Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/ZG7HdJkVBWUuVGJmv1YT9BIpjWQ.roa
File: ZG7HdJkVBWUuVGJmv1YT9BIpjWQ.roa (raw, json)
Hash identifier: W59F1OPSgsJRX7L0qmGKq1Jn1PVQdmRhbjP3dav7F6Q=
Subject key identifier: 64:6E:C7:74:99:15:05:65:2E:54:62:66:BF:56:13:F4:12:29:8D:64
Certificate issuer: /CN=60ebd4f7ac3d24920de1c1ff1185d9507e9ad078
Certificate serial: 018570396AA75C2A35044D74C6E752B67C2D
Authority key identifier: 60:EB:D4:F7:AC:3D:24:92:0D:E1:C1:FF:11:85:D9:50:7E:9A:D0:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/ZG7HdJkVBWUuVGJmv1YT9BIpjWQ.roa
Signing time: Mon 02 Jan 2023 02:04:48 +0000
ROA not before: Mon 02 Jan 2023 02:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210392
IP address blocks: 109.95.66.0/24 maxlen: 24
109.95.65.0/24 maxlen: 24
109.95.68.0/24 maxlen: 24
109.95.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:6a:a7:5c:2a:35:04:4d:74:c6:e7:52:b6:7c:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60ebd4f7ac3d24920de1c1ff1185d9507e9ad078
Validity
Not Before: Jan 2 02:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=646ec774991505652e546266bf5613f412298d64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:68:b7:d8:7f:45:26:e5:50:14:32:22:21:bb:
93:28:1f:39:65:ca:f8:60:7a:2d:12:68:35:fa:6b:
29:33:8c:84:58:a8:d0:c1:78:1c:e6:02:28:34:28:
41:f5:ac:e7:62:13:0c:fc:1e:e8:89:7a:94:32:74:
02:9f:06:67:51:ef:35:45:f2:f4:a0:1b:cf:3d:c3:
6d:a2:02:44:75:e1:3b:de:c5:23:b0:5a:5a:66:b4:
b2:d6:8d:f2:89:56:3d:89:2e:eb:a6:a3:57:e9:71:
4b:44:63:d2:ef:9a:44:c7:52:d2:a6:d6:fa:6b:5f:
72:d2:d8:ea:c3:ba:e1:b1:2a:a3:80:6a:a2:e8:b3:
2c:29:1f:84:28:ae:54:fb:80:01:e0:41:b2:dc:47:
43:78:84:fc:dd:e4:72:ec:6d:6a:a3:97:b5:19:50:
16:8d:58:db:9c:e8:47:fd:5d:bc:96:79:6a:a3:f7:
c5:6d:f7:e5:70:99:b4:6e:dd:fd:a6:2c:f6:b0:be:
9b:de:f8:2c:9e:c5:8f:fc:e4:5d:04:df:f2:fe:c3:
f8:2b:98:84:8e:18:0e:cb:44:06:4c:ff:f9:44:5b:
dd:ca:f8:0c:3e:16:87:3f:28:47:5e:a2:fc:d0:72:
7b:74:47:ed:1c:4a:b9:5f:05:47:ca:6a:3f:93:f6:
72:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:6E:C7:74:99:15:05:65:2E:54:62:66:BF:56:13:F4:12:29:8D:64
X509v3 Authority Key Identifier:
keyid:60:EB:D4:F7:AC:3D:24:92:0D:E1:C1:FF:11:85:D9:50:7E:9A:D0:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/ZG7HdJkVBWUuVGJmv1YT9BIpjWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/YOvU96w9JJIN4cH_EYXZUH6a0Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.95.65.0-109.95.68.255
Signature Algorithm: sha256WithRSAEncryption
8e:1a:1f:25:eb:71:b5:e2:28:48:a7:d2:ce:9e:53:df:d9:8b:
