Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/03f9ee-53e3-4f69-b8b0-c138e5c27c2b/1/zfk2e4b8f5Jai8nhcHgWOpNpqDk.roa
File: zfk2e4b8f5Jai8nhcHgWOpNpqDk.roa (raw, json)
Hash identifier: /IqmDijrg8CoAfd/ZqD0Qv8sXi811TSzMrng9AGimQ8=
Subject key identifier: CD:F9:36:7B:86:FC:7F:92:5A:8B:C9:E1:70:78:16:3A:93:69:A8:39
Certificate issuer: /CN=521aa024758d8d104e1179c55039816636afe298
Certificate serial: 01856CEF393DD42E3684512E0D5BBCA2F355
Authority key identifier: 52:1A:A0:24:75:8D:8D:10:4E:11:79:C5:50:39:81:66:36:AF:E2:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UhqgJHWNjRBOEXnFUDmBZjav4pg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/03f9ee-53e3-4f69-b8b0-c138e5c27c2b/1/zfk2e4b8f5Jai8nhcHgWOpNpqDk.roa
Signing time: Sun 01 Jan 2023 10:44:55 +0000
ROA not before: Sun 01 Jan 2023 10:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20626
IP address blocks: 185.75.40.0/22 maxlen: 22
83.216.96.0/19 maxlen: 19
62.168.128.0/19 maxlen: 19
2001:b58::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:39:3d:d4:2e:36:84:51:2e:0d:5b:bc:a2:f3:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521aa024758d8d104e1179c55039816636afe298
Validity
Not Before: Jan 1 10:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cdf9367b86fc7f925a8bc9e17078163a9369a839
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:53:18:f2:3a:96:9f:a3:c0:fe:3d:ac:bb:eb:
e7:6a:86:89:68:78:60:c1:7d:38:3b:ce:8b:ee:5a:
66:6b:1b:ae:90:f7:3f:f7:31:ef:48:db:b4:c7:25:
9f:c0:64:22:59:58:66:ff:49:2b:ff:30:30:ab:e7:
49:40:1f:5d:35:f2:0a:71:fa:02:e1:5c:04:06:6d:
42:ba:6b:bd:5c:15:46:ae:19:b5:fa:9a:6a:ee:71:
25:d6:c1:c9:a4:00:f5:52:89:50:b0:8d:30:b1:72:
f3:19:2d:73:8f:f4:e4:41:c9:20:df:89:71:81:19:
f1:0d:eb:fa:7f:e1:45:83:c0:81:66:b2:f8:48:93:
0a:9c:e6:33:f1:05:4d:07:39:b3:21:52:d0:87:31:
ae:8a:47:8e:54:48:2b:a0:56:f3:c7:eb:6c:f5:8b:
cb:b3:6b:05:9f:59:df:3b:bb:35:90:36:b8:e8:3f:
40:51:cd:f8:ea:ac:81:c6:36:49:4e:03:1f:a6:73:
f1:2c:2d:41:1c:b7:01:14:14:92:0f:31:eb:d2:52:
ab:e7:b8:00:b4:6e:4b:12:d8:33:74:0e:d7:29:f1:
ec:50:52:84:08:6d:23:48:4f:91:04:13:12:8d:35:
d1:8c:d1:40:95:e5:39:31:52:c3:73:dd:e9:57:d7:
85:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:F9:36:7B:86:FC:7F:92:5A:8B:C9:E1:70:78:16:3A:93:69:A8:39
X509v3 Authority Key Identifier:
keyid:52:1A:A0:24:75:8D:8D:10:4E:11:79:C5:50:39:81:66:36:AF:E2:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UhqgJHWNjRBOEXnFUDmBZjav4pg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/03f9ee-53e3-4f69-b8b0-c138e5c27c2b/1/zfk2e4b8f5Jai8nhcHgWOpNpqDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/03f9ee-53e3-4f69-b8b0-c138e5c27c2b/1/UhqgJHWNjRBOEXnFUDmBZjav4pg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.168.128.0/19
