Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/fc7aee-233c-4d64-9293-05978a5a1d69/1/ZMQMYNTJeIwMgxRyqAfYqeyNCPg.roa
File: ZMQMYNTJeIwMgxRyqAfYqeyNCPg.roa (raw, json)
Hash identifier: 3xZRKsQGVEkuAXccmjYBYLry6LaiHnDUn0ODyRUv3mM=
Subject key identifier: 64:C4:0C:60:D4:C9:78:8C:0C:83:14:72:A8:07:D8:A9:EC:8D:08:F8
Certificate issuer: /CN=3f46c351ee89c9f5558167530704885b8be46eaa
Certificate serial: 01856DDD573A195FDCB3F32E4D5EDB476476
Authority key identifier: 3F:46:C3:51:EE:89:C9:F5:55:81:67:53:07:04:88:5B:8B:E4:6E:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P0bDUe6JyfVVgWdTBwSIW4vkbqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/fc7aee-233c-4d64-9293-05978a5a1d69/1/ZMQMYNTJeIwMgxRyqAfYqeyNCPg.roa
Signing time: Sun 01 Jan 2023 15:05:00 +0000
ROA not before: Sun 01 Jan 2023 15:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205930
IP address blocks: 185.169.68.0/22 maxlen: 22
2a0b:40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:57:3a:19:5f:dc:b3:f3:2e:4d:5e:db:47:64:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f46c351ee89c9f5558167530704885b8be46eaa
Validity
Not Before: Jan 1 15:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64c40c60d4c9788c0c831472a807d8a9ec8d08f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0c:50:cc:d1:60:10:78:12:df:a8:38:92:54:
14:67:56:39:97:4a:e5:64:3a:16:34:c1:48:32:05:
75:2d:1d:11:1e:a5:c8:fc:5d:8b:22:95:d4:cf:ec:
76:93:78:c2:a0:45:4a:d2:75:c8:99:43:a7:70:ef:
32:20:bb:c4:8c:a5:b0:0e:44:0d:f7:7c:45:0e:96:
ee:07:89:b0:f7:8a:6a:64:11:0c:06:e6:34:e1:41:
04:ee:60:e5:af:0e:a9:5e:e9:5f:f2:35:02:0b:0d:
f1:e0:a5:db:c5:93:6b:d1:8e:fe:52:34:a5:98:0d:
ff:aa:53:09:9e:c3:90:ec:64:88:af:3f:ca:e6:0a:
b6:0c:87:2d:2d:57:77:2e:e5:c3:d1:b2:0e:53:37:
bf:35:b7:6a:83:da:8b:ff:73:4a:1a:a7:2e:55:7a:
60:5e:e6:64:92:eb:fb:6e:cc:f4:64:3e:04:2f:c9:
06:2f:a9:fd:89:d7:9a:4d:c7:8b:42:48:ff:1f:09:
9b:a4:04:6e:19:c4:c2:9c:1f:e7:1a:38:90:35:23:
e0:18:d1:8b:82:1b:c9:f0:c0:1f:f5:58:7c:bd:60:
e2:a1:8c:77:f1:d8:58:cd:0c:db:0a:04:8b:45:6e:
15:50:02:e1:db:85:8d:01:31:86:17:32:68:b0:ca:
90:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:C4:0C:60:D4:C9:78:8C:0C:83:14:72:A8:07:D8:A9:EC:8D:08:F8
X509v3 Authority Key Identifier:
keyid:3F:46:C3:51:EE:89:C9:F5:55:81:67:53:07:04:88:5B:8B:E4:6E:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P0bDUe6JyfVVgWdTBwSIW4vkbqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/fc7aee-233c-4d64-9293-05978a5a1d69/1/ZMQMYNTJeIwMgxRyqAfYqeyNCPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/fc7aee-233c-4d64-9293-05978a5a1d69/1/P0bDUe6JyfVVgWdTBwSIW4vkbqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.68.0/22
