Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/zDh5xXboae4CubmIHuzk8kQTNYk.roa
File: zDh5xXboae4CubmIHuzk8kQTNYk.roa (raw, json)
Hash identifier: 61UE7bAovTChfgsZy/kVuDapZGKvpfJXmssgn50TNWU=
Subject key identifier: CC:38:79:C5:76:E8:69:EE:02:B9:B9:88:1E:EC:E4:F2:44:13:35:89
Certificate issuer: /CN=942588b91da9cca81b49e603a988e2b1eabddc98
Certificate serial: 01856E8B0A12A8A0709928A33D4DEC9DD450
Authority key identifier: 94:25:88:B9:1D:A9:CC:A8:1B:49:E6:03:A9:88:E2:B1:EA:BD:DC:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lCWIuR2pzKgbSeYDqYjiseq93Jg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/zDh5xXboae4CubmIHuzk8kQTNYk.roa
Signing time: Sun 01 Jan 2023 18:14:43 +0000
ROA not before: Sun 01 Jan 2023 18:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8647
IP address blocks: 193.200.175.0/24 maxlen: 24
185.23.164.0/22 maxlen: 22
2a0f:3a00::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:0a:12:a8:a0:70:99:28:a3:3d:4d:ec:9d:d4:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=942588b91da9cca81b49e603a988e2b1eabddc98
Validity
Not Before: Jan 1 18:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc3879c576e869ee02b9b9881eece4f244133589
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:cd:45:e7:ca:1c:81:89:c8:c6:a6:82:e5:5a:
3e:1a:6e:43:8a:dc:95:b5:63:67:af:99:b8:ef:a8:
a9:c4:8f:a0:cb:53:2f:98:9e:86:65:10:03:a5:3f:
03:af:cc:9b:32:86:9f:ed:eb:b4:58:1d:c6:d3:3d:
e2:ce:58:65:a4:2c:8c:63:51:ae:7d:0c:5b:29:62:
ea:36:67:f9:1b:f7:f8:2b:01:64:19:23:9e:c0:c3:
ce:08:71:40:37:3f:21:9f:5f:51:ab:c4:18:e0:b5:
e6:61:2f:ea:15:46:4c:04:e6:a3:68:b1:6f:c6:97:
b9:ec:a8:a6:fe:cd:f6:ec:4d:6e:91:43:47:03:c0:
cf:78:33:c5:16:1c:b9:93:11:26:5b:46:b2:aa:99:
d1:dc:a8:80:10:ec:1d:e0:95:69:fd:ff:81:0e:2f:
98:ab:24:82:c7:fe:3b:8a:aa:b6:d5:fa:9b:91:61:
cb:bb:c3:ce:ce:10:80:6e:c1:39:d1:35:c9:20:61:
65:2e:0c:ab:49:38:2b:47:15:be:82:b0:61:03:6b:
81:f1:61:2d:74:20:32:cc:64:72:91:d7:f3:b8:b0:
f6:22:f4:f1:ec:30:f6:c0:c4:27:6c:2f:73:a4:98:
a3:32:ee:50:64:3b:0c:38:6d:1f:65:86:6b:b2:66:
25:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:38:79:C5:76:E8:69:EE:02:B9:B9:88:1E:EC:E4:F2:44:13:35:89
X509v3 Authority Key Identifier:
keyid:94:25:88:B9:1D:A9:CC:A8:1B:49:E6:03:A9:88:E2:B1:EA:BD:DC:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lCWIuR2pzKgbSeYDqYjiseq93Jg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/zDh5xXboae4CubmIHuzk8kQTNYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/lCWIuR2pzKgbSeYDqYjiseq93Jg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.164.0/22
193.200.175.0/24
IPv6:
2a0f:3a00::/29
