Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/zx_rjkB2Yhj2bOFRWhtKVu39hHI.roa
File: zx_rjkB2Yhj2bOFRWhtKVu39hHI.roa (raw, json)
Hash identifier: FsPs7lhnYRggf9OsgrHO8UL9kf5P0b+d0wYDum4MNQ0=
Subject key identifier: CF:1F:EB:8E:40:76:62:18:F6:6C:E1:51:5A:1B:4A:56:ED:FD:84:72
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 018570399BA0F3D5B7E2ECC549A7FA6C6A0D
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/zx_rjkB2Yhj2bOFRWhtKVu39hHI.roa
Signing time: Mon 02 Jan 2023 02:05:01 +0000
ROA not before: Mon 02 Jan 2023 02:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 195.180.128.0/22 maxlen: 24
194.64.89.0/24 maxlen: 24
194.163.192.0/20 maxlen: 22
194.163.96.0/20 maxlen: 24
62.138.64.0/22 maxlen: 22
195.180.224.0/22 maxlen: 22
195.180.232.0/22 maxlen: 22
195.180.228.0/22 maxlen: 22
194.163.220.0/22 maxlen: 22
195.180.196.0/22 maxlen: 22
195.180.204.0/22 maxlen: 22
195.180.200.0/22 maxlen: 22
194.64.152.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:9b:a0:f3:d5:b7:e2:ec:c5:49:a7:fa:6c:6a:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Jan 2 02:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf1feb8e40766218f66ce1515a1b4a56edfd8472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e7:12:d1:b2:db:1c:2f:90:40:eb:b9:c2:c3:
a3:7d:5f:43:6c:1b:c1:9f:00:f1:e7:d3:19:e3:0b:
43:6d:80:15:c6:1e:fc:df:0d:0a:10:c9:5d:2c:aa:
99:3b:4b:81:69:b7:4f:63:71:8d:84:e9:24:b3:d2:
67:6c:b7:92:9c:0f:90:b9:f5:b1:06:2c:1f:98:6f:
57:a3:54:73:5a:03:aa:96:2b:28:5e:94:0d:ab:d0:
ab:32:e0:e6:14:06:3f:3f:91:7e:03:06:95:d5:ae:
3f:e6:ee:77:08:b9:54:99:02:bf:5d:74:44:33:d8:
f8:0e:c2:bf:a8:2b:d9:23:2e:da:0b:66:1c:7c:40:
48:4c:67:1b:51:d2:da:76:a0:8a:bf:84:b7:21:80:
9c:e8:f0:d9:9f:4e:3c:e7:a8:50:4e:0f:91:c4:03:
0f:24:0e:34:59:d3:fd:1c:6d:b4:66:a1:d7:df:55:
80:98:40:27:d9:b6:1d:41:f1:cc:1f:75:b8:53:c6:
e5:c3:45:19:90:4d:c5:c7:ab:94:53:08:52:d7:81:
14:d9:5e:4e:43:e2:67:12:73:00:e0:71:eb:ab:02:
b3:30:5b:df:86:88:86:58:c5:8e:79:6c:c7:69:a8:
84:ec:36:ed:b2:ae:04:86:8f:cf:9e:66:1e:43:d0:
6b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:1F:EB:8E:40:76:62:18:F6:6C:E1:51:5A:1B:4A:56:ED:FD:84:72
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/zx_rjkB2Yhj2bOFRWhtKVu39hHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.138.64.0/22
194.64.89.0/24
194.64.152.0/22
194.163.96.0/20
194.163.192.0/20
194.163.220.0/22
