Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/ZkHXG7p9fA7n1uUvA9K3hM80iao.roa
File: ZkHXG7p9fA7n1uUvA9K3hM80iao.roa (raw, json)
Hash identifier: JY+Fm/qYjRK0kRdhOzN+gizG4mwxdbgwZAFqHXSq2hc=
Subject key identifier: 66:41:D7:1B:BA:7D:7C:0E:E7:D6:E5:2F:03:D2:B7:84:CF:34:89:AA
Certificate issuer: /CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Certificate serial: 018BD6AA27DF34945C43A910D60C4227BCFB
Authority key identifier: 5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/ZkHXG7p9fA7n1uUvA9K3hM80iao.roa
Signing time: Thu 16 Nov 2023 05:45:57 +0000
ROA not before: Thu 16 Nov 2023 05:45:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58250
IP address blocks: 212.93.203.0/24 maxlen: 24
2a02:df4::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d6:aa:27:df:34:94:5c:43:a9:10:d6:0c:42:27:bc:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Validity
Not Before: Nov 16 05:45:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6641d71bba7d7c0ee7d6e52f03d2b784cf3489aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:68:bc:53:3f:ce:e3:c9:3d:6a:84:b8:3e:92:
83:6b:9f:2e:b5:be:9d:d0:7a:a9:14:6c:b9:8f:08:
5b:08:8f:b3:f2:e9:78:91:e5:3a:57:d7:d9:48:4e:
92:99:80:f4:c9:93:aa:d0:f4:33:d5:d2:8d:62:3d:
d1:fd:dd:79:91:0e:6a:8f:45:79:99:08:1d:78:4c:
42:0b:6f:36:d1:5f:91:55:20:c9:60:97:f5:ae:33:
be:77:79:5b:e0:17:02:ba:a6:76:33:97:2c:d7:56:
eb:41:55:dd:d4:aa:ff:ac:f8:11:a9:4a:a2:72:71:
33:44:58:bf:19:58:a1:0a:c8:6d:cc:b1:44:c2:1a:
f9:a6:b2:b4:65:3a:72:70:b0:db:9c:db:10:03:e2:
96:14:43:53:e9:0f:06:80:ca:6c:5c:54:05:ad:8f:
c3:a3:b4:e6:e9:57:b6:15:f7:fb:20:c8:e0:48:34:
7f:ad:6a:01:66:21:52:cf:f4:f9:80:ed:f9:f4:16:
11:9e:b3:c2:6d:cc:95:47:f8:4c:75:71:42:8b:e6:
9e:12:2b:17:00:1a:34:69:22:50:09:69:c3:54:e7:
4b:c5:c7:17:89:dc:38:8c:07:9e:2e:c7:1e:05:7c:
a9:f7:06:c5:45:2b:0b:ac:88:91:f3:05:48:bb:da:
28:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:41:D7:1B:BA:7D:7C:0E:E7:D6:E5:2F:03:D2:B7:84:CF:34:89:AA
X509v3 Authority Key Identifier:
keyid:5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/ZkHXG7p9fA7n1uUvA9K3hM80iao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WkPp4meVbn8mLBfwCJ8PYLp6vvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.93.203.0/24
IPv6:
2a02:df4::/32
Signature Algorithm: sha256WithRSAEncryption
4d:77:ef:11:35:fa:cc:d0:50:d7:20:e3:3e:89:4c:f3:a9:26:
1e:a6:5c:5c:06:59:ce:8e:4c:4b:c1:c5:95:06:bd:2b:da:68:
27:c9:2f:fc:19:1d:34:07:ca:2a:69:bd:9d:33:a5:68:9e:41:
20:6f:85:bb:59:45:70:17:9d:f0:4d:3c:ac:9a:db:a5:46:8b:
48:fa:42:1c:8f:6e:9a:67:4d:d9:b5:4f:06:4f:e7:b8:d1:76:
61:3d:07:d1:bc:fb:d1:aa:fc:9a:da:9c:e0:d4:ea:68:62:46:
8d:53:52:6e:06:4d:a8:dc:a9:2c:b9:be:5e:68:64:d6:42:52:
62:55:41:da:fc:88:2d:cb:97:44:a2:59:32:8b:8b:30:a4:22:
55:7d:eb:51:01:86:e2:14:98:e0:f2:b1:aa:33:ac:32:c7:9c:
52:0c:02:6a:49:bf:93:7e:6a:fa:6c:89:b5:02:fa:5b:49:c4:
ad:a9:54:f5:52:be:3d:97:fc:3c:83:fc:84:3b:4f:76:fd:84:
2e:46:91:54:9a:ab:cc:d4:ff:78:3a:68:40:23:33:43:cc:83:
e5:4a:37:8c:b8:3e:e6:c9:b8:27:4e:5d:40:c2:42:8c:7e:bd:
40:12:d7:a5:89:04:0e:2a:60:ab:93:5c:9b:4d:c7:3f:ce:60:
e0:8c:f1:15
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYvWqiffNJRcQ6kQ1gxCJ7z7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNDNlOWUyNjc5NTZlN2YyNjJjMTdmMDA4OWYwZjYwYmE3
YWJlZmIwHhcNMjMxMTE2MDU0NTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjQxZDcxYmJhN2Q3YzBlZTdkNmU1MmYwM2QyYjc4NGNmMzQ4OWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimi8Uz/O48k9aoS4PpKDa58utb6d
0HqpFGy5jwhbCI+z8ul4keU6V9fZSE6SmYD0yZOq0PQz1dKNYj3R/d15kQ5qj0V5
mQgdeExCC2820V+RVSDJYJf1rjO+d3lb4BcCuqZ2M5cs11brQVXd1Kr/rPgRqUqi
cnEzRFi/GVihCshtzLFEwhr5prK0ZTpycLDbnNsQA+KWFENT6Q8GgMpsXFQFrY/D
o7Tm6Ve2Fff7IMjgSDR/rWoBZiFSz/T5gO359BYRnrPCbcyVR/hMdXFCi+aeEisX
ABo0aSJQCWnDVOdLxccXidw4jAeeLsceBXyp9wbFRSsLrIiR8wVIu9ooXQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGZB1xu6fXwO59blLwPSt4TPNImqMB8GA1UdIwQY
MBaAFFpD6eJnlW5/JiwX8AifD2C6er77MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGIt
NzljODk4N2E4YjFjLzEvWmtIWEc3cDlmQTduMXVVdkE5SzNoTTgwaWFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGItNzljODk4N2E4YjFj
LzEvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA1F3LMA0E
AgACMAcDBQAqAg30MA0GCSqGSIb3DQEBCwUAA4IBAQBNd+8RNfrM0FDXIOM+iUzz
qSYeplxcBlnOjkxLwcWVBr0r2mgnyS/8GR00B8oqab2dM6VonkEgb4W7WUVwF53w
TTysmtulRotI+kIcj26aZ03ZtU8GT+e40XZhPQfRvPvRqvya2pzg1OpoYkaNU1Ju
Bk2o3Kksub5eaGTWQlJiVUHa/Igty5dEolkyi4swpCJVfetRAYbiFJjg8rGqM6wy
x5xSDAJqSb+Tfmr6bIm1AvpbScStqVT1Ur49l/w8g/yEO092/YQuRpFUmqvM1P94
OmhAIzNDzIPlSjeMuD7mybgnTl1AwkKMfr1AEteliQQOKmCrk1ybTcc/zmDgjPEV
-----END CERTIFICATE-----
Generated at Thu Nov 16 06:49:03 2023 by rpki-client on console-ams.rpki-client.org