Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/1zwTyAK_InyEwvWPdHc3BquicxU.roa
File: 1zwTyAK_InyEwvWPdHc3BquicxU.roa (raw, json)
Hash identifier: puny34IZIDz5af8yN+YPniq7BS+r96xfm5ZayPI/KVw=
Subject key identifier: D7:3C:13:C8:02:BF:22:7C:84:C2:F5:8F:74:77:37:06:AB:A2:73:15
Certificate issuer: /CN=c24d5bd3ceeaab0786ce151a3178dadc107bf280
Certificate serial: 01857321F9EB22F15A6AC8BF2B8D2AE0971D
Authority key identifier: C2:4D:5B:D3:CE:EA:AB:07:86:CE:15:1A:31:78:DA:DC:10:7B:F2:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wk1b087qqweGzhUaMXja3BB78oA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/1zwTyAK_InyEwvWPdHc3BquicxU.roa
Signing time: Mon 02 Jan 2023 15:38:04 +0000
ROA not before: Mon 02 Jan 2023 15:38:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205714
IP address blocks: 86.32.0.0/15 maxlen: 15
2a10:5700::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:21:f9:eb:22:f1:5a:6a:c8:bf:2b:8d:2a:e0:97:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c24d5bd3ceeaab0786ce151a3178dadc107bf280
Validity
Not Before: Jan 2 15:38:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d73c13c802bf227c84c2f58f74773706aba27315
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:75:60:30:bc:27:0f:02:1e:2e:32:e3:7a:17:
62:e0:3c:86:46:c9:a8:0b:fc:3c:c4:a2:64:50:39:
ec:3b:e4:38:07:e5:14:16:18:4b:2a:5b:ff:4b:a8:
1e:a6:b1:98:10:b6:21:49:38:d7:a0:ec:31:d7:e6:
5a:a7:21:7c:db:8f:1d:71:5a:1b:df:b5:8e:cc:3e:
ad:f1:40:39:5d:30:5a:5a:76:ed:bb:ef:09:db:ce:
96:f4:06:ca:9e:aa:6b:f6:42:8b:b2:94:7a:7f:a7:
dd:5e:3a:fd:0d:0b:1c:b6:34:57:a3:c8:34:60:5e:
44:4d:f5:45:50:eb:b7:07:65:23:5f:c4:52:64:32:
ef:1f:a9:2e:4b:c8:f9:08:5d:ca:0b:d3:60:90:ca:
1f:9d:83:6a:a9:87:41:6b:67:69:aa:db:00:2a:ea:
94:6e:57:f3:55:26:05:a0:be:a2:e0:4a:86:57:c5:
22:da:9d:99:54:6a:40:89:d3:e2:c5:1e:84:fc:8e:
0b:fd:d5:5d:25:7a:29:d6:2d:53:96:e2:91:62:71:
1d:1c:2e:0e:4e:fc:02:c8:6b:0e:fc:35:4b:d0:e8:
51:51:d9:6d:d5:47:b0:d7:b4:f8:6f:52:5f:c0:ea:
3f:d3:ea:c3:b1:fe:09:23:3a:c0:fb:e2:fa:75:ec:
4b:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:3C:13:C8:02:BF:22:7C:84:C2:F5:8F:74:77:37:06:AB:A2:73:15
X509v3 Authority Key Identifier:
keyid:C2:4D:5B:D3:CE:EA:AB:07:86:CE:15:1A:31:78:DA:DC:10:7B:F2:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wk1b087qqweGzhUaMXja3BB78oA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/1zwTyAK_InyEwvWPdHc3BquicxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/wk1b087qqweGzhUaMXja3BB78oA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.32.0.0/15
IPv6:
2a10:5700::/29
Signature Algorithm: sha256WithRSAEncryption
