Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/2f4605-356a-4af6-b15d-c42f9abf1477/1/Az-hda8WxW9Wvypta9UV2cR0pj8.roa
File: Az-hda8WxW9Wvypta9UV2cR0pj8.roa (raw, json)
Hash identifier: oPkcg0j/ntRPWBA5988vh06xdIR+SP7KgaHNxBAHeWw=
Subject key identifier: 03:3F:A1:75:AF:16:C5:6F:56:BF:2A:6D:6B:D5:15:D9:C4:74:A6:3F
Certificate issuer: /CN=973bec33ae738c98958819c6c13bb335ee34ab4c
Certificate serial: 01879502FA2B0EEE6DCD8E231F9E615F2446
Authority key identifier: 97:3B:EC:33:AE:73:8C:98:95:88:19:C6:C1:3B:B3:35:EE:34:AB:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lzvsM65zjJiViBnGwTuzNe40q0w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/2f4605-356a-4af6-b15d-c42f9abf1477/1/Az-hda8WxW9Wvypta9UV2cR0pj8.roa
Signing time: Tue 18 Apr 2023 15:36:52 +0000
ROA not before: Tue 18 Apr 2023 15:36:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 88.218.150.0/23 maxlen: 23
85.209.6.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 May 2023 14:50:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:95:02:fa:2b:0e:ee:6d:cd:8e:23:1f:9e:61:5f:24:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=973bec33ae738c98958819c6c13bb335ee34ab4c
Validity
Not Before: Apr 18 15:36:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=033fa175af16c56f56bf2a6d6bd515d9c474a63f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:21:4b:b6:d3:7a:db:a9:7f:84:2e:86:92:ed:
ce:53:43:ee:f1:89:01:b4:fe:d4:61:31:f0:e3:69:
bd:93:36:06:95:20:b9:21:6e:03:f5:2c:ea:0b:3d:
5a:ca:b7:37:c4:58:5d:c7:be:37:00:a2:fa:ed:21:
a7:61:ae:69:8c:79:8c:1e:63:d9:07:ef:2e:6a:73:
fc:c2:a9:54:b7:26:39:4b:a6:5c:f2:cb:21:f2:fc:
00:76:8b:7a:8c:f4:42:76:7d:f9:cb:78:e5:87:00:
7c:c9:b9:ea:4a:4b:54:2d:dc:b1:55:ff:9f:9e:1a:
26:f8:ff:8e:04:a6:18:05:48:e6:b8:db:c1:ea:19:
35:aa:aa:8c:5a:38:23:83:c3:b7:1e:b6:e1:ca:2f:
0a:2e:db:65:88:45:0c:52:77:36:3b:7b:e4:51:9f:
fc:98:16:8b:1b:d1:82:07:25:87:99:ac:a3:e2:20:
d1:af:2a:81:c3:5b:cd:72:08:33:cf:d5:a7:24:30:
c0:c2:75:4f:1d:08:05:82:c0:31:47:46:64:9c:6a:
1e:b0:65:56:07:1e:51:36:5e:7e:63:ac:dd:73:1c:
c8:93:64:d0:a9:5f:7a:f3:18:d6:f3:b3:be:48:73:
f2:e7:de:39:87:97:26:8c:bb:84:c9:65:48:e7:ae:
60:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:3F:A1:75:AF:16:C5:6F:56:BF:2A:6D:6B:D5:15:D9:C4:74:A6:3F
X509v3 Authority Key Identifier:
keyid:97:3B:EC:33:AE:73:8C:98:95:88:19:C6:C1:3B:B3:35:EE:34:AB:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lzvsM65zjJiViBnGwTuzNe40q0w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/2f4605-356a-4af6-b15d-c42f9abf1477/1/Az-hda8WxW9Wvypta9UV2cR0pj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/2f4605-356a-4af6-b15d-c42f9abf1477/1/lzvsM65zjJiViBnGwTuzNe40q0w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.6.0/23
