Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/fb823f-7296-4279-9721-92e08ba5e2bf/1/Z21VFPx3zZ9GRwfLL-MNDXl372E.roa
File: Z21VFPx3zZ9GRwfLL-MNDXl372E.roa (raw, json)
Hash identifier: klSqnRFyDCk3qmIwfq5iZit6FptBO+l2hz7LIbhiCx4=
Subject key identifier: 67:6D:55:14:FC:77:CD:9F:46:47:07:CB:2F:E3:0D:0D:79:77:EF:61
Certificate issuer: /CN=3fafd07dc086dd7feec69e64e094dee5f49cea7d
Certificate serial: 01856F7972B0B61164686AEED1F4AB6CB0F6
Authority key identifier: 3F:AF:D0:7D:C0:86:DD:7F:EE:C6:9E:64:E0:94:DE:E5:F4:9C:EA:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P6_QfcCG3X_uxp5k4JTe5fSc6n0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/fb823f-7296-4279-9721-92e08ba5e2bf/1/Z21VFPx3zZ9GRwfLL-MNDXl372E.roa
Signing time: Sun 01 Jan 2023 22:35:08 +0000
ROA not before: Sun 01 Jan 2023 22:35:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201814
IP address blocks: 193.35.110.0/24 maxlen: 24
195.128.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:72:b0:b6:11:64:68:6a:ee:d1:f4:ab:6c:b0:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fafd07dc086dd7feec69e64e094dee5f49cea7d
Validity
Not Before: Jan 1 22:35:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=676d5514fc77cd9f464707cb2fe30d0d7977ef61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:39:15:65:6c:41:f0:1a:30:53:77:bb:1a:7b:
4a:06:63:d2:be:45:1e:a3:dc:65:d2:3f:35:78:da:
6d:ed:6c:95:37:29:06:1d:ca:ed:93:5e:07:aa:36:
b0:99:87:4e:80:ce:47:51:c9:f6:64:f0:97:81:a5:
2c:89:61:55:aa:9b:0d:8a:07:dc:85:cc:1a:97:a2:
da:a6:30:01:24:41:8b:9b:23:b3:8b:83:21:b0:12:
f4:f6:1d:d3:0b:98:60:30:1a:a3:b0:71:5f:3c:d4:
44:77:50:41:34:19:ec:55:14:b7:ee:0d:1f:19:a2:
26:95:4d:b9:c4:eb:cf:00:22:b3:94:8a:8a:91:2a:
5c:8a:4f:a8:c9:dd:44:39:69:51:a9:82:b6:52:b5:
d1:39:90:80:73:e0:35:5f:e2:30:fb:5f:34:77:80:
6a:12:ac:d4:34:a1:de:1d:dd:b0:72:34:34:03:d4:
79:3d:e4:56:20:3b:58:00:17:7c:98:8e:c3:e8:97:
3d:7c:8b:77:a5:0a:0a:3c:f2:2c:43:e1:f8:1a:48:
10:d6:59:ab:4f:64:bb:6b:f5:26:b0:d1:0f:a2:8a:
4b:4b:3c:86:7b:d4:79:d0:9a:16:1a:9d:86:bf:3c:
64:a3:0e:00:64:80:16:18:c4:42:66:89:b3:8e:d3:
c3:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:6D:55:14:FC:77:CD:9F:46:47:07:CB:2F:E3:0D:0D:79:77:EF:61
X509v3 Authority Key Identifier:
keyid:3F:AF:D0:7D:C0:86:DD:7F:EE:C6:9E:64:E0:94:DE:E5:F4:9C:EA:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P6_QfcCG3X_uxp5k4JTe5fSc6n0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/fb823f-7296-4279-9721-92e08ba5e2bf/1/Z21VFPx3zZ9GRwfLL-MNDXl372E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/fb823f-7296-4279-9721-92e08ba5e2bf/1/P6_QfcCG3X_uxp5k4JTe5fSc6n0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.35.110.0/24
