Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/4d77d9-b0a3-48ad-aa2a-1c6ee5bbeb66/1/ZTh_QDnybahTpC53a2mHXNMimKQ.roa
File: ZTh_QDnybahTpC53a2mHXNMimKQ.roa (raw, json)
Hash identifier: NL3pDcIkJHlrl2NZBZS48HG8NizRJBRFBf3yb/3A3X8=
Subject key identifier: 65:38:7F:40:39:F2:6D:A8:53:A4:2E:77:6B:69:87:5C:D3:22:98:A4
Certificate issuer: /CN=4f908a6d868ab9e9bdb10472fbec31c966e94274
Certificate serial: 018673100D6857981393851694AD7087608F
Authority key identifier: 4F:90:8A:6D:86:8A:B9:E9:BD:B1:04:72:FB:EC:31:C9:66:E9:42:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5CKbYaKuem9sQRy--wxyWbpQnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/4d77d9-b0a3-48ad-aa2a-1c6ee5bbeb66/1/ZTh_QDnybahTpC53a2mHXNMimKQ.roa
Signing time: Tue 21 Feb 2023 08:21:17 +0000
ROA not before: Tue 21 Feb 2023 08:21:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20612
IP address blocks: 91.206.52.0/23 maxlen: 23
194.242.34.0/24 maxlen: 24
185.222.12.0/22 maxlen: 24
2a0c:d000::/29 maxlen: 64
2001:67c:20ac::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 13 Apr 2023 08:27:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:73:10:0d:68:57:98:13:93:85:16:94:ad:70:87:60:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f908a6d868ab9e9bdb10472fbec31c966e94274
Validity
Not Before: Feb 21 08:21:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65387f4039f26da853a42e776b69875cd32298a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:48:eb:b1:28:49:a8:15:20:8b:3e:34:9a:6f:
ff:da:b4:cd:fc:7e:c6:55:1f:13:21:f8:97:25:9b:
2a:9e:54:60:10:4e:77:18:70:0b:20:3c:15:16:13:
56:83:27:2f:2d:42:32:79:ef:eb:1e:1a:e2:4c:70:
7a:5b:2d:0b:3b:88:13:99:bb:02:41:10:24:ef:c5:
69:08:44:59:ab:03:9c:c8:71:97:67:4b:f5:5a:7a:
43:d7:dd:48:8b:7f:4a:e3:dc:19:39:da:8f:43:dd:
97:ca:6d:35:20:61:23:96:28:28:a8:0d:4d:55:b2:
50:31:7e:bc:2a:d9:0f:4d:4a:05:65:3f:7a:e2:84:
81:88:e8:9d:aa:de:73:82:ed:13:05:74:91:1c:8c:
0c:cf:ff:df:ce:8b:55:4b:00:32:71:eb:e0:b4:66:
c2:d3:7d:e9:a0:aa:ed:be:2f:f1:57:91:9c:a9:a3:
8e:e5:75:7d:88:70:ff:27:5d:6a:2d:e2:21:71:10:
77:cf:89:fb:15:d6:4b:e8:e1:c6:93:70:aa:42:18:
30:fb:eb:0b:d6:ff:3f:5b:b8:a9:0a:60:34:55:04:
f3:28:8e:1a:48:89:6a:5a:33:bc:31:69:91:f8:d6:
b8:15:14:a1:30:ef:da:c9:bb:d6:59:6e:d7:75:36:
83:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:38:7F:40:39:F2:6D:A8:53:A4:2E:77:6B:69:87:5C:D3:22:98:A4
X509v3 Authority Key Identifier:
keyid:4F:90:8A:6D:86:8A:B9:E9:BD:B1:04:72:FB:EC:31:C9:66:E9:42:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5CKbYaKuem9sQRy--wxyWbpQnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/4d77d9-b0a3-48ad-aa2a-1c6ee5bbeb66/1/ZTh_QDnybahTpC53a2mHXNMimKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/4d77d9-b0a3-48ad-aa2a-1c6ee5bbeb66/1/T5CKbYaKuem9sQRy--wxyWbpQnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.52.0/23