Signature Algorithm: sha256WithRSAEncryption
8a:a6:7a:ec:54:92:7a:d1:36:f0:71:b2:0c:4e:ae:a2:cc:c3:
d0:81:94:d4:eb:f5:e6:03:7a:48:26:fc:e1:c4:61:ad:3a:ed:
98:f5:26:fd:a6:d9:6c:bc:7c:88:8c:d2:47:20:5a:4f:22:30:
35:0e:22:a0:34:31:7d:6d:c3:c8:51:3a:29:a3:2c:fe:33:20:
44:70:55:0e:f3:9c:9e:42:e9:87:01:89:9c:28:80:d8:37:ce:
b0:7d:98:20:e7:3c:3f:f2:e8:39:49:22:d9:b2:ae:85:db:64:
e9:b2:1f:e7:4e:f9:b5:14:fa:d9:61:be:f6:51:74:c9:e8:92:
91:3f:d0:60:a3:f6:44:0f:6c:c9:13:c5:f7:e4:1a:bf:82:f3:
aa:4b:1e:14:a4:7f:e6:11:74:9c:7e:b2:33:08:eb:64:70:fe:
08:09:93:bb:9a:a1:e2:31:a3:80:d7:ab:f1:31:0e:f2:b8:d8:
7e:be:56:bb:20:f0:55:d2:bd:46:40:d4:5b:93:7e:3e:31:8d:
53:d4:5a:55:66:41:8c:c2:fc:15:c7:66:ba:57:30:1a:7f:e5:
c7:5e:97:bd:28:86:1c:cf:85:d5:11:a3:91:8c:51:58:fa:dc:
b1:fe:54:b7:14:13:a3:03:4e:7e:d6:c3:36:67:64:e8:a3:3b:
60:bc:ea:ab
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVuiwoSqKBwmSijPU3sndRQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MjU4OGI5MWRhOWNjYTgxYjQ5ZTYwM2E5ODhlMmIxZWFi
ZGRjOTgwHhcNMjMwMTAxMTgxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzM4NzljNTc2ZTg2OWVlMDJiOWI5ODgxZWVjZTRmMjQ0MTMzNTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAis1F58ocgYnIxqaC5Vo+Gm5DityV
tWNnr5m476ipxI+gy1MvmJ6GZRADpT8Dr8ybMoaf7eu0WB3G0z3izlhlpCyMY1Gu
fQxbKWLqNmf5G/f4KwFkGSOewMPOCHFANz8hn19Rq8QY4LXmYS/qFUZMBOajaLFv
xpe57Kim/s327E1ukUNHA8DPeDPFFhy5kxEmW0ayqpnR3KiAEOwd4JVp/f+BDi+Y
qySCx/47iqq21fqbkWHLu8POzhCAbsE50TXJIGFlLgyrSTgrRxW+grBhA2uB8WEt
dCAyzGRykdfzuLD2IvTx7DD2wMQnbC9zpJijMu5QZDsMOG0fZYZrsmYliQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMw4ecV26GnuArm5iB7s5PJEEzWJMB8GA1UdIwQY
MBaAFJQliLkdqcyoG0nmA6mI4rHqvdyYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbENXSXVSMnB6S2diU2VZRHFZamlzZXE5M0pnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC80YmJhN2MtYTgxZi00MGUxLTg4MTQt
NjVkYWFkNjMyOTU3LzEvekRoNXhYYm9hZTRDdWJtSUh1ems4a1FUTllrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC80YmJhN2MtYTgxZi00MGUxLTg4MTQtNjVkYWFkNjMyOTU3
LzEvbENXSXVSMnB6S2diU2VZRHFZamlzZXE5M0pnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuRekAwQA
wcivMA0EAgACMAcDBQMqDzoAMA0GCSqGSIb3DQEBCwUAA4IBAQCKpnrsVJJ60Tbw
cbIMTq6izMPQgZTU6/XmA3pIJvzhxGGtOu2Y9Sb9ptlsvHyIjNJHIFpPIjA1DiKg
NDF9bcPIUTopoyz+MyBEcFUO85yeQumHAYmcKIDYN86wfZgg5zw/8ug5SSLZsq6F
22Tpsh/nTvm1FPrZYb72UXTJ6JKRP9Bgo/ZED2zJE8X35Bq/gvOqSx4UpH/mEXSc
frIzCOtkcP4ICZO7mqHiMaOA16vxMQ7yuNh+vla7IPBV0r1GQNRbk34+MY1T1FpV
ZkGMwvwVx2a6VzAaf+XHXpe9KIYcz4XVEaORjFFY+tyx/lS3FBOjA05+1sM2Z2To
oztgvOqr
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:01:51 2024 by rpki-client on console.sobornost.net