Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/a5zAiNplWz9ORTTAFM-4KNO-ohU.roa
File: a5zAiNplWz9ORTTAFM-4KNO-ohU.roa (raw, json)
Hash identifier: cWCQJIZSnYlzxbBDhIfWm/OeK5ACQUeQ445+vnqbcOk=
Subject key identifier: 6B:9C:C0:88:DA:65:5B:3F:4E:45:34:C0:14:CF:B8:28:D3:BE:A2:15
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018CACFD224EED14A6773E40462D029700C3
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/a5zAiNplWz9ORTTAFM-4KNO-ohU.roa
Signing time: Wed 27 Dec 2023 20:35:19 +0000
ROA not before: Wed 27 Dec 2023 20:35:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 77.242.150.0/24 maxlen: 24
88.209.216.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ac:fd:22:4e:ed:14:a6:77:3e:40:46:2d:02:97:00:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Dec 27 20:35:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b9cc088da655b3f4e4534c014cfb828d3bea215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ae:a6:69:98:5b:cc:5b:27:ad:2e:d5:f3:e1:
8c:e8:3f:00:8f:f0:61:5a:90:67:df:4b:86:ff:cc:
48:24:f4:85:26:08:a6:88:f8:e6:00:ef:c6:ac:13:
6e:10:14:9f:ce:72:a8:ee:02:a3:7c:bd:50:12:5d:
bf:39:26:51:1a:e5:9a:9d:13:70:b3:55:34:25:f1:
98:0a:5b:1e:7c:c2:87:39:cf:b1:25:83:0f:1a:b2:
28:a7:d4:d9:e7:0e:0d:54:d1:9a:26:67:41:b9:87:
c6:d2:ff:58:68:bb:c0:61:ae:2e:31:57:8b:11:13:
ce:89:f9:d7:52:67:d7:53:70:c8:18:df:9a:3f:7d:
d1:90:c1:0a:87:b2:33:72:b3:f0:a5:f5:6a:6c:65:
c6:d0:7c:42:d3:32:48:ab:c9:23:99:24:96:d1:70:
90:32:49:a8:e8:cf:9a:ce:71:22:15:7c:d7:a6:82:
85:2f:ac:0c:b1:fe:d4:63:66:93:68:6e:49:3e:52:
a6:27:07:87:18:7c:99:5b:28:7d:7a:94:22:05:a3:
a7:a1:62:27:97:ea:4c:90:5d:18:5f:09:ad:43:bb:
30:d8:e3:88:87:2f:34:21:f4:9c:88:d9:5b:37:df:
29:db:92:60:50:05:85:68:bb:27:30:a5:40:51:ae:
f7:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:9C:C0:88:DA:65:5B:3F:4E:45:34:C0:14:CF:B8:28:D3:BE:A2:15
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/a5zAiNplWz9ORTTAFM-4KNO-ohU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.150.0/24
88.209.216.0/24
Signature Algorithm: sha256WithRSAEncryption
74:e6:49:2c:4c:2b:30:ae:5d:85:0b:e1:13:e4:e0:2f:92:f6:
b1:38:a4:5d:75:f6:c7:19:ef:5a:08:28:02:b3:32:ec:f0:db:
ea:44:f5:d2:d5:36:d6:8d:81:5d:51:3c:5a:eb:5d:d7:46:a6:
12:3a:d8:51:6d:0d:f4:b9:43:76:73:4b:a0:76:c0:b0:d6:da:
a8:c5:d6:e2:aa:0d:e7:25:2c:41:f0:4d:53:a2:5d:60:60:b6:
2b:64:42:fa:84:42:e5:4c:28:48:33:1d:4b:df:fd:35:19:65:
e3:e5:2a:0c:d5:27:dd:a5:36:d0:92:64:24:4b:77:eb:24:c0:
9a:15:b0:99:ae:f1:1b:23:75:07:24:56:e3:e3:1b:ba:1b:17:
9d:c2:28:d8:1d:ee:d4:1b:90:6d:24:a2:ec:1f:30:c6:76:c9:
c7:58:33:e0:38:72:f3:ec:27:c8:c8:d9:e2:8f:3e:94:7e:9e:
9c:94:1e:92:94:36:33:9f:05:8e:98:8e:8e:73:e2:a1:36:b1:
67:4f:19:34:35:71:d3:d1:79:71:bb:1d:46:ad:28:ab:37:48:
9a:1c:64:27:bd:0e:cc:7f:21:49:c6:1e:f3:db:0d:11:9c:17:
75:aa:1f:86:41:de:51:ff:73:01:2a:e0:e2:b9:97:cc:dd:d0:
85:73:0b:94
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYys/SJO7RSmdz5ARi0ClwDDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMxMjI3MjAzNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjljYzA4OGRhNjU1YjNmNGU0NTM0YzAxNGNmYjgyOGQzYmVhMjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAma6maZhbzFsnrS7V8+GM6D8Aj/Bh
WpBn30uG/8xIJPSFJgimiPjmAO/GrBNuEBSfznKo7gKjfL1QEl2/OSZRGuWanRNw
s1U0JfGYClsefMKHOc+xJYMPGrIop9TZ5w4NVNGaJmdBuYfG0v9YaLvAYa4uMVeL
ERPOifnXUmfXU3DIGN+aP33RkMEKh7IzcrPwpfVqbGXG0HxC0zJIq8kjmSSW0XCQ
Mkmo6M+aznEiFXzXpoKFL6wMsf7UY2aTaG5JPlKmJweHGHyZWyh9epQiBaOnoWIn
l+pMkF0YXwmtQ7sw2OOIhy80IfSciNlbN98p25JgUAWFaLsnMKVAUa734wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGucwIjaZVs/TkU0wBTPuCjTvqIVMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvYTV6QWlOcGxXejlPUlRUQUZNLTRLTk8tb2hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATfKWAwQA
WNHYMA0GCSqGSIb3DQEBCwUAA4IBAQB05kksTCswrl2FC+ET5OAvkvaxOKRddfbH
Ge9aCCgCszLs8NvqRPXS1TbWjYFdUTxa613XRqYSOthRbQ30uUN2c0ugdsCw1tqo
xdbiqg3nJSxB8E1Tol1gYLYrZEL6hELlTChIMx1L3/01GWXj5SoM1SfdpTbQkmQk
S3frJMCaFbCZrvEbI3UHJFbj4xu6GxedwijYHe7UG5BtJKLsHzDGdsnHWDPgOHLz
7CfIyNnijz6Ufp6clB6SlDYznwWOmI6Oc+KhNrFnTxk0NXHT0Xlxux1GrSirN0ia
HGQnvQ7MfyFJxh7z2w0RnBd1qh+GQd5R/3MBKuDiuZfM3dCFcwuU
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:55 2024 by rpki-client on console-ams.rpki-client.org