Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/df2947-cd05-4405-949a-6a8033dcbe1c/1/zUNv1HfON0lV6mQyA01rM3lYb34.roa
File: zUNv1HfON0lV6mQyA01rM3lYb34.roa (raw, json)
Hash identifier: aEepspt1LjSc/lySDb3mAzBhS2cVtsoeiZ7OfnmvlYc=
Subject key identifier: CD:43:6F:D4:77:CE:37:49:55:EA:64:32:03:4D:6B:33:79:58:6F:7E
Certificate issuer: /CN=3d9424b3c8e72f746a59eb199455aa3646a3a457
Certificate serial: 01856C65BAD8C0A1C66F67795A041806E7AC
Authority key identifier: 3D:94:24:B3:C8:E7:2F:74:6A:59:EB:19:94:55:AA:36:46:A3:A4:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PZQks8jnL3RqWesZlFWqNkajpFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/df2947-cd05-4405-949a-6a8033dcbe1c/1/zUNv1HfON0lV6mQyA01rM3lYb34.roa
Signing time: Sun 01 Jan 2023 08:14:44 +0000
ROA not before: Sun 01 Jan 2023 08:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202283
IP address blocks: 193.109.238.0/24 maxlen: 24
185.232.220.0/22 maxlen: 22
2a0c:d100::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:ba:d8:c0:a1:c6:6f:67:79:5a:04:18:06:e7:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d9424b3c8e72f746a59eb199455aa3646a3a457
Validity
Not Before: Jan 1 08:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd436fd477ce374955ea6432034d6b3379586f7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:69:7c:8a:db:a1:27:35:e3:48:e1:dc:77:e8:
52:c8:6c:22:62:f9:89:0e:70:0d:56:18:4f:1d:0c:
6d:86:6c:e2:c5:55:89:cd:c1:0a:7f:ba:24:41:17:
d6:23:34:32:23:d0:c0:a2:95:16:a8:2f:28:cd:31:
9b:da:a9:ad:b4:f0:d5:7a:1c:9a:4d:af:77:d1:00:
2b:20:54:22:e1:67:34:b4:6b:10:9e:a3:90:f6:4d:
f7:7f:5f:c3:c9:f8:a9:f7:27:04:65:1f:a7:1d:cb:
c5:22:de:43:55:c8:9f:9d:48:ae:1f:f2:18:8f:9f:
72:d3:3c:57:19:60:7c:5c:0a:c0:48:51:4d:ac:71:
e7:80:2c:c3:84:62:9c:fe:5e:88:12:27:45:61:fb:
b4:18:96:20:a1:14:b7:86:98:5b:c8:56:f8:49:cd:
a2:16:73:be:96:73:00:e9:8f:a6:0b:ed:e0:66:9c:
24:f5:91:6c:07:e5:82:8c:e2:73:4a:cb:0c:16:7f:
da:e7:71:c4:2d:4e:e7:04:8a:32:fb:3f:4d:c0:3c:
11:b9:1a:df:83:13:a2:d4:47:57:e9:b4:cb:31:cb:
33:6c:98:e0:15:57:0f:dc:36:5b:ea:f0:f5:81:9d:
7c:d2:6c:50:9e:5c:72:5f:3e:e6:6d:9d:41:1e:cc:
f0:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:43:6F:D4:77:CE:37:49:55:EA:64:32:03:4D:6B:33:79:58:6F:7E
X509v3 Authority Key Identifier:
keyid:3D:94:24:B3:C8:E7:2F:74:6A:59:EB:19:94:55:AA:36:46:A3:A4:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PZQks8jnL3RqWesZlFWqNkajpFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/df2947-cd05-4405-949a-6a8033dcbe1c/1/zUNv1HfON0lV6mQyA01rM3lYb34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/df2947-cd05-4405-949a-6a8033dcbe1c/1/PZQks8jnL3RqWesZlFWqNkajpFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.220.0/22
