Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f89b64-87b7-48f4-8b60-c3204bde7773/1/8rjRnn6wr3wxt7-ZAKHbi6zay5U.roa
File: 8rjRnn6wr3wxt7-ZAKHbi6zay5U.roa (raw, json)
Hash identifier: /GKj/IwQhVebtS/Nz5At6wyKJHPSwZZulnAFgHZx2k0=
Subject key identifier: F2:B8:D1:9E:7E:B0:AF:7C:31:B7:BF:99:00:A1:DB:8B:AC:DA:CB:95
Certificate issuer: /CN=021b3ea35edfdd138c15506d74a76022dd37694b
Certificate serial: 01856F5DA6DABDDAA2A041ADF02F4A9F42D0
Authority key identifier: 02:1B:3E:A3:5E:DF:DD:13:8C:15:50:6D:74:A7:60:22:DD:37:69:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ahs-o17f3ROMFVBtdKdgIt03aUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f89b64-87b7-48f4-8b60-c3204bde7773/1/8rjRnn6wr3wxt7-ZAKHbi6zay5U.roa
Signing time: Sun 01 Jan 2023 22:04:46 +0000
ROA not before: Sun 01 Jan 2023 22:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34878
IP address blocks: 193.196.32.0/20 maxlen: 20
2001:7c0:2310::/44 maxlen: 44
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:a6:da:bd:da:a2:a0:41:ad:f0:2f:4a:9f:42:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=021b3ea35edfdd138c15506d74a76022dd37694b
Validity
Not Before: Jan 1 22:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2b8d19e7eb0af7c31b7bf9900a1db8bacdacb95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:05:08:61:ff:af:6a:8e:b4:3d:e6:ad:93:0f:
65:50:4c:d6:79:f0:e5:12:db:d9:4a:58:13:ea:ff:
e3:06:41:93:81:1f:31:57:8d:08:8b:58:54:ca:51:
1e:d4:6a:6a:52:91:6b:63:a8:dc:db:7c:d7:20:b5:
9f:0c:d7:a8:7d:6f:ea:40:22:c8:ee:72:0b:d2:ce:
90:e9:97:ee:ca:b2:f4:d1:60:af:34:d9:d4:d8:04:
c1:84:74:6d:77:7b:ee:2a:4e:fc:7d:d9:c9:f8:02:
76:34:2d:10:3a:18:32:d3:d7:e6:37:8c:f8:05:89:
ca:79:41:17:73:10:7f:e4:24:5c:81:d5:36:01:b2:
01:44:34:12:0d:78:01:19:ef:5d:7f:1a:4d:9e:a7:
b4:08:a2:a1:8a:0b:2c:c3:20:43:22:f2:ec:3a:8d:
a2:38:88:9f:53:f3:10:8c:88:d3:ff:d1:b6:b1:69:
9d:79:e7:cf:6b:e4:66:18:db:59:09:01:b2:2c:94:
e6:a2:73:25:60:b4:19:a2:55:c7:f4:a1:af:e9:9f:
af:04:5e:2d:ec:f9:74:37:eb:fc:79:bb:1f:a6:4b:
cf:35:fa:4a:ec:0d:90:f8:9b:d5:82:b7:6c:7f:68:
55:df:f6:5c:bb:d0:5a:41:4e:c7:59:d2:2d:34:73:
43:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:B8:D1:9E:7E:B0:AF:7C:31:B7:BF:99:00:A1:DB:8B:AC:DA:CB:95
X509v3 Authority Key Identifier:
keyid:02:1B:3E:A3:5E:DF:DD:13:8C:15:50:6D:74:A7:60:22:DD:37:69:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ahs-o17f3ROMFVBtdKdgIt03aUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f89b64-87b7-48f4-8b60-c3204bde7773/1/8rjRnn6wr3wxt7-ZAKHbi6zay5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f89b64-87b7-48f4-8b60-c3204bde7773/1/Ahs-o17f3ROMFVBtdKdgIt03aUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.196.32.0/20
