Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/8613ad-4f5f-45fd-8799-a09a875f5903/1/szzZby6sBmkG1TSD6pJVk1KhG3A.roa
File: szzZby6sBmkG1TSD6pJVk1KhG3A.roa (raw, json)
Hash identifier: xKG7CEYo9WKR7MQuQrLr3MLup68Lkh1AHjsZW/PZVow=
Subject key identifier: B3:3C:D9:6F:2E:AC:06:69:06:D5:34:83:EA:92:55:93:52:A1:1B:70
Certificate issuer: /CN=d2c1d5fd4e20ade5f11b66afb10a54c8ffe4b040
Certificate serial: 01857042815C95FFE14D111514E375740815
Authority key identifier: D2:C1:D5:FD:4E:20:AD:E5:F1:1B:66:AF:B1:0A:54:C8:FF:E4:B0:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0sHV_U4greXxG2avsQpUyP_ksEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/8613ad-4f5f-45fd-8799-a09a875f5903/1/szzZby6sBmkG1TSD6pJVk1KhG3A.roa
Signing time: Mon 02 Jan 2023 02:14:44 +0000
ROA not before: Mon 02 Jan 2023 02:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13074
IP address blocks: 192.118.70.0/24 maxlen: 24
192.118.71.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:81:5c:95:ff:e1:4d:11:15:14:e3:75:74:08:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2c1d5fd4e20ade5f11b66afb10a54c8ffe4b040
Validity
Not Before: Jan 2 02:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b33cd96f2eac066906d53483ea92559352a11b70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:1a:29:3f:5c:17:4b:95:dd:1a:fd:15:86:b3:
fb:d6:73:f7:f6:c3:e5:e7:97:c9:fa:01:bd:2e:28:
40:0c:2b:2c:d7:3d:e8:de:de:0e:04:11:d3:04:9e:
fc:87:c2:fb:78:cb:65:e2:14:47:2f:ac:b7:24:b1:
b0:27:30:e2:0e:0b:b7:4b:88:4a:e0:04:bf:1c:52:
10:0b:61:29:21:98:04:3d:bf:7a:c8:ec:67:fa:be:
6a:38:9f:48:e2:ec:ed:42:ad:c4:fd:05:63:3d:19:
84:69:2f:d1:81:a0:34:a5:17:44:6e:aa:3c:cf:5f:
79:93:09:b9:dd:d0:da:97:e6:ab:99:6f:ce:2d:28:
1b:29:39:68:b5:4a:e7:95:11:5d:b7:68:31:63:f3:
ef:9e:75:93:1a:61:26:b2:c0:1b:0f:88:39:20:9b:
7d:12:18:cd:f5:28:6f:71:ed:aa:60:87:77:aa:da:
45:76:b2:37:da:05:84:a9:71:cd:3b:09:26:df:5b:
e2:80:fb:43:7d:c4:9b:0c:10:85:53:a0:46:ed:0d:
21:c2:d1:46:0a:c1:15:f5:61:1d:99:b2:c9:c5:cf:
03:a8:ea:71:80:d8:e4:4d:36:96:b7:f9:40:50:7a:
14:a6:65:f3:07:ca:eb:8d:42:ff:d8:2b:cb:44:74:
9c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:3C:D9:6F:2E:AC:06:69:06:D5:34:83:EA:92:55:93:52:A1:1B:70
X509v3 Authority Key Identifier:
keyid:D2:C1:D5:FD:4E:20:AD:E5:F1:1B:66:AF:B1:0A:54:C8:FF:E4:B0:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sHV_U4greXxG2avsQpUyP_ksEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/8613ad-4f5f-45fd-8799-a09a875f5903/1/szzZby6sBmkG1TSD6pJVk1KhG3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/8613ad-4f5f-45fd-8799-a09a875f5903/1/0sHV_U4greXxG2avsQpUyP_ksEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.118.70.0/23