5a:ba:8c:82:4b:0e:16:a6:d0:df:96:ad:91:28:a7:4f:9e:b8:
0f:91:8c:5b:68:57:5c:91:a6:2c:5e:c4:bf:61:69:64:8a:71:
06:90:c8:3b:83:34:99:85:01:ee:46:2f:92:d0:14:4a:98:4b:
74:35:88:d7:dd:a5:a0:e9:6a:b2:3b:cc:f7:c0:3a:ab:83:9d:
95:e8:ec:ea:51:19:10:91:63:ff:5b:63:fc:82:83:87:f3:ce:
ef:7c:29:60:1e:d3:17:f5:3f:68:7a:8c:3b:57:8e:96:2f:28:
28:ce:25:10:6d:0b:9a:ab:c8:cb:af:af:cb:69:f9:1b:f0:64:
5b:bf:7f:9f:50:6c:ca:92:01:5b:b7:38:1b:53:63:61:a7:df:
45:d9:90:ec:58:b5:82:3d:2d:55:3b:d7:9b:d3:80:54:50:74:
7f:35:36:94:15:a7:ab:fa:ad:bb:82:62:ec:bb:c3:13:c4:f4:
6f:db:2b:19:64:6d:12:50:09:1c:8b:96:fb:7e:10:47:1d:67:
df:17:7e:25:43:ea:a8:9b:ac:cb:e8:7e:a1:b0:e5:bc:51:97:
d2:84:7e:56:c8:27:54:a3:07:69:1e:8b:dc:8e:81:07:97:fe:
b9:57:6d:40
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVwOWqnXCo1BE10xudStnwtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZWJkNGY3YWMzZDI0OTIwZGUxYzFmZjExODVkOTUwN2U5
YWQwNzgwHhcNMjMwMTAyMDIwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDZlYzc3NDk5MTUwNTY1MmU1NDYyNjZiZjU2MTNmNDEyMjk4ZDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGi32H9FJuVQFDIiIbuTKB85Zcr4
YHotEmg1+mspM4yEWKjQwXgc5gIoNChB9aznYhMM/B7oiXqUMnQCnwZnUe81RfL0
oBvPPcNtogJEdeE73sUjsFpaZrSy1o3yiVY9iS7rpqNX6XFLRGPS75pEx1LSptb6
a19y0tjqw7rhsSqjgGqi6LMsKR+EKK5U+4AB4EGy3EdDeIT83eRy7G1qo5e1GVAW
jVjbnOhH/V28lnlqo/fFbfflcJm0bt39piz2sL6b3vgsnsWP/ORdBN/y/sP4K5iE
jhgOy0QGTP/5RFvdyvgMPhaHPyhHXqL80HJ7dEftHEq5XwVHymo/k/ZyfQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGRux3SZFQVlLlRiZr9WE/QSKY1kMB8GA1UdIwQY
MBaAFGDr1PesPSSSDeHB/xGF2VB+mtB4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU92VTk2dzlKSklONGNIX0VZWFpVSDZhMEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi85MDUzNzgtMjI4YS00MWI0LWJjZTgt
ODdkM2IwMjNkOTE5LzEvWkc3SGRKa1ZCV1V1VkdKbXYxWVQ5QklwaldRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi85MDUzNzgtMjI4YS00MWI0LWJjZTgtODdkM2IwMjNkOTE5
LzEvWU92VTk2dzlKSklONGNIX0VZWFpVSDZhMEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABtX0ED
BABtX0QwDQYJKoZIhvcNAQELBQADggEBAI4aHyXrcbXiKEin0s6eU9/Zi1q6jIJL
Dham0N+WrZEop0+euA+RjFtoV1yRpixexL9haWSKcQaQyDuDNJmFAe5GL5LQFEqY
S3Q1iNfdpaDparI7zPfAOquDnZXo7OpRGRCRY/9bY/yCg4fzzu98KWAe0xf1P2h6
jDtXjpYvKCjOJRBtC5qryMuvr8tp+RvwZFu/f59QbMqSAVu3OBtTY2Gn30XZkOxY
tYI9LVU715vTgFRQdH81NpQVp6v6rbuCYuy7wxPE9G/bKxlkbRJQCRyLlvt+EEcd
Z98XfiVD6qibrMvofqGw5bxRl9KEflbIJ1SjB2kei9yOgQeX/rlXbUA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:33 2024 by rpki-client on console-ams.rpki-client.org