Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/7db3b3-2f8a-47c7-bb8c-3a3034a39ea5/1/zgz3kw-26Pt4quLco2z5jGzxYbI.roa
File: zgz3kw-26Pt4quLco2z5jGzxYbI.roa (raw, json)
Hash identifier: 7F7dI5hrmxAp4iTR9VKDrZfQGf9R9gKc0g8SmjatWFg=
Subject key identifier: CE:0C:F7:93:0F:B6:E8:FB:78:AA:E2:DC:A3:6C:F9:8C:6C:F1:61:B2
Certificate issuer: /CN=2d43689a7638ff737591ff3b251918862349695c
Certificate serial: 01856D81CC76ADBBB0F46DC0A8F1BAA33843
Authority key identifier: 2D:43:68:9A:76:38:FF:73:75:91:FF:3B:25:19:18:86:23:49:69:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LUNomnY4_3N1kf87JRkYhiNJaVw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/7db3b3-2f8a-47c7-bb8c-3a3034a39ea5/1/zgz3kw-26Pt4quLco2z5jGzxYbI.roa
Signing time: Sun 01 Jan 2023 13:25:01 +0000
ROA not before: Sun 01 Jan 2023 13:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60526
IP address blocks: 185.152.212.0/24 maxlen: 24
185.152.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:cc:76:ad:bb:b0:f4:6d:c0:a8:f1:ba:a3:38:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d43689a7638ff737591ff3b251918862349695c
Validity
Not Before: Jan 1 13:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce0cf7930fb6e8fb78aae2dca36cf98c6cf161b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:12:e9:43:20:9a:95:50:3f:79:27:6e:df:f9:
2f:fc:79:6f:24:76:fc:83:f2:36:b5:23:f1:a8:69:
af:e3:10:6f:31:39:8a:3a:d5:73:93:3c:ee:39:ec:
62:2d:d1:f5:2d:5f:b8:38:d2:2a:84:88:b5:1b:29:
80:f2:ad:c4:ea:d3:29:8d:c4:50:31:1b:03:fa:43:
4b:57:46:67:4a:6b:4c:e0:dc:e9:73:4e:e0:df:c2:
5b:e3:85:af:ae:fd:e4:44:91:6c:2a:b0:51:59:3e:
22:f5:07:32:bc:18:8f:66:51:ca:f5:ef:96:c5:cf:
d9:c1:c5:45:09:8d:0a:53:7a:46:21:9e:4d:71:5b:
3b:4d:9a:ad:be:9a:a3:36:a0:80:69:d4:d4:f3:7a:
a6:3d:e6:e8:22:41:3d:5d:fd:f5:42:a6:45:0f:2f:
9d:7a:a3:34:0b:b7:51:df:f2:3d:f5:01:8a:8f:97:
53:ec:5e:ee:e0:5e:15:de:0c:f6:e5:58:da:0c:d3:
a4:c4:ae:92:5e:d2:58:ca:7a:82:50:17:c9:30:6c:
f0:7b:a7:ba:55:1d:c6:73:fe:17:55:e5:64:be:b2:
2e:25:0c:e7:d4:0f:77:e1:24:f6:1e:45:c9:18:18:
0f:66:cb:55:94:5f:95:2a:6b:dd:a3:3b:27:0c:6a:
08:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:0C:F7:93:0F:B6:E8:FB:78:AA:E2:DC:A3:6C:F9:8C:6C:F1:61:B2
X509v3 Authority Key Identifier:
keyid:2D:43:68:9A:76:38:FF:73:75:91:FF:3B:25:19:18:86:23:49:69:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LUNomnY4_3N1kf87JRkYhiNJaVw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/7db3b3-2f8a-47c7-bb8c-3a3034a39ea5/1/zgz3kw-26Pt4quLco2z5jGzxYbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/7db3b3-2f8a-47c7-bb8c-3a3034a39ea5/1/LUNomnY4_3N1kf87JRkYhiNJaVw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.212.0/24
