Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/ZkNzGeMHQ6lEnxcbu9DkXZECU7M.roa
File: ZkNzGeMHQ6lEnxcbu9DkXZECU7M.roa (raw, json)
Hash identifier: oCYOX/jVNVbnbDxIzniF0xhwXpK3qlddWr7Oi71wC1E=
Subject key identifier: 66:43:73:19:E3:07:43:A9:44:9F:17:1B:BB:D0:E4:5D:91:02:53:B3
Certificate issuer: /CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Certificate serial: 018570D518B7F19DAE42E466D34F6FB1807C
Authority key identifier: AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/ZkNzGeMHQ6lEnxcbu9DkXZECU7M.roa
Signing time: Mon 02 Jan 2023 04:54:51 +0000
ROA not before: Mon 02 Jan 2023 04:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397065
IP address blocks: 78.143.240.0/24 maxlen: 24
78.143.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:18:b7:f1:9d:ae:42:e4:66:d3:4f:6f:b1:80:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Validity
Not Before: Jan 2 04:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66437319e30743a9449f171bbbd0e45d910253b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f9:69:3c:04:68:cd:83:c4:09:1f:e1:cb:ca:
08:68:63:81:f8:c1:91:6b:0c:34:fd:65:4f:d9:56:
8d:73:de:41:b4:60:3b:1a:76:73:c0:da:37:ff:bc:
cb:bc:c1:e9:2b:5a:68:46:fc:a6:8a:7e:74:82:d9:
e7:fb:9a:3b:32:85:19:82:cc:fb:68:5e:d7:ab:a4:
bd:a6:a5:22:09:ad:ad:d2:c1:96:4a:73:33:4a:ae:
16:b1:2f:8a:0f:0d:9f:28:3c:09:09:14:1f:59:a7:
11:01:6d:b3:3a:b7:c8:84:04:46:47:b7:f8:31:79:
7c:4f:fb:32:79:c4:a7:bc:eb:c3:c5:21:75:b1:22:
e4:30:59:c3:76:c2:52:db:04:06:79:9d:ab:a1:23:
53:a1:41:03:82:c8:01:32:c4:30:92:f5:17:9c:71:
ef:75:3d:e7:8a:49:c3:72:df:a0:da:36:bd:bd:6a:
61:e5:34:57:5f:55:c4:35:12:1e:b9:07:2a:eb:16:
46:49:71:52:35:19:67:ee:f8:d6:da:e5:b1:af:d5:
dc:87:d9:39:68:09:f7:0c:84:9d:0e:14:3f:dc:cf:
69:3e:13:3b:a0:29:1a:88:2e:fb:f5:03:6c:7e:f1:
a5:d7:57:ad:e3:d2:ee:e2:8e:1e:02:84:31:b9:09:
b1:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:43:73:19:E3:07:43:A9:44:9F:17:1B:BB:D0:E4:5D:91:02:53:B3
X509v3 Authority Key Identifier:
keyid:AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/ZkNzGeMHQ6lEnxcbu9DkXZECU7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.143.240.0/24
78.143.243.0/24
Signature Algorithm: sha256WithRSAEncryption
49:b5:e1:7c:fd:eb:af:e0:50:25:67:7a:68:be:69:4c:93:b3:
07:1e:77:6f:b0:86:65:6f:c0:d6:55:bc:ec:f6:0f:77:5c:c4:
1a:92:fd:a2:4a:4f:a8:2e:6e:cb:f0:d3:f3:fd:a4:ff:f2:e6:
29:72:c4:bb:7d:ae:e8:f7:47:7c:1c:55:91:e9:9c:35:a2:8b:
15:ad:a1:3b:38:ba:c5:73:16:68:73:ce:0f:49:32:c1:0b:2b:
f0:2f:13:09:32:db:eb:ac:18:a4:48:c0:8f:2c:5a:9f:cb:d8:
c6:f6:e2:18:b2:39:65:83:62:2f:f9:e0:4a:c9:13:df:c8:45:
a7:29:0b:c3:cb:f1:19:c1:eb:f7:cc:2e:6d:67:40:45:c6:49:
6a:1c:fc:8e:eb:29:f6:da:8c:b7:c9:31:75:3d:18:36:69:f7:
71:e3:78:73:a3:a4:3d:ae:4f:ae:4c:a4:a8:55:fd:ba:3a:68:
49:ff:80:b3:8e:72:1d:9e:64:63:4b:3b:6f:45:e3:af:52:0c:
8a:32:53:2c:01:10:3d:af:2c:2f:08:e2:ff:09:d5:4a:4a:77:
27:dd:93:96:98:a9:91:ad:11:aa:6f:ba:e5:5f:48:0c:25:6a:
c9:6c:f4:88:f9:6b:73:b8:7b:3b:59:56:59:ae:ba:ea:87:b9:
9a:a9:6e:25
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVw1Ri38Z2uQuRm009vsYB8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYjY2ZWM1ZThmMjQwNWY2ZjhkNDg2ZTczZmI4MmI4ZGUw
ZGVlMGYwHhcNMjMwMTAyMDQ1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjQzNzMxOWUzMDc0M2E5NDQ5ZjE3MWJiYmQwZTQ1ZDkxMDI1M2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPlpPARozYPECR/hy8oIaGOB+MGR
aww0/WVP2VaNc95BtGA7GnZzwNo3/7zLvMHpK1poRvymin50gtnn+5o7MoUZgsz7
aF7Xq6S9pqUiCa2t0sGWSnMzSq4WsS+KDw2fKDwJCRQfWacRAW2zOrfIhARGR7f4
MXl8T/syecSnvOvDxSF1sSLkMFnDdsJS2wQGeZ2roSNToUEDgsgBMsQwkvUXnHHv
dT3niknDct+g2ja9vWph5TRXX1XENRIeuQcq6xZGSXFSNRln7vjW2uWxr9Xch9k5
aAn3DISdDhQ/3M9pPhM7oCkaiC779QNsfvGl11et49Lu4o4eAoQxuQmx/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGZDcxnjB0OpRJ8XG7vQ5F2RAlOzMB8GA1UdIwQY
MBaAFK62bsXo8kBfb41IbnP7grjeDe4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnJadXhlanlRRjl2alVodWNfdUN1TjRON2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xNTM3ODgtMTRiNy00NTUxLTlhZGUt
NmFlYTkwNTdjODAwLzEvWmtOekdlTUhRNmxFbnhjYnU5RGtYWkVDVTdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xNTM3ODgtMTRiNy00NTUxLTlhZGUtNmFlYTkwNTdjODAw
LzEvcnJadXhlanlRRjl2alVodWNfdUN1TjRON2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATo/wAwQA
To/zMA0GCSqGSIb3DQEBCwUAA4IBAQBJteF8/euv4FAlZ3povmlMk7MHHndvsIZl
b8DWVbzs9g93XMQakv2iSk+oLm7L8NPz/aT/8uYpcsS7fa7o90d8HFWR6Zw1oosV
raE7OLrFcxZoc84PSTLBCyvwLxMJMtvrrBikSMCPLFqfy9jG9uIYsjllg2Iv+eBK
yRPfyEWnKQvDy/EZwev3zC5tZ0BFxklqHPyO6yn22oy3yTF1PRg2afdx43hzo6Q9
rk+uTKSoVf26OmhJ/4CzjnIdnmRjSztvReOvUgyKMlMsARA9rywvCOL/CdVKSncn
3ZOWmKmRrRGqb7rlX0gMJWrJbPSI+WtzuHs7WVZZrrrqh7maqW4l
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:53 2024 by rpki-client on console-ams.rpki-client.org