193.109.238.0/24
IPv6:
2a0c:d100::/29
Signature Algorithm: sha256WithRSAEncryption
89:65:b6:ab:cf:53:4e:22:cd:73:db:c7:c8:cc:66:2c:2b:ab:
22:99:a4:83:9b:06:f7:c5:30:22:54:39:b4:33:e2:85:4f:f6:
d4:85:69:b7:7f:e6:78:2c:85:72:51:b7:e0:ba:a4:46:bd:4b:
a3:e0:fb:fc:9e:73:c9:7c:a6:d3:d4:90:da:c4:42:07:fd:35:
4a:7f:bd:10:c9:69:f2:86:94:14:33:23:48:18:03:fe:e8:bf:
06:eb:8e:9f:72:f7:df:a9:9d:0d:82:37:9c:cd:76:9f:6b:6d:
61:43:18:8c:ce:67:85:ab:02:e0:0a:43:6e:47:77:1d:f4:f2:
73:88:e2:61:40:d0:49:73:5d:55:c5:46:c3:fb:44:50:41:10:
cf:a3:bb:ad:d3:df:3a:13:ec:8a:14:e7:4f:e4:17:a2:18:dd:
43:5e:6e:01:7b:c8:86:0a:99:70:db:28:8d:65:c2:5b:99:7e:
32:75:4f:57:4b:17:a8:0d:11:83:e5:71:a0:05:78:7d:b1:23:
1a:87:9b:20:ee:ed:2c:8d:db:09:d6:48:ea:58:0e:67:39:57:
02:b1:3d:c3:d6:cc:c9:cf:77:bf:b8:fd:ed:87:a2:9b:f7:1d:
c5:42:f4:3f:9b:31:dc:40:dc:00:a9:de:5b:ca:d6:9f:a5:0a:
80:ca:1f:76
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsZbrYwKHGb2d5WgQYBuesMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOTQyNGIzYzhlNzJmNzQ2YTU5ZWIxOTk0NTVhYTM2NDZh
M2E0NTcwHhcNMjMwMTAxMDgxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDQzNmZkNDc3Y2UzNzQ5NTVlYTY0MzIwMzRkNmIzMzc5NTg2ZjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWl8ituhJzXjSOHcd+hSyGwiYvmJ
DnANVhhPHQxthmzixVWJzcEKf7okQRfWIzQyI9DAopUWqC8ozTGb2qmttPDVehya
Ta930QArIFQi4Wc0tGsQnqOQ9k33f1/Dyfip9ycEZR+nHcvFIt5DVcifnUiuH/IY
j59y0zxXGWB8XArASFFNrHHngCzDhGKc/l6IEidFYfu0GJYgoRS3hphbyFb4Sc2i
FnO+lnMA6Y+mC+3gZpwk9ZFsB+WCjOJzSssMFn/a53HELU7nBIoy+z9NwDwRuRrf
gxOi1EdX6bTLMcszbJjgFVcP3DZb6vD1gZ180mxQnlxyXz7mbZ1BHszw7wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM1Db9R3zjdJVepkMgNNazN5WG9+MB8GA1UdIwQY
MBaAFD2UJLPI5y90alnrGZRVqjZGo6RXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFpRa3M4am5MM1JxV2VzWmxGV3FOa2FqcEZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9kZjI5NDctY2QwNS00NDA1LTk0OWEt
NmE4MDMzZGNiZTFjLzEvelVOdjFIZk9OMGxWNm1ReUEwMXJNM2xZYjM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9kZjI5NDctY2QwNS00NDA1LTk0OWEtNmE4MDMzZGNiZTFj
LzEvUFpRa3M4am5MM1JxV2VzWmxGV3FOa2FqcEZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuejcAwQA
wW3uMA0EAgACMAcDBQMqDNEAMA0GCSqGSIb3DQEBCwUAA4IBAQCJZbarz1NOIs1z
28fIzGYsK6simaSDmwb3xTAiVDm0M+KFT/bUhWm3f+Z4LIVyUbfguqRGvUuj4Pv8
nnPJfKbT1JDaxEIH/TVKf70QyWnyhpQUMyNIGAP+6L8G646fcvffqZ0NgjeczXaf
a21hQxiMzmeFqwLgCkNuR3cd9PJziOJhQNBJc11VxUbD+0RQQRDPo7ut0986E+yK
FOdP5BeiGN1DXm4Be8iGCplw2yiNZcJbmX4ydU9XSxeoDRGD5XGgBXh9sSMah5sg
7u0sjdsJ1kjqWA5nOVcCsT3D1szJz3e/uP3th6Kb9x3FQvQ/mzHcQNwAqd5bytaf
pQqAyh92
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:54 2024 by rpki-client on console-ams.rpki-client.org