Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/zb_kTmwATw7pNLbnZOvqPGbfuuQ.roa
File: zb_kTmwATw7pNLbnZOvqPGbfuuQ.roa (raw, json)
Hash identifier: LI9aDLwiXGOVlrrvzFkh5j8zl44CNakdckSTpQLtSvM=
Subject key identifier: CD:BF:E4:4E:6C:00:4F:0E:E9:34:B6:E7:64:EB:EA:3C:66:DF:BA:E4
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018ACB685AB13DCD2CF09D5D57F0DF23812D
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/zb_kTmwATw7pNLbnZOvqPGbfuuQ.roa
Signing time: Mon 25 Sep 2023 08:15:28 +0000
ROA not before: Mon 25 Sep 2023 08:15:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.22.140.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
81.22.132.0/24 maxlen: 24
81.22.128.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Sep 2023 12:19:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cb:68:5a:b1:3d:cd:2c:f0:9d:5d:57:f0:df:23:81:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Sep 25 08:15:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cdbfe44e6c004f0ee934b6e764ebea3c66dfbae4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:20:c1:96:61:aa:14:0a:0e:dc:1d:2f:81:3b:
5a:ec:a8:49:03:ce:89:e4:4e:76:c2:f5:7a:65:98:
ff:4d:37:91:60:9f:b5:c9:51:bb:60:fe:72:6a:12:
1b:a0:a3:44:c2:bc:90:86:5e:83:77:86:cc:74:53:
9f:d7:b3:ad:3a:26:28:2e:3f:30:12:f4:72:46:2c:
61:68:5c:f6:b2:71:0f:b6:07:d4:6a:b4:8b:94:88:
5f:7c:27:a0:20:5c:15:fc:c0:c6:a4:93:e7:22:9d:
ab:8b:78:07:0e:a2:00:aa:0e:ad:ef:84:0d:f8:8a:
09:b7:9a:a4:50:54:67:d7:c9:9b:63:ee:d6:37:9f:
62:fc:d2:4e:e3:9a:a9:45:28:2e:8f:d7:18:5a:a5:
42:13:ea:31:08:e9:8f:91:d0:54:70:eb:b2:97:78:
8b:9a:30:4c:22:3d:c3:c9:ce:bd:fa:bf:a8:6d:ca:
41:d9:08:bc:44:9b:bd:5a:d4:9c:b6:47:dd:ae:c9:
9b:bf:1d:f5:b0:a0:9b:db:ab:b5:00:16:3e:f6:d1:
27:77:a0:dc:b2:72:c2:5c:2e:38:f5:1d:fb:d8:0a:
1a:3b:36:57:1e:cc:c5:58:fb:3f:ee:a6:33:04:c0:
38:00:62:6b:b7:75:7a:d9:b4:88:84:c1:fe:35:75:
b8:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:BF:E4:4E:6C:00:4F:0E:E9:34:B6:E7:64:EB:EA:3C:66:DF:BA:E4
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/zb_kTmwATw7pNLbnZOvqPGbfuuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0/24
81.22.132.0/24
81.22.140.0/22
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:b7:65:0b:81:52:3d:c8:2e:f4:c9:23:a2:1d:db:55:b8:8d:
8a:ee:64:c0:fc:a2:74:2b:b4:4a:6b:33:97:50:82:51:07:72:
4d:2a:37:ec:68:a3:17:56:e2:46:46:cc:5b:d3:2f:66:a5:ae:
d9:43:56:f1:8c:b4:11:ed:0e:02:af:10:8b:fd:26:3b:59:81:
f0:ac:71:bd:e7:fd:e5:59:5c:e0:37:5f:52:75:a5:b5:b1:57:
bc:5f:0f:63:e9:55:74:49:ca:85:f0:e7:26:78:75:1d:9d:e0:
79:d8:03:fd:8c:fb:76:2a:36:bf:ce:b3:20:b5:f5:95:e6:52:
d1:b4:0b:bd:04:b7:ea:2e:79:fb:d9:80:6d:1f:29:b5:44:0f:
3e:03:25:8b:e7:c7:24:38:6d:55:d2:c3:78:a1:81:38:4b:30:
25:86:6e:fd:61:c2:29:6c:96:53:1a:bd:83:ae:59:03:3c:d0:
8d:3d:33:f0:bb:67:3f:08:5b:7a:22:15:76:1d:a7:d9:48:67:
70:47:49:59:01:db:7b:cb:4d:1f:e4:86:66:3a:5a:16:16:76:
5c:27:c0:3a:9a:b3:84:31:a8:f7:b6:5c:78:96:17:0a:1a:ee:
ea:25:14:9b:c0:15:59:63:f1:ea:19:17:3b:70:bf:0b:93:d1:
55:24:1c:de
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYrLaFqxPc0s8J1dV/DfI4EtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwOTI1MDgxNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGJmZTQ0ZTZjMDA0ZjBlZTkzNGI2ZTc2NGViZWEzYzY2ZGZiYWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCDBlmGqFAoO3B0vgTta7KhJA86J
5E52wvV6ZZj/TTeRYJ+1yVG7YP5yahIboKNEwryQhl6Dd4bMdFOf17OtOiYoLj8w
EvRyRixhaFz2snEPtgfUarSLlIhffCegIFwV/MDGpJPnIp2ri3gHDqIAqg6t74QN
+IoJt5qkUFRn18mbY+7WN59i/NJO45qpRSguj9cYWqVCE+oxCOmPkdBUcOuyl3iL
mjBMIj3Dyc69+r+obcpB2Qi8RJu9WtSctkfdrsmbvx31sKCb26u1ABY+9tEnd6Dc
snLCXC449R372AoaOzZXHszFWPs/7qYzBMA4AGJrt3V62bSIhMH+NXW4/QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFM2/5E5sAE8O6TS252Tr6jxm37rkMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvemJfa1Rtd0FUdzdwTkxiblpPdnFQR2JmdXVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAURaAAwQA
URaEAwQCURaMAwQCWbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQAtt2ULgVI9
yC70ySOiHdtVuI2K7mTA/KJ0K7RKazOXUIJRB3JNKjfsaKMXVuJGRsxb0y9mpa7Z
Q1bxjLQR7Q4CrxCL/SY7WYHwrHG95/3lWVzgN19SdaW1sVe8Xw9j6VV0ScqF8Ocm
eHUdneB52AP9jPt2Kja/zrMgtfWV5lLRtAu9BLfqLnn72YBtHym1RA8+AyWL58ck
OG1V0sN4oYE4SzAlhm79YcIpbJZTGr2DrlkDPNCNPTPwu2c/CFt6IhV2HafZSGdw
R0lZAdt7y00f5IZmOloWFnZcJ8A6mrOEMaj3tlx4lhcKGu7qJRSbwBVZY/HqGRc7
cL8Lk9FVJBze
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:47 2024 by rpki-client on console-ams.rpki-client.org