Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/30a55d-9959-48e8-9a81-9ab0ff870d23/1/RzA23h_aFAqfurxkM9h8tn2_CHQ.roa
File: RzA23h_aFAqfurxkM9h8tn2_CHQ.roa (raw, json)
Hash identifier: 4/kGm1xGf0Zto6Kx8SH+flbC7gidF6JfQPJshLqvDhQ=
Subject key identifier: 47:30:36:DE:1F:DA:14:0A:9F:BA:BC:64:33:D8:7C:B6:7D:BF:08:74
Certificate issuer: /CN=fb3d90a489e2d49c564e08a3a2f3445fb2c8d404
Certificate serial: 01856D417E419571A5EFE5A8DD892020C9CD
Authority key identifier: FB:3D:90:A4:89:E2:D4:9C:56:4E:08:A3:A2:F3:44:5F:B2:C8:D4:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-z2QpIni1JxWTgijovNEX7LI1AQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/30a55d-9959-48e8-9a81-9ab0ff870d23/1/RzA23h_aFAqfurxkM9h8tn2_CHQ.roa
Signing time: Sun 01 Jan 2023 12:14:46 +0000
ROA not before: Sun 01 Jan 2023 12:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51050
IP address blocks: 193.38.140.0/23 maxlen: 23
193.39.6.0/23 maxlen: 23
2a0f:b580::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:7e:41:95:71:a5:ef:e5:a8:dd:89:20:20:c9:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb3d90a489e2d49c564e08a3a2f3445fb2c8d404
Validity
Not Before: Jan 1 12:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=473036de1fda140a9fbabc6433d87cb67dbf0874
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:de:5f:19:2c:2e:4f:ea:ed:3a:ef:e3:05:7a:
1a:4a:a1:a6:45:3c:f8:7c:b6:6c:c9:bd:c8:4e:5a:
08:86:0b:18:50:25:c6:97:08:c5:7a:c2:d5:e8:9c:
76:8f:ac:dc:31:8b:a9:03:3d:11:a4:fa:90:b7:a6:
39:89:05:2e:f5:3a:1f:c4:3e:fb:07:81:39:fd:ea:
8b:85:4b:0f:b6:00:fc:bf:72:7c:cf:a6:64:09:ba:
52:81:21:9c:9c:58:34:de:73:46:96:00:e3:72:ce:
da:4e:08:f4:7c:19:8d:22:40:f9:4e:a3:70:c6:a3:
68:ea:0f:39:84:8d:d1:e2:6a:2a:0d:37:8b:22:cc:
45:48:f1:9d:45:8c:b4:ee:0d:bb:30:cf:3a:5b:20:
ea:8e:cd:a4:3b:0f:59:8a:aa:b1:48:4e:bf:dc:d2:
d6:7c:5f:ae:54:c1:9d:02:49:a7:2a:33:10:8e:ea:
c7:12:a5:98:7d:e1:e9:2a:ea:fa:db:9e:b2:a3:e1:
3b:72:95:8f:28:8c:44:94:bb:82:d6:e5:36:fd:52:
63:31:8f:d3:bd:f0:8a:24:de:5f:d7:6c:47:5c:5e:
2f:42:8a:ce:53:30:08:c0:c7:86:2a:c4:ad:b4:9c:
d0:38:00:c7:4d:f0:b1:14:6d:b3:a4:6e:7a:09:d6:
ca:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:30:36:DE:1F:DA:14:0A:9F:BA:BC:64:33:D8:7C:B6:7D:BF:08:74
X509v3 Authority Key Identifier:
keyid:FB:3D:90:A4:89:E2:D4:9C:56:4E:08:A3:A2:F3:44:5F:B2:C8:D4:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-z2QpIni1JxWTgijovNEX7LI1AQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/30a55d-9959-48e8-9a81-9ab0ff870d23/1/RzA23h_aFAqfurxkM9h8tn2_CHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/30a55d-9959-48e8-9a81-9ab0ff870d23/1/1-z2QpIni1JxWTgijovNEX7LI1AQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.38.140.0/23
