Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/251360-c5c5-4a40-af72-04427a99f1c5/1/ozy0ZWFPFIjyn7uf9sM-zkmddoI.roa
File: ozy0ZWFPFIjyn7uf9sM-zkmddoI.roa (raw, json)
Hash identifier: sU245nWXyAjPNWeh1mkxphheUetkyQR5PmoDelo3A8U=
Subject key identifier: A3:3C:B4:65:61:4F:14:88:F2:9F:BB:9F:F6:C3:3E:CE:49:9D:76:82
Certificate issuer: /CN=8ab3e965c8747e2fa5ddd12857673f06042efa43
Certificate serial: 01856BCA35FD6A3269538927FFEE1D9072A9
Authority key identifier: 8A:B3:E9:65:C8:74:7E:2F:A5:DD:D1:28:57:67:3F:06:04:2E:FA:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/irPpZch0fi-l3dEoV2c_BgQu-kM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/251360-c5c5-4a40-af72-04427a99f1c5/1/ozy0ZWFPFIjyn7uf9sM-zkmddoI.roa
Signing time: Sun 01 Jan 2023 05:24:52 +0000
ROA not before: Sun 01 Jan 2023 05:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49882
IP address blocks: 193.105.47.0/24 maxlen: 24
91.208.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ca:35:fd:6a:32:69:53:89:27:ff:ee:1d:90:72:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ab3e965c8747e2fa5ddd12857673f06042efa43
Validity
Not Before: Jan 1 05:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a33cb465614f1488f29fbb9ff6c33ece499d7682
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f2:b9:90:61:51:30:f9:9b:44:ab:85:3c:dc:
79:4a:91:61:6b:27:a2:78:bc:6d:49:7d:12:b7:1a:
4c:a1:a1:2d:4b:50:35:d1:bc:dc:95:a7:82:b7:fd:
bf:e9:74:ab:ad:38:c7:4c:82:d2:ce:ce:28:8a:5c:
23:2d:bd:2a:2f:1d:d4:bd:85:4d:c8:c1:29:b2:16:
85:3b:f6:99:d2:ea:27:52:58:bc:89:61:75:80:88:
49:bd:ba:fd:00:e6:56:3a:11:ca:13:59:3c:6d:f1:
de:44:de:39:31:67:c7:53:e4:23:fd:d4:6a:5f:f9:
7f:e3:b3:3f:3e:60:f3:ab:0e:59:9f:fa:aa:fa:75:
9a:9d:20:a4:5d:58:d4:75:55:23:49:45:02:5f:ae:
b7:ca:81:ee:82:de:62:af:59:37:76:8b:83:aa:67:
6f:ec:da:c3:65:7a:b9:84:f3:2b:26:62:bd:87:93:
71:c3:4f:d1:27:ac:bd:f3:b8:57:0a:8c:15:7c:99:
81:60:ef:af:4b:8c:5f:c7:fa:f0:d7:77:2c:3e:e9:
e3:c9:12:02:17:a9:53:0a:af:ea:a7:ae:26:33:ce:
f1:1a:64:42:73:64:ba:46:e5:06:f6:e9:27:e0:6b:
dc:98:a6:41:9d:1a:09:23:9d:db:4c:3f:c1:e2:90:
b3:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:3C:B4:65:61:4F:14:88:F2:9F:BB:9F:F6:C3:3E:CE:49:9D:76:82
X509v3 Authority Key Identifier:
keyid:8A:B3:E9:65:C8:74:7E:2F:A5:DD:D1:28:57:67:3F:06:04:2E:FA:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/irPpZch0fi-l3dEoV2c_BgQu-kM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/251360-c5c5-4a40-af72-04427a99f1c5/1/ozy0ZWFPFIjyn7uf9sM-zkmddoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/251360-c5c5-4a40-af72-04427a99f1c5/1/irPpZch0fi-l3dEoV2c_BgQu-kM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.28.0/24
