Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/42af1e-d553-4fe6-9fc3-f9633292c977/1/ZEFwbY72gUJsFNr1lZFx6DViucw.roa
File: ZEFwbY72gUJsFNr1lZFx6DViucw.roa (raw, json)
Hash identifier: 0dmz9Vx2sitZlls9Sg3qrSk0O0Jhc8m58fJGOeqH7W0=
Subject key identifier: 64:41:70:6D:8E:F6:81:42:6C:14:DA:F5:95:91:71:E8:35:62:B9:CC
Certificate issuer: /CN=6c73a04a7d0eb2df47daf0c39fba75e365c8853d
Certificate serial: 01856C53D933890E7B0730AC1896B59C822A
Authority key identifier: 6C:73:A0:4A:7D:0E:B2:DF:47:DA:F0:C3:9F:BA:75:E3:65:C8:85:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bHOgSn0Ost9H2vDDn7p142XIhT0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/42af1e-d553-4fe6-9fc3-f9633292c977/1/ZEFwbY72gUJsFNr1lZFx6DViucw.roa
Signing time: Sun 01 Jan 2023 07:55:12 +0000
ROA not before: Sun 01 Jan 2023 07:55:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15806
IP address blocks: 193.178.96.0/20 maxlen: 24
193.178.64.0/19 maxlen: 24
2a01:88::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:d9:33:89:0e:7b:07:30:ac:18:96:b5:9c:82:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c73a04a7d0eb2df47daf0c39fba75e365c8853d
Validity
Not Before: Jan 1 07:55:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6441706d8ef681426c14daf5959171e83562b9cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fb:f3:2d:d7:f2:b2:3c:ca:fe:f3:c6:9f:fd:
64:3f:e6:32:df:ed:54:89:58:f9:97:e2:4a:bc:1d:
1b:d8:95:47:29:54:aa:e9:61:c5:f3:11:34:24:4c:
d8:0a:b8:18:1d:4e:68:1b:49:2f:4c:5a:c8:b8:83:
50:6a:3b:72:68:4e:a6:8f:fb:19:5e:5b:8b:0b:16:
14:7c:87:98:9f:33:68:e1:a4:d2:96:ca:f1:fc:d3:
96:94:da:30:79:aa:1a:79:d9:0a:d6:20:27:9d:fb:
b8:ae:b4:2e:c6:c1:e4:30:70:62:c0:f4:f6:a6:1f:
fc:02:dd:21:4e:33:47:0d:b0:f3:43:29:81:b4:68:
c0:d6:07:7e:22:2e:87:69:ad:3c:06:c4:fd:f0:f6:
83:26:50:f4:92:c6:07:1f:52:74:9e:92:73:4f:d5:
93:b8:97:ca:55:93:85:0b:58:87:cf:1e:1b:90:ef:
2a:d8:9d:14:42:1f:e1:3e:f7:96:52:d6:f9:80:db:
34:c1:1b:5c:cb:59:94:9e:96:d6:ac:fe:6e:7a:7e:
e1:cc:2e:06:0f:b8:06:16:cd:58:8b:54:c5:fe:7c:
f0:bd:01:ec:2c:df:fc:bf:ce:bf:95:2a:1e:77:7b:
3c:b9:f3:f2:69:d0:65:e6:77:9f:45:17:ca:b5:be:
54:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:41:70:6D:8E:F6:81:42:6C:14:DA:F5:95:91:71:E8:35:62:B9:CC
X509v3 Authority Key Identifier:
keyid:6C:73:A0:4A:7D:0E:B2:DF:47:DA:F0:C3:9F:BA:75:E3:65:C8:85:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bHOgSn0Ost9H2vDDn7p142XIhT0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/42af1e-d553-4fe6-9fc3-f9633292c977/1/ZEFwbY72gUJsFNr1lZFx6DViucw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/42af1e-d553-4fe6-9fc3-f9633292c977/1/bHOgSn0Ost9H2vDDn7p142XIhT0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.178.64.0-193.178.111.255