193.39.6.0/23
IPv6:
2a0f:b580::/29
Signature Algorithm: sha256WithRSAEncryption
a7:c2:b9:0d:4c:f8:be:04:f5:1b:2b:3f:cd:ce:7d:13:72:f4:
55:2b:4c:51:13:eb:25:dc:78:ac:48:4c:e2:ce:85:70:cc:fb:
04:13:81:75:a7:8c:c1:75:ba:84:24:88:28:6c:1b:68:df:03:
8e:8e:b8:02:3a:d6:75:26:e0:a1:f4:2d:9c:3a:e0:7e:ec:bf:
c3:f4:d2:6c:50:37:2c:35:09:75:4a:c1:39:3e:67:97:a9:0d:
8b:8b:97:29:9e:98:6f:b9:73:e9:c6:04:a8:d2:ee:54:09:82:
24:81:7d:8d:a3:e6:ad:dd:ff:6e:e6:1d:26:4f:17:e2:28:e5:
d8:2e:fd:29:7c:cf:46:a4:0e:72:45:02:2f:22:e6:d9:63:f9:
3c:20:12:88:5d:90:62:e8:e5:04:a0:96:23:82:d8:05:9b:33:
bd:52:91:7d:cc:30:61:d5:bd:b4:d7:bd:05:4d:97:c9:4e:af:
19:95:db:7d:32:85:1b:e0:f5:9d:9f:dd:d0:48:ef:56:c7:46:
0c:fe:82:17:4c:58:96:63:ff:cf:7b:aa:06:25:f9:80:61:ec:
ec:10:c4:cd:04:92:6d:cb:1b:92:9d:b8:73:4b:47:6d:96:ad:
df:98:f3:44:d7:a4:ea:43:61:9e:93:ae:87:f9:0d:12:da:93:
4b:95:a9:4b
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVtQX5BlXGl7+Wo3YkgIMnNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiM2Q5MGE0ODllMmQ0OWM1NjRlMDhhM2EyZjM0NDVmYjJj
OGQ0MDQwHhcNMjMwMTAxMTIxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzMwMzZkZTFmZGExNDBhOWZiYWJjNjQzM2Q4N2NiNjdkYmYwODc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyN5fGSwuT+rtOu/jBXoaSqGmRTz4
fLZsyb3ITloIhgsYUCXGlwjFesLV6Jx2j6zcMYupAz0RpPqQt6Y5iQUu9TofxD77
B4E5/eqLhUsPtgD8v3J8z6ZkCbpSgSGcnFg03nNGlgDjcs7aTgj0fBmNIkD5TqNw
xqNo6g85hI3R4moqDTeLIsxFSPGdRYy07g27MM86WyDqjs2kOw9ZiqqxSE6/3NLW
fF+uVMGdAkmnKjMQjurHEqWYfeHpKur6256yo+E7cpWPKIxElLuC1uU2/VJjMY/T
vfCKJN5f12xHXF4vQorOUzAIwMeGKsSttJzQOADHTfCxFG2zpG56CdbKJQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFEcwNt4f2hQKn7q8ZDPYfLZ9vwh0MB8GA1UdIwQY
MBaAFPs9kKSJ4tScVk4Io6LzRF+yyNQEMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16MlFwSW5pMUp4V1RnaWpvdk5FWDdMSTFBUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUvMzBhNTVkLTk5NTktNDhlOC05YTgx
LTlhYjBmZjg3MGQyMy8xL1J6QTIzaF9hRkFxZnVyeGtNOWg4dG4yX0NIUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmUvMzBhNTVkLTk5NTktNDhlOC05YTgxLTlhYjBmZjg3MGQy
My8xLzEtejJRcEluaTFKeFdUZ2lqb3ZORVg3TEkxQVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAHBJowD
BAHBJwYwDQQCAAIwBwMFAyoPtYAwDQYJKoZIhvcNAQELBQADggEBAKfCuQ1M+L4E
9RsrP83OfRNy9FUrTFET6yXceKxITOLOhXDM+wQTgXWnjMF1uoQkiChsG2jfA46O
uAI61nUm4KH0LZw64H7sv8P00mxQNyw1CXVKwTk+Z5epDYuLlymemG+5c+nGBKjS
7lQJgiSBfY2j5q3d/27mHSZPF+Io5dgu/Sl8z0akDnJFAi8i5tlj+TwgEohdkGLo
5QSgliOC2AWbM71SkX3MMGHVvbTXvQVNl8lOrxmV230yhRvg9Z2f3dBI71bHRgz+
ghdMWJZj/897qgYl+YBh7OwQxM0Ekm3LG5KduHNLR22Wrd+Y80TXpOpDYZ6Trof5
DRLak0uVqUs=
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:43 2024 by rpki-client on console-ams.rpki-client.org