Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/05ab16-2228-488e-b152-eb0921895714/1/ZIiE82jvPykHT1kaEsJHSNtOgQQ.roa
File: ZIiE82jvPykHT1kaEsJHSNtOgQQ.roa (raw, json)
Hash identifier: O3T5vpJY45RknqesoOqazU3/TPxUCPIjYZyBTJ7cJpQ=
Subject key identifier: 64:88:84:F3:68:EF:3F:29:07:4F:59:1A:12:C2:47:48:DB:4E:81:04
Certificate issuer: /CN=960c6d787e6b5eb64248dd9a7a1065b1053f7458
Certificate serial: 01856C812A8385A704E56A070583444EB9B2
Authority key identifier: 96:0C:6D:78:7E:6B:5E:B6:42:48:DD:9A:7A:10:65:B1:05:3F:74:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lgxteH5rXrZCSN2aehBlsQU_dFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/05ab16-2228-488e-b152-eb0921895714/1/ZIiE82jvPykHT1kaEsJHSNtOgQQ.roa
Signing time: Sun 01 Jan 2023 08:44:42 +0000
ROA not before: Sun 01 Jan 2023 08:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29641
IP address blocks: 193.8.106.0/23 maxlen: 23
193.8.108.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:81:2a:83:85:a7:04:e5:6a:07:05:83:44:4e:b9:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=960c6d787e6b5eb64248dd9a7a1065b1053f7458
Validity
Not Before: Jan 1 08:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=648884f368ef3f29074f591a12c24748db4e8104
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:02:e4:b6:76:74:97:b0:b0:20:de:54:dc:ae:
a6:ca:30:e5:a0:ba:7a:d0:ee:f8:9a:19:c0:80:73:
80:b7:51:40:11:7e:49:02:3f:14:a5:2e:eb:c8:bb:
a4:29:c3:c8:bb:b3:6c:60:5c:ef:6e:ee:21:78:61:
12:5b:68:10:7c:16:ac:bd:d3:50:1c:da:19:23:61:
74:d2:1f:f1:3b:fa:18:32:e7:70:90:30:4b:6a:0a:
9e:2c:a7:3f:a8:51:20:b8:08:30:df:6a:fc:d0:e6:
d3:2f:4c:4f:d9:6f:fb:be:65:fc:30:c4:f7:1f:62:
d1:2d:bb:84:14:c0:79:0b:2d:b6:a3:b9:aa:68:4f:
49:36:31:75:df:c1:51:f1:6c:c3:d1:7e:bb:a7:7c:
ac:ec:a9:b2:59:4c:11:87:45:2b:7c:fa:d3:d6:eb:
35:ef:06:5a:e6:c3:3a:fa:5b:f8:91:cb:74:8f:41:
f3:f0:72:e9:8a:a7:75:04:0d:02:68:b1:0e:70:a0:
1c:a2:9a:b1:e1:bc:34:90:4d:87:2c:18:b3:cc:73:
8f:63:b2:a1:6f:ae:36:98:30:49:5d:75:7b:ea:67:
2d:a7:e2:68:a6:12:fc:7d:02:34:3f:ec:0d:fd:63:
57:43:05:ef:44:95:b8:31:16:e2:1f:46:6c:77:78:
f7:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:88:84:F3:68:EF:3F:29:07:4F:59:1A:12:C2:47:48:DB:4E:81:04
X509v3 Authority Key Identifier:
keyid:96:0C:6D:78:7E:6B:5E:B6:42:48:DD:9A:7A:10:65:B1:05:3F:74:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lgxteH5rXrZCSN2aehBlsQU_dFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/05ab16-2228-488e-b152-eb0921895714/1/ZIiE82jvPykHT1kaEsJHSNtOgQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/05ab16-2228-488e-b152-eb0921895714/1/lgxteH5rXrZCSN2aehBlsQU_dFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.106.0-193.8.109.255
