Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ZRs-krcWleG5AZOhIoId3PczzUk.roa
File: ZRs-krcWleG5AZOhIoId3PczzUk.roa (raw, json)
Hash identifier: qFHqzHaAsgajJdzN1i2XHGkibMqssUTW0EtMog2WcgY=
Subject key identifier: 65:1B:3E:92:B7:16:95:E1:B9:01:93:A1:22:82:1D:DC:F7:33:CD:49
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018DA6C62C9B8B3ADB644A4D6D9940B95DAA
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ZRs-krcWleG5AZOhIoId3PczzUk.roa
Signing time: Wed 14 Feb 2024 08:40:21 +0000
ROA not before: Wed 14 Feb 2024 08:40:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
81.22.138.0/24 maxlen: 24
81.22.140.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 18:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a6:c6:2c:9b:8b:3a:db:64:4a:4d:6d:99:40:b9:5d:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Feb 14 08:40:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=651b3e92b71695e1b90193a122821ddcf733cd49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2e:a4:9f:21:0f:b6:75:2a:62:3a:83:ef:a4:
b1:43:d2:7a:04:ca:8c:2a:c9:9d:41:04:cf:bb:75:
cf:f3:ec:2e:ee:c2:bc:65:60:1e:0a:44:13:67:70:
db:67:5c:9e:0c:d4:7f:59:10:b1:75:73:1a:cd:25:
f6:f0:08:f5:65:cd:c4:1b:40:d5:23:ff:7e:7e:d1:
ec:d0:4e:49:75:a8:54:a6:af:1c:35:1f:ad:72:7d:
e0:ca:db:85:39:75:fb:5f:93:a6:10:82:ca:ae:14:
3c:03:88:0f:2d:59:3a:f9:33:5b:7b:1b:eb:96:90:
0d:2a:45:79:37:df:47:8b:7b:b7:64:5c:8a:a1:69:
49:55:6c:e1:11:d9:bf:e6:6e:86:a9:fb:79:ef:9b:
6c:fb:73:48:4c:08:b3:00:6c:1b:ba:75:42:a5:68:
d6:a7:80:19:73:55:43:ac:40:fd:71:c7:49:4b:90:
0e:bf:a6:15:ce:5f:a2:5f:56:49:73:f7:67:a3:24:
59:16:d5:18:e3:86:fe:70:55:2d:de:00:f1:8e:98:
8d:d8:4f:9c:3b:6f:66:f4:83:8c:1e:6c:dc:d0:21:
73:8d:33:66:52:b5:cb:b6:be:28:e0:e1:7b:bb:4c:
69:24:83:8a:28:03:09:1f:03:d4:71:a7:5f:2a:8a:
46:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:1B:3E:92:B7:16:95:E1:B9:01:93:A1:22:82:1D:DC:F7:33:CD:49
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ZRs-krcWleG5AZOhIoId3PczzUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
09:81:fc:be:33:b9:0e:a8:4e:2d:88:be:17:f7:cc:1d:b1:9f:
1d:54:48:26:94:a6:86:e2:26:6e:16:0f:a9:0b:34:e9:a7:7e:
f3:2e:c4:60:8b:39:de:e5:95:15:ea:f7:aa:7d:ca:e2:a0:83:
2c:c6:2e:ce:4d:00:d8:ce:58:bc:58:c6:37:36:f6:f5:f3:3b:
2a:9b:92:dc:70:1f:bf:69:fc:7d:d4:b3:5c:a0:4c:55:2d:04:
06:24:97:38:3b:e3:3f:f1:e5:c4:da:5a:ea:0b:89:7b:23:1a:
09:25:b2:b9:d5:41:75:56:9a:94:3a:58:7c:61:f0:f4:06:6a:
b7:8c:37:da:44:5c:92:eb:5d:b4:73:ab:62:fc:ea:83:43:cc:
06:86:3c:dd:35:22:35:38:3c:48:e3:ad:f9:35:a8:f2:0a:c5:
83:57:74:86:30:30:da:06:ec:85:ad:54:be:54:19:58:7c:da:
9f:60:0c:4c:44:f4:3e:c9:27:ce:6a:66:a2:3e:c8:35:6e:e4:
c2:f4:21:2c:20:1b:b3:77:07:81:53:41:ea:da:3d:55:8b:8a:
84:4c:62:1a:18:d9:59:b7:0e:c4:d3:a4:16:c0:af:3c:e8:b4:
b4:21:74:fa:5d:43:f6:bf:f7:91:b6:54:57:a3:fe:7c:47:25:
d7:5b:c7:6b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2mxiybizrbZEpNbZlAuV2qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMjE0MDg0MDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTFiM2U5MmI3MTY5NWUxYjkwMTkzYTEyMjgyMWRkY2Y3MzNjZDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzi6knyEPtnUqYjqD76SxQ9J6BMqM
KsmdQQTPu3XP8+wu7sK8ZWAeCkQTZ3DbZ1yeDNR/WRCxdXMazSX28Aj1Zc3EG0DV
I/9+ftHs0E5JdahUpq8cNR+tcn3gytuFOXX7X5OmEILKrhQ8A4gPLVk6+TNbexvr
lpANKkV5N99Hi3u3ZFyKoWlJVWzhEdm/5m6Gqft575ts+3NITAizAGwbunVCpWjW
p4AZc1VDrED9ccdJS5AOv6YVzl+iX1ZJc/dnoyRZFtUY44b+cFUt3gDxjpiN2E+c
O29m9IOMHmzc0CFzjTNmUrXLtr4o4OF7u0xpJIOKKAMJHwPUcadfKopG7QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGUbPpK3FpXhuQGToSKCHdz3M81JMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvWlJzLWtyY1dsZUc1QVpPaElvSWQzUGN6elVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDURaIAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQAJgfy+M7kOqE4tiL4X98wdsZ8d
VEgmlKaG4iZuFg+pCzTpp37zLsRgizne5ZUV6veqfcrioIMsxi7OTQDYzli8WMY3
Nvb18zsqm5LccB+/afx91LNcoExVLQQGJJc4O+M/8eXE2lrqC4l7IxoJJbK51UF1
VpqUOlh8YfD0Bmq3jDfaRFyS6120c6ti/OqDQ8wGhjzdNSI1ODxI4635NajyCsWD
V3SGMDDaBuyFrVS+VBlYfNqfYAxMRPQ+ySfOamaiPsg1buTC9CEsIBuzdweBU0Hq
2j1Vi4qETGIaGNlZtw7E06QWwK886LS0IXT6XUP2v/eRtlRXo/58RyXXW8dr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org