Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/ZzbzU68yXnVV9Y42Pu1HNBo-pSg.roa
File: ZzbzU68yXnVV9Y42Pu1HNBo-pSg.roa (raw, json)
Hash identifier: ZAoWM1Pz5v2ZnDoz3uQlPr3+8paXnvc94h63dDaRh5M=
Subject key identifier: 67:36:F3:53:AF:32:5E:75:55:F5:8E:36:3E:ED:47:34:1A:3E:A5:28
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0185724705340CA5A1A1B37DB1313662823B
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/ZzbzU68yXnVV9Y42Pu1HNBo-pSg.roa
Signing time: Mon 02 Jan 2023 11:38:54 +0000
ROA not before: Mon 02 Jan 2023 11:38:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43624
IP address blocks: 46.161.56.0/21 maxlen: 24
146.185.206.0/24 maxlen: 24
146.185.204.0/23 maxlen: 24
146.185.200.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Jan 2023 04:47:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:47:05:34:0c:a5:a1:a1:b3:7d:b1:31:36:62:82:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 2 11:38:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6736f353af325e7555f58e363eed47341a3ea528
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:00:e9:61:bd:2f:84:c4:05:72:23:11:c4:e2:
d3:48:92:97:42:df:5e:74:73:87:d8:d4:77:a3:a8:
8a:bf:6f:56:83:2b:46:8e:a6:99:c1:56:d9:2d:a1:
d6:21:49:54:fc:5f:02:d2:c0:46:a8:b1:1e:82:0d:
68:04:1b:f2:1b:56:44:9f:4d:14:c5:e7:99:6a:7b:
fa:19:e8:07:cf:50:10:58:bd:1e:a7:9c:51:76:8e:
2d:a4:e0:af:64:67:7e:fd:6c:62:dc:d5:37:3d:54:
1b:cf:43:8c:34:71:46:49:10:e1:cc:04:d5:dc:42:
00:62:3b:76:bf:32:c9:3d:51:82:c3:83:0c:0a:50:
ce:59:94:11:2e:05:ea:70:68:46:da:d0:43:de:d1:
5b:df:1e:55:e2:e0:39:9b:c2:f1:9c:5b:98:8b:9f:
f3:fd:ef:08:7e:fc:31:08:f1:97:48:44:57:1d:f1:
a9:a2:4a:19:9b:97:9d:e8:df:39:5a:cd:dd:39:49:
bc:63:57:38:46:0b:97:88:b7:b9:c6:77:12:26:c1:
9c:5f:32:5f:33:d8:5a:c9:8c:6a:ff:64:66:d3:2d:
13:60:30:72:a7:8b:2b:b9:6a:a0:21:64:60:6f:4f:
4b:31:74:56:dd:d6:ac:de:14:15:e0:03:25:63:a7:
ef:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:36:F3:53:AF:32:5E:75:55:F5:8E:36:3E:ED:47:34:1A:3E:A5:28
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/ZzbzU68yXnVV9Y42Pu1HNBo-pSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.161.56.0/21
146.185.200.0-146.185.206.255
Signature Algorithm: sha256WithRSAEncryption
b2:18:e8:78:b5:e2:f4:02:cc:a7:6a:cf:3e:41:10:6d:02:84:
3b:e5:97:3f:08:2b:38:4f:7f:a6:df:16:dc:2f:08:8b:91:a1:
7f:c1:30:b7:0b:b2:91:c3:8e:0c:83:d2:21:10:40:9b:58:eb:
e0:9b:57:fe:6c:eb:c1:1c:fe:6d:3c:46:e3:7f:c8:c3:96:18:
fd:93:a9:6d:4b:e1:75:e2:56:15:52:79:eb:f0:cf:b3:a9:da:
93:7b:c2:d7:8d:06:a0:f8:b3:6d:fc:13:a7:d7:7b:e3:cf:0b:
7b:6d:8b:a6:e5:8e:03:2a:d1:ae:06:2b:9c:80:51:04:e9:22:
07:a9:5a:d8:e6:52:b5:36:d4:4a:48:d3:04:44:0e:34:7b:00:
7f:37:80:82:69:0e:11:d2:40:a8:4a:5d:67:39:78:bf:19:97:
c5:0f:d8:ce:3e:e8:62:a1:05:64:5d:2e:41:c5:1f:da:a2:bc:
7e:2c:e1:15:78:a6:4e:c3:fc:d7:9a:56:2a:af:cc:fa:2c:ea:
5a:8f:2f:5f:45:4a:96:08:ec:0f:14:b6:9e:52:2b:6f:08:c7:
f4:65:80:40:ca:8f:a7:73:96:02:a2:93:4d:2d:96:34:08:91:
15:3e:97:0e:4e:5d:64:a6:b3:39:d3:85:c1:ca:31:31:3d:24:
62:39:50:d1
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVyRwU0DKWhobN9sTE2YoI7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwMTAyMTEzODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzM2ZjM1M2FmMzI1ZTc1NTVmNThlMzYzZWVkNDczNDFhM2VhNTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggDpYb0vhMQFciMRxOLTSJKXQt9e
dHOH2NR3o6iKv29WgytGjqaZwVbZLaHWIUlU/F8C0sBGqLEegg1oBBvyG1ZEn00U
xeeZanv6GegHz1AQWL0ep5xRdo4tpOCvZGd+/Wxi3NU3PVQbz0OMNHFGSRDhzATV
3EIAYjt2vzLJPVGCw4MMClDOWZQRLgXqcGhG2tBD3tFb3x5V4uA5m8LxnFuYi5/z
/e8IfvwxCPGXSERXHfGpokoZm5ed6N85Ws3dOUm8Y1c4RguXiLe5xncSJsGcXzJf
M9hayYxq/2Rm0y0TYDByp4sruWqgIWRgb09LMXRW3das3hQV4AMlY6fvuQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGc281OvMl51VfWONj7tRzQaPqUoMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvWnpielU2OHlYblZWOVk0MlB1MUhOQm8tcFNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDLqE4MAwD
BAOSucgDBACSuc4wDQYJKoZIhvcNAQELBQADggEBALIY6Hi14vQCzKdqzz5BEG0C
hDvllz8IKzhPf6bfFtwvCIuRoX/BMLcLspHDjgyD0iEQQJtY6+CbV/5s68Ec/m08
RuN/yMOWGP2TqW1L4XXiVhVSeevwz7Op2pN7wteNBqD4s238E6fXe+PPC3tti6bl
jgMq0a4GK5yAUQTpIgepWtjmUrU21EpI0wREDjR7AH83gIJpDhHSQKhKXWc5eL8Z
l8UP2M4+6GKhBWRdLkHFH9qivH4s4RV4pk7D/NeaViqvzPos6lqPL19FSpYI7A8U
tp5SK28Ix/RlgEDKj6dzlgKik00tljQIkRU+lw5OXWSmsznThcHKMTE9JGI5UNE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:55 2024 by rpki-client on console-ams.rpki-client.org