Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/ZNr-CJyUS6t73-ZYYJ397Y2MBFs.roa
File: ZNr-CJyUS6t73-ZYYJ397Y2MBFs.roa (raw, json)
Hash identifier: zTibTEEGlmThcGmEiDnV909Sxbhw+p4xMP6wXvQ8s2c=
Subject key identifier: 64:DA:FE:08:9C:94:4B:AB:7B:DF:E6:58:60:9D:FD:ED:8D:8C:04:5B
Certificate issuer: /CN=1cf2ec825fa6381e8e94fd39b06ea38b63e41a10
Certificate serial: 0186B7887C7319EFB469F9A857FB48C79113
Authority key identifier: 1C:F2:EC:82:5F:A6:38:1E:8E:94:FD:39:B0:6E:A3:8B:63:E4:1A:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HPLsgl-mOB6OlP05sG6ji2PkGhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/ZNr-CJyUS6t73-ZYYJ397Y2MBFs.roa
Signing time: Mon 06 Mar 2023 15:27:00 +0000
ROA not before: Mon 06 Mar 2023 15:27:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198949
IP address blocks: 185.78.60.0/22 maxlen: 24
170.133.0.0/18 maxlen: 24
91.106.128.0/18 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b7:88:7c:73:19:ef:b4:69:f9:a8:57:fb:48:c7:91:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cf2ec825fa6381e8e94fd39b06ea38b63e41a10
Validity
Not Before: Mar 6 15:27:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64dafe089c944bab7bdfe658609dfded8d8c045b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:3a:61:0e:94:a3:85:ea:31:d4:51:0f:f3:2e:
69:fc:fa:1b:37:8c:33:c7:4b:63:a6:ef:2b:2d:ad:
ab:8d:a6:dc:b7:18:7f:3f:ef:35:1d:4f:11:54:e4:
f2:59:7f:a2:12:2d:17:dc:93:be:68:70:a7:42:f2:
c6:9f:36:2d:af:4c:c0:67:a3:67:b0:3d:63:49:c3:
fe:87:35:b6:a6:3e:84:18:a7:33:14:0b:b2:a6:d2:
99:04:da:19:29:ef:c0:30:e0:2d:88:6b:85:d0:2c:
57:1e:46:c7:8a:5f:cf:16:6d:7f:ae:f0:86:21:df:
e0:29:d7:6e:e1:ab:37:de:b5:bb:1d:08:74:10:53:
80:d5:53:2c:93:0c:28:ad:6a:4e:34:aa:a5:d7:2d:
d4:b7:d8:9c:2d:b4:52:ce:a7:f3:d7:ab:fa:c9:ae:
db:99:ec:6d:c5:aa:5c:68:73:e2:e8:d3:77:45:bc:
a9:98:5d:13:e0:30:ce:98:34:f4:fb:dc:db:0e:90:
39:ca:df:2e:9c:97:3b:54:66:81:4f:e7:36:24:d9:
16:e0:4f:07:ea:55:0e:e6:ac:17:3e:6d:1b:94:82:
a9:19:47:66:7d:16:10:6d:55:67:77:22:a5:ff:66:
57:5c:3a:51:5f:35:a5:c3:bc:df:e7:9d:c8:15:ff:
4a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:DA:FE:08:9C:94:4B:AB:7B:DF:E6:58:60:9D:FD:ED:8D:8C:04:5B
X509v3 Authority Key Identifier:
keyid:1C:F2:EC:82:5F:A6:38:1E:8E:94:FD:39:B0:6E:A3:8B:63:E4:1A:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HPLsgl-mOB6OlP05sG6ji2PkGhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/ZNr-CJyUS6t73-ZYYJ397Y2MBFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/HPLsgl-mOB6OlP05sG6ji2PkGhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.128.0/18
170.133.0.0/18
185.78.60.0/22
