Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/ZRSz2MH3L_njTlOn_8Jzglm29OY.roa
File: ZRSz2MH3L_njTlOn_8Jzglm29OY.roa (raw, json)
Hash identifier: aAfgY5zJnri7q4MxqiRSq9eA9xmi4nd0WsLAFfKFT7o=
Subject key identifier: 65:14:B3:D8:C1:F7:2F:F9:E3:4E:53:A7:FF:C2:73:82:59:B6:F4:E6
Certificate issuer: /CN=9f0743496c7ff3effb870601139cad9d2f271e10
Certificate serial: 0188D8E06407E6F8FAB16EFD152098F2A58C
Authority key identifier: 9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/ZRSz2MH3L_njTlOn_8Jzglm29OY.roa
Signing time: Tue 20 Jun 2023 12:56:04 +0000
ROA not before: Tue 20 Jun 2023 12:56:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 193.239.146.0/24 maxlen: 24
193.239.147.0/24 maxlen: 24
45.144.128.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 06 Sep 2023 07:57:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d8:e0:64:07:e6:f8:fa:b1:6e:fd:15:20:98:f2:a5:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0743496c7ff3effb870601139cad9d2f271e10
Validity
Not Before: Jun 20 12:56:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6514b3d8c1f72ff9e34e53a7ffc2738259b6f4e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:20:35:72:41:13:b8:4d:19:6d:c2:08:10:cd:
db:99:51:74:2b:10:be:08:da:ac:de:30:c8:19:b2:
e8:a9:54:47:d2:10:de:65:3f:8c:e0:7a:90:54:5e:
2a:5a:68:92:19:97:d9:37:25:9e:88:0f:90:74:29:
20:e9:2b:8d:1d:26:b5:8a:a0:93:13:25:03:13:44:
9f:2b:05:20:6a:21:36:22:ff:6f:cc:02:62:75:2b:
b4:43:38:d5:09:f3:07:ae:a8:69:51:6f:6b:fe:df:
86:ba:e0:30:27:84:a1:b7:95:a2:e4:37:da:ef:94:
e5:17:c0:f0:93:eb:c8:9c:3b:bf:60:2c:36:8c:16:
76:8e:e4:69:90:c6:38:8d:58:3b:7b:64:8f:d0:18:
5a:c1:e3:80:0f:94:7e:2f:de:e2:07:6d:d3:df:e8:
09:32:0b:00:9c:c5:3a:43:6b:bb:dc:40:0e:f9:cd:
5d:7c:a0:c2:79:85:da:db:d1:fe:47:a1:21:70:8a:
8c:45:a4:d2:23:7d:2e:d4:6e:84:58:9b:80:eb:b3:
52:c5:69:58:2b:fa:23:03:65:35:d8:40:35:8a:cd:
e4:70:2c:1e:f3:d8:94:8c:1f:8f:75:61:ca:0d:ba:
10:59:fa:12:0d:cd:55:05:28:b2:31:a6:4e:39:5c:
f7:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:14:B3:D8:C1:F7:2F:F9:E3:4E:53:A7:FF:C2:73:82:59:B6:F4:E6
X509v3 Authority Key Identifier:
keyid:9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/ZRSz2MH3L_njTlOn_8Jzglm29OY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.128.0/22
193.239.146.0/23
Signature Algorithm: sha256WithRSAEncryption
89:7f:34:a6:fb:03:b1:bc:72:f7:08:e0:ec:31:6d:63:0f:96:
83:31:ed:18:03:d1:42:7a:f9:0b:87:cc:e8:e5:ba:e2:50:2a:
66:5c:e3:b5:d9:5d:a5:5f:6e:91:7a:74:4f:ac:d7:f2:5d:2c:
8b:99:80:23:55:d1:df:15:64:e3:f8:ba:92:d5:90:90:db:94:
45:64:67:6e:2e:1e:cd:2a:5f:59:b8:44:17:07:65:5e:7b:27:
77:c8:df:c1:83:ed:0f:58:9f:79:6e:30:8a:1c:9c:69:d6:8c:
1a:1f:6a:63:21:03:14:23:77:c7:c5:72:60:0b:74:29:e6:3c:
62:52:17:71:41:80:93:1c:bf:42:9c:b5:04:0c:f0:d1:99:e3:
f8:2b:d6:40:a4:37:fb:82:aa:de:4c:cb:8c:27:1d:04:aa:93:
2e:c3:59:8c:19:1c:a0:ef:79:91:18:88:58:54:e1:1d:45:cf:
b6:13:eb:e0:cb:e1:b9:d1:44:7b:48:8c:46:d1:59:ad:17:cf:
02:56:4f:e9:33:bd:c5:ec:b6:51:bf:b4:ce:0c:7b:a9:13:e9:
f1:2a:49:1f:f4:7b:2b:34:e3:60:37:7a:bb:67:b4:ad:ab:b2:
8b:e2:f7:df:6e:ed:bf:b7:b2:fa:82:8a:bf:89:be:4e:5e:99:
59:d0:f0:d5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYjY4GQH5vj6sW79FSCY8qWMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDc0MzQ5NmM3ZmYzZWZmYjg3MDYwMTEzOWNhZDlkMmYy
NzFlMTAwHhcNMjMwNjIwMTI1NjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTE0YjNkOGMxZjcyZmY5ZTM0ZTUzYTdmZmMyNzM4MjU5YjZmNGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSA1ckETuE0ZbcIIEM3bmVF0KxC+
CNqs3jDIGbLoqVRH0hDeZT+M4HqQVF4qWmiSGZfZNyWeiA+QdCkg6SuNHSa1iqCT
EyUDE0SfKwUgaiE2Iv9vzAJidSu0QzjVCfMHrqhpUW9r/t+GuuAwJ4Sht5Wi5Dfa
75TlF8Dwk+vInDu/YCw2jBZ2juRpkMY4jVg7e2SP0BhaweOAD5R+L97iB23T3+gJ
MgsAnMU6Q2u73EAO+c1dfKDCeYXa29H+R6EhcIqMRaTSI30u1G6EWJuA67NSxWlY
K/ojA2U12EA1is3kcCwe89iUjB+PdWHKDboQWfoSDc1VBSiyMaZOOVz3KQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGUUs9jB9y/5405Tp//Cc4JZtvTmMB8GA1UdIwQY
MBaAFJ8HQ0lsf/Pv+4cGAROcrZ0vJx4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2Mt
NjM0MTEzNjdkOTBhLzEvWlJTejJNSDNMX25qVGxPbl84SnpnbG0yOU9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2MtNjM0MTEzNjdkOTBh
LzEvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZCAAwQB
we+SMA0GCSqGSIb3DQEBCwUAA4IBAQCJfzSm+wOxvHL3CODsMW1jD5aDMe0YA9FC
evkLh8zo5briUCpmXOO12V2lX26RenRPrNfyXSyLmYAjVdHfFWTj+LqS1ZCQ25RF
ZGduLh7NKl9ZuEQXB2Veeyd3yN/Bg+0PWJ95bjCKHJxp1owaH2pjIQMUI3fHxXJg
C3Qp5jxiUhdxQYCTHL9CnLUEDPDRmeP4K9ZApDf7gqreTMuMJx0EqpMuw1mMGRyg
73mRGIhYVOEdRc+2E+vgy+G50UR7SIxG0VmtF88CVk/pM73F7LZRv7TODHupE+nx
Kkkf9HsrNONgN3q7Z7Stq7KL4vffbu2/t7L6goq/ib5OXplZ0PDV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:00 2024 by rpki-client on console-ams.rpki-client.org