8d:e5:db:2e:98:18:9b:46:7f:0c:f1:3c:b2:d2:26:c4:c3:a6:
85:5c:24:8d:b4:11:66:4a:3b:a8:2f:78:c4:56:21:ab:3f:8a:
e8:1f:e6:72:75:c6:d5:7b:97:49:4e:94:54:e9:c7:a8:f3:f1:
26:75:8b:7f:d6:2a:ce:39:69:e0:a5:ae:75:d0:3a:3e:58:28:
b8:87:83:80:75:30:5d:7d:2c:03:47:8b:64:b9:5b:1d:ed:20:
89:9e:23:31:ea:29:d2:01:22:b5:e1:ea:05:b0:88:3f:75:da:
0a:cd:6a:ab:57:ed:05:5b:4e:05:22:1d:3e:9b:02:1a:11:c7:
fc:8f:27:34:ad:63:da:6f:86:fa:00:81:0c:57:19:d6:8c:73:
fe:d8:47:34:2d:4b:e0:85:44:a6:1c:67:7d:0a:bc:59:27:21:
87:d2:20:3d:74:6e:d7:98:c5:a5:cd:d0:e3:81:20:60:d9:6f:
f7:5c:0f:9b:03:4a:c9:2c:21:e7:85:ee:9c:8e:a5:2c:da:42:
40:74:a5:59:82:a9:dd:b9:60:dd:51:24:e9:7c:7f:03:6a:ba:
df:16:1e:b0:a4:3f:7e:77:23:a4:72:70:1d:44:b9:51:0b:84:
8d:b2:43:39:ab:8c:2f:52:fb:36:cf:1f:77:0b:fe:b2:1a:5b:
dd:e8:d1:41
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVzIfnrIvFaasi/K40q4JcdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNGQ1YmQzY2VlYWFiMDc4NmNlMTUxYTMxNzhkYWRjMTA3
YmYyODAwHhcNMjMwMTAyMTUzODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzNjMTNjODAyYmYyMjdjODRjMmY1OGY3NDc3MzcwNmFiYTI3MzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonVgMLwnDwIeLjLjehdi4DyGRsmo
C/w8xKJkUDnsO+Q4B+UUFhhLKlv/S6geprGYELYhSTjXoOwx1+ZapyF8248dcVob
37WOzD6t8UA5XTBaWnbtu+8J286W9AbKnqpr9kKLspR6f6fdXjr9DQsctjRXo8g0
YF5ETfVFUOu3B2UjX8RSZDLvH6kuS8j5CF3KC9NgkMofnYNqqYdBa2dpqtsAKuqU
blfzVSYFoL6i4EqGV8Ui2p2ZVGpAidPixR6E/I4L/dVdJXop1i1TluKRYnEdHC4O
TvwCyGsO/DVL0OhRUdlt1Uew17T4b1JfwOo/0+rDsf4JIzrA++L6dexLtwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNc8E8gCvyJ8hML1j3R3NwaronMVMB8GA1UdIwQY
MBaAFMJNW9PO6qsHhs4VGjF42twQe/KAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2sxYjA4N3Fxd2VHemhVYU1YamEzQkI3OG9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS85ZTE2YzEtMzEwZi00MTBjLWIzNDEt
NDFkODIzMjlmMjZkLzEvMXp3VHlBS19JbnlFd3ZXUGRIYzNCcXVpY3hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS85ZTE2YzEtMzEwZi00MTBjLWIzNDEtNDFkODIzMjlmMjZk
LzEvd2sxYjA4N3Fxd2VHemhVYU1YamEzQkI3OG9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDALBAIAATAFAwMBViAwDQQC
AAIwBwMFAyoQVwAwDQYJKoZIhvcNAQELBQADggEBAI3l2y6YGJtGfwzxPLLSJsTD
poVcJI20EWZKO6gveMRWIas/iugf5nJ1xtV7l0lOlFTpx6jz8SZ1i3/WKs45aeCl
rnXQOj5YKLiHg4B1MF19LANHi2S5Wx3tIImeIzHqKdIBIrXh6gWwiD912grNaqtX
7QVbTgUiHT6bAhoRx/yPJzStY9pvhvoAgQxXGdaMc/7YRzQtS+CFRKYcZ30KvFkn
IYfSID10bteYxaXN0OOBIGDZb/dcD5sDSsksIeeF7pyOpSzaQkB0pVmCqd25YN1R
JOl8fwNqut8WHrCkP353I6RycB1EuVELhI2yQzmrjC9S+zbPH3cL/rIaW93o0UE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:03 2024 by rpki-client on console-fra.rpki-client.org