Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/ZLXPnkIyIhydZl9rZ1mYEc33ASA.roa
File: ZLXPnkIyIhydZl9rZ1mYEc33ASA.roa (raw, json)
Hash identifier: RblZIwnUPszKXNO5IYzYwDGAQNddwpjyx0piC54C68Y=
Subject key identifier: 64:B5:CF:9E:42:32:22:1C:9D:66:5F:6B:67:59:98:11:CD:F7:01:20
Certificate issuer: /CN=31b0f64c69d330b66ebcd03a9bf0fdc19f3147d8
Certificate serial: 01857079CAC5ACE96FD40731C7BD83415B9C
Authority key identifier: 31:B0:F6:4C:69:D3:30:B6:6E:BC:D0:3A:9B:F0:FD:C1:9F:31:47:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/ZLXPnkIyIhydZl9rZ1mYEc33ASA.roa
Signing time: Mon 02 Jan 2023 03:15:08 +0000
ROA not before: Mon 02 Jan 2023 03:15:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12481
IP address blocks: 94.142.144.0/21 maxlen: 21
5.100.232.0/21 maxlen: 21
212.103.192.0/19 maxlen: 19
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:ca:c5:ac:e9:6f:d4:07:31:c7:bd:83:41:5b:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31b0f64c69d330b66ebcd03a9bf0fdc19f3147d8
Validity
Not Before: Jan 2 03:15:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64b5cf9e4232221c9d665f6b67599811cdf70120
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:dc:88:6c:7d:35:8e:fd:fa:f2:ab:69:a5:36:
ce:c8:c5:36:03:cb:64:89:cc:cf:6f:88:3b:9f:96:
55:fb:cd:8c:31:76:20:3e:58:ac:2e:cd:09:b0:ff:
e8:2b:d0:b7:3f:7b:e3:f1:a7:1e:94:43:67:73:71:
e8:1c:8b:ea:a7:bc:d8:10:d8:4d:f2:e4:3f:c8:31:
0b:4b:70:bb:32:20:0f:bc:9a:34:ee:87:54:7d:f1:
3a:58:7f:7c:e0:06:55:c7:d6:b1:f7:76:a8:84:86:
f5:d3:8c:18:08:aa:91:27:7a:e1:15:fd:97:94:b4:
a2:16:53:6b:6e:bb:cb:2d:4f:0a:14:52:a5:62:29:
ab:9a:42:7e:c4:72:01:8e:18:3a:bb:0c:3f:39:5a:
8d:94:45:c8:d1:ad:6d:9a:d7:3b:ab:76:85:fd:6a:
79:00:70:f6:dd:b4:0f:5a:18:25:8e:fb:2f:02:54:
1a:01:9d:d5:8d:85:c5:ab:81:ea:3f:1c:6f:28:e5:
f1:50:02:ff:08:be:0d:98:ca:e8:86:47:0b:23:07:
ec:19:33:de:d6:61:72:a9:bc:c3:91:61:63:29:8d:
73:90:a9:e4:77:cf:85:3b:bc:b7:f4:6c:10:c9:40:
e6:f5:48:e6:70:e0:09:30:eb:17:e9:26:34:89:e4:
05:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:B5:CF:9E:42:32:22:1C:9D:66:5F:6B:67:59:98:11:CD:F7:01:20
X509v3 Authority Key Identifier:
keyid:31:B0:F6:4C:69:D3:30:B6:6E:BC:D0:3A:9B:F0:FD:C1:9F:31:47:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/ZLXPnkIyIhydZl9rZ1mYEc33ASA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.232.0/21
94.142.144.0/21
212.103.192.0/19
Signature Algorithm: sha256WithRSAEncryption
71:41:f6:76:08:bc:f1:9d:d0:42:41:33:a3:85:df:08:f7:30:
