Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/z-K1LyI9qy795ssLdniObwoRtuw.roa
File: z-K1LyI9qy795ssLdniObwoRtuw.roa (raw, json)
Hash identifier: aE60mvwbchgRfBd8b4VkjIpfiimMYh1XhBacQ/jekBU=
Subject key identifier: CF:E2:B5:2F:22:3D:AB:2E:FD:E6:CB:0B:76:78:8E:6F:0A:11:B6:EC
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 018A6FE8FBC8413F909761148F546AFD72F8
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/z-K1LyI9qy795ssLdniObwoRtuw.roa
Signing time: Thu 07 Sep 2023 13:50:54 +0000
ROA not before: Thu 07 Sep 2023 13:50:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196665
IP address blocks: 195.88.52.0/23 maxlen: 23
91.232.117.0/24 maxlen: 24
91.232.118.0/23 maxlen: 23
91.232.116.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6f:e8:fb:c8:41:3f:90:97:61:14:8f:54:6a:fd:72:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Sep 7 13:50:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cfe2b52f223dab2efde6cb0b76788e6f0a11b6ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f1:1c:34:08:5a:61:74:08:34:81:8d:2c:97:
85:61:0c:47:09:52:3c:65:74:38:49:0c:a9:1b:94:
3d:d0:25:48:92:18:5f:11:5c:17:ab:c4:c5:2d:e1:
f2:1c:27:ec:f1:14:20:c6:4d:31:96:cc:81:13:af:
1d:93:64:92:fa:75:56:34:21:cb:38:dc:3a:dc:63:
8c:c4:9f:0d:82:2e:4e:92:1e:01:a5:ac:bb:3f:fb:
42:07:ee:71:81:d7:c5:47:62:f8:a1:32:26:cf:ae:
1b:05:20:f7:26:ff:6e:bf:8f:d3:d5:04:bf:4c:e5:
bf:ee:2b:00:01:83:82:dc:73:d5:d8:39:d4:4a:41:
c6:6e:13:0b:6d:bc:10:f7:64:61:87:48:bd:0b:39:
e5:e1:eb:3e:f1:50:75:26:3d:05:09:b1:a3:c9:00:
18:d7:ec:23:44:9f:66:e3:fa:86:07:a5:3f:35:14:
9a:84:f3:3d:e4:34:e5:51:78:aa:4f:67:69:38:24:
9c:09:3b:e4:57:1a:47:ee:d6:73:68:24:d6:cb:44:
a8:78:93:a4:d2:46:47:f9:46:23:70:21:04:24:a3:
a9:00:4f:86:8a:d2:42:87:81:3a:e9:8d:15:42:de:
9e:32:ef:da:ef:2f:1c:5d:77:d1:3f:f2:21:ce:37:
fe:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:E2:B5:2F:22:3D:AB:2E:FD:E6:CB:0B:76:78:8E:6F:0A:11:B6:EC
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/z-K1LyI9qy795ssLdniObwoRtuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.116.0/22
195.88.52.0/23
Signature Algorithm: sha256WithRSAEncryption
26:0b:a7:2b:d2:ea:71:a8:67:a3:d1:5d:60:30:a1:2e:fd:bb:
68:b3:28:10:c2:c7:b9:ae:63:5d:77:2c:b8:5c:e8:f6:5c:2d:
f8:9c:5a:f7:1d:8b:47:9d:81:83:fe:b5:8d:7a:5a:e3:e1:2e:
51:c1:ec:82:91:e9:db:ee:0d:5c:f0:cb:a1:ea:b5:ca:d2:39:
a5:94:57:fd:de:c0:54:47:79:8e:02:c2:3f:f7:5c:5b:ad:42:
22:91:5a:e2:80:82:2e:3d:03:4f:82:c9:c0:e6:bd:32:aa:0c:
e1:77:27:ce:41:98:c9:71:cc:be:1f:83:91:a9:db:c9:72:70:
2d:4f:a4:dc:08:f7:90:15:d9:32:8e:dd:b0:61:d5:73:52:75:
2b:0b:4f:83:8f:92:e1:c4:a2:81:c2:98:d3:29:71:c3:fc:8f:
55:65:db:9f:42:76:73:80:cd:72:93:a3:ef:f4:3c:f7:1c:f3:
fd:24:2d:e9:f3:3b:39:c2:80:c0:0c:33:59:02:ec:e8:2f:ef:
f3:2a:00:e0:58:5c:c8:20:16:15:20:01:3a:b4:91:0c:3f:fd:
88:8e:e7:aa:24:77:1e:d6:95:f8:11:1a:5f:3b:94:c2:24:2a:
38:e7:ff:8a:e8:97:e1:7c:2b:17:0a:6a:8e:c3:a0:00:99:82:
e6:f0:1b:99
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYpv6PvIQT+Ql2EUj1Rq/XL4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjMwOTA3MTM1MDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmUyYjUyZjIyM2RhYjJlZmRlNmNiMGI3Njc4OGU2ZjBhMTFiNmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPEcNAhaYXQINIGNLJeFYQxHCVI8
ZXQ4SQypG5Q90CVIkhhfEVwXq8TFLeHyHCfs8RQgxk0xlsyBE68dk2SS+nVWNCHL
ONw63GOMxJ8Ngi5Okh4Bpay7P/tCB+5xgdfFR2L4oTImz64bBSD3Jv9uv4/T1QS/
TOW/7isAAYOC3HPV2DnUSkHGbhMLbbwQ92Rhh0i9Cznl4es+8VB1Jj0FCbGjyQAY
1+wjRJ9m4/qGB6U/NRSahPM95DTlUXiqT2dpOCScCTvkVxpH7tZzaCTWy0SoeJOk
0kZH+UYjcCEEJKOpAE+GitJCh4E66Y0VQt6eMu/a7y8cXXfRP/Ihzjf++wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM/itS8iPasu/ebLC3Z4jm8KEbbsMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvei1LMUx5STlxeTc5NXNzTGRuaU9id29SdHV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW+h0AwQB
w1g0MA0GCSqGSIb3DQEBCwUAA4IBAQAmC6cr0upxqGej0V1gMKEu/btosygQwse5
rmNddyy4XOj2XC34nFr3HYtHnYGD/rWNelrj4S5RweyCkenb7g1c8Muh6rXK0jml
lFf93sBUR3mOAsI/91xbrUIikVrigIIuPQNPgsnA5r0yqgzhdyfOQZjJccy+H4OR
qdvJcnAtT6TcCPeQFdkyjt2wYdVzUnUrC0+Dj5LhxKKBwpjTKXHD/I9VZdufQnZz
gM1yk6Pv9Dz3HPP9JC3p8zs5woDADDNZAuzoL+/zKgDgWFzIIBYVIAE6tJEMP/2I
jueqJHce1pX4ERpfO5TCJCo45/+K6JfhfCsXCmqOw6AAmYLm8BuZ
Generated at Tue Jan 2 09:20:54 2024 by rpki-client on console-fra.rpki-client.org