Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/zsF2DQWHavs73hFz1xusmfrh688.roa
File: zsF2DQWHavs73hFz1xusmfrh688.roa (raw, json)
Hash identifier: UN+ZYeUA5H3diW6S1qeI3N1MKc/RbidpTyouTd46JzA=
Subject key identifier: CE:C1:76:0D:05:87:6A:FB:3B:DE:11:73:D7:1B:AC:99:FA:E1:EB:CF
Certificate issuer: /CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Certificate serial: 018570C2DAEEE7E4BBC2A0E14636D29B0EA5
Authority key identifier: D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/zsF2DQWHavs73hFz1xusmfrh688.roa
Signing time: Mon 02 Jan 2023 04:34:56 +0000
ROA not before: Mon 02 Jan 2023 04:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213038
IP address blocks: 194.88.111.0/24 maxlen: 24
194.88.110.0/24 maxlen: 24
194.88.109.0/24 maxlen: 24
194.88.108.0/24 maxlen: 24
185.131.145.0/24 maxlen: 24
185.131.144.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:da:ee:e7:e4:bb:c2:a0:e1:46:36:d2:9b:0e:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Validity
Not Before: Jan 2 04:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cec1760d05876afb3bde1173d71bac99fae1ebcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:39:a2:7f:9b:6d:af:4e:91:87:9e:14:c5:6a:
68:2f:73:0d:da:d2:12:7a:c2:8b:21:d2:7a:2f:c9:
b1:c1:ee:be:5e:5b:96:e8:25:a1:60:3c:15:b4:5c:
a8:69:19:f0:89:75:f4:fd:85:e8:88:4c:20:56:cb:
d0:5e:3b:14:ca:0b:1a:7f:c2:6b:72:5f:0d:1e:04:
f0:46:26:86:72:da:66:b2:68:f5:15:dc:cb:42:79:
3a:d8:42:51:af:56:e0:6d:ec:76:56:c8:58:21:a1:
37:09:38:0a:e3:91:cc:87:34:a6:a8:de:ff:bf:c5:
00:1f:08:50:b5:90:cc:c6:7f:51:b1:ff:9c:49:f8:
13:9a:c1:ac:d5:ac:f4:50:62:04:63:f1:da:13:9c:
f6:bf:88:2c:74:92:4f:c4:29:45:12:a8:a3:4d:3a:
de:92:00:fa:62:af:15:c2:d3:bf:19:04:59:04:f7:
43:b9:dd:8b:e6:91:e3:6f:6d:df:5e:14:0c:04:0e:
e0:16:6e:bd:46:8f:99:8a:9b:39:28:2c:89:b9:9a:
a6:a8:d1:e5:9c:02:ea:21:ab:89:7e:96:04:9d:cd:
a6:c4:d0:ff:ef:64:ec:84:3c:5a:c7:57:bd:f8:8b:
a0:14:17:ec:a8:27:0b:6f:05:86:59:d8:e2:f3:71:
b9:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:C1:76:0D:05:87:6A:FB:3B:DE:11:73:D7:1B:AC:99:FA:E1:EB:CF
X509v3 Authority Key Identifier:
keyid:D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/zsF2DQWHavs73hFz1xusmfrh688.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.144.0/23
194.88.108.0/22
Signature Algorithm: sha256WithRSAEncryption
68:33:e6:f4:df:28:fe:eb:e2:2d:c2:15:33:9f:94:f2:87:0c:
0e:58:ea:3c:c2:49:ba:cf:20:01:e6:48:fd:09:37:89:6f:48:
ea:47:1a:40:f6:98:2a:e4:ba:3c:d5:53:01:07:98:9c:04:e9:
0d:24:a4:a1:e5:ab:f7:d7:9e:12:59:8c:8f:8a:60:75:f1:04:
da:1a:7a:31:68:7c:33:f3:d1:d7:88:4e:ac:fc:84:13:46:55:
d1:0a:28:9a:79:3e:fe:61:e5:c5:cd:ce:0f:28:7b:7d:26:dc:
b3:63:7f:8e:ae:fb:af:74:9b:4e:85:29:d1:50:af:cd:6f:1d:
ff:21:a9:f0:64:33:b5:9e:99:06:8d:68:b2:7a:72:e3:72:35:
a3:d4:ac:31:7a:28:77:15:b1:62:e8:a8:28:65:02:b0:63:03:
49:2b:23:d4:b0:fb:f5:fa:12:3e:64:14:9e:9b:0f:66:6b:8c:
2a:11:19:1d:10:93:40:c9:9d:5b:18:68:21:3c:d8:f0:fa:dd:
9d:64:92:f4:07:4b:8b:87:29:f0:21:d6:93:59:63:91:41:9a:
cc:2a:d6:3d:4d:6c:c1:40:bb:31:01:b6:3f:37:b3:17:7b:40:
ea:3f:af:11:9d:c5:ad:f6:d8:f6:66:b1:fa:79:55:01:06:eb:
91:84:66:c7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwwtru5+S7wqDhRjbSmw6lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZWZlOWQzNmY1Zjg4ZmRmMDQ3NDJjNDE0MGM3NTMyMDkw
YWI3NzAwHhcNMjMwMTAyMDQzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWMxNzYwZDA1ODc2YWZiM2JkZTExNzNkNzFiYWM5OWZhZTFlYmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzmif5ttr06Rh54UxWpoL3MN2tIS
esKLIdJ6L8mxwe6+XluW6CWhYDwVtFyoaRnwiXX0/YXoiEwgVsvQXjsUygsaf8Jr
cl8NHgTwRiaGctpmsmj1FdzLQnk62EJRr1bgbex2VshYIaE3CTgK45HMhzSmqN7/
v8UAHwhQtZDMxn9Rsf+cSfgTmsGs1az0UGIEY/HaE5z2v4gsdJJPxClFEqijTTre
kgD6Yq8VwtO/GQRZBPdDud2L5pHjb23fXhQMBA7gFm69Ro+Zips5KCyJuZqmqNHl
nALqIauJfpYEnc2mxND/72TshDxax1e9+IugFBfsqCcLbwWGWdji83G5FwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM7Bdg0Fh2r7O94Rc9cbrJn64evPMB8GA1UdIwQY
MBaAFNnv6dNvX4j98EdCxBQMdTIJCrdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1Yzkt
MzlmNmQ2NDI1MzM4LzEvenNGMkRRV0hhdnM3M2hGejF4dXNtZnJoNjg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4
LzEvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuYOQAwQC
wlhsMA0GCSqGSIb3DQEBCwUAA4IBAQBoM+b03yj+6+ItwhUzn5TyhwwOWOo8wkm6
zyAB5kj9CTeJb0jqRxpA9pgq5Lo81VMBB5icBOkNJKSh5av3154SWYyPimB18QTa
GnoxaHwz89HXiE6s/IQTRlXRCiiaeT7+YeXFzc4PKHt9JtyzY3+OrvuvdJtOhSnR
UK/Nbx3/IanwZDO1npkGjWiyenLjcjWj1Kwxeih3FbFi6KgoZQKwYwNJKyPUsPv1
+hI+ZBSemw9ma4wqERkdEJNAyZ1bGGghPNjw+t2dZJL0B0uLhynwIdaTWWORQZrM
KtY9TWzBQLsxAbY/N7MXe0DqP68RncWt9tj2ZrH6eVUBBuuRhGbH
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:19 2024 by rpki-client on console-ams.rpki-client.org