Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZwLH7dHXvp2_HzQ01gV-ht96RX4.roa
File: ZwLH7dHXvp2_HzQ01gV-ht96RX4.roa (raw, json)
Hash identifier: 5ZV4PYi9MS/X03HZcg8v7JSaDm71FnYEktCoZ72M8p8=
Subject key identifier: 67:02:C7:ED:D1:D7:BE:9D:BF:1F:34:34:D6:05:7E:86:DF:7A:45:7E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018707EA49EF1813E8F3D5C381568F6AA3F1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZwLH7dHXvp2_HzQ01gV-ht96RX4.roa
Signing time: Wed 22 Mar 2023 06:03:27 +0000
ROA not before: Wed 22 Mar 2023 06:03:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211252
IP address blocks: 194.87.151.0/24 maxlen: 24
195.133.18.0/24 maxlen: 24
195.133.38.0/24 maxlen: 24
194.87.84.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:07:ea:49:ef:18:13:e8:f3:d5:c3:81:56:8f:6a:a3:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 22 06:03:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6702c7edd1d7be9dbf1f3434d6057e86df7a457e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a6:db:59:f3:b3:16:49:58:36:fc:ea:1d:8a:
16:8d:cb:03:ea:2a:3c:03:74:8a:87:b8:5f:b1:ca:
d9:a4:90:72:82:52:79:89:85:88:9d:d2:12:cb:f3:
df:d4:ce:f2:f5:b1:90:67:e8:db:d1:52:1b:a1:18:
d3:ae:6a:bf:7e:90:27:cc:ec:1b:91:f1:02:30:ac:
50:ca:9c:d9:83:e7:9c:c9:70:3c:b9:0a:a8:9b:4c:
8d:87:2e:8d:46:52:20:e8:31:e2:d2:82:85:4e:11:
6b:cf:1f:b1:fe:c4:16:92:a2:01:3c:8c:6d:74:97:
a8:59:46:5e:65:cb:78:5d:c7:d5:6d:3b:81:48:c6:
27:62:c3:07:3c:48:6a:de:cb:6e:01:92:4f:5d:65:
e9:6f:8d:81:95:7c:8f:8d:a9:64:4d:c3:4d:96:48:
ec:e8:5f:75:5d:e6:a6:19:24:fd:a6:2b:e6:45:99:
dd:04:ef:69:e1:11:c7:2e:6b:d8:f9:c2:45:b2:7b:
32:00:3d:31:7c:f8:79:a0:ca:f1:6e:0c:93:c1:00:
1d:e4:97:2a:06:f0:44:18:a2:d3:53:63:75:67:2b:
da:d9:1d:3c:9a:81:ef:47:7d:79:ed:c5:37:11:84:
f2:33:cd:2c:9a:e6:63:30:6c:a2:04:82:f3:da:34:
97:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:02:C7:ED:D1:D7:BE:9D:BF:1F:34:34:D6:05:7E:86:DF:7A:45:7E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZwLH7dHXvp2_HzQ01gV-ht96RX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.84.0/22
194.87.151.0/24
195.133.18.0/24
195.133.38.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:f5:1b:ec:fb:51:2b:d9:b5:12:81:b3:fb:5b:1e:d6:56:a8:
22:00:06:95:fa:79:67:20:07:01:3a:1f:ad:26:26:a4:a1:10:
d9:c4:13:b3:c4:ad:bc:54:a0:48:a2:bd:7c:dd:bc:a0:79:dd:
f7:6b:bd:b7:57:ef:53:b1:7d:f9:96:e2:62:e3:0a:3b:c5:09:
7b:d6:63:9d:e6:d1:4f:28:7c:e4:94:70:7b:f0:10:4b:34:c0:
71:30:c3:68:0c:14:07:91:68:2d:44:0a:01:97:d3:c4:1b:f9:
c7:76:66:66:28:b7:db:25:30:7e:51:cc:d7:da:92:3c:51:4f:
ca:a3:30:79:bf:8a:7d:85:fb:5e:92:30:51:3b:a4:02:ae:8e:
a7:04:df:f2:d2:56:2c:42:e6:85:d7:f9:c9:4c:83:60:0f:96:
b8:d7:4b:d7:d7:f0:a5:ff:b2:8d:f4:bf:3d:f9:47:2c:03:36:
65:0a:0a:f8:73:e4:60:93:7f:d9:ab:84:67:8a:94:1d:99:87:
e1:ef:b8:1f:d9:ef:05:46:04:cb:78:47:33:fe:9a:5c:08:b8:
38:d1:bd:cf:1f:b8:51:70:22:5f:d3:7f:59:12:d9:64:0d:bc:
7c:74:7c:17:54:de:cb:bd:0e:51:f6:9a:0c:e7:b9:ed:4e:63:
fb:3f:2e:fa
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYcH6knvGBPo89XDgVaPaqPxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzIyMDYwMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzAyYzdlZGQxZDdiZTlkYmYxZjM0MzRkNjA1N2U4NmRmN2E0NTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkabbWfOzFklYNvzqHYoWjcsD6io8
A3SKh7hfscrZpJByglJ5iYWIndISy/Pf1M7y9bGQZ+jb0VIboRjTrmq/fpAnzOwb
kfECMKxQypzZg+ecyXA8uQqom0yNhy6NRlIg6DHi0oKFThFrzx+x/sQWkqIBPIxt
dJeoWUZeZct4XcfVbTuBSMYnYsMHPEhq3stuAZJPXWXpb42BlXyPjalkTcNNlkjs
6F91XeamGST9pivmRZndBO9p4RHHLmvY+cJFsnsyAD0xfPh5oMrxbgyTwQAd5Jcq
BvBEGKLTU2N1Zyva2R08moHvR3157cU3EYTyM80smuZjMGyiBILz2jSXZQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGcCx+3R176dvx80NNYFfobfekV+MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWndMSDdkSFh2cDJfSHpRMDFnVi1odDk2Ulg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCwldUAwQA
wleXAwQAw4USAwQAw4UmMA0GCSqGSIb3DQEBCwUAA4IBAQAM9Rvs+1Er2bUSgbP7
Wx7WVqgiAAaV+nlnIAcBOh+tJiakoRDZxBOzxK28VKBIor183byged33a723V+9T
sX35luJi4wo7xQl71mOd5tFPKHzklHB78BBLNMBxMMNoDBQHkWgtRAoBl9PEG/nH
dmZmKLfbJTB+UczX2pI8UU/KozB5v4p9hftekjBRO6QCro6nBN/y0lYsQuaF1/nJ
TINgD5a410vX1/Cl/7KN9L89+UcsAzZlCgr4c+Rgk3/Zq4RnipQdmYfh77gf2e8F
RgTLeEcz/ppcCLg40b3PH7hRcCJf039ZEtlkDbx8dHwXVN7LvQ5R9poM57ntTmP7
Py76
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:06 2023 by rpki-client on console-fra.rpki-client.org