Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9aaf24-5346-4480-bbf3-a6410919e898/1/zubfuc4cfc0_eF0cfdIiMHxCJfA.roa
File: zubfuc4cfc0_eF0cfdIiMHxCJfA.roa (raw, json)
Hash identifier: fKKNb37inSYGfBIjzPbg3aLStWiahDQrCPEnGrJcIJU=
Subject key identifier: CE:E6:DF:B9:CE:1C:7D:CD:3F:78:5D:1C:7D:D2:22:30:7C:42:25:F0
Certificate issuer: /CN=0b2ce7fd2f5b1b79757c8973ae3f7b0be686385b
Certificate serial: 018BED40FEB9A51CFB2726250E60BD761C84
Authority key identifier: 0B:2C:E7:FD:2F:5B:1B:79:75:7C:89:73:AE:3F:7B:0B:E6:86:38:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cyzn_S9bG3l1fIlzrj97C-aGOFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9aaf24-5346-4480-bbf3-a6410919e898/1/zubfuc4cfc0_eF0cfdIiMHxCJfA.roa
Signing time: Mon 20 Nov 2023 15:02:21 +0000
ROA not before: Mon 20 Nov 2023 15:02:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202921
IP address blocks: 185.148.214.0/24 maxlen: 24
185.148.215.0/24 maxlen: 24
147.161.24.0/22 maxlen: 22
212.69.128.0/24 maxlen: 24
212.69.129.0/24 maxlen: 24
212.69.130.0/24 maxlen: 24
212.69.128.0/22 maxlen: 22
212.69.131.0/24 maxlen: 24
185.148.212.0/22 maxlen: 22
185.148.212.0/24 maxlen: 24
185.148.213.0/24 maxlen: 24
2a0d:f780::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ed:40:fe:b9:a5:1c:fb:27:26:25:0e:60:bd:76:1c:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b2ce7fd2f5b1b79757c8973ae3f7b0be686385b
Validity
Not Before: Nov 20 15:02:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cee6dfb9ce1c7dcd3f785d1c7dd222307c4225f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:76:75:bc:e5:e9:2a:ef:02:ed:66:7c:e9:48:
f0:63:02:4c:0c:eb:24:e3:51:4f:23:a6:bf:4c:7c:
f3:ad:ae:77:81:c0:f4:25:c9:fc:ff:48:20:12:b1:
3b:9e:fb:0e:aa:b5:79:ba:17:d6:42:de:db:76:0e:
d2:c0:69:a4:56:d9:60:1b:ee:31:1d:f8:d3:63:0e:
a5:18:36:0c:4f:ab:4a:94:75:13:80:8b:00:e1:95:
32:fc:a3:cd:ab:83:67:83:7c:ca:f2:d0:09:c7:67:
33:09:8d:d6:b2:78:ab:c9:a2:6c:cc:f3:da:25:0f:
ac:98:17:e5:ea:98:46:97:75:b6:d9:52:05:94:fe:
35:ce:c0:6d:64:2a:e3:c8:ac:5d:c2:a0:9b:1d:6f:
88:e5:8f:d2:87:25:08:6f:a7:4d:3a:26:c2:ab:42:
ea:dd:e0:70:a7:1b:63:dd:8d:76:70:b2:b0:73:b4:
71:77:39:40:84:9f:61:a5:1e:18:72:21:db:e1:d0:
15:54:09:31:07:f2:7a:ea:ce:88:64:6c:71:dd:0e:
ed:d2:2d:e0:54:b4:2a:f9:2d:52:04:78:76:16:68:
4a:fa:d1:d1:99:86:93:66:54:0b:17:e5:ff:70:83:
ff:3a:c1:67:9b:53:2c:23:72:89:b3:e8:ff:69:80:
6f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:E6:DF:B9:CE:1C:7D:CD:3F:78:5D:1C:7D:D2:22:30:7C:42:25:F0
X509v3 Authority Key Identifier:
keyid:0B:2C:E7:FD:2F:5B:1B:79:75:7C:89:73:AE:3F:7B:0B:E6:86:38:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cyzn_S9bG3l1fIlzrj97C-aGOFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9aaf24-5346-4480-bbf3-a6410919e898/1/zubfuc4cfc0_eF0cfdIiMHxCJfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9aaf24-5346-4480-bbf3-a6410919e898/1/Cyzn_S9bG3l1fIlzrj97C-aGOFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.161.24.0/22