f1:c0:8f:5e:7f:6c:88:61:bc:67:3d:51:52:2d:e4:a8:cb:f7:
e0:a2:52:35:e8:30:33:33:ed:08:fd:2a:c1:00:98:1e:54:ef:
34:75:4c:00:4a:06:dc:d4:57:d4:3d:30:17:c4:84:cb:bc:4c:
1e:fe:21:4b:9a:c3:d5:23:c1:5b:99:06:48:19:0b:69:d7:95:
95:5b:97:dc:0b:93:22:1c:ee:ac:60:83:88:de:eb:e8:74:a6:
f6:7e:b4:24:40:79:ff:9c:f0:ad:1f:8f:88:f9:0b:d0:d2:6a:
2b:6a:e3:94:e9:c9:0f:d4:af:59:fa:73:b4:1d:af:21:ed:4b:
b1:d6:18:03:fa:c4:4c:3f:6d:b4:e8:c6:62:64:30:c9:94:54:
76:84:b9:33:dc:d8:59:53:b4:86:d6:42:16:cd:cd:7a:1a:2b:
a9:28:5a:96:9d:24:a4:07:3c:f5:df:e4:31:e6:e3:63:a6:be:
95:3b:1b:74:43:8c:28:07:58:0f:7a:e5:3c:12:46:69:4b:b0:
3f:62:8a:91:c4:71:6c:cc:9b:47:70:d1:dd:78:79:5f:2f:ec:
8d:bf:70:20:af:c1:e8:94:b6:3e:8d:43:9b:b7:42:0a:ff:3b:
9c:4f:25:fb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwecrFrOlv1Acxx72DQVucMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYjBmNjRjNjlkMzMwYjY2ZWJjZDAzYTliZjBmZGMxOWYz
MTQ3ZDgwHhcNMjMwMTAyMDMxNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGI1Y2Y5ZTQyMzIyMjFjOWQ2NjVmNmI2NzU5OTgxMWNkZjcwMTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNyIbH01jv368qtppTbOyMU2A8tk
iczPb4g7n5ZV+82MMXYgPlisLs0JsP/oK9C3P3vj8acelENnc3HoHIvqp7zYENhN
8uQ/yDELS3C7MiAPvJo07odUffE6WH984AZVx9ax93aohIb104wYCKqRJ3rhFf2X
lLSiFlNrbrvLLU8KFFKlYimrmkJ+xHIBjhg6uww/OVqNlEXI0a1tmtc7q3aF/Wp5
AHD23bQPWhgljvsvAlQaAZ3VjYXFq4HqPxxvKOXxUAL/CL4NmMrohkcLIwfsGTPe
1mFyqbzDkWFjKY1zkKnkd8+FO7y39GwQyUDm9UjmcOAJMOsX6SY0ieQFbwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGS1z55CMiIcnWZfa2dZmBHN9wEgMB8GA1UdIwQY
MBaAFDGw9kxp0zC2brzQOpvw/cGfMUfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWJEMlRHblRNTFp1dk5BNm1fRDl3Wjh4UjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8yZmI0NzMtOGU2Yi00ZjBkLWFkMzAt
ZDQ5MzQ0OTNhNjc5LzEvWkxYUG5rSXlJaHlkWmw5cloxbVlFYzMzQVNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8yZmI0NzMtOGU2Yi00ZjBkLWFkMzAtZDQ5MzQ0OTNhNjc5
LzEvTWJEMlRHblRNTFp1dk5BNm1fRDl3Wjh4UjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBWToAwQD
Xo6QAwQF1GfAMA0GCSqGSIb3DQEBCwUAA4IBAQBxQfZ2CLzxndBCQTOjhd8I9zDx
wI9ef2yIYbxnPVFSLeSoy/fgolI16DAzM+0I/SrBAJgeVO80dUwASgbc1FfUPTAX
xITLvEwe/iFLmsPVI8FbmQZIGQtp15WVW5fcC5MiHO6sYIOI3uvodKb2frQkQHn/
nPCtH4+I+QvQ0morauOU6ckP1K9Z+nO0Ha8h7Uux1hgD+sRMP2206MZiZDDJlFR2
hLkz3NhZU7SG1kIWzc16GiupKFqWnSSkBzz13+Qx5uNjpr6VOxt0Q4woB1gPeuU8
EkZpS7A/YoqRxHFszJtHcNHdeHlfL+yNv3Agr8HolLY+jUObt0IK/zucTyX7
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:13 2024 by rpki-client on console-ams.rpki-client.org