Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/43c451-e4e9-4859-b985-2d9df4ef5f50/1/ZM8iC004DwXgQ8vLst9T-D1fdxY.roa
File: ZM8iC004DwXgQ8vLst9T-D1fdxY.roa (raw, json)
Hash identifier: lUNhuGdFhximxH4ZepfQEY2LwfdiM9/2yJNC1GjOKto=
Subject key identifier: 64:CF:22:0B:4D:38:0F:05:E0:43:CB:CB:B2:DF:53:F8:3D:5F:77:16
Certificate issuer: /CN=d538d7726a5f1f33da15d87e5c8b0e48f50281bf
Certificate serial: 018571BA244598B4A251DC88C6264FA549D0
Authority key identifier: D5:38:D7:72:6A:5F:1F:33:DA:15:D8:7E:5C:8B:0E:48:F5:02:81:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1TjXcmpfHzPaFdh-XIsOSPUCgb8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/43c451-e4e9-4859-b985-2d9df4ef5f50/1/ZM8iC004DwXgQ8vLst9T-D1fdxY.roa
Signing time: Mon 02 Jan 2023 09:05:02 +0000
ROA not before: Mon 02 Jan 2023 09:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 195.88.246.0/24 maxlen: 24
195.88.247.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:ba:24:45:98:b4:a2:51:dc:88:c6:26:4f:a5:49:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d538d7726a5f1f33da15d87e5c8b0e48f50281bf
Validity
Not Before: Jan 2 09:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64cf220b4d380f05e043cbcbb2df53f83d5f7716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f1:c1:9e:3f:0a:1b:d1:df:3f:44:94:d6:dd:
dd:a0:4b:b1:89:1d:ff:ac:7e:79:41:71:50:5c:d7:
ee:6a:8d:89:e8:19:f4:de:37:dc:78:61:8b:42:3b:
7a:f1:d4:e0:b5:df:c5:ec:24:67:c4:b2:c0:50:96:
ff:04:d0:8d:2b:54:8b:8b:45:22:0e:ef:91:e4:93:
48:c2:2e:68:86:1e:89:9b:85:97:8b:ae:2a:5b:fd:
3d:8e:c8:4c:cb:29:58:9b:42:2b:35:f9:53:08:32:
be:f2:ac:56:f3:77:ae:52:01:22:50:00:67:a3:f2:
48:9a:69:5d:a0:66:16:81:03:aa:3c:a9:eb:d8:37:
db:bb:92:27:af:3a:87:d8:33:5d:17:a3:35:4e:3d:
88:6a:af:ee:72:9b:ab:df:5b:86:29:a6:1f:a9:f0:
c1:a7:74:ea:e3:8a:70:fc:49:14:f6:bf:16:9f:ee:
90:16:78:72:e9:df:71:49:0a:2a:b5:56:3e:27:c5:
e7:9a:ae:ef:74:39:12:b8:24:9b:85:64:28:17:e5:
17:69:8f:36:e8:79:71:7c:12:6b:86:81:94:05:7b:
d1:71:da:45:38:dc:db:6f:c8:59:91:ec:1c:42:12:
2c:39:26:a2:d4:c3:69:6c:b4:12:b4:1d:7c:38:2a:
62:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:CF:22:0B:4D:38:0F:05:E0:43:CB:CB:B2:DF:53:F8:3D:5F:77:16
X509v3 Authority Key Identifier:
keyid:D5:38:D7:72:6A:5F:1F:33:DA:15:D8:7E:5C:8B:0E:48:F5:02:81:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TjXcmpfHzPaFdh-XIsOSPUCgb8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/43c451-e4e9-4859-b985-2d9df4ef5f50/1/ZM8iC004DwXgQ8vLst9T-D1fdxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/43c451-e4e9-4859-b985-2d9df4ef5f50/1/1TjXcmpfHzPaFdh-XIsOSPUCgb8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.88.246.0/23
