Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Zr0-0l8vXiaqPfObPTXfC08DZII.roa
File: Zr0-0l8vXiaqPfObPTXfC08DZII.roa (raw, json)
Hash identifier: YxypRljyjKXz4c09kRCTblZcwVRE04cFFy54jiM9JHw=
Subject key identifier: 66:BD:3E:D2:5F:2F:5E:26:AA:3D:F3:9B:3D:35:DF:0B:4F:03:64:82
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018DE6296322D1EF1CACA0B04B19F6F700F3
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Zr0-0l8vXiaqPfObPTXfC08DZII.roa
Signing time: Mon 26 Feb 2024 16:04:48 +0000
ROA not before: Mon 26 Feb 2024 16:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39238
IP address blocks: 147.45.52.0/22 maxlen: 22
147.45.56.0/22 maxlen: 22
147.45.80.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 17 Jun 2024 20:03:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e6:29:63:22:d1:ef:1c:ac:a0:b0:4b:19:f6:f7:00:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Feb 26 16:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66bd3ed25f2f5e26aa3df39b3d35df0b4f036482
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:30:2a:db:cf:a2:13:ef:5b:08:95:a0:41:b8:
74:a6:fe:fb:ae:a5:1c:7b:fe:c7:4a:43:43:18:59:
cd:51:de:68:9d:c4:5c:44:1d:00:8a:e2:fc:c8:e3:
22:89:b0:47:7e:1e:df:95:93:a0:2e:8a:03:64:e9:
55:6c:2c:97:d8:02:58:99:59:86:33:73:83:8c:e3:
21:1a:db:3b:47:f6:76:ce:62:5a:14:08:8f:a8:38:
ca:17:37:c0:a6:59:6d:63:8d:ed:17:ff:0f:b8:d7:
d8:04:a9:c0:c8:e5:b7:06:fd:92:d1:13:95:ec:6f:
16:b6:74:4e:c0:8c:02:49:ff:1a:29:6f:33:ba:de:
59:d7:91:e8:44:25:1e:eb:90:d6:4c:01:79:06:96:
0c:23:44:7a:b1:7a:4e:2a:a4:64:6e:2a:73:71:6a:
a1:54:14:14:a8:13:ad:f2:d0:35:da:d6:60:be:9e:
2c:f5:18:6a:aa:bb:32:26:02:41:2a:d3:24:cf:54:
04:e1:69:cf:46:cd:f8:7e:ad:7e:0c:6c:1d:1c:51:
e8:27:69:05:73:f1:e8:b6:27:49:8e:bc:56:13:06:
3a:77:ef:35:ed:11:87:fa:7f:5a:10:d3:93:1d:11:
96:e9:a5:e2:84:c0:e0:91:e7:f5:15:59:5b:df:51:
21:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:BD:3E:D2:5F:2F:5E:26:AA:3D:F3:9B:3D:35:DF:0B:4F:03:64:82
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Zr0-0l8vXiaqPfObPTXfC08DZII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.52.0-147.45.59.255
147.45.80.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:c0:5a:3e:c3:52:79:02:65:ba:c6:10:90:26:5e:38:f4:1a:
67:49:2f:fc:53:4b:42:b6:65:43:c9:1a:53:8a:b5:54:03:fa:
6f:16:de:02:64:02:61:16:20:5e:e0:62:f5:e8:e6:cc:85:f9:
34:20:e9:38:0e:1d:09:55:96:d9:4e:e4:e8:f8:4b:9c:e0:80:
47:83:24:8b:31:2d:e6:b6:fc:31:c0:da:7b:ad:a7:5c:01:39:
27:20:91:2a:2b:7d:cc:44:29:5a:1a:54:04:55:db:13:a2:c8:
6a:8a:ba:2a:63:88:de:c9:70:a2:f0:81:00:c7:41:5b:79:af:
d4:c9:15:fb:d1:d3:d5:e5:b9:43:4f:0f:b7:27:bd:c2:39:d2:
0b:d4:af:65:82:ac:2e:12:aa:76:5f:51:c8:67:0e:9a:0d:94:
9a:af:22:02:10:9a:ff:6b:c4:60:9e:51:e2:82:50:09:35:e0:
63:ed:fb:ff:c9:15:31:b7:14:cf:3b:ac:73:65:d5:b7:b3:85:
96:cf:0a:d9:40:e9:98:84:55:c4:03:ea:97:b7:0d:62:ee:8a:
3d:e5:15:ef:bb:96:30:d5:2d:05:31:49:b3:f3:f7:5f:fa:34:
3b:c0:c7:ff:1c:20:70:1c:11:e4:02:b9:16:7d:cc:b3:d6:0c:
a2:9a:42:58
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY3mKWMi0e8crKCwSxn29wDzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMjI2MTYwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmJkM2VkMjVmMmY1ZTI2YWEzZGYzOWIzZDM1ZGYwYjRmMDM2NDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzAq28+iE+9bCJWgQbh0pv77rqUc
e/7HSkNDGFnNUd5oncRcRB0AiuL8yOMiibBHfh7flZOgLooDZOlVbCyX2AJYmVmG
M3ODjOMhGts7R/Z2zmJaFAiPqDjKFzfAplltY43tF/8PuNfYBKnAyOW3Bv2S0ROV
7G8WtnROwIwCSf8aKW8zut5Z15HoRCUe65DWTAF5BpYMI0R6sXpOKqRkbipzcWqh
VBQUqBOt8tA12tZgvp4s9RhqqrsyJgJBKtMkz1QE4WnPRs34fq1+DGwdHFHoJ2kF
c/HotidJjrxWEwY6d+817RGH+n9aENOTHRGW6aXihMDgkef1FVlb31EhbwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGa9PtJfL14mqj3zmz013wtPA2SCMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvWnIwLTBsOHZYaWFxUGZPYlBUWGZDMDhEWklJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAKTLTQD
BAKTLTgDBAKTLVAwDQYJKoZIhvcNAQELBQADggEBAE3AWj7DUnkCZbrGEJAmXjj0
GmdJL/xTS0K2ZUPJGlOKtVQD+m8W3gJkAmEWIF7gYvXo5syF+TQg6TgOHQlVltlO
5Oj4S5zggEeDJIsxLea2/DHA2nutp1wBOScgkSorfcxEKVoaVARV2xOiyGqKuipj
iN7JcKLwgQDHQVt5r9TJFfvR09XluUNPD7cnvcI50gvUr2WCrC4SqnZfUchnDpoN
lJqvIgIQmv9rxGCeUeKCUAk14GPt+//JFTG3FM87rHNl1bezhZbPCtlA6ZiEVcQD
6pe3DWLuij3lFe+7ljDVLQUxSbPz91/6NDvAx/8cIHAcEeQCuRZ9zLPWDKKaQlg=
-----END CERTIFICATE-----
Generated at Tue Jun 18 00:15:20 2024 by rpki-client on console-fra.rpki-client.org