IPv6:
2001:7c0:2310::/44
Signature Algorithm: sha256WithRSAEncryption
33:32:2d:2d:2e:2d:ac:d7:1f:c9:98:4f:c7:17:a6:2f:34:f7:
fc:c6:e0:bb:7e:45:83:c4:f9:af:33:d1:5d:31:24:e9:a8:22:
e5:63:05:ff:8e:d8:74:0d:8c:d1:e3:d5:72:a5:3b:94:68:c7:
19:96:90:e5:ff:a0:21:35:2b:3f:11:53:c7:b5:2e:62:34:94:
9d:ed:1a:e0:28:41:5d:f3:6d:70:b5:12:70:e0:89:bb:8e:04:
6d:2d:6a:b6:ef:7b:36:a2:e0:a3:0c:5d:27:9b:68:f7:8e:9f:
49:57:2b:b7:48:84:c3:e8:73:a3:18:11:7e:59:16:e7:0a:48:
a4:92:73:83:3b:83:b9:0a:7e:d2:94:74:b7:97:0f:ee:b5:a7:
cb:dc:72:b8:30:4d:f6:6d:7e:24:fb:86:64:06:a1:c1:da:bf:
25:43:e1:1a:03:5e:26:c7:b2:b9:76:de:46:7a:4a:24:73:73:
fe:e5:65:2c:2c:28:86:f0:30:77:03:48:06:e1:54:ae:27:e5:
89:3b:ed:62:cb:e3:64:00:2c:62:7d:52:10:2b:11:8b:09:c4:
63:cb:da:cf:35:61:69:fe:0f:16:ec:40:26:88:56:92:b6:15:
00:2a:6f:7a:3c:26:72:53:d8:63:3d:23:d9:58:fd:b6:62:e3:
b0:ec:95:d6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvXabavdqioEGt8C9Kn0LQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMWIzZWEzNWVkZmRkMTM4YzE1NTA2ZDc0YTc2MDIyZGQz
NzY5NGIwHhcNMjMwMTAxMjIwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmI4ZDE5ZTdlYjBhZjdjMzFiN2JmOTkwMGExZGI4YmFjZGFjYjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQUIYf+vao60Peatkw9lUEzWefDl
EtvZSlgT6v/jBkGTgR8xV40Ii1hUylEe1GpqUpFrY6jc23zXILWfDNeofW/qQCLI
7nIL0s6Q6ZfuyrL00WCvNNnU2ATBhHRtd3vuKk78fdnJ+AJ2NC0QOhgy09fmN4z4
BYnKeUEXcxB/5CRcgdU2AbIBRDQSDXgBGe9dfxpNnqe0CKKhigsswyBDIvLsOo2i
OIifU/MQjIjT/9G2sWmdeefPa+RmGNtZCQGyLJTmonMlYLQZolXH9KGv6Z+vBF4t
7Pl0N+v8ebsfpkvPNfpK7A2Q+JvVgrdsf2hV3/Zcu9BaQU7HWdItNHNDBQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPK40Z5+sK98Mbe/mQCh24us2suVMB8GA1UdIwQY
MBaAFAIbPqNe390TjBVQbXSnYCLdN2lLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWhzLW8xN2YzUk9NRlZCdGRLZGdJdDAzYVVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mODliNjQtODdiNy00OGY0LThiNjAt
YzMyMDRiZGU3NzczLzEvOHJqUm5uNndyM3d4dDctWkFLSGJpNnpheTVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mODliNjQtODdiNy00OGY0LThiNjAtYzMyMDRiZGU3Nzcz
LzEvQWhzLW8xN2YzUk9NRlZCdGRLZGdJdDAzYVVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQEwcQgMA8E
AgACMAkDBwQgAQfAIxAwDQYJKoZIhvcNAQELBQADggEBADMyLS0uLazXH8mYT8cX
pi809/zG4Lt+RYPE+a8z0V0xJOmoIuVjBf+O2HQNjNHj1XKlO5RoxxmWkOX/oCE1
Kz8RU8e1LmI0lJ3tGuAoQV3zbXC1EnDgibuOBG0tarbvezai4KMMXSebaPeOn0lX
K7dIhMPoc6MYEX5ZFucKSKSSc4M7g7kKftKUdLeXD+61p8vccrgwTfZtfiT7hmQG
ocHavyVD4RoDXibHsrl23kZ6SiRzc/7lZSwsKIbwMHcDSAbhVK4n5Yk77WLL42QA
LGJ9UhArEYsJxGPL2s81YWn+DxbsQCaIVpK2FQAqb3o8JnJT2GM9I9lY/bZi47Ds
ldY=
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:48 2024 by rpki-client on console-ams.rpki-client.org