195.180.128.0/22
195.180.196.0-195.180.207.255
195.180.224.0-195.180.235.255
Signature Algorithm: sha256WithRSAEncryption
9a:05:cd:4e:4c:3d:fc:44:8a:24:ef:92:01:7a:62:c1:40:03:
e4:24:69:89:8e:42:33:86:0d:9a:6f:2d:05:c4:d7:bd:bf:de:
2c:51:ae:3b:87:5c:75:85:2b:0b:91:8e:17:fe:b4:b2:97:3c:
cf:75:4b:89:29:2e:14:38:37:c6:ad:a5:cd:03:91:e1:4e:69:
49:bb:6f:ed:27:48:96:ce:11:de:c9:31:2a:8a:44:da:61:50:
0c:dd:05:5e:3a:a5:63:3c:9c:81:f6:1f:f7:be:6a:8d:aa:43:
34:9e:59:95:74:41:41:41:3d:55:5d:21:0a:bd:e4:14:ee:fc:
72:be:c2:54:82:52:75:08:cc:38:af:b2:de:79:67:c7:48:5d:
c1:b9:f8:c5:f2:09:8d:10:88:6b:cc:ea:1f:e5:98:9d:df:8e:
74:2a:00:16:11:5f:35:56:0a:96:0e:f3:b8:45:3e:ed:1b:a2:
f6:56:28:bb:42:d0:11:9a:24:8a:55:d5:0d:5b:1d:c5:f9:ac:
f5:fd:e2:ea:e3:94:00:4c:84:c1:3d:35:f3:77:f6:ab:a6:c2:
b3:7a:c2:55:71:41:4c:15:bb:01:bf:4c:4d:f5:89:ff:55:06:
31:4d:f9:9e:5b:80:1d:a4:48:72:ca:9e:7d:44:6f:c0:cd:7f:
49:e5:86:d1
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYVwOZug89W34uzFSaf6bGoNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjMwMTAyMDIwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjFmZWI4ZTQwNzY2MjE4ZjY2Y2UxNTE1YTFiNGE1NmVkZmQ4NDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+cS0bLbHC+QQOu5wsOjfV9DbBvB
nwDx59MZ4wtDbYAVxh783w0KEMldLKqZO0uBabdPY3GNhOkks9JnbLeSnA+QufWx
BiwfmG9Xo1RzWgOqlisoXpQNq9CrMuDmFAY/P5F+AwaV1a4/5u53CLlUmQK/XXRE
M9j4DsK/qCvZIy7aC2YcfEBITGcbUdLadqCKv4S3IYCc6PDZn04856hQTg+RxAMP
JA40WdP9HG20ZqHX31WAmEAn2bYdQfHMH3W4U8blw0UZkE3Fx6uUUwhS14EU2V5O
Q+JnEnMA4HHrqwKzMFvfhoiGWMWOeWzHaaiE7Dbtsq4Eho/PnmYeQ9BrfwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFM8f645AdmIY9mzhUVobSlbt/YRyMB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEvenhfcmprQjJZaGoyYk9GUldodEtWdTM5aEhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQCPopAAwQA
wkBZAwQCwkCYAwQEwqNgAwQEwqPAAwQCwqPcAwQCw7SAMAwDBALDtMQDBATDtMAw
DAMEBcO04AMEAsO06DANBgkqhkiG9w0BAQsFAAOCAQEAmgXNTkw9/ESKJO+SAXpi
wUAD5CRpiY5CM4YNmm8tBcTXvb/eLFGuO4dcdYUrC5GOF/60spc8z3VLiSkuFDg3
xq2lzQOR4U5pSbtv7SdIls4R3skxKopE2mFQDN0FXjqlYzycgfYf975qjapDNJ5Z
lXRBQUE9VV0hCr3kFO78cr7CVIJSdQjMOK+y3nlnx0hdwbn4xfIJjRCIa8zqH+WY
nd+OdCoAFhFfNVYKlg7zuEU+7Rui9lYou0LQEZokilXVDVsdxfms9f3i6uOUAEyE
wT0183f2q6bCs3rCVXFBTBW7Ab9MTfWJ/1UGMU35nluAHaRIcsqefURvwM1/SeWG
0Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:42 2023 by rpki-client on console-fra.rpki-client.org