Signature Algorithm: sha256WithRSAEncryption
86:65:42:ae:94:90:43:45:64:60:12:ec:4d:80:74:6e:a0:8f:
5c:f1:7a:7e:9c:be:87:70:b8:c8:34:e1:bb:68:17:4a:72:5c:
d3:60:5c:25:a5:47:57:3a:92:d0:bc:4e:2a:61:91:94:31:77:
5d:64:02:cc:d1:c7:02:3f:4b:d3:94:6d:8c:04:90:36:4b:a8:
fa:17:90:25:89:85:ba:ee:65:08:f5:63:57:46:db:4a:3b:0e:
9b:7e:32:c0:f2:74:3e:59:b7:25:f1:e1:b4:17:9e:5d:56:75:
a7:3b:68:f0:75:e8:c1:c7:f1:fb:af:51:c4:4e:26:8a:0a:fd:
91:3b:24:34:3d:c3:8b:b1:74:f0:10:52:65:2e:1b:ba:04:98:
00:49:2c:dd:37:d5:2c:8e:4a:ee:9b:29:8c:d0:86:f6:95:20:
c5:de:bb:69:08:b0:21:8e:59:f9:5c:2c:09:9a:0c:c4:0c:a1:
3a:41:ed:c3:07:d7:d1:02:c9:39:86:4c:df:79:01:da:df:1e:
eb:77:9a:cc:32:0f:ad:5e:3d:81:69:5c:80:0a:99:2a:bd:1a:
85:8b:96:21:3a:00:20:ec:18:ca:24:7a:06:09:36:de:a8:6a:
a2:e4:5d:3a:c7:a5:dc:d9:5c:c6:58:13:51:be:d3:fe:fc:fd:
3a:7b:a0:9d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVsgSqDhacE5WoHBYNETrmyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MGM2ZDc4N2U2YjVlYjY0MjQ4ZGQ5YTdhMTA2NWIxMDUz
Zjc0NTgwHhcNMjMwMTAxMDg0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDg4ODRmMzY4ZWYzZjI5MDc0ZjU5MWExMmMyNDc0OGRiNGU4MTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQLktnZ0l7CwIN5U3K6myjDloLp6
0O74mhnAgHOAt1FAEX5JAj8UpS7ryLukKcPIu7NsYFzvbu4heGESW2gQfBasvdNQ
HNoZI2F00h/xO/oYMudwkDBLagqeLKc/qFEguAgw32r80ObTL0xP2W/7vmX8MMT3
H2LRLbuEFMB5Cy22o7mqaE9JNjF138FR8WzD0X67p3ys7KmyWUwRh0UrfPrT1us1
7wZa5sM6+lv4kct0j0Hz8HLpiqd1BA0CaLEOcKAcopqx4bw0kE2HLBizzHOPY7Kh
b642mDBJXXV76mctp+JophL8fQI0P+wN/WNXQwXvRJW4MRbiH0Zsd3j3+QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGSIhPNo7z8pB09ZGhLCR0jbToEEMB8GA1UdIwQY
MBaAFJYMbXh+a162QkjdmnoQZbEFP3RYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGd4dGVINXJYclpDU04yYWVoQmxzUVVfZEZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wNWFiMTYtMjIyOC00ODhlLWIxNTIt
ZWIwOTIxODk1NzE0LzEvWklpRTgyanZQeWtIVDFrYUVzSkhTTnRPZ1FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wNWFiMTYtMjIyOC00ODhlLWIxNTItZWIwOTIxODk1NzE0
LzEvbGd4dGVINXJYclpDU04yYWVoQmxzUVVfZEZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHBCGoD
BAHBCGwwDQYJKoZIhvcNAQELBQADggEBAIZlQq6UkENFZGAS7E2AdG6gj1zxen6c
vodwuMg04btoF0pyXNNgXCWlR1c6ktC8TiphkZQxd11kAszRxwI/S9OUbYwEkDZL
qPoXkCWJhbruZQj1Y1dG20o7Dpt+MsDydD5ZtyXx4bQXnl1Wdac7aPB16MHH8fuv
UcROJooK/ZE7JDQ9w4uxdPAQUmUuG7oEmABJLN031SyOSu6bKYzQhvaVIMXeu2kI
sCGOWflcLAmaDMQMoTpB7cMH19ECyTmGTN95AdrfHut3mswyD61ePYFpXIAKmSq9
GoWLliE6ACDsGMokegYJNt6oaqLkXTrHpdzZXMZYE1G+0/78/Tp7oJ0=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:27 2024 by rpki-client on console-ams.rpki-client.org