185.152.214.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:8c:d6:6b:20:a7:c5:35:05:ef:2d:02:12:e6:80:55:38:ca:
18:5f:6b:39:48:9a:b2:9c:5a:c3:c2:1e:5c:fc:ca:9f:73:a1:
df:aa:3f:a4:97:ee:2c:bf:00:f2:82:8e:5c:fb:26:af:39:d9:
27:a4:f9:bb:73:fc:e5:d6:00:2b:3e:5e:46:02:9c:62:6d:45:
fd:6d:cb:6e:1c:5b:9a:88:0a:52:75:fb:73:59:8a:d5:42:f6:
4d:f6:0d:20:4b:ca:ef:85:66:a6:24:ff:b9:d4:ae:63:41:a6:
03:d9:af:61:f4:27:17:21:53:b3:7e:ca:54:c0:ea:eb:1b:bd:
39:a2:a5:49:4d:78:31:61:54:50:2f:ae:47:e4:75:c1:05:d0:
59:20:0e:f8:77:b7:a6:94:3f:ce:9d:d9:33:4e:da:3b:f4:e6:
93:06:3e:8d:b1:0f:ea:fd:5b:b9:a5:cf:25:45:07:24:d4:b4:
41:b7:21:ea:fe:b8:0f:ad:3c:37:25:35:ee:5b:48:a5:39:61:
fe:59:86:b5:64:95:4f:6c:a1:72:58:14:dd:07:26:0a:c5:87:
f3:6b:be:30:69:ad:55:07:04:76:c8:2d:28:c8:0b:b1:45:f2:
72:31:6d:2f:5d:2e:b1:a9:7b:eb:3c:89:6f:0d:05:61:34:f9:
77:09:8f:64
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtgcx2rbuw9G3AqPG6ozhDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkNDM2ODlhNzYzOGZmNzM3NTkxZmYzYjI1MTkxODg2MjM0
OTY5NWMwHhcNMjMwMTAxMTMyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTBjZjc5MzBmYjZlOGZiNzhhYWUyZGNhMzZjZjk4YzZjZjE2MWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRLpQyCalVA/eSdu3/kv/HlvJHb8
g/I2tSPxqGmv4xBvMTmKOtVzkzzuOexiLdH1LV+4ONIqhIi1GymA8q3E6tMpjcRQ
MRsD+kNLV0ZnSmtM4Nzpc07g38Jb44Wvrv3kRJFsKrBRWT4i9QcyvBiPZlHK9e+W
xc/ZwcVFCY0KU3pGIZ5NcVs7TZqtvpqjNqCAadTU83qmPeboIkE9Xf31QqZFDy+d
eqM0C7dR3/I99QGKj5dT7F7u4F4V3gz25VjaDNOkxK6SXtJYynqCUBfJMGzwe6e6
VR3Gc/4XVeVkvrIuJQzn1A934ST2HkXJGBgPZstVlF+VKmvdozsnDGoIRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM4M95MPtuj7eKri3KNs+Yxs8WGyMB8GA1UdIwQY
MBaAFC1DaJp2OP9zdZH/OyUZGIYjSWlcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFVOb21uWTRfM04xa2Y4N0pSa1loaU5KYVZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS83ZGIzYjMtMmY4YS00N2M3LWJiOGMt
M2EzMDM0YTM5ZWE1LzEvemd6M2t3LTI2UHQ0cXVMY28yejVqR3p4WWJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS83ZGIzYjMtMmY4YS00N2M3LWJiOGMtM2EzMDM0YTM5ZWE1
LzEvTFVOb21uWTRfM04xa2Y4N0pSa1loaU5KYVZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuZjUAwQA
uZjWMA0GCSqGSIb3DQEBCwUAA4IBAQBfjNZrIKfFNQXvLQIS5oBVOMoYX2s5SJqy
nFrDwh5c/Mqfc6Hfqj+kl+4svwDygo5c+yavOdknpPm7c/zl1gArPl5GApxibUX9
bctuHFuaiApSdftzWYrVQvZN9g0gS8rvhWamJP+51K5jQaYD2a9h9CcXIVOzfspU
wOrrG705oqVJTXgxYVRQL65H5HXBBdBZIA74d7emlD/OndkzTto79OaTBj6NsQ/q
/Vu5pc8lRQck1LRBtyHq/rgPrTw3JTXuW0ilOWH+WYa1ZJVPbKFyWBTdByYKxYfz
a74waa1VBwR2yC0oyAuxRfJyMW0vXS6xqXvrPIlvDQVhNPl3CY9k
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:48 2024 by rpki-client on console-ams.rpki-client.org