Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/50d476-d722-40f2-980f-64236fc36d1d/1/AZVFwv05imKM5fa1G57jIPGOPCA.roa
File: AZVFwv05imKM5fa1G57jIPGOPCA.roa (raw, json)
Hash identifier: idREq4pUlwpNOiKYgOIuLQY20qEbxoOQyTuj23inRCM=
Subject key identifier: 01:95:45:C2:FD:39:8A:62:8C:E5:F6:B5:1B:9E:E3:20:F1:8E:3C:20
Certificate issuer: /CN=65295913c07c226100bd39f1ee2c52ea98aaee14
Certificate serial: 018573683132AF5A1799FC39DDBFAE6637A3
Authority key identifier: 65:29:59:13:C0:7C:22:61:00:BD:39:F1:EE:2C:52:EA:98:AA:EE:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZSlZE8B8ImEAvTnx7ixS6piq7hQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/50d476-d722-40f2-980f-64236fc36d1d/1/AZVFwv05imKM5fa1G57jIPGOPCA.roa
Signing time: Mon 02 Jan 2023 16:54:46 +0000
ROA not before: Mon 02 Jan 2023 16:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50012
IP address blocks: 193.104.85.0/24 maxlen: 24
185.157.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:30:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:68:31:32:af:5a:17:99:fc:39:dd:bf:ae:66:37:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65295913c07c226100bd39f1ee2c52ea98aaee14
Validity
Not Before: Jan 2 16:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=019545c2fd398a628ce5f6b51b9ee320f18e3c20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a0:69:8b:3d:d9:f8:aa:da:b1:a9:ba:78:03:
00:8f:80:72:5b:a7:16:aa:26:71:d6:1d:a5:b8:04:
76:ab:b5:64:ea:8b:ba:9c:7b:fa:a2:ea:63:80:1b:
d8:8f:6c:95:ec:2c:9d:6e:d7:26:00:b5:b1:7a:4a:
73:72:ae:0d:3b:64:a4:4f:29:55:8f:b3:f9:6c:1d:
47:94:c1:bf:67:15:85:c4:a3:d5:a1:ac:95:cc:6c:
e1:80:22:86:14:31:3d:57:87:71:74:f7:93:c5:2f:
c9:ed:29:ea:25:27:67:61:4d:df:ff:51:9e:54:55:
61:cc:33:4b:86:c8:c0:32:5c:a7:bc:d4:38:70:b7:
e3:3c:7a:4e:94:3e:7c:f2:fb:ec:32:02:10:f3:24:
4f:b4:85:8e:4d:a1:83:e3:ed:96:50:55:1c:74:1c:
69:d9:22:e1:72:ee:f5:67:68:f2:d6:b0:17:ac:0e:
dd:df:ad:e6:88:2e:8d:1b:5c:76:af:78:38:1a:c4:
00:dd:f5:eb:ca:81:85:60:cd:af:89:d0:77:4f:18:
dd:3e:c8:b3:86:16:af:22:51:4f:0d:34:04:bc:c2:
a1:6d:6a:cf:69:a2:73:25:62:dd:42:59:68:22:73:
4b:5d:6a:12:51:19:30:12:be:6b:26:50:36:1f:2c:
3a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:95:45:C2:FD:39:8A:62:8C:E5:F6:B5:1B:9E:E3:20:F1:8E:3C:20
X509v3 Authority Key Identifier:
keyid:65:29:59:13:C0:7C:22:61:00:BD:39:F1:EE:2C:52:EA:98:AA:EE:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZSlZE8B8ImEAvTnx7ixS6piq7hQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/50d476-d722-40f2-980f-64236fc36d1d/1/AZVFwv05imKM5fa1G57jIPGOPCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/50d476-d722-40f2-980f-64236fc36d1d/1/ZSlZE8B8ImEAvTnx7ixS6piq7hQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.121.0/24
