Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/12274e-316b-4f3c-8e6c-dcfeb3f10c86/1/z1AeY8IHfJrigdK4sQYFwMW6_MM.roa
File: z1AeY8IHfJrigdK4sQYFwMW6_MM.roa (raw, json)
Hash identifier: XvW+HFTkmUpiVV33GAvXEesTLwuZhKH7Tz/G3FegDYw=
Subject key identifier: CF:50:1E:63:C2:07:7C:9A:E2:81:D2:B8:B1:06:05:C0:C5:BA:FC:C3
Certificate issuer: /CN=292edce09f112ab2d3ffaf4cb2a38eaf1c1af92e
Certificate serial: 01860497E12BD3EC259052A54A97DE09B97F
Authority key identifier: 29:2E:DC:E0:9F:11:2A:B2:D3:FF:AF:4C:B2:A3:8E:AF:1C:1A:F9:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KS7c4J8RKrLT_69MsqOOrxwa-S4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/12274e-316b-4f3c-8e6c-dcfeb3f10c86/1/z1AeY8IHfJrigdK4sQYFwMW6_MM.roa
Signing time: Mon 30 Jan 2023 21:31:47 +0000
ROA not before: Mon 30 Jan 2023 21:31:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 195.60.86.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:04:97:e1:2b:d3:ec:25:90:52:a5:4a:97:de:09:b9:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=292edce09f112ab2d3ffaf4cb2a38eaf1c1af92e
Validity
Not Before: Jan 30 21:31:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf501e63c2077c9ae281d2b8b10605c0c5bafcc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c6:b9:76:21:b0:92:7a:24:76:5f:c9:a7:15:
fa:f8:6d:ec:a2:97:c1:27:49:31:5b:39:63:26:b2:
f3:a8:5e:e9:06:af:f4:f4:77:5d:c5:a1:a9:e9:4b:
e5:3b:21:29:1d:4f:e5:13:5e:79:54:3d:3b:ac:10:
6b:60:f9:61:01:2b:c8:c1:ee:ac:66:89:70:db:c8:
c0:63:00:62:d4:48:39:6b:06:12:6f:f5:40:32:41:
fd:e7:3f:fe:9d:17:55:e5:4f:34:80:1a:9f:f6:bb:
62:44:09:62:d4:d4:16:9c:5d:ab:c4:72:9f:d6:16:
e8:2b:dd:92:4b:bb:13:a4:8d:af:9b:42:c8:6e:7e:
5b:7a:49:e8:59:3b:7a:f2:73:6b:5f:b5:0e:96:e9:
33:c7:4e:54:a3:32:3d:59:b0:6c:65:0c:a1:6d:41:
d7:06:21:19:cd:5f:89:cd:7e:1e:79:42:de:25:4f:
4c:56:a9:c9:53:38:5d:1f:37:f4:5e:01:e1:50:4c:
b6:47:79:a4:c2:32:18:a8:37:2a:be:0d:b8:5c:f9:
9a:af:99:c3:dd:7b:6c:4d:af:ee:b7:73:bc:eb:83:
a4:8b:1c:f3:f3:6e:9f:f1:fb:0d:f5:ed:d9:36:b3:
09:a7:80:8d:d2:5b:a1:64:e7:01:53:e3:54:65:d0:
c0:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:50:1E:63:C2:07:7C:9A:E2:81:D2:B8:B1:06:05:C0:C5:BA:FC:C3
X509v3 Authority Key Identifier:
keyid:29:2E:DC:E0:9F:11:2A:B2:D3:FF:AF:4C:B2:A3:8E:AF:1C:1A:F9:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KS7c4J8RKrLT_69MsqOOrxwa-S4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/12274e-316b-4f3c-8e6c-dcfeb3f10c86/1/z1AeY8IHfJrigdK4sQYFwMW6_MM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/12274e-316b-4f3c-8e6c-dcfeb3f10c86/1/KS7c4J8RKrLT_69MsqOOrxwa-S4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.60.86.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:cc:a0:1e:fb:d2:6d:7a:4e:e5:5f:2e:81:0b:1b:17:b9:ff:
a0:e3:96:f1:4c:17:1e:85:dd:b0:c5:5d:58:37:76:69:19:24:
27:d0:dc:69:1c:90:0d:2b:bd:b2:17:66:c3:1f:d0:28:6a:c0:
a9:67:d5:a3:94:85:27:a3:12:c5:2b:75:e9:9b:96:24:07:54:
61:fa:d3:1d:7b:ed:aa:5c:2c:4e:14:99:7c:17:e8:78:ca:40:
a5:15:90:f3:c6:b9:ef:96:cf:52:ab:35:f1:04:e0:20:a6:0e:
e7:5c:0f:c5:b3:9f:58:3b:c9:32:c6:35:33:ba:9a:76:b3:4f:
bf:b8:6e:59:2b:85:af:36:23:b7:b2:79:06:82:f4:a9:0e:c6:
76:69:f6:b5:17:8d:91:7d:62:53:00:77:15:eb:19:57:4b:80:
b3:f3:c5:27:fa:4f:d8:d8:7c:c6:ef:35:51:06:1c:8b:ff:eb:
05:22:02:17:2d:a6:69:fe:f2:ad:70:cd:56:c8:91:e9:86:62:
e2:f7:82:e2:9e:e6:e8:f4:f8:50:b3:3b:89:d1:d9:cb:61:b8:
3c:55:6b:ae:1e:5e:44:c6:0f:80:49:cb:d7:65:13:f5:30:67:
a5:5f:c8:80:d4:c8:c2:32:c0:43:89:ff:fe:99:b3:1e:fa:9f:
73:4a:34:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYEl+Er0+wlkFKlSpfeCbl/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MmVkY2UwOWYxMTJhYjJkM2ZmYWY0Y2IyYTM4ZWFmMWMx
YWY5MmUwHhcNMjMwMTMwMjEzMTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjUwMWU2M2MyMDc3YzlhZTI4MWQyYjhiMTA2MDVjMGM1YmFmY2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMa5diGwknokdl/JpxX6+G3sopfB
J0kxWzljJrLzqF7pBq/09HddxaGp6UvlOyEpHU/lE155VD07rBBrYPlhASvIwe6s
Zolw28jAYwBi1Eg5awYSb/VAMkH95z/+nRdV5U80gBqf9rtiRAli1NQWnF2rxHKf
1hboK92SS7sTpI2vm0LIbn5beknoWTt68nNrX7UOlukzx05UozI9WbBsZQyhbUHX
BiEZzV+JzX4eeULeJU9MVqnJUzhdHzf0XgHhUEy2R3mkwjIYqDcqvg24XPmar5nD
3XtsTa/ut3O864Okixzz826f8fsN9e3ZNrMJp4CN0luhZOcBU+NUZdDA/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM9QHmPCB3ya4oHSuLEGBcDFuvzDMB8GA1UdIwQY
MBaAFCku3OCfESqy0/+vTLKjjq8cGvkuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1M3YzRKOFJLckxUXzY5TXNxT09yeHdhLVM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xMjI3NGUtMzE2Yi00ZjNjLThlNmMt
ZGNmZWIzZjEwYzg2LzEvejFBZVk4SUhmSnJpZ2RLNHNRWUZ3TVc2X01NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8xMjI3NGUtMzE2Yi00ZjNjLThlNmMtZGNmZWIzZjEwYzg2
LzEvS1M3YzRKOFJLckxUXzY5TXNxT09yeHdhLVM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwzxWMA0G
CSqGSIb3DQEBCwUAA4IBAQAqzKAe+9Jtek7lXy6BCxsXuf+g45bxTBcehd2wxV1Y
N3ZpGSQn0NxpHJANK72yF2bDH9AoasCpZ9WjlIUnoxLFK3Xpm5YkB1Rh+tMde+2q
XCxOFJl8F+h4ykClFZDzxrnvls9SqzXxBOAgpg7nXA/Fs59YO8kyxjUzupp2s0+/
uG5ZK4WvNiO3snkGgvSpDsZ2afa1F42RfWJTAHcV6xlXS4Cz88Un+k/Y2HzG7zVR
BhyL/+sFIgIXLaZp/vKtcM1WyJHphmLi94Linubo9PhQszuJ0dnLYbg8VWuuHl5E
xg+AScvXZRP1MGelX8iA1MjCMsBDif/+mbMe+p9zSjTB
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:36 2024 by rpki-client on console-ams.rpki-client.org