Signature Algorithm: sha256WithRSAEncryption
53:b1:c7:d3:ab:19:a0:28:28:b8:32:b4:7f:fa:a4:56:30:41:
b7:2a:24:0a:0f:a3:a8:e4:28:30:f6:0f:00:8f:5e:4f:d5:53:
fc:de:61:71:a5:41:87:49:dd:35:a4:6e:46:f2:4e:66:1f:3f:
bb:7a:ec:a0:9a:43:8d:5a:d8:33:be:fd:fa:9e:ed:24:dd:56:
1b:bc:6f:84:95:6a:72:b5:c2:84:6f:79:93:f6:87:c4:e1:a0:
25:82:ff:3c:47:09:8b:2c:55:75:f6:bf:35:7c:83:a9:6f:cd:
bf:44:96:26:66:c3:72:fd:6a:3d:42:b5:bc:36:98:24:dd:28:
8e:f4:41:53:31:cb:7a:51:29:91:07:17:6f:4f:06:4f:b2:c8:
b3:3a:8e:8d:01:e8:7c:f0:48:a5:00:55:e9:b0:f7:f5:39:cb:
54:a4:1e:b9:ec:01:dc:d8:43:f5:2f:3b:f8:d0:ed:c8:6b:be:
68:7a:37:2c:22:56:9d:d0:17:de:96:4f:88:25:84:e6:10:f6:
e9:27:3b:bc:e6:89:c0:ef:c9:40:12:15:7a:b0:ed:ba:22:7b:
d9:20:4f:4d:0f:08:fc:fd:05:1c:e9:1f:65:c4:69:21:21:44:
c6:54:17:37:2e:83:ab:19:51:ba:cf:a3:3b:9a:6d:2f:ed:df:
90:a0:88:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxuiRFmLSiUdyIxiZPpUnQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MzhkNzcyNmE1ZjFmMzNkYTE1ZDg3ZTVjOGIwZTQ4ZjUw
MjgxYmYwHhcNMjMwMTAyMDkwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGNmMjIwYjRkMzgwZjA1ZTA0M2NiY2JiMmRmNTNmODNkNWY3NzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/HBnj8KG9HfP0SU1t3doEuxiR3/
rH55QXFQXNfuao2J6Bn03jfceGGLQjt68dTgtd/F7CRnxLLAUJb/BNCNK1SLi0Ui
Du+R5JNIwi5ohh6Jm4WXi64qW/09jshMyylYm0IrNflTCDK+8qxW83euUgEiUABn
o/JImmldoGYWgQOqPKnr2Dfbu5InrzqH2DNdF6M1Tj2Iaq/ucpur31uGKaYfqfDB
p3Tq44pw/EkU9r8Wn+6QFnhy6d9xSQoqtVY+J8Xnmq7vdDkSuCSbhWQoF+UXaY82
6HlxfBJrhoGUBXvRcdpFONzbb8hZkewcQhIsOSai1MNpbLQStB18OCpihwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGTPIgtNOA8F4EPLy7LfU/g9X3cWMB8GA1UdIwQY
MBaAFNU413JqXx8z2hXYflyLDkj1AoG/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVRqWGNtcGZIelBhRmRoLVhJc09TUFVDZ2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC80M2M0NTEtZTRlOS00ODU5LWI5ODUt
MmQ5ZGY0ZWY1ZjUwLzEvWk04aUMwMDREd1hnUTh2THN0OVQtRDFmZHhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC80M2M0NTEtZTRlOS00ODU5LWI5ODUtMmQ5ZGY0ZWY1ZjUw
LzEvMVRqWGNtcGZIelBhRmRoLVhJc09TUFVDZ2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw1j2MA0G
CSqGSIb3DQEBCwUAA4IBAQBTscfTqxmgKCi4MrR/+qRWMEG3KiQKD6Oo5Cgw9g8A
j15P1VP83mFxpUGHSd01pG5G8k5mHz+7euygmkONWtgzvv36nu0k3VYbvG+ElWpy
tcKEb3mT9ofE4aAlgv88RwmLLFV19r81fIOpb82/RJYmZsNy/Wo9QrW8Npgk3SiO
9EFTMct6USmRBxdvTwZPssizOo6NAeh88EilAFXpsPf1OctUpB657AHc2EP1Lzv4
0O3Ia75oejcsIlad0Bfelk+IJYTmEPbpJzu85onA78lAEhV6sO26InvZIE9NDwj8
/QUc6R9lxGkhIUTGVBc3LoOrGVG6z6M7mm0v7d+QoIhC
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:38:03 2024 by rpki-client on console-fra.rpki-client.org