185.222.12.0/22
194.242.34.0/24
IPv6:
2001:67c:20ac::/48
2a0c:d000::/29
Signature Algorithm: sha256WithRSAEncryption
7e:46:50:5b:7b:fe:2a:47:7c:b9:92:1a:e4:cf:88:48:08:f4:
a6:3e:f4:6b:87:86:c8:18:31:79:f1:0a:27:bb:f8:ba:a9:ef:
10:6a:9c:60:78:9b:06:aa:f9:2b:4a:25:f2:41:f1:5c:79:80:
32:69:d8:e4:4e:2b:15:da:0b:69:bc:e5:b1:f1:ef:74:5a:36:
2d:73:ad:6d:00:b6:e8:c7:88:e0:1a:4b:bc:b2:d6:4c:5a:00:
a7:e0:d7:cd:cb:a5:e6:74:d0:05:03:8d:a3:5c:5d:92:15:48:
7d:a8:cb:f6:5d:9f:d1:4f:72:f2:85:4d:4c:8b:34:c6:8b:db:
00:fc:ee:32:e1:36:25:c3:25:c6:b5:04:20:eb:ec:f1:e3:2f:
56:55:7c:17:7e:12:ff:8f:c4:4a:6a:70:eb:53:23:f2:e8:54:
3d:2e:9b:82:f5:e4:d3:4d:ed:e4:60:31:13:e8:30:fd:83:d4:
8a:35:cd:a3:8d:89:73:d0:ef:d7:3e:d7:62:ac:02:e6:29:48:
be:63:f6:7f:f3:a3:b4:8e:63:30:f5:f2:13:02:43:21:89:b3:
3f:14:1f:25:f3:8f:92:6c:2e:35:06:36:3c:87:b3:ff:92:c0:
06:66:2b:cd:a5:4f:d3:8a:e3:f4:a1:4c:4b:29:a1:f5:73:c0:
50:d0:36:49
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYZzEA1oV5gTk4UWlK1wh2CPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTA4YTZkODY4YWI5ZTliZGIxMDQ3MmZiZWMzMWM5NjZl
OTQyNzQwHhcNMjMwMjIxMDgyMTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTM4N2Y0MDM5ZjI2ZGE4NTNhNDJlNzc2YjY5ODc1Y2QzMjI5OGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUjrsShJqBUgiz40mm//2rTN/H7G
VR8TIfiXJZsqnlRgEE53GHALIDwVFhNWgycvLUIyee/rHhriTHB6Wy0LO4gTmbsC
QRAk78VpCERZqwOcyHGXZ0v1WnpD191Ii39K49wZOdqPQ92Xym01IGEjligoqA1N
VbJQMX68KtkPTUoFZT964oSBiOidqt5zgu0TBXSRHIwMz//fzotVSwAycevgtGbC
033poKrtvi/xV5GcqaOO5XV9iHD/J11qLeIhcRB3z4n7FdZL6OHGk3CqQhgw++sL
1v8/W7ipCmA0VQTzKI4aSIlqWjO8MWmR+Na4FRShMO/aybvWWW7XdTaDcQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGU4f0A58m2oU6Qud2tph1zTIpikMB8GA1UdIwQY
MBaAFE+Qim2GirnpvbEEcvvsMclm6UJ0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVDS2JZYUt1ZW05c1FSeS0td3h5V2JwUW5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC80ZDc3ZDktYjBhMy00OGFkLWFhMmEt
MWM2ZWU1YmJlYjY2LzEvWlRoX1FEbnliYWhUcEM1M2EybUhYTk1pbUtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC80ZDc3ZDktYjBhMy00OGFkLWFhMmEtMWM2ZWU1YmJlYjY2
LzEvVDVDS2JZYUt1ZW05c1FSeS0td3h5V2JwUW5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQBW840AwQC
ud4MAwQAwvIiMBYEAgACMBADBwAgAQZ8IKwDBQMqDNAAMA0GCSqGSIb3DQEBCwUA
A4IBAQB+RlBbe/4qR3y5khrkz4hICPSmPvRrh4bIGDF58Qonu/i6qe8QapxgeJsG
qvkrSiXyQfFceYAyadjkTisV2gtpvOWx8e90WjYtc61tALbox4jgGku8stZMWgCn
4NfNy6XmdNAFA42jXF2SFUh9qMv2XZ/RT3LyhU1MizTGi9sA/O4y4TYlwyXGtQQg
6+zx4y9WVXwXfhL/j8RKanDrUyPy6FQ9LpuC9eTTTe3kYDET6DD9g9SKNc2jjYlz
0O/XPtdirALmKUi+Y/Z/86O0jmMw9fITAkMhibM/FB8l84+SbC41BjY8h7P/ksAG
ZivNpU/TiuP0oUxLKaH1c8BQ0DZJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:24 2024 by rpki-client on console-ams.rpki-client.org