Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZU5dsr-5HWRD4wFFlBgvObv4sc0.roa
File: ZU5dsr-5HWRD4wFFlBgvObv4sc0.roa (raw, json)
Hash identifier: C6kcz+gDE5fl9ucYzFVowxpF0njxw7p4Leb7SeHIyl0=
Subject key identifier: 65:4E:5D:B2:BF:B9:1D:64:43:E3:01:45:94:18:2F:39:BB:F8:B1:CD
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018A6A29A2CB948B9D18694DD346F9FC19E9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZU5dsr-5HWRD4wFFlBgvObv4sc0.roa
Signing time: Wed 06 Sep 2023 11:03:48 +0000
ROA not before: Wed 06 Sep 2023 11:03:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206776
IP address blocks: 45.141.156.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6a:29:a2:cb:94:8b:9d:18:69:4d:d3:46:f9:fc:19:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 6 11:03:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=654e5db2bfb91d6443e3014594182f39bbf8b1cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ed:a1:69:07:07:26:a8:76:26:46:95:7e:98:
d7:6e:06:61:32:77:8c:fe:48:59:58:c0:07:40:1d:
f1:65:cb:06:eb:16:3d:4c:e4:cd:11:19:a5:0e:67:
3f:ca:e8:e1:64:86:fb:8c:22:87:48:10:2f:39:cc:
f2:ee:9d:bd:d3:ee:db:ae:c3:12:1c:17:e6:7b:98:
fd:b0:ad:b5:50:82:72:b5:67:ca:51:05:f0:b4:85:
b9:b1:a4:e3:42:96:bb:8f:7b:fa:fe:6f:e6:ff:57:
75:36:47:58:fa:09:c3:92:ac:82:3d:99:25:40:e2:
d6:7c:23:71:a2:14:94:93:b7:aa:a8:2f:28:29:7e:
20:56:de:f2:b6:18:2e:51:90:75:de:a3:0a:df:bf:
e4:7e:27:86:54:cc:af:b6:bd:53:2e:45:28:22:3c:
7a:40:a4:c1:67:be:ff:5a:e4:17:14:83:de:99:da:
aa:05:43:30:2f:e8:95:43:ba:82:3e:6e:db:04:0f:
86:93:00:f5:d2:65:ec:a3:93:16:7d:a8:48:23:c2:
7f:1a:1d:7b:e1:41:30:7f:f6:ca:e3:a5:78:fb:a1:
ed:c6:b5:16:16:ad:3b:86:ca:5d:a9:64:ed:c4:5c:
41:fd:2f:63:59:b8:1b:e1:1b:ec:26:f8:91:12:4a:
9d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:4E:5D:B2:BF:B9:1D:64:43:E3:01:45:94:18:2F:39:BB:F8:B1:CD
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZU5dsr-5HWRD4wFFlBgvObv4sc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.156.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:6f:8c:e7:7c:7b:a5:3d:a4:94:b4:b4:ff:93:56:9d:44:d3:
b9:a2:bc:eb:a7:f5:a9:bb:6e:a1:86:88:9f:6c:1d:9f:25:45:
bf:f6:4f:c1:d5:1e:35:f9:b5:2c:52:d7:4e:5a:ee:e3:d5:a4:
af:0b:8c:bd:9c:73:5c:a0:d8:f4:6c:58:5c:15:a3:97:3d:bf:
42:84:c3:d2:cf:3d:d0:39:0e:ed:72:c5:0e:0a:00:ca:2a:16:
c7:fa:97:b3:7e:52:74:1a:22:72:41:08:fc:0a:4d:e3:ed:b2:
60:1f:52:34:99:be:5e:ae:ee:c3:aa:72:1c:6b:69:0a:73:0e:
c1:06:1a:bd:84:b9:24:75:96:ce:d0:d7:a3:d3:ed:9a:e3:93:
21:cc:23:f0:82:f1:c6:64:b6:d3:e1:89:ee:a4:cb:1a:f4:d3:
02:46:91:6d:4c:7e:0f:56:29:ca:77:e3:60:1e:92:54:9a:2c:
aa:b2:3e:c6:01:16:84:08:88:f4:a9:c2:ea:8f:17:60:db:bd:
2a:ab:7f:3a:e1:58:79:77:ab:3c:3b:1c:87:f3:94:81:cc:bf:
78:4b:9e:5c:4f:39:96:ce:f0:b3:db:f4:67:30:c6:c0:5b:33:
cf:4c:b0:8f:99:9a:ee:a2:e4:db:0a:f8:77:5b:e0:33:cf:4c:
8c:1f:59:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpqKaLLlIudGGlN00b5/BnpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTA2MTEwMzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTRlNWRiMmJmYjkxZDY0NDNlMzAxNDU5NDE4MmYzOWJiZjhiMWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArO2haQcHJqh2JkaVfpjXbgZhMneM
/khZWMAHQB3xZcsG6xY9TOTNERmlDmc/yujhZIb7jCKHSBAvOczy7p290+7brsMS
HBfme5j9sK21UIJytWfKUQXwtIW5saTjQpa7j3v6/m/m/1d1NkdY+gnDkqyCPZkl
QOLWfCNxohSUk7eqqC8oKX4gVt7ythguUZB13qMK37/kfieGVMyvtr1TLkUoIjx6
QKTBZ77/WuQXFIPemdqqBUMwL+iVQ7qCPm7bBA+GkwD10mXso5MWfahII8J/Gh17
4UEwf/bK46V4+6HtxrUWFq07hspdqWTtxFxB/S9jWbgb4RvsJviREkqd/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGVOXbK/uR1kQ+MBRZQYLzm7+LHNMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWlU1ZHNyLTVIV1JENHdGRmxCZ3ZPYnY0c2MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY2cMA0G
CSqGSIb3DQEBCwUAA4IBAQC0b4znfHulPaSUtLT/k1adRNO5orzrp/Wpu26hhoif
bB2fJUW/9k/B1R41+bUsUtdOWu7j1aSvC4y9nHNcoNj0bFhcFaOXPb9ChMPSzz3Q
OQ7tcsUOCgDKKhbH+pezflJ0GiJyQQj8Ck3j7bJgH1I0mb5eru7DqnIca2kKcw7B
Bhq9hLkkdZbO0Nej0+2a45MhzCPwgvHGZLbT4YnupMsa9NMCRpFtTH4PVinKd+Ng
HpJUmiyqsj7GARaECIj0qcLqjxdg270qq3864Vh5d6s8OxyH85SBzL94S55cTzmW
zvCz2/RnMMbAWzPPTLCPmZruouTbCvh3W+Azz0yMH1my
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:12 2024 by rpki-client on console-ams.rpki-client.org