IPv6:
2a01:88::/32
Signature Algorithm: sha256WithRSAEncryption
9f:1c:af:15:1f:56:0a:31:bb:84:87:59:12:67:d5:43:b0:eb:
6e:af:7b:50:c3:2b:07:95:64:e8:5f:f9:88:c1:72:ae:e8:44:
6e:0c:0b:19:6c:08:f4:2e:a5:0f:67:3a:f8:7a:9a:27:ce:57:
5b:63:61:42:01:ed:22:ff:06:0f:94:b5:be:96:2e:51:b6:71:
b6:5a:48:56:41:41:dc:ad:06:f1:fc:81:68:b3:47:df:cf:97:
a8:97:e3:80:68:48:e8:f4:04:9f:0c:8a:c8:de:f1:99:68:ba:
3e:70:f2:4d:14:7a:ad:84:de:8a:09:20:83:b9:29:19:a5:14:
d7:17:a3:31:1d:af:e0:ce:3e:d2:07:5b:74:99:7d:7f:33:68:
29:1b:3e:2f:55:c9:a8:77:93:88:71:7f:3e:08:42:91:ba:e5:
7b:52:9a:77:7e:a7:bc:b9:31:44:9f:f2:81:f1:19:9e:4f:ed:
ed:8f:f5:d6:b8:ce:79:10:39:0d:34:78:c3:88:a0:cf:80:85:
b1:54:2c:b9:c9:ca:16:18:1a:79:c7:20:bb:ce:f3:5c:51:c6:
bf:ab:35:62:e5:ad:ab:4e:d9:f4:ad:16:5e:73:54:d7:9b:3d:
2e:98:70:b9:b8:5a:09:7a:17:93:71:ee:07:5f:9d:29:65:a0:
02:87:f3:00
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVsU9kziQ57BzCsGJa1nIIqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNzNhMDRhN2QwZWIyZGY0N2RhZjBjMzlmYmE3NWUzNjVj
ODg1M2QwHhcNMjMwMTAxMDc1NTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDQxNzA2ZDhlZjY4MTQyNmMxNGRhZjU5NTkxNzFlODM1NjJiOWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/vzLdfysjzK/vPGn/1kP+Yy3+1U
iVj5l+JKvB0b2JVHKVSq6WHF8xE0JEzYCrgYHU5oG0kvTFrIuINQajtyaE6mj/sZ
XluLCxYUfIeYnzNo4aTSlsrx/NOWlNoweaoaedkK1iAnnfu4rrQuxsHkMHBiwPT2
ph/8At0hTjNHDbDzQymBtGjA1gd+Ii6Haa08BsT98PaDJlD0ksYHH1J0npJzT9WT
uJfKVZOFC1iHzx4bkO8q2J0UQh/hPveWUtb5gNs0wRtcy1mUnpbWrP5uen7hzC4G
D7gGFs1Yi1TF/nzwvQHsLN/8v86/lSoed3s8ufPyadBl5nefRRfKtb5UBQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGRBcG2O9oFCbBTa9ZWRceg1YrnMMB8GA1UdIwQY
MBaAFGxzoEp9DrLfR9rww5+6deNlyIU9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkhPZ1NuME9zdDlIMnZERG43cDE0MlhJaFQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi80MmFmMWUtZDU1My00ZmU2LTlmYzMt
Zjk2MzMyOTJjOTc3LzEvWkVGd2JZNzJnVUpzRk5yMWxaRng2RFZpdWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi80MmFmMWUtZDU1My00ZmU2LTlmYzMtZjk2MzMyOTJjOTc3
LzEvYkhPZ1NuME9zdDlIMnZERG43cDE0MlhJaFQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAbBskAD
BATBsmAwDQQCAAIwBwMFACoBAIgwDQYJKoZIhvcNAQELBQADggEBAJ8crxUfVgox
u4SHWRJn1UOw626ve1DDKweVZOhf+YjBcq7oRG4MCxlsCPQupQ9nOvh6mifOV1tj
YUIB7SL/Bg+Utb6WLlG2cbZaSFZBQdytBvH8gWizR9/Pl6iX44BoSOj0BJ8Misje
8Zlouj5w8k0Ueq2E3ooJIIO5KRmlFNcXozEdr+DOPtIHW3SZfX8zaCkbPi9Vyah3
k4hxfz4IQpG65XtSmnd+p7y5MUSf8oHxGZ5P7e2P9da4znkQOQ00eMOIoM+AhbFU
LLnJyhYYGnnHILvO81xRxr+rNWLlratO2fStFl5zVNebPS6YcLm4Wgl6F5Nx7gdf
nSlloAKH8wA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:46 2024 by rpki-client on console-ams.rpki-client.org