193.105.47.0/24
Signature Algorithm: sha256WithRSAEncryption
be:74:a4:08:6a:90:a7:59:d6:6f:67:d9:35:87:45:b0:47:40:
f4:89:ed:fe:5b:fc:b7:99:af:9a:9a:b3:c4:5a:2f:c3:fd:b9:
de:96:f0:03:22:9e:2e:0e:68:7e:f3:20:48:c8:2f:57:99:e1:
b5:aa:0d:13:1a:97:13:2d:6c:a1:83:76:7c:a0:a2:de:c3:68:
1f:23:5b:bf:67:19:32:9b:4c:07:b3:6c:75:d1:5a:ca:1f:6d:
e9:17:cb:98:3a:44:f6:58:30:28:1d:4e:70:59:70:a8:c1:bd:
ac:84:a1:98:8a:ed:ed:5a:b7:8b:3d:4d:f6:64:fd:82:a8:96:
18:ac:c3:be:e2:bd:ab:86:35:29:34:3e:97:52:7a:4e:6e:28:
9b:80:03:42:47:27:fd:a9:b7:7f:75:76:48:fe:12:53:8e:9e:
4b:3f:8d:b1:95:b8:2a:8d:d0:0e:f3:f1:1e:c4:03:ae:fe:23:
d7:f6:1d:19:7d:cd:3a:8f:62:1d:f1:d1:a8:af:6e:d0:80:6a:
2c:ff:79:9e:61:4a:cc:08:29:4a:0b:19:ef:9c:6e:93:b4:f9:
de:51:c1:db:bb:7d:39:3c:65:3f:46:fa:69:91:61:ba:5b:b8:
1b:6a:9a:c8:c3:49:d9:94:7a:0c:fe:3c:a1:f6:82:da:ac:56:
a2:49:e5:21
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVryjX9ajJpU4kn/+4dkHKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYjNlOTY1Yzg3NDdlMmZhNWRkZDEyODU3NjczZjA2MDQy
ZWZhNDMwHhcNMjMwMTAxMDUyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzNjYjQ2NTYxNGYxNDg4ZjI5ZmJiOWZmNmMzM2VjZTQ5OWQ3NjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvK5kGFRMPmbRKuFPNx5SpFhayei
eLxtSX0StxpMoaEtS1A10bzclaeCt/2/6XSrrTjHTILSzs4oilwjLb0qLx3UvYVN
yMEpshaFO/aZ0uonUli8iWF1gIhJvbr9AOZWOhHKE1k8bfHeRN45MWfHU+Qj/dRq
X/l/47M/PmDzqw5Zn/qq+nWanSCkXVjUdVUjSUUCX663yoHugt5ir1k3douDqmdv
7NrDZXq5hPMrJmK9h5Nxw0/RJ6y987hXCowVfJmBYO+vS4xfx/rw13csPunjyRIC
F6lTCq/qp64mM87xGmRCc2S6RuUG9ukn4GvcmKZBnRoJI53bTD/B4pCzrQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKM8tGVhTxSI8p+7n/bDPs5JnXaCMB8GA1UdIwQY
MBaAFIqz6WXIdH4vpd3RKFdnPwYELvpDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXJQcFpjaDBmaS1sM2RFb1YyY19CZ1F1LWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8yNTEzNjAtYzVjNS00YTQwLWFmNzIt
MDQ0MjdhOTlmMWM1LzEvb3p5MFpXRlBGSWp5bjd1ZjlzTS16a21kZG9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8yNTEzNjAtYzVjNS00YTQwLWFmNzItMDQ0MjdhOTlmMWM1
LzEvaXJQcFpjaDBmaS1sM2RFb1YyY19CZ1F1LWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9AcAwQA
wWkvMA0GCSqGSIb3DQEBCwUAA4IBAQC+dKQIapCnWdZvZ9k1h0WwR0D0ie3+W/y3
ma+amrPEWi/D/bnelvADIp4uDmh+8yBIyC9XmeG1qg0TGpcTLWyhg3Z8oKLew2gf
I1u/Zxkym0wHs2x10VrKH23pF8uYOkT2WDAoHU5wWXCowb2shKGYiu3tWreLPU32
ZP2CqJYYrMO+4r2rhjUpND6XUnpObiibgANCRyf9qbd/dXZI/hJTjp5LP42xlbgq
jdAO8/EexAOu/iPX9h0Zfc06j2Id8dGor27QgGos/3meYUrMCClKCxnvnG6TtPne
UcHbu305PGU/RvppkWG6W7gbaprIw0nZlHoM/jyh9oLarFaiSeUh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:37 2024 by rpki-client on console-fra.rpki-client.org