83.216.96.0/19
185.75.40.0/22
IPv6:
2001:b58::/29
Signature Algorithm: sha256WithRSAEncryption
5c:c6:ea:e1:38:c9:ce:63:31:6b:52:0e:bd:3c:01:cc:b5:6a:
51:e2:88:31:02:b6:3b:c5:47:55:1f:5c:2b:7d:f3:71:91:26:
16:b7:ea:a9:15:f3:7b:0e:ea:db:52:cb:1a:ba:88:ad:ee:f6:
75:b4:26:52:1f:df:4f:c0:2d:e2:fe:6d:68:7f:ca:70:cd:5a:
9d:81:39:10:66:5b:37:a1:8c:10:2a:17:eb:8c:65:1d:2d:57:
66:68:27:df:3c:64:a4:cd:f2:8b:37:9f:ab:9e:1d:86:51:99:
4c:81:b6:55:2c:4f:bc:38:0c:cd:9b:3a:c1:1f:ec:51:c8:b3:
1b:eb:01:4f:c5:f9:54:94:be:9b:00:49:ee:f0:52:8a:23:d5:
44:65:74:b9:14:f7:30:3e:c3:be:f4:c9:1e:d4:f3:af:73:08:
df:ac:7c:72:6a:a9:b3:50:39:42:1a:d8:5b:b0:5a:67:6e:50:
77:de:09:60:c9:da:4b:8c:97:97:27:48:7d:60:5b:57:f4:e4:
d8:82:49:ee:1e:d3:3a:a1:50:ba:6e:14:29:0e:ee:9c:49:5a:
ba:28:81:3a:48:b4:96:a3:12:f7:f5:12:b9:7d:bd:02:60:1d:
49:58:33:c2:f4:93:12:5e:9f:ff:e0:df:a6:96:0e:d8:16:c6:
3d:b4:a6:38
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVs7zk91C42hFEuDVu8ovNVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWFhMDI0NzU4ZDhkMTA0ZTExNzljNTUwMzk4MTY2MzZh
ZmUyOTgwHhcNMjMwMTAxMTA0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGY5MzY3Yjg2ZmM3ZjkyNWE4YmM5ZTE3MDc4MTYzYTkzNjlhODM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVMY8jqWn6PA/j2su+vnaoaJaHhg
wX04O86L7lpmaxuukPc/9zHvSNu0xyWfwGQiWVhm/0kr/zAwq+dJQB9dNfIKcfoC
4VwEBm1Cumu9XBVGrhm1+ppq7nEl1sHJpAD1UolQsI0wsXLzGS1zj/TkQckg34lx
gRnxDev6f+FFg8CBZrL4SJMKnOYz8QVNBzmzIVLQhzGuikeOVEgroFbzx+ts9YvL
s2sFn1nfO7s1kDa46D9AUc346qyBxjZJTgMfpnPxLC1BHLcBFBSSDzHr0lKr57gA
tG5LEtgzdA7XKfHsUFKECG0jSE+RBBMSjTXRjNFAleU5MVLDc93pV9eFoQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFM35NnuG/H+SWovJ4XB4FjqTaag5MB8GA1UdIwQY
MBaAFFIaoCR1jY0QThF5xVA5gWY2r+KYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWhxZ0pIV05qUkJPRVhuRlVEbUJaamF2NHBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8wM2Y5ZWUtNTNlMy00ZjY5LWI4YjAt
YzEzOGU1YzI3YzJiLzEvemZrMmU0YjhmNUphaThuaGNIZ1dPcE5wcURrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8wM2Y5ZWUtNTNlMy00ZjY5LWI4YjAtYzEzOGU1YzI3YzJi
LzEvVWhxZ0pIV05qUkJPRVhuRlVEbUJaamF2NHBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFPqiAAwQF
U9hgAwQCuUsoMA0EAgACMAcDBQMgAQtYMA0GCSqGSIb3DQEBCwUAA4IBAQBcxurh
OMnOYzFrUg69PAHMtWpR4ogxArY7xUdVH1wrffNxkSYWt+qpFfN7DurbUssauoit
7vZ1tCZSH99PwC3i/m1of8pwzVqdgTkQZls3oYwQKhfrjGUdLVdmaCffPGSkzfKL
N5+rnh2GUZlMgbZVLE+8OAzNmzrBH+xRyLMb6wFPxflUlL6bAEnu8FKKI9VEZXS5
FPcwPsO+9Mke1POvcwjfrHxyaqmzUDlCGthbsFpnblB33glgydpLjJeXJ0h9YFtX
9OTYgknuHtM6oVC6bhQpDu6cSVq6KIE6SLSWoxL39RK5fb0CYB1JWDPC9JMSXp//
4N+mlg7YFsY9tKY4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:57 2024 by rpki-client on console-fra.rpki-client.org