185.148.212.0/22
212.69.128.0/22
IPv6:
2a0d:f780::/29
Signature Algorithm: sha256WithRSAEncryption
00:b8:ac:75:d3:bd:06:fe:44:3a:d8:15:ba:8f:aa:c4:1b:16:
e9:ec:31:fb:53:4e:15:ec:65:c1:8a:c3:dd:fa:3d:4f:cc:93:
1d:9d:ae:0f:ea:d4:d2:86:c5:69:bb:80:70:75:98:36:96:c1:
ca:b8:37:da:37:4a:2e:89:96:2c:22:a9:72:de:d5:b0:f6:de:
7f:78:56:fa:6d:6c:4d:ae:4e:cd:20:93:ad:e0:8a:c9:25:5f:
30:27:94:4f:42:ad:ec:4f:71:9d:c2:f0:bc:fa:5f:6f:b5:a4:
d3:9e:65:6f:ac:bb:f3:25:c1:0b:a2:ac:50:9a:ac:8f:df:67:
dc:35:e7:ae:9a:12:6c:11:4d:5f:80:f4:6f:27:96:4f:d8:8f:
61:1e:9b:dc:cb:57:e1:b5:ad:21:dc:21:de:fc:92:f3:9c:82:
92:09:93:41:40:7c:40:c8:61:87:9d:ff:6e:b0:ae:63:89:42:
e5:7c:ed:a0:09:86:cb:60:a5:a4:f1:b7:5b:1c:18:9b:25:d2:
d2:ee:e6:f7:e3:d7:da:86:a2:20:de:8d:bc:6a:ce:e0:76:63:
45:fc:a2:1f:c6:57:2b:c1:7e:00:88:86:e7:3b:7e:af:a9:e4:
2d:29:30:cb:04:91:4d:03:79:0b:85:d5:32:45:28:51:1f:97:
9a:3f:5f:a0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYvtQP65pRz7JyYlDmC9dhyEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMmNlN2ZkMmY1YjFiNzk3NTdjODk3M2FlM2Y3YjBiZTY4
NjM4NWIwHhcNMjMxMTIwMTUwMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWU2ZGZiOWNlMWM3ZGNkM2Y3ODVkMWM3ZGQyMjIzMDdjNDIyNWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXZ1vOXpKu8C7WZ86UjwYwJMDOsk
41FPI6a/THzzra53gcD0Jcn8/0ggErE7nvsOqrV5uhfWQt7bdg7SwGmkVtlgG+4x
HfjTYw6lGDYMT6tKlHUTgIsA4ZUy/KPNq4Nng3zK8tAJx2czCY3WsniryaJszPPa
JQ+smBfl6phGl3W22VIFlP41zsBtZCrjyKxdwqCbHW+I5Y/ShyUIb6dNOibCq0Lq
3eBwpxtj3Y12cLKwc7RxdzlAhJ9hpR4YciHb4dAVVAkxB/J66s6IZGxx3Q7t0i3g
VLQq+S1SBHh2FmhK+tHRmYaTZlQLF+X/cIP/OsFnm1MsI3KJs+j/aYBvqwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFM7m37nOHH3NP3hdHH3SIjB8QiXwMB8GA1UdIwQY
MBaAFAss5/0vWxt5dXyJc64/ewvmhjhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3l6bl9TOWJHM2wxZklsenJqOTdDLWFHT0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85YWFmMjQtNTM0Ni00NDgwLWJiZjMt
YTY0MTA5MTllODk4LzEvenViZnVjNGNmYzBfZUYwY2ZkSWlNSHhDSmZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85YWFmMjQtNTM0Ni00NDgwLWJiZjMtYTY0MTA5MTllODk4
LzEvQ3l6bl9TOWJHM2wxZklsenJqOTdDLWFHT0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCk6EYAwQC
uZTUAwQC1EWAMA0EAgACMAcDBQMqDfeAMA0GCSqGSIb3DQEBCwUAA4IBAQAAuKx1
070G/kQ62BW6j6rEGxbp7DH7U04V7GXBisPd+j1PzJMdna4P6tTShsVpu4BwdZg2
lsHKuDfaN0ouiZYsIqly3tWw9t5/eFb6bWxNrk7NIJOt4IrJJV8wJ5RPQq3sT3Gd
wvC8+l9vtaTTnmVvrLvzJcELoqxQmqyP32fcNeeumhJsEU1fgPRvJ5ZP2I9hHpvc
y1fhta0h3CHe/JLznIKSCZNBQHxAyGGHnf9usK5jiULlfO2gCYbLYKWk8bdbHBib
JdLS7ub349fahqIg3o28as7gdmNF/KIfxlcrwX4AiIbnO36vqeQtKTDLBJFNA3kL
hdUyRShRH5eaP1+g
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:50:35 2024 by rpki-client on console-fra.rpki-client.org