Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/ZHFY-oW5KUL9Fg7SgZYDO7bM4DM.roa
File: ZHFY-oW5KUL9Fg7SgZYDO7bM4DM.roa (raw, json)
Hash identifier: T8ZCL4cVRujjyCA8fBjhgnPq50vNc/UG4Ksed7i9j3A=
Subject key identifier: 64:71:58:FA:85:B9:29:42:FD:16:0E:D2:81:96:03:3B:B6:CC:E0:33
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0189DA9C870CDF80CEEC6E7EA488C87087C6
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/ZHFY-oW5KUL9Fg7SgZYDO7bM4DM.roa
Signing time: Wed 09 Aug 2023 14:03:58 +0000
ROA not before: Wed 09 Aug 2023 14:03:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 109.206.250.0/23 maxlen: 23
2a0c:9e02::/32 maxlen: 40
2a0b:3c41:2::/48 maxlen: 48
2a0e:eb40::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 05 Dec 2023 15:47:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:da:9c:87:0c:df:80:ce:ec:6e:7e:a4:88:c8:70:87:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Aug 9 14:03:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=647158fa85b92942fd160ed28196033bb6cce033
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:51:96:1d:63:fb:e1:4f:0d:a9:d0:c3:2c:39:
81:02:16:2d:68:6e:6f:ad:32:31:e7:83:79:59:15:
17:e4:22:5e:c8:d1:07:55:3b:4e:02:d2:13:4c:19:
8c:e5:70:63:51:0f:f8:0d:3e:a5:ec:3a:94:9a:87:
f3:d3:f5:58:bc:a9:0e:eb:85:ef:1b:0e:61:a0:1d:
c4:57:c0:1e:83:b5:dd:35:9c:42:b0:24:14:44:56:
94:6f:4e:d0:87:8d:28:32:81:ac:3c:e6:5f:69:de:
bd:96:97:7d:7c:b5:81:ab:2f:76:2b:bc:45:27:51:
f3:a2:11:d4:4e:ba:69:bf:f5:cd:2e:0b:8f:c1:ba:
a4:f3:43:a3:00:a5:7f:a5:49:1e:91:a2:79:e5:a0:
9d:f0:d4:42:28:5c:de:2c:d8:da:99:69:13:ed:e4:
e3:05:83:19:1a:29:85:8f:53:20:99:16:d7:1d:de:
6f:3d:38:ce:80:1d:7d:bc:8a:0e:41:5f:69:8f:bd:
5b:ef:08:f6:3b:73:85:2c:e2:44:3a:23:fb:d7:00:
2a:8c:07:1e:51:c6:2c:6c:56:c1:64:39:15:ff:e2:
9a:36:db:87:3e:18:6c:3b:f9:fa:7d:81:46:0e:a2:
11:21:a1:12:3f:f5:10:99:fd:ec:6d:cc:74:78:48:
d9:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:71:58:FA:85:B9:29:42:FD:16:0E:D2:81:96:03:3B:B6:CC:E0:33
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/ZHFY-oW5KUL9Fg7SgZYDO7bM4DM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.206.250.0/23
IPv6:
2a0b:3c41:2::/48
2a0c:9e02::/32
2a0e:eb40::/32
Signature Algorithm: sha256WithRSAEncryption
79:3a:94:e9:fd:a0:f0:78:a9:b7:8c:7b:43:2a:b7:67:da:d0:
27:c9:d1:9d:41:fe:ba:c1:fd:6e:50:54:87:12:d9:71:7f:43:
b0:4d:06:e5:1a:f3:f8:af:09:6d:51:33:30:e5:bc:43:b0:25:
41:81:d1:e7:cd:25:ab:a4:8d:6a:70:6e:e5:1b:2c:e0:f0:02:
f1:d3:9c:cf:b3:7f:2f:4b:94:5b:31:01:52:75:8e:a6:d7:a6:
03:38:ec:90:e6:b1:1f:7b:6b:8c:09:b1:ae:e2:53:83:98:2a:
3e:3e:5d:1e:06:ef:15:da:7a:6f:35:13:4c:b8:b5:7f:03:ae:
9d:9f:19:56:8e:82:86:a9:51:96:5c:1e:ed:c3:20:24:db:1b:
3f:75:9b:bb:5e:7d:14:47:73:f0:a1:a7:21:c4:f0:60:be:27:
f3:16:a9:cb:90:36:72:13:ab:69:a0:41:a6:c5:f5:3c:cc:34:
a6:04:c6:7c:70:2d:f0:8a:76:d1:63:03:43:0c:74:44:1e:1d:
f4:c2:ef:7d:6c:45:db:32:77:0f:b6:a2:c4:cc:36:13:9d:fa:
b7:c1:70:57:df:72:1c:17:f6:57:7e:37:31:ec:b0:18:36:d0:
96:a6:ed:39:cb:ad:66:3a:7d:91:07:f4:66:a9:0a:0f:d5:f3:
fd:c4:27:1b
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYnanIcM34DO7G5+pIjIcIfGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMwODA5MTQwMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDcxNThmYTg1YjkyOTQyZmQxNjBlZDI4MTk2MDMzYmI2Y2NlMDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVGWHWP74U8NqdDDLDmBAhYtaG5v
rTIx54N5WRUX5CJeyNEHVTtOAtITTBmM5XBjUQ/4DT6l7DqUmofz0/VYvKkO64Xv
Gw5hoB3EV8Aeg7XdNZxCsCQURFaUb07Qh40oMoGsPOZfad69lpd9fLWBqy92K7xF
J1HzohHUTrppv/XNLguPwbqk80OjAKV/pUkekaJ55aCd8NRCKFzeLNjamWkT7eTj
BYMZGimFj1MgmRbXHd5vPTjOgB19vIoOQV9pj71b7wj2O3OFLOJEOiP71wAqjAce
UcYsbFbBZDkV/+KaNtuHPhhsO/n6fYFGDqIRIaESP/UQmf3sbcx0eEjZeQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFGRxWPqFuSlC/RYO0oGWAzu2zOAzMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvWkhGWS1vVzVLVUw5Rmc3U2daWURPN2JNNERNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAMBAIAATAGAwQBbc76MB0E
AgACMBcDBwAqCzxBAAIDBQAqDJ4CAwUAKg7rQDANBgkqhkiG9w0BAQsFAAOCAQEA
eTqU6f2g8Hipt4x7Qyq3Z9rQJ8nRnUH+usH9blBUhxLZcX9DsE0G5Rrz+K8JbVEz
MOW8Q7AlQYHR580lq6SNanBu5Rss4PAC8dOcz7N/L0uUWzEBUnWOptemAzjskOax
H3trjAmxruJTg5gqPj5dHgbvFdp6bzUTTLi1fwOunZ8ZVo6ChqlRllwe7cMgJNsb
P3Wbu159FEdz8KGnIcTwYL4n8xapy5A2chOraaBBpsX1PMw0pgTGfHAt8Ip20WMD
Qwx0RB4d9MLvfWxF2zJ3D7aixMw2E536t8FwV99yHBf2V343MeywGDbQlqbtOcut
Zjp9kQf0ZqkKD9Xz/cQnGw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:17 2024 by rpki-client on console-ams.rpki-client.org