Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/ZwgDN3hmrk7RBcQYbZqemDCJDcU.roa
File: ZwgDN3hmrk7RBcQYbZqemDCJDcU.roa (raw, json)
Hash identifier: ZV0yMu03XyAQkM/xExfILYEHfF/PaWF/UmPmJNjjndo=
Subject key identifier: 67:08:03:37:78:66:AE:4E:D1:05:C4:18:6D:9A:9E:98:30:89:0D:C5
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 01857155268B19B7F1577BA7C6C8E7949964
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/ZwgDN3hmrk7RBcQYbZqemDCJDcU.roa
Signing time: Mon 02 Jan 2023 07:14:43 +0000
ROA not before: Mon 02 Jan 2023 07:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136038
IP address blocks: 91.204.224.0/24 maxlen: 24
91.204.226.0/24 maxlen: 24
91.204.225.0/24 maxlen: 24
91.204.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Dec 2023 13:21:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:26:8b:19:b7:f1:57:7b:a7:c6:c8:e7:94:99:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Jan 2 07:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=670803377866ae4ed105c4186d9a9e9830890dc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:72:ef:02:d1:85:65:15:cc:9d:ba:61:a3:33:
93:cf:b3:00:e2:e7:31:62:47:7d:05:b8:be:14:37:
cd:00:ff:c4:b5:85:34:52:a3:05:ce:45:33:dd:7c:
e7:d3:9c:ec:37:87:36:b0:aa:df:0c:11:fb:cc:cf:
54:d6:74:50:92:54:f8:dc:85:42:ee:50:18:fc:e8:
e8:69:22:04:ea:79:69:11:f5:8e:03:65:22:33:d3:
4e:17:41:ce:47:07:a7:27:0c:7a:b7:3b:59:b8:f2:
60:1f:f9:0a:c5:b0:dd:44:71:ab:83:43:7f:fb:80:
a5:16:23:09:64:33:24:55:78:9f:be:2b:f5:48:45:
8d:19:cb:d2:53:71:35:54:cb:52:4b:5e:0e:ed:79:
28:c7:07:59:5a:b2:c7:ca:7a:d5:aa:90:5d:d9:89:
cf:9e:53:b4:fa:f3:db:10:07:64:c8:b9:bf:e5:e0:
44:e1:6e:e1:d4:74:0b:39:d0:18:02:6c:d5:76:90:
59:be:24:d3:ec:05:47:27:ae:f3:01:0c:5f:88:e5:
b4:71:9a:a5:4f:55:29:f8:08:1c:ed:02:8c:29:4e:
24:eb:f8:82:d7:4f:f6:d3:48:e2:b2:4c:84:18:b1:
bd:65:94:f7:19:e8:7a:0f:fc:00:cb:7f:d3:a3:39:
36:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:08:03:37:78:66:AE:4E:D1:05:C4:18:6D:9A:9E:98:30:89:0D:C5
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/ZwgDN3hmrk7RBcQYbZqemDCJDcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.224.0/22
Signature Algorithm: sha256WithRSAEncryption
26:e4:ad:6f:6e:65:6f:5f:01:59:21:0b:1f:62:b4:7a:f5:55:
47:43:db:7e:20:04:2b:3e:26:44:02:18:2b:9f:fe:0a:0f:51:
91:e1:7d:34:3d:8b:6b:83:aa:5f:b0:ab:84:50:9e:a5:5c:99:
6f:dc:9c:d9:21:3b:49:be:ae:1b:2b:d2:d1:b4:9b:78:3e:4e:
96:1a:41:5a:cf:30:ec:81:16:6b:4d:02:25:10:32:97:62:b8:
05:5c:c5:63:d3:55:78:3b:9d:4e:51:31:41:80:e1:6f:c1:63:
de:ab:61:e6:de:19:c7:4f:e0:f7:bb:07:80:24:6e:2b:01:b5:
1b:59:8c:b5:21:b2:ec:ac:b1:ec:40:8b:a7:4a:ec:fa:a7:1b:
29:61:c7:6a:6b:6c:93:8e:92:ce:4b:ad:64:a5:c0:19:18:77:
f9:22:cd:c6:ee:ef:38:01:b7:78:73:85:a6:52:d4:ac:35:79:
ec:08:13:6f:cf:a5:96:57:91:13:e0:25:14:19:4b:45:42:e2:
b4:44:61:03:39:c4:3c:0e:0e:17:9b:6f:04:46:c2:cc:29:2e:
75:3e:5b:37:b8:9d:16:a3:ea:d7:dc:9e:a7:15:eb:06:d6:31:
df:8e:77:85:1f:eb:80:fc:e1:6c:68:a4:67:5e:b6:0e:c7:c7:
61:9c:5e:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxVSaLGbfxV3unxsjnlJlkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjMwMTAyMDcxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzA4MDMzNzc4NjZhZTRlZDEwNWM0MTg2ZDlhOWU5ODMwODkwZGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXLvAtGFZRXMnbphozOTz7MA4ucx
Ykd9Bbi+FDfNAP/EtYU0UqMFzkUz3Xzn05zsN4c2sKrfDBH7zM9U1nRQklT43IVC
7lAY/OjoaSIE6nlpEfWOA2UiM9NOF0HORwenJwx6tztZuPJgH/kKxbDdRHGrg0N/
+4ClFiMJZDMkVXifviv1SEWNGcvSU3E1VMtSS14O7XkoxwdZWrLHynrVqpBd2YnP
nlO0+vPbEAdkyLm/5eBE4W7h1HQLOdAYAmzVdpBZviTT7AVHJ67zAQxfiOW0cZql
T1Up+Agc7QKMKU4k6/iC10/200jiskyEGLG9ZZT3Geh6D/wAy3/Tozk2SQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGcIAzd4Zq5O0QXEGG2anpgwiQ3FMB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvWndnRE4zaG1yazdSQmNRWWJacWVtRENKRGNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8zgMA0G
CSqGSIb3DQEBCwUAA4IBAQAm5K1vbmVvXwFZIQsfYrR69VVHQ9t+IAQrPiZEAhgr
n/4KD1GR4X00PYtrg6pfsKuEUJ6lXJlv3JzZITtJvq4bK9LRtJt4Pk6WGkFazzDs
gRZrTQIlEDKXYrgFXMVj01V4O51OUTFBgOFvwWPeq2Hm3hnHT+D3uweAJG4rAbUb
WYy1IbLsrLHsQIunSuz6pxspYcdqa2yTjpLOS61kpcAZGHf5Is3G7u84Abd4c4Wm
UtSsNXnsCBNvz6WWV5ET4CUUGUtFQuK0RGEDOcQ8Dg4Xm28ERsLMKS51Pls3uJ0W
o+rX3J6nFesG1jHfjneFH+uA/OFsaKRnXrYOx8dhnF5e
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:02 2024 by rpki-client on console-ams.rpki-client.org