Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/ziwm2C-2bZoPXdaW3nXQTp8zJFI.roa
File: ziwm2C-2bZoPXdaW3nXQTp8zJFI.roa (raw, json)
Hash identifier: tnUl2HLzE9JYEltBeymOssZt5XFuxN5PFmLNy6S/aDU=
Subject key identifier: CE:2C:26:D8:2F:B6:6D:9A:0F:5D:D6:96:DE:75:D0:4E:9F:33:24:52
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018D3674F7A7B4C1C4EBADBD0DD6BEF10207
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/ziwm2C-2bZoPXdaW3nXQTp8zJFI.roa
Signing time: Tue 23 Jan 2024 13:14:11 +0000
ROA not before: Tue 23 Jan 2024 13:14:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61135
IP address blocks: 91.200.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 12:45:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:36:74:f7:a7:b4:c1:c4:eb:ad:bd:0d:d6:be:f1:02:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jan 23 13:14:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce2c26d82fb66d9a0f5dd696de75d04e9f332452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:1b:86:78:e8:73:f0:ee:ab:fa:8e:cd:ef:2e:
54:36:69:07:ec:d1:7a:c2:b9:95:fd:ae:b9:a9:93:
3f:a2:57:19:3e:d9:f3:d7:a2:55:0d:54:80:9a:7f:
cf:2c:1b:d9:6c:37:f8:d9:37:ca:06:86:83:0d:17:
00:ba:03:79:c6:2f:76:a4:c8:fc:79:01:9c:32:fe:
dc:1b:57:94:24:e0:9f:ef:09:d7:99:1d:6c:a6:46:
94:3a:91:88:f4:f8:21:fc:07:92:ec:b4:f0:8b:ff:
d9:eb:a9:df:4c:b6:d2:d4:84:a0:1c:1d:bb:bb:ea:
74:bb:bb:50:b3:a7:3d:d9:ed:af:c8:06:50:1e:16:
95:56:f4:7e:ad:f3:2a:08:2e:cd:97:d9:45:48:85:
e1:af:62:c6:76:75:16:08:4f:66:7b:7c:93:71:fd:
8e:d4:14:47:db:e2:27:56:56:82:f2:b8:26:d2:da:
b1:20:96:e5:58:50:f7:b3:f5:18:7e:55:ad:0b:88:
a0:61:bb:52:03:2c:70:62:a4:ae:05:f3:62:05:30:
51:97:d2:e3:ef:6a:8a:2f:9e:09:77:e4:d2:e0:bd:
5a:8e:1b:ec:34:bc:1c:3b:b5:0e:d5:08:91:89:74:
cb:42:1b:17:30:4d:0b:c4:eb:2f:72:2d:de:10:d2:
60:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:2C:26:D8:2F:B6:6D:9A:0F:5D:D6:96:DE:75:D0:4E:9F:33:24:52
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/ziwm2C-2bZoPXdaW3nXQTp8zJFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.221.0/24
Signature Algorithm: sha256WithRSAEncryption
00:8f:21:fc:15:54:8f:39:18:8c:d8:86:5a:47:ea:a8:ba:51:
2b:c3:cc:21:19:e7:5e:72:18:cc:cf:1b:01:7a:43:ed:1f:9a:
bf:03:5a:01:61:0f:8a:31:cf:41:1c:a8:29:73:5c:d2:43:28:
df:a4:ff:b9:a5:99:e5:8b:71:82:06:fd:de:cf:f8:51:22:e2:
8b:77:c8:60:e6:ab:b8:55:9b:69:db:63:97:a4:46:e0:24:f7:
d7:c8:6f:e7:5a:db:b2:ef:af:b0:5b:b0:49:47:6a:e0:17:ef:
ec:90:e3:26:c6:95:02:80:c6:a7:02:0b:52:bc:27:29:ef:97:
4d:96:70:36:db:c9:1e:01:bd:1f:7f:42:6b:7f:73:63:ed:29:
ba:58:00:8e:26:b9:5f:05:02:22:fe:e0:f4:b2:06:c7:2e:ea:
ee:15:e6:76:39:42:8f:f9:dc:80:61:6d:04:56:93:1d:02:dc:
b0:ba:92:e3:64:14:80:4f:8b:b9:0c:9f:45:09:8e:fb:e8:4d:
d3:ba:b3:88:f4:6b:fb:d8:eb:b3:82:c9:7d:6e:18:04:78:a0:
ce:db:9f:a3:2f:29:60:08:97:73:03:ac:27:93:84:6e:7f:ba:
b5:fa:d2:a3:78:4a:37:53:2a:45:94:ff:14:cd:a7:ca:6f:b6:
0b:d9:5c:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY02dPentMHE6629Dda+8QIHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMTIzMTMxNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTJjMjZkODJmYjY2ZDlhMGY1ZGQ2OTZkZTc1ZDA0ZTlmMzMyNDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRuGeOhz8O6r+o7N7y5UNmkH7NF6
wrmV/a65qZM/olcZPtnz16JVDVSAmn/PLBvZbDf42TfKBoaDDRcAugN5xi92pMj8
eQGcMv7cG1eUJOCf7wnXmR1spkaUOpGI9Pgh/AeS7LTwi//Z66nfTLbS1ISgHB27
u+p0u7tQs6c92e2vyAZQHhaVVvR+rfMqCC7Nl9lFSIXhr2LGdnUWCE9me3yTcf2O
1BRH2+InVlaC8rgm0tqxIJblWFD3s/UYflWtC4igYbtSAyxwYqSuBfNiBTBRl9Lj
72qKL54Jd+TS4L1ajhvsNLwcO7UO1QiRiXTLQhsXME0LxOsvci3eENJgDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM4sJtgvtm2aD13Wlt510E6fMyRSMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEveml3bTJDLTJiWm9QWGRhVzNuWFFUcDh6SkZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8jdMA0G
CSqGSIb3DQEBCwUAA4IBAQAAjyH8FVSPORiM2IZaR+qoulErw8whGedechjMzxsB
ekPtH5q/A1oBYQ+KMc9BHKgpc1zSQyjfpP+5pZnli3GCBv3ez/hRIuKLd8hg5qu4
VZtp22OXpEbgJPfXyG/nWtuy76+wW7BJR2rgF+/skOMmxpUCgManAgtSvCcp75dN
lnA228keAb0ff0Jrf3Nj7Sm6WACOJrlfBQIi/uD0sgbHLuruFeZ2OUKP+dyAYW0E
VpMdAtywupLjZBSAT4u5DJ9FCY776E3TurOI9Gv72Ouzgsl9bhgEeKDO25+jLylg
CJdzA6wnk4Ruf7q1+tKjeEo3UypFlP8UzafKb7YL2VwJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:37 2024 by rpki-client on console-fra.rpki-client.org