Signature Algorithm: sha256WithRSAEncryption
29:4e:00:ea:ff:f1:ef:61:9c:ef:71:25:3a:ed:64:4d:76:59:
24:e5:7c:22:bc:73:e3:61:13:64:c8:74:49:b7:b1:2d:0c:e4:
d2:c9:74:20:14:97:cd:77:88:c7:aa:01:49:c8:7a:1a:24:42:
89:10:a5:d1:1a:ac:69:c8:86:d3:c4:c0:19:34:24:37:27:16:
7a:0d:c1:61:58:55:74:84:54:8e:ce:b3:8c:e9:3c:88:1c:c7:
56:7d:a8:b9:b0:63:d8:e1:90:d6:64:49:7d:d3:52:ee:1e:3c:
e2:a2:13:9e:e4:36:69:3e:53:77:21:2e:87:3a:d5:fd:d4:09:
16:de:ae:65:df:2b:98:29:5a:dd:2f:de:63:78:2f:67:a6:5b:
92:df:63:8a:7f:14:0f:2b:a3:df:f1:6e:0d:d9:f5:3d:13:b3:
31:83:6a:77:28:48:68:fa:14:e2:27:e2:3b:7e:f1:01:84:06:
ec:aa:2a:6f:ce:e7:a3:46:f7:4c:1a:13:c7:53:70:1e:ad:22:
78:2d:c4:3e:fa:f9:03:60:fb:0b:8d:c4:d5:d5:af:78:95:86:
a6:9d:21:39:d8:5d:67:4b:f7:e3:b9:4f:45:87:df:87:57:b7:
51:92:24:74:54:e9:45:5c:f4:9c:e7:03:e1:c6:ed:72:9e:98:
f2:2d:0e:b9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYa3iHxzGe+0afmoV/tIx5ETMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZjJlYzgyNWZhNjM4MWU4ZTk0ZmQzOWIwNmVhMzhiNjNl
NDFhMTAwHhcNMjMwMzA2MTUyNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGRhZmUwODljOTQ0YmFiN2JkZmU2NTg2MDlkZmRlZDhkOGMwNDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzphDpSjheox1FEP8y5p/PobN4wz
x0tjpu8rLa2rjabctxh/P+81HU8RVOTyWX+iEi0X3JO+aHCnQvLGnzYtr0zAZ6Nn
sD1jScP+hzW2pj6EGKczFAuyptKZBNoZKe/AMOAtiGuF0CxXHkbHil/PFm1/rvCG
Id/gKddu4as33rW7HQh0EFOA1VMskwworWpONKql1y3Ut9icLbRSzqfz16v6ya7b
mextxapcaHPi6NN3RbypmF0T4DDOmDT0+9zbDpA5yt8unJc7VGaBT+c2JNkW4E8H
6lUO5qwXPm0blIKpGUdmfRYQbVVndyKl/2ZXXDpRXzWlw7zf553IFf9KlwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGTa/giclEure9/mWGCd/e2NjARbMB8GA1UdIwQY
MBaAFBzy7IJfpjgejpT9ObBuo4tj5BoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFBMc2dsLW1PQjZPbFAwNXNHNmppMlBrR2hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hMDA5ZTgtMmRjNy00ZWY4LWE1Y2Ut
YzRjNjM5ODNiNTBjLzEvWk5yLUNKeVVTNnQ3My1aWVlKMzk3WTJNQkZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hMDA5ZTgtMmRjNy00ZWY4LWE1Y2UtYzRjNjM5ODNiNTBj
LzEvSFBMc2dsLW1PQjZPbFAwNXNHNmppMlBrR2hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQGW2qAAwQG
qoUAAwQCuU48MA0GCSqGSIb3DQEBCwUAA4IBAQApTgDq//HvYZzvcSU67WRNdlkk
5XwivHPjYRNkyHRJt7EtDOTSyXQgFJfNd4jHqgFJyHoaJEKJEKXRGqxpyIbTxMAZ
NCQ3JxZ6DcFhWFV0hFSOzrOM6TyIHMdWfai5sGPY4ZDWZEl901LuHjziohOe5DZp
PlN3IS6HOtX91AkW3q5l3yuYKVrdL95jeC9npluS32OKfxQPK6Pf8W4N2fU9E7Mx
g2p3KEho+hTiJ+I7fvEBhAbsqipvzuejRvdMGhPHU3AerSJ4LcQ++vkDYPsLjcTV
1a94lYamnSE52F1nS/fjuU9Fh9+HV7dRkiR0VOlFXPSc5wPhxu1ynpjyLQ65
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:20 2024 by rpki-client on console-ams.rpki-client.org