Signature Algorithm: sha256WithRSAEncryption
c0:5f:5e:2c:77:48:41:27:f3:18:85:de:5c:f4:94:3d:bc:2b:
9a:eb:14:f4:2b:99:b4:6d:30:8f:72:de:10:a4:76:29:7a:9f:
16:b6:21:48:a6:62:e9:18:8e:ab:69:18:7b:58:34:d5:2f:e8:
33:ac:e4:c1:10:38:3a:2c:f9:63:51:9a:da:01:b4:8c:c8:73:
a8:69:15:18:52:ec:7c:35:a5:93:e4:61:a3:2b:9f:a8:d1:5a:
dd:c7:3a:7e:d9:c3:6b:5c:22:6f:50:97:01:7b:23:6c:37:12:
1a:ad:4e:fb:4c:8e:2e:37:d1:7b:2d:d7:4f:2c:04:4c:ab:f1:
50:a2:42:dc:69:61:52:ef:eb:80:81:bb:c1:c7:3f:ad:c1:f3:
dc:74:3e:ee:21:ea:19:0c:b9:06:fc:fe:6c:c2:c9:24:e6:de:
c7:85:9d:4e:b7:b9:cd:5e:6d:88:42:14:4c:20:df:c6:4a:fd:
8d:ff:3a:82:22:f3:20:f8:4e:df:d7:ba:5b:49:e3:b8:80:52:
04:31:84:96:80:e0:3e:7e:82:40:66:80:cf:4a:59:0a:cf:dd:
6f:b2:5e:18:b3:8f:7c:41:e1:b5:b1:2d:71:f8:db:54:18:3d:
06:b8:1d:0a:7c:95:08:f5:ad:86:ca:f8:a2:a5:de:51:33:d7:
e4:85:b8:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwQoFclf/hTREVFON1dAgVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYzFkNWZkNGUyMGFkZTVmMTFiNjZhZmIxMGE1NGM4ZmZl
NGIwNDAwHhcNMjMwMTAyMDIxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzNjZDk2ZjJlYWMwNjY5MDZkNTM0ODNlYTkyNTU5MzUyYTExYjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhopP1wXS5XdGv0VhrP71nP39sPl
55fJ+gG9LihADCss1z3o3t4OBBHTBJ78h8L7eMtl4hRHL6y3JLGwJzDiDgu3S4hK
4AS/HFIQC2EpIZgEPb96yOxn+r5qOJ9I4uztQq3E/QVjPRmEaS/RgaA0pRdEbqo8
z195kwm53dDal+armW/OLSgbKTlotUrnlRFdt2gxY/PvnnWTGmEmssAbD4g5IJt9
EhjN9Shvce2qYId3qtpFdrI32gWEqXHNOwkm31vigPtDfcSbDBCFU6BG7Q0hwtFG
CsEV9WEdmbLJxc8DqOpxgNjkTTaWt/lAUHoUpmXzB8rrjUL/2CvLRHScGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLM82W8urAZpBtU0g+qSVZNSoRtwMB8GA1UdIwQY
MBaAFNLB1f1OIK3l8Rtmr7EKVMj/5LBAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHNIVl9VNGdyZVh4RzJhdnNRcFV5UF9rc0VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC84NjEzYWQtNGY1Zi00NWZkLTg3OTkt
YTA5YTg3NWY1OTAzLzEvc3p6WmJ5NnNCbWtHMVRTRDZwSlZrMUtoRzNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC84NjEzYWQtNGY1Zi00NWZkLTg3OTktYTA5YTg3NWY1OTAz
LzEvMHNIVl9VNGdyZVh4RzJhdnNRcFV5UF9rc0VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwHZGMA0G
CSqGSIb3DQEBCwUAA4IBAQDAX14sd0hBJ/MYhd5c9JQ9vCua6xT0K5m0bTCPct4Q
pHYpep8WtiFIpmLpGI6raRh7WDTVL+gzrOTBEDg6LPljUZraAbSMyHOoaRUYUux8
NaWT5GGjK5+o0Vrdxzp+2cNrXCJvUJcBeyNsNxIarU77TI4uN9F7LddPLARMq/FQ
okLcaWFS7+uAgbvBxz+twfPcdD7uIeoZDLkG/P5swskk5t7HhZ1Ot7nNXm2IQhRM
IN/GSv2N/zqCIvMg+E7f17pbSeO4gFIEMYSWgOA+foJAZoDPSlkKz91vsl4Ys498
QeG1sS1x+NtUGD0GuB0KfJUI9a2Gyviipd5RM9fkhbin
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:28 2024 by rpki-client on console-fra.rpki-client.org