Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/1b3749-9673-412d-b348-50fc4d557d08/1/SRZFTbmYPJCU9NQxfrImY65E-jQ.roa
File: SRZFTbmYPJCU9NQxfrImY65E-jQ.roa (raw, json)
Hash identifier: MYox2h0oEOp7gWWKGyPjWanotahZRiCAph64HUDaUEU=
Subject key identifier: 49:16:45:4D:B9:98:3C:90:94:F4:D4:31:7E:B2:26:63:AE:44:FA:34
Certificate issuer: /CN=ff56d837fe254fa92e1f3c2f861aa1e485521746
Certificate serial: 0189680370F32F47D02D5B2B5F9EB77A8032
Authority key identifier: FF:56:D8:37:FE:25:4F:A9:2E:1F:3C:2F:86:1A:A1:E4:85:52:17:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_1bYN_4lT6kuHzwvhhqh5IVSF0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/1b3749-9673-412d-b348-50fc4d557d08/1/SRZFTbmYPJCU9NQxfrImY65E-jQ.roa
Signing time: Tue 18 Jul 2023 08:00:03 +0000
ROA not before: Tue 18 Jul 2023 08:00:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21101
IP address blocks: 94.143.96.0/21 maxlen: 24
185.5.95.0/24 maxlen: 24
185.5.94.0/24 maxlen: 24
91.240.230.0/23 maxlen: 23
193.109.32.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:68:03:70:f3:2f:47:d0:2d:5b:2b:5f:9e:b7:7a:80:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff56d837fe254fa92e1f3c2f861aa1e485521746
Validity
Not Before: Jul 18 08:00:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4916454db9983c9094f4d4317eb22663ae44fa34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c6:32:1e:84:7a:3d:a7:f4:fb:c6:e5:b5:0b:
e8:fb:c8:f0:3b:66:47:92:09:61:68:4e:fd:76:1a:
ea:9c:7c:77:49:d5:cc:99:c4:fb:5d:4d:84:2e:99:
fd:9b:35:e9:b1:4a:57:27:bb:d7:74:f0:51:73:ce:
03:13:f8:ec:a3:5f:80:5d:7c:e2:e7:8f:d2:5c:71:
15:43:cf:de:86:99:6e:33:db:ad:f2:03:d1:41:12:
e9:ee:72:de:e2:d5:a9:9b:b1:83:4f:8c:93:50:f1:
86:74:1c:6a:0d:0c:4e:6b:13:14:1c:b5:9d:80:bd:
e7:2b:11:8e:98:23:ca:a0:6a:fe:75:52:fe:fb:b4:
91:39:61:8d:57:bc:cc:ec:36:1f:9a:4f:fa:20:80:
42:d2:66:11:7b:d2:2d:9f:22:22:c4:30:f8:25:97:
69:02:7d:20:45:4b:9f:94:8a:4f:b5:4c:39:d4:dd:
b8:cb:f0:66:ab:f9:b4:7f:dc:0b:3c:33:7b:b6:04:
6b:09:5f:e1:b0:fe:69:00:43:5c:5c:55:56:cc:03:
bb:da:91:e8:10:c2:49:86:63:bd:82:dc:51:a7:6c:
b3:6e:80:41:93:2c:81:33:c7:dd:bc:fa:d0:e4:b1:
00:3c:ec:14:ff:c8:ce:2d:77:d5:2b:50:de:67:5c:
42:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:16:45:4D:B9:98:3C:90:94:F4:D4:31:7E:B2:26:63:AE:44:FA:34
X509v3 Authority Key Identifier:
keyid:FF:56:D8:37:FE:25:4F:A9:2E:1F:3C:2F:86:1A:A1:E4:85:52:17:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_1bYN_4lT6kuHzwvhhqh5IVSF0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1b3749-9673-412d-b348-50fc4d557d08/1/SRZFTbmYPJCU9NQxfrImY65E-jQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1b3749-9673-412d-b348-50fc4d557d08/1/_1bYN_4lT6kuHzwvhhqh5IVSF0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.230.0/23