193.104.85.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:6c:ef:b4:a3:77:56:d8:d6:3b:53:68:85:b2:31:1f:d5:56:
e3:79:f6:8f:35:d0:a9:8a:cc:3c:27:32:05:c2:09:3e:e7:da:
4a:18:1f:ff:a7:d7:6e:ad:7e:97:ac:21:61:b1:8e:48:88:9b:
20:9c:30:a4:51:2d:a9:ca:59:ae:d5:ae:8e:fe:73:cf:2d:91:
c6:72:4e:c5:71:51:57:e4:84:26:80:29:d1:7e:07:dd:85:ed:
c1:a6:a9:f1:ba:f3:43:d7:aa:5c:3b:d0:ac:2f:31:f8:ac:8e:
73:cb:58:08:4a:4d:1e:67:15:b9:1b:4d:12:95:0d:4f:ee:5f:
f4:de:6e:fc:5b:cc:54:35:17:b8:9a:08:a7:5f:26:0a:96:d0:
80:c6:29:73:7c:8f:a2:f3:0c:b9:3e:19:56:d9:77:69:c2:14:
a5:31:58:92:b3:0c:48:d3:88:f3:b4:56:cd:c9:f6:31:e6:da:
f0:dc:9e:57:a4:ac:34:89:c6:75:aa:67:43:5f:e3:39:76:fc:
c3:f9:ee:0c:d6:dd:7c:e5:36:50:52:cf:8e:36:d7:87:e3:09:
ed:dd:2b:86:25:56:a0:f9:69:55:cc:6e:01:9e:f0:9e:ba:cf:
b6:10:f9:bd:58:f1:38:68:e2:44:22:3b:d5:2a:68:ca:70:9b:
d6:29:29:0a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzaDEyr1oXmfw53b+uZjejMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1Mjk1OTEzYzA3YzIyNjEwMGJkMzlmMWVlMmM1MmVhOThh
YWVlMTQwHhcNMjMwMTAyMTY1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTk1NDVjMmZkMzk4YTYyOGNlNWY2YjUxYjllZTMyMGYxOGUzYzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKBpiz3Z+Krasam6eAMAj4ByW6cW
qiZx1h2luAR2q7Vk6ou6nHv6oupjgBvYj2yV7CydbtcmALWxekpzcq4NO2SkTylV
j7P5bB1HlMG/ZxWFxKPVoayVzGzhgCKGFDE9V4dxdPeTxS/J7SnqJSdnYU3f/1Ge
VFVhzDNLhsjAMlynvNQ4cLfjPHpOlD588vvsMgIQ8yRPtIWOTaGD4+2WUFUcdBxp
2SLhcu71Z2jy1rAXrA7d363miC6NG1x2r3g4GsQA3fXryoGFYM2vidB3TxjdPsiz
hhavIlFPDTQEvMKhbWrPaaJzJWLdQlloInNLXWoSURkwEr5rJlA2Hyw6fQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAGVRcL9OYpijOX2tRue4yDxjjwgMB8GA1UdIwQY
MBaAFGUpWRPAfCJhAL058e4sUuqYqu4UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlNsWkU4QjhJbUVBdlRueDdpeFM2cGlxN2hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi81MGQ0NzYtZDcyMi00MGYyLTk4MGYt
NjQyMzZmYzM2ZDFkLzEvQVpWRnd2MDVpbUtNNWZhMUc1N2pJUEdPUENBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi81MGQ0NzYtZDcyMi00MGYyLTk4MGYtNjQyMzZmYzM2ZDFk
LzEvWlNsWkU4QjhJbUVBdlRueDdpeFM2cGlxN2hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuZ15AwQA
wWhVMA0GCSqGSIb3DQEBCwUAA4IBAQBbbO+0o3dW2NY7U2iFsjEf1VbjefaPNdCp
isw8JzIFwgk+59pKGB//p9durX6XrCFhsY5IiJsgnDCkUS2pylmu1a6O/nPPLZHG
ck7FcVFX5IQmgCnRfgfdhe3BpqnxuvND16pcO9CsLzH4rI5zy1gISk0eZxW5G00S
lQ1P7l/03m78W8xUNRe4mginXyYKltCAxilzfI+i8wy5PhlW2XdpwhSlMViSswxI
04jztFbNyfYx5trw3J5XpKw0icZ1qmdDX+M5dvzD+e4M1t185TZQUs+ONteH4wnt
3SuGJVag+WlVzG4BnvCeus+2EPm9WPE4aOJEIjvVKmjKcJvWKSkK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:06 2024 by rpki-client on console-ams.rpki-client.org