Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/ZPLqpRbVacCPlwgucXKV5a_ylc8.roa
File: ZPLqpRbVacCPlwgucXKV5a_ylc8.roa (raw, json)
Hash identifier: OFimY3czfdFfK6w/HAzkwv1mh5Wgh7eTllLwIyrG/LA=
Subject key identifier: 64:F2:EA:A5:16:D5:69:C0:8F:97:08:2E:71:72:95:E5:AF:F2:95:CF
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 018571154B25930AE123EF7C7CE6D1FC566D
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/ZPLqpRbVacCPlwgucXKV5a_ylc8.roa
Signing time: Mon 02 Jan 2023 06:04:58 +0000
ROA not before: Mon 02 Jan 2023 06:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24756
IP address blocks: 85.219.198.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:4b:25:93:0a:e1:23:ef:7c:7c:e6:d1:fc:56:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 2 06:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64f2eaa516d569c08f97082e717295e5aff295cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:77:56:81:e4:9b:73:44:57:68:56:66:a7:4d:
2c:52:25:02:27:6e:85:48:21:7a:8c:84:2d:a3:63:
45:20:76:48:30:98:35:c4:37:d8:27:cd:d3:91:a5:
af:d8:dd:8d:45:c3:24:c6:8d:bd:db:3e:66:9f:b7:
70:14:fc:cc:eb:23:9c:a6:f9:af:b0:9e:e1:d4:7c:
cb:2f:c5:9e:fd:75:83:6a:fe:0a:78:3c:51:64:fc:
93:d6:e5:a4:05:a6:57:87:8c:1f:ad:80:14:87:ec:
8d:6d:6d:f5:5c:f8:18:99:18:35:ca:e6:f2:49:b2:
cc:91:b2:0a:1e:d3:1b:81:c1:74:19:20:b0:27:0b:
f2:36:87:1b:c3:2f:da:20:ac:40:4e:e7:9c:38:0b:
98:c6:fb:b6:a1:19:ca:06:c4:c2:9a:3e:c0:90:35:
35:c5:de:6b:f2:98:0d:9a:9f:37:cf:b5:9e:77:19:
b6:59:84:2d:97:76:eb:22:47:13:21:95:3f:e2:9a:
88:c7:41:9f:ac:2f:6c:d8:8e:32:a9:0b:35:2f:e0:
af:47:83:b8:97:dd:ed:34:a0:6a:c2:a9:42:ac:0b:
f6:f2:86:f7:00:f5:43:b1:a1:c9:cc:91:17:94:25:
40:44:4a:d1:cd:f8:48:0d:6a:8c:f6:b7:5f:79:b1:
62:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:F2:EA:A5:16:D5:69:C0:8F:97:08:2E:71:72:95:E5:AF:F2:95:CF
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/ZPLqpRbVacCPlwgucXKV5a_ylc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.219.198.0/24
Signature Algorithm: sha256WithRSAEncryption
07:9b:bd:7a:15:20:f0:ad:99:dd:dd:ae:a3:f4:df:ce:6c:b7:
40:33:d9:56:2e:d7:18:67:4e:d1:d9:fd:1b:ad:1d:d0:0c:72:
63:72:db:42:0a:6f:98:bc:a4:2a:57:58:19:fc:a1:60:6b:60:
e3:cc:44:46:e4:b6:c7:f7:5c:8f:60:56:54:c4:64:96:f6:54:
d6:a7:85:5a:17:dd:b3:7c:b1:a6:05:6e:f9:ef:f7:1b:e3:9b:
ca:84:de:55:c5:5d:fd:15:61:d2:70:ff:c7:50:93:04:33:5e:
55:8f:a2:cc:5f:24:29:af:ab:af:1e:3d:a2:02:5f:f3:87:d8:
c2:89:77:55:75:46:db:7a:0b:88:a4:15:5e:85:90:9a:25:1f:
13:29:bc:18:8f:81:e1:a4:9d:90:c9:e0:6a:67:78:ab:d9:c5:
37:5c:10:76:7b:28:fa:bc:2e:ca:a1:42:7d:ff:a1:c7:fe:2d:
b1:94:7a:8f:72:ad:83:51:42:df:c9:4c:67:fd:21:98:3c:f5:
11:bb:f3:82:40:d7:48:70:be:81:d5:d6:15:71:3c:8b:3a:6c:
13:94:59:78:0f:e1:6d:5a:9c:69:96:bf:06:49:9d:ce:28:82:
46:1b:11:ee:cd:30:76:ac:dd:4c:ac:d1:9b:5c:d4:31:2b:f3:
ca:7b:a0:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxFUslkwrhI+98fObR/FZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjMwMTAyMDYwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGYyZWFhNTE2ZDU2OWMwOGY5NzA4MmU3MTcyOTVlNWFmZjI5NWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmndWgeSbc0RXaFZmp00sUiUCJ26F
SCF6jIQto2NFIHZIMJg1xDfYJ83TkaWv2N2NRcMkxo292z5mn7dwFPzM6yOcpvmv
sJ7h1HzLL8We/XWDav4KeDxRZPyT1uWkBaZXh4wfrYAUh+yNbW31XPgYmRg1yuby
SbLMkbIKHtMbgcF0GSCwJwvyNocbwy/aIKxATuecOAuYxvu2oRnKBsTCmj7AkDU1
xd5r8pgNmp83z7Wedxm2WYQtl3brIkcTIZU/4pqIx0GfrC9s2I4yqQs1L+CvR4O4
l93tNKBqwqlCrAv28ob3APVDsaHJzJEXlCVARErRzfhIDWqM9rdfebFiswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGTy6qUW1WnAj5cILnFyleWv8pXPMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvWlBMcXBSYlZhY0NQbHdndWNYS1Y1YV95bGM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdvGMA0G
CSqGSIb3DQEBCwUAA4IBAQAHm716FSDwrZnd3a6j9N/ObLdAM9lWLtcYZ07R2f0b
rR3QDHJjcttCCm+YvKQqV1gZ/KFga2DjzERG5LbH91yPYFZUxGSW9lTWp4VaF92z
fLGmBW757/cb45vKhN5VxV39FWHScP/HUJMEM15Vj6LMXyQpr6uvHj2iAl/zh9jC
iXdVdUbbeguIpBVehZCaJR8TKbwYj4HhpJ2QyeBqZ3ir2cU3XBB2eyj6vC7KoUJ9
/6HH/i2xlHqPcq2DUULfyUxn/SGYPPURu/OCQNdIcL6B1dYVcTyLOmwTlFl4D+Ft
Wpxplr8GSZ3OKIJGGxHuzTB2rN1MrNGbXNQxK/PKe6Ba
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:50:29 2024 by rpki-client on console-fra.rpki-client.org