88.218.150.0/23
Signature Algorithm: sha256WithRSAEncryption
30:25:00:6d:05:9e:43:56:3b:c0:49:73:75:ba:6d:29:27:c0:
31:11:f1:1f:b8:e8:25:46:c4:ba:5d:74:71:69:a9:bc:a9:29:
26:2a:b7:67:7a:fe:e6:a7:ba:d1:98:12:85:7e:d7:df:a6:7c:
5f:73:e1:c8:80:28:8a:73:be:90:1f:85:1e:e1:f4:49:b4:aa:
96:e9:23:00:c9:cb:03:e0:1e:e4:c4:a6:57:a1:7c:d8:34:b1:
f7:b5:80:5c:5f:3d:c2:e7:f2:1b:95:f1:61:8f:67:74:26:48:
61:ac:7a:b8:8a:2e:92:e5:65:e4:c7:80:c7:11:05:98:cb:f7:
16:db:4a:a0:ac:a9:6f:cb:9e:9e:f5:d4:df:bb:1f:30:b3:e5:
e3:a9:e8:5d:7f:12:d3:c0:98:64:9f:8f:0b:44:80:e7:45:a2:
64:4e:5e:91:6e:83:50:2b:45:d3:6f:24:1b:f5:dd:5f:44:0a:
5f:74:f9:ad:92:96:34:e0:b9:f8:56:10:e6:2d:48:38:e4:ba:
13:c3:11:aa:e0:a0:57:f3:6a:e3:fe:28:ec:68:3a:e0:17:db:
4c:2c:88:d6:c3:f6:7a:91:2c:a8:9e:21:39:ec:d9:80:94:26:
7a:46:57:79:f1:d7:03:36:81:86:cb:f5:8b:65:c2:82:e9:30:
3d:78:85:e6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYeVAvorDu5tzY4jH55hXyRGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3M2JlYzMzYWU3MzhjOTg5NTg4MTljNmMxM2JiMzM1ZWUz
NGFiNGMwHhcNMjMwNDE4MTUzNjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzNmYTE3NWFmMTZjNTZmNTZiZjJhNmQ2YmQ1MTVkOWM0NzRhNjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSFLttN626l/hC6Gku3OU0Pu8YkB
tP7UYTHw42m9kzYGlSC5IW4D9SzqCz1ayrc3xFhdx743AKL67SGnYa5pjHmMHmPZ
B+8uanP8wqlUtyY5S6Zc8ssh8vwAdot6jPRCdn35y3jlhwB8ybnqSktULdyxVf+f
nhom+P+OBKYYBUjmuNvB6hk1qqqMWjgjg8O3Hrbhyi8KLttliEUMUnc2O3vkUZ/8
mBaLG9GCByWHmayj4iDRryqBw1vNcggzz9WnJDDAwnVPHQgFgsAxR0ZknGoesGVW
Bx5RNl5+Y6zdcxzIk2TQqV968xjW87O+SHPy5945h5cmjLuEyWVI565gQwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAM/oXWvFsVvVr8qbWvVFdnEdKY/MB8GA1UdIwQY
MBaAFJc77DOuc4yYlYgZxsE7szXuNKtMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHp2c002NXpqSmlWaUJuR3dUdXpOZTQwcTB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8yZjQ2MDUtMzU2YS00YWY2LWIxNWQt
YzQyZjlhYmYxNDc3LzEvQXotaGRhOFd4VzlXdnlwdGE5VVYyY1IwcGo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8yZjQ2MDUtMzU2YS00YWY2LWIxNWQtYzQyZjlhYmYxNDc3
LzEvbHp2c002NXpqSmlWaUJuR3dUdXpOZTQwcTB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVdEGAwQB
WNqWMA0GCSqGSIb3DQEBCwUAA4IBAQAwJQBtBZ5DVjvASXN1um0pJ8AxEfEfuOgl
RsS6XXRxaam8qSkmKrdnev7mp7rRmBKFftffpnxfc+HIgCiKc76QH4Ue4fRJtKqW
6SMAycsD4B7kxKZXoXzYNLH3tYBcXz3C5/IblfFhj2d0JkhhrHq4ii6S5WXkx4DH
EQWYy/cW20qgrKlvy56e9dTfux8ws+XjqehdfxLTwJhkn48LRIDnRaJkTl6RboNQ
K0XTbyQb9d1fRApfdPmtkpY04Ln4VhDmLUg45LoTwxGq4KBX82rj/ijsaDrgF9tM
LIjWw/Z6kSyoniE57NmAlCZ6Rld58dcDNoGGy/WLZcKC6TA9eIXm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:04 2024 by rpki-client on console-fra.rpki-client.org