94.143.96.0/21
185.5.94.0/23
193.109.32.0/21
Signature Algorithm: sha256WithRSAEncryption
53:f0:27:56:5e:65:35:81:58:6f:30:04:5f:19:b7:22:6d:03:
b1:d7:74:ee:f9:98:44:b8:63:1e:df:b0:c5:29:39:e8:a9:cc:
fb:69:7d:43:8a:c0:22:41:cd:14:45:01:97:8a:19:bd:1e:07:
54:ad:3a:81:53:6b:68:bf:ef:3f:32:31:62:fb:01:7a:d6:2f:
61:82:d2:cc:00:13:d1:a2:77:1d:ae:6a:31:bd:29:44:c8:2e:
61:ff:b3:17:3e:02:41:b5:f3:cc:ee:08:39:19:70:a8:59:69:
96:e4:e0:fa:07:53:06:66:ac:a8:72:ce:b9:51:af:60:e8:d6:
d6:d1:69:ae:4d:e3:3b:50:c0:bd:d2:1f:5e:6c:9a:f3:b0:9e:
f7:4f:4e:5a:4c:f7:81:9c:86:60:98:14:ee:0b:c5:c0:17:4d:
be:c6:9a:73:34:59:57:d9:43:66:8e:be:6f:6e:64:85:81:86:
47:82:3a:cf:36:f0:8a:75:d7:ee:b5:a5:6a:ab:a4:67:63:25:
1b:3a:26:da:20:4c:f7:09:ce:76:80:d9:0f:bd:da:a6:13:95:
8e:29:03:14:62:bf:a8:3c:ec:fc:00:17:bb:6c:06:83:3b:d9:
be:7e:39:aa:10:af:22:5b:ee:33:7f:c5:28:6c:28:dc:cc:b8:
64:5d:df:0f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYloA3DzL0fQLVsrX563eoAyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNTZkODM3ZmUyNTRmYTkyZTFmM2MyZjg2MWFhMWU0ODU1
MjE3NDYwHhcNMjMwNzE4MDgwMDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTE2NDU0ZGI5OTgzYzkwOTRmNGQ0MzE3ZWIyMjY2M2FlNDRmYTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMYyHoR6Paf0+8bltQvo+8jwO2ZH
kglhaE79dhrqnHx3SdXMmcT7XU2ELpn9mzXpsUpXJ7vXdPBRc84DE/jso1+AXXzi
54/SXHEVQ8/ehpluM9ut8gPRQRLp7nLe4tWpm7GDT4yTUPGGdBxqDQxOaxMUHLWd
gL3nKxGOmCPKoGr+dVL++7SROWGNV7zM7DYfmk/6IIBC0mYRe9ItnyIixDD4JZdp
An0gRUuflIpPtUw51N24y/Bmq/m0f9wLPDN7tgRrCV/hsP5pAENcXFVWzAO72pHo
EMJJhmO9gtxRp2yzboBBkyyBM8fdvPrQ5LEAPOwU/8jOLXfVK1DeZ1xCNwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEkWRU25mDyQlPTUMX6yJmOuRPo0MB8GA1UdIwQY
MBaAFP9W2Df+JU+pLh88L4YaoeSFUhdGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzFiWU5fNGxUNmt1SHp3dmhocWg1SVZTRjBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xYjM3NDktOTY3My00MTJkLWIzNDgt
NTBmYzRkNTU3ZDA4LzEvU1JaRlRibVlQSkNVOU5ReGZySW1ZNjVFLWpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8xYjM3NDktOTY3My00MTJkLWIzNDgtNTBmYzRkNTU3ZDA4
LzEvXzFiWU5fNGxUNmt1SHp3dmhocWg1SVZTRjBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBW/DmAwQD
Xo9gAwQBuQVeAwQDwW0gMA0GCSqGSIb3DQEBCwUAA4IBAQBT8CdWXmU1gVhvMARf
GbcibQOx13Tu+ZhEuGMe37DFKTnoqcz7aX1DisAiQc0URQGXihm9HgdUrTqBU2to
v+8/MjFi+wF61i9hgtLMABPRoncdrmoxvSlEyC5h/7MXPgJBtfPM7gg5GXCoWWmW
5OD6B1MGZqyocs65Ua9g6NbW0WmuTeM7UMC90h9ebJrzsJ73T05aTPeBnIZgmBTu
C8XAF02+xppzNFlX2UNmjr5vbmSFgYZHgjrPNvCKddfutaVqq6RnYyUbOibaIEz3
Cc52gNkPvdqmE5WOKQMUYr+oPOz8ABe7bAaDO9m+fjmqEK8iW+4zf8UobCjczLhk
Xd8P
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:17 2024 by rpki-client on console-fra.rpki-client.org