24 maxlen: 24
2a03:521::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a6:fa:73:10:d5:4f:eb:de:d1:f2:82:41:ab:8c:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c285a1474e38627e301a551be34efa4582a5cf39
Validity
Not Before: Jan 1 23:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f3f73b1bcbf5f4f3e8fc16d2d305e41b777539e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c3:a6:e8:cb:0a:06:c8:46:50:43:9f:ae:5e:
95:68:c7:78:c9:44:2a:35:5f:82:db:fd:2d:a1:df:
f0:6e:8a:f3:24:7c:8e:bf:e9:e0:b1:a0:b8:84:b4:
38:58:2a:09:ab:d1:3f:45:0a:8c:9b:94:ad:6d:c7:
8d:89:4a:c0:6e:c2:42:af:fe:64:84:17:f4:98:d7:
bf:4b:2c:e4:b0:2f:76:f7:e0:1a:d4:0d:00:c7:36:
68:8f:9e:bf:ec:09:03:65:ed:75:c7:b4:2b:a6:c7:
a2:6f:11:0b:aa:02:cf:a2:51:11:7a:2d:09:9c:ec:
55:6a:76:6f:a6:2d:45:84:4d:31:e1:d1:96:f3:41:
62:9b:6d:81:a0:ee:a4:0d:af:70:0b:22:ec:4f:72:
25:43:31:c6:32:64:a4:04:db:fc:08:ac:46:8c:9b:
01:d3:87:de:a5:44:0d:04:ca:3f:2f:ad:05:07:94:
bc:5e:49:95:0e:47:13:d8:7a:a4:5b:eb:30:40:1e:
d3:53:70:34:60:86:37:b0:67:57:cb:69:4a:83:f9:
61:b8:8a:36:32:f8:d4:a0:af:8f:07:92:73:03:8e:
8a:42:54:cd:97:bd:e0:3d:92:3a:0c:aa:c6:00:39:
94:d1:57:d8:05:0d:ca:1c:93:58:52:95:b7:4e:a4:
76:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:3F:73:B1:BC:BF:5F:4F:3E:8F:C1:6D:2D:30:5E:41:B7:77:53:9E
X509v3 Authority Key Identifier:
keyid:C2:85:A1:47:4E:38:62:7E:30:1A:55:1B:E3:4E:FA:45:82:A5:CF:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/woWhR044Yn4wGlUb4076RYKlzzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/b49f81-8536-4a67-899f-d5e63856d55d/1/Pz9zsby_X08-j8FtLTBeQbd3U54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/b49f81-8536-4a67-899f-d5e63856d55d/1/woWhR044Yn4wGlUb4076RYKlzzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.173.42.0/24
185.62.160.0/23
IPv6:
2a03:521::/32
Signature Algorithm: sha256WithRSAEncryption
73:45:ab:9e:13:73:d2:c2:56:9e:6b:1e:c3:e1:11:0a:d9:37:
50:5c:ad:73:46:0e:95:d2:5b:8b:ef:15:d4:b2:3e:68:98:38:
f3:8c:0a:68:e7:8a:79:e7:d6:74:66:62:a7:e1:89:55:4a:bd:
ce:a2:59:32:03:49:24:7e:02:22:3a:9f:ac:52:16:60:56:74:
03:6e:10:db:fb:f6:f0:23:1d:fc:8a:8f:f0:90:2f:f5:2d:8b:
bb:36:69:ca:c5:2c:a7:0e:3a:c1:ea:b2:96:70:a7:bc:e1:a7:
91:59:8f:b1:62:34:43:e6:8d:82:19:2a:b4:8a:70:4a:46:c5:
d8:ff:af:a7:62:d8:d2:f2:54:dd:de:10:3b:94:ae:f5:dc:8c:
0b:d1:41:5a:98:48:4a:bb:39:7d:28:2b:01:a2:e4:8e:c1:37:
da:98:f2:0d:a9:7f:9f:c1:c7:f7:f2:e7:36:ef:cb:1d:3c:9d:
4b:8c:0f:88:94:ba:a5:90:40:eb:01:de:f9:15:56:28:34:2c:
d1:b8:dc:05:cd:f7:78:7a:48:d5:1e:83:d5:f4:1c:d8:7e:65:
88:b0:bf:51:cd:26:dd:a0:1e:bd:7d:23:24:91:eb:6a:74:72:
2f:7b:67:37:48:4d:c1:8a:41:f1:22:41:62:53:d1:ce:2e:e7:
73:cf:a4:b6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvpvpzENVP697R8oJBq4wdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyODVhMTQ3NGUzODYyN2UzMDFhNTUxYmUzNGVmYTQ1ODJh
NWNmMzkwHhcNMjMwMTAxMjMyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjNmNzNiMWJjYmY1ZjRmM2U4ZmMxNmQyZDMwNWU0MWI3Nzc1MzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcOm6MsKBshGUEOfrl6VaMd4yUQq
NV+C2/0tod/wborzJHyOv+ngsaC4hLQ4WCoJq9E/RQqMm5StbceNiUrAbsJCr/5k
hBf0mNe/SyzksC929+Aa1A0AxzZoj56/7AkDZe11x7QrpseibxELqgLPolERei0J
nOxVanZvpi1FhE0x4dGW80Fim22BoO6kDa9wCyLsT3IlQzHGMmSkBNv8CKxGjJsB
04fepUQNBMo/L60FB5S8XkmVDkcT2HqkW+swQB7TU3A0YIY3sGdXy2lKg/lhuIo2
MvjUoK+PB5JzA46KQlTNl73gPZI6DKrGADmU0VfYBQ3KHJNYUpW3TqR2rQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFD8/c7G8v19PPo/BbS0wXkG3d1OeMB8GA1UdIwQY
MBaAFMKFoUdOOGJ+MBpVG+NO+kWCpc85MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd29XaFIwNDRZbjR3R2xVYjQwNzZSWUtsenprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9iNDlmODEtODUzNi00YTY3LTg5OWYt
ZDVlNjM4NTZkNTVkLzEvUHo5enNieV9YMDgtajhGdExUQmVRYmQzVTU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9iNDlmODEtODUzNi00YTY3LTg5OWYtZDVlNjM4NTZkNTVk
LzEvd29XaFIwNDRZbjR3R2xVYjQwNzZSWUtsenprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAUa0qAwQB
uT6gMA0EAgACMAcDBQAqAwUhMA0GCSqGSIb3DQEBCwUAA4IBAQBzRaueE3PSwlae
ax7D4REK2TdQXK1zRg6V0luL7xXUsj5omDjzjApo54p559Z0ZmKn4YlVSr3Oolky
A0kkfgIiOp+sUhZgVnQDbhDb+/bwIx38io/wkC/1LYu7NmnKxSynDjrB6rKWcKe8
4aeRWY+xYjRD5o2CGSq0inBKRsXY/6+nYtjS8lTd3hA7lK713IwL0UFamEhKuzl9
KCsBouSOwTfamPINqX+fwcf38uc278sdPJ1LjA+IlLqlkEDrAd75FVYoNCzRuNwF
zfd4ekjVHoPV9BzYfmWIsL9RzSbdoB69fSMkketqdHIve2c3SE3BikHxIkFiU9HO
Ludzz6S2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:29 2024 by rpki-client on console-fra.rpki-client.org