195.128.154.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:21:c4:1c:2e:1c:27:09:ad:91:2a:32:70:74:b7:bc:8d:f8:
90:a8:b5:a2:6e:24:54:8e:63:bf:da:f5:81:00:c8:df:d2:51:
7f:a2:f6:d4:b5:67:8b:6a:cd:e5:23:f7:82:f7:e6:1e:62:7e:
1b:a9:bb:6d:d7:1d:18:04:a1:83:17:47:d5:18:67:dc:30:18:
c6:bb:ae:b2:aa:f3:c3:b0:13:09:27:31:7f:0a:56:a2:69:b0:
84:54:de:94:85:86:1f:96:c0:6b:38:36:e7:d2:04:1e:49:c5:
38:a8:76:7a:5b:e2:bd:29:e7:d2:fd:ce:99:96:c6:e3:fc:3d:
88:89:5d:9c:60:3d:e4:5f:bf:ed:a7:9a:f8:d7:2b:5c:69:a1:
a0:53:89:a5:62:4f:d9:ad:a4:57:d2:31:3b:75:20:78:e3:66:
dc:2f:de:6b:a1:c8:3f:52:60:d1:e2:34:e3:09:fd:90:a3:82:
e1:e6:fe:fd:50:db:ac:e8:58:f1:71:46:a1:83:7b:1c:f4:b9:
9e:e0:6f:f4:12:5c:f3:95:62:d7:87:4e:38:75:c8:c3:10:0d:
6c:2f:5f:4c:c7:91:64:ff:60:79:79:24:1c:04:d2:6b:29:88:
b4:76:d2:e0:65:98:cf:c1:40:f6:21:ad:92:34:06:0a:22:52:
73:73:f6:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVveXKwthFkaGru0fSrbLD2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmYWZkMDdkYzA4NmRkN2ZlZWM2OWU2NGUwOTRkZWU1ZjQ5
Y2VhN2QwHhcNMjMwMTAxMjIzNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzZkNTUxNGZjNzdjZDlmNDY0NzA3Y2IyZmUzMGQwZDc5NzdlZjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDkVZWxB8BowU3e7GntKBmPSvkUe
o9xl0j81eNpt7WyVNykGHcrtk14HqjawmYdOgM5HUcn2ZPCXgaUsiWFVqpsNigfc
hcwal6LapjABJEGLmyOzi4MhsBL09h3TC5hgMBqjsHFfPNREd1BBNBnsVRS37g0f
GaImlU25xOvPACKzlIqKkSpcik+oyd1EOWlRqYK2UrXROZCAc+A1X+Iw+180d4Bq
EqzUNKHeHd2wcjQ0A9R5PeRWIDtYABd8mI7D6Jc9fIt3pQoKPPIsQ+H4GkgQ1lmr
T2S7a/UmsNEPoopLSzyGe9R50JoWGp2Gvzxkow4AZIAWGMRCZomzjtPD7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGdtVRT8d82fRkcHyy/jDQ15d+9hMB8GA1UdIwQY
MBaAFD+v0H3Aht1/7saeZOCU3uX0nOp9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDZfUWZjQ0czWF91eHA1azRKVGU1ZlNjNm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mYjgyM2YtNzI5Ni00Mjc5LTk3MjEt
OTJlMDhiYTVlMmJmLzEvWjIxVkZQeDN6WjlHUndmTEwtTU5EWGwzNzJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mYjgyM2YtNzI5Ni00Mjc5LTk3MjEtOTJlMDhiYTVlMmJm
LzEvUDZfUWZjQ0czWF91eHA1azRKVGU1ZlNjNm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwSNuAwQA
w4CaMA0GCSqGSIb3DQEBCwUAA4IBAQCfIcQcLhwnCa2RKjJwdLe8jfiQqLWibiRU
jmO/2vWBAMjf0lF/ovbUtWeLas3lI/eC9+YeYn4bqbtt1x0YBKGDF0fVGGfcMBjG
u66yqvPDsBMJJzF/ClaiabCEVN6UhYYflsBrODbn0gQeScU4qHZ6W+K9KefS/c6Z
lsbj/D2IiV2cYD3kX7/tp5r41ytcaaGgU4mlYk/ZraRX0jE7dSB442bcL95rocg/
UmDR4jTjCf2Qo4Lh5v79UNus6FjxcUahg3sc9Lme4G/0ElzzlWLXh044dcjDEA1s
L19Mx5Fk/2B5eSQcBNJrKYi0dtLgZZjPwUD2Ia2SNAYKIlJzc/aj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:42 2024 by rpki-client on console-ams.rpki-client.org