IPv6:
2a0b:40::/29
Signature Algorithm: sha256WithRSAEncryption
70:04:14:e3:ef:4d:9d:71:73:60:e1:80:48:4f:4e:b4:bb:0b:
36:53:4e:d6:63:29:90:41:df:05:6e:e1:7d:47:5b:fb:f7:a2:
f4:6d:9d:b1:11:af:91:a4:f8:37:ac:a0:3a:98:36:07:20:8b:
1d:e0:30:d8:e2:b7:77:78:b9:79:fa:79:1a:bd:18:6e:a2:aa:
0a:71:d2:54:f0:9a:3d:f1:74:ec:c8:4e:78:0e:8c:10:92:3e:
91:b2:1b:09:73:52:83:2e:eb:bc:14:22:45:de:90:62:16:14:
3f:d9:dd:d7:4c:ee:0b:de:c7:f8:13:26:d6:88:d3:d0:54:cf:
91:c7:7b:43:3e:d5:21:06:da:d5:77:0e:71:7c:90:8a:1b:58:
d7:6b:71:36:3f:8f:fb:01:03:25:02:0c:6a:39:68:70:27:ce:
38:e7:70:be:30:c1:f7:7d:1b:78:55:9c:f1:97:8b:74:09:39:
0c:c3:20:e9:d9:3d:c4:ba:59:b5:44:a8:1f:ce:98:6f:c8:4c:
3b:08:cb:07:a4:36:a7:eb:5f:0a:6f:1a:a4:9f:9c:57:20:fa:
4a:a8:11:cf:16:1f:70:3b:08:4b:da:05:1e:f9:bf:c3:50:b9:
66:2b:4f:ef:13:fe:59:38:68:60:3e:44:4c:2c:bc:52:5f:9f:
df:76:d5:5c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVt3Vc6GV/cs/MuTV7bR2R2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmNDZjMzUxZWU4OWM5ZjU1NTgxNjc1MzA3MDQ4ODViOGJl
NDZlYWEwHhcNMjMwMTAxMTUwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGM0MGM2MGQ0Yzk3ODhjMGM4MzE0NzJhODA3ZDhhOWVjOGQwOGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQxQzNFgEHgS36g4klQUZ1Y5l0rl
ZDoWNMFIMgV1LR0RHqXI/F2LIpXUz+x2k3jCoEVK0nXImUOncO8yILvEjKWwDkQN
93xFDpbuB4mw94pqZBEMBuY04UEE7mDlrw6pXulf8jUCCw3x4KXbxZNr0Y7+UjSl
mA3/qlMJnsOQ7GSIrz/K5gq2DIctLVd3LuXD0bIOUze/Nbdqg9qL/3NKGqcuVXpg
XuZkkuv7bsz0ZD4EL8kGL6n9ideaTceLQkj/HwmbpARuGcTCnB/nGjiQNSPgGNGL
ghvJ8MAf9Vh8vWDioYx38dhYzQzbCgSLRW4VUALh24WNATGGFzJosMqQMwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGTEDGDUyXiMDIMUcqgH2KnsjQj4MB8GA1UdIwQY
MBaAFD9Gw1Huicn1VYFnUwcEiFuL5G6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDBiRFVlNkp5ZlZWZ1dkVEJ3U0lXNHZrYnFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9mYzdhZWUtMjMzYy00ZDY0LTkyOTMt
MDU5NzhhNWExZDY5LzEvWk1RTVlOVEplSXdNZ3hSeXFBZllxZXlOQ1BnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9mYzdhZWUtMjMzYy00ZDY0LTkyOTMtMDU5NzhhNWExZDY5
LzEvUDBiRFVlNkp5ZlZWZ1dkVEJ3U0lXNHZrYnFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCualEMA0E
AgACMAcDBQMqCwBAMA0GCSqGSIb3DQEBCwUAA4IBAQBwBBTj702dcXNg4YBIT060
uws2U07WYymQQd8FbuF9R1v796L0bZ2xEa+RpPg3rKA6mDYHIIsd4DDY4rd3eLl5
+nkavRhuoqoKcdJU8Jo98XTsyE54DowQkj6RshsJc1KDLuu8FCJF3pBiFhQ/2d3X
TO4L3sf4EybWiNPQVM+Rx3tDPtUhBtrVdw5xfJCKG1jXa3E2P4/7AQMlAgxqOWhw
J84453C+MMH3fRt4VZzxl4t0CTkMwyDp2T3Eulm1RKgfzphvyEw7CMsHpDan618K
bxqkn5xXIPpKqBHPFh9wOwhL2gUe+b/DULlmK0/vE/5ZOGhgPkRMLLxSX5/fdtVc
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:06 2024 by rpki-client on console-ams.rpki-client.org