Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/ZLS-4S7TYJn6LrRmERCIyjCMlJk.roa
File: ZLS-4S7TYJn6LrRmERCIyjCMlJk.roa (raw, json)
Hash identifier: Y2EVz6GiGP6V81a0Rht9C5rHIpRJJSd7DahRgHSypOk=
Subject key identifier: 64:B4:BE:E1:2E:D3:60:99:FA:2E:B4:66:11:10:88:CA:30:8C:94:99
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01907831328E478855783BBECAB60957AE0B
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/ZLS-4S7TYJn6LrRmERCIyjCMlJk.roa
Signing time: Wed 03 Jul 2024 10:43:28 +0000
ROA not before: Wed 03 Jul 2024 10:43:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20688
IP address blocks: 93.171.143.0/24 maxlen: 24
146.120.0.0/21 maxlen: 24
146.120.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Aug 2024 09:45:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:78:31:32:8e:47:88:55:78:3b:be:ca:b6:09:57:ae:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jul 3 10:43:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64b4bee12ed36099fa2eb466111088ca308c9499
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:82:77:fa:48:7d:fe:da:85:d5:8b:f1:b6:fe:
e4:d8:9f:56:4e:1e:fc:65:47:23:1c:a6:26:ad:bc:
01:f2:d3:99:88:a7:fc:60:da:3b:df:9c:d4:04:c0:
9f:71:d1:25:ba:ec:29:2a:4f:8a:8e:bc:c4:94:e8:
71:3d:b6:ea:bc:26:e8:79:e1:1a:4f:40:fc:f2:c5:
a3:22:62:b5:e1:73:9d:c9:e3:56:d3:fd:1d:00:b3:
84:72:d5:6a:ac:0b:b1:22:29:c8:fd:cf:51:65:60:
f7:76:6b:d0:67:ac:4e:10:14:02:ec:4f:0a:60:78:
4a:d3:45:35:ae:42:12:d6:e4:52:7b:14:e9:c8:a3:
ca:23:f4:0a:40:29:8c:b5:26:28:e4:b6:43:e7:44:
74:c4:79:21:63:4a:af:7f:b0:17:f8:48:a6:7b:da:
9f:cd:50:dc:b0:f0:8f:bb:28:ca:d6:33:ac:d0:88:
67:b0:4a:7b:6e:4a:a3:c3:63:ae:0b:16:aa:0c:a8:
c5:df:75:3c:85:07:23:db:5b:fc:3f:f9:7c:54:41:
50:99:ed:fc:a5:ba:32:25:ff:7b:85:37:fe:f1:a8:
56:35:bd:70:82:69:93:39:12:41:f5:64:a3:eb:51:
f9:ec:03:3d:db:98:6f:94:b2:8a:2c:16:6e:a5:f4:
4c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:B4:BE:E1:2E:D3:60:99:FA:2E:B4:66:11:10:88:CA:30:8C:94:99
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/ZLS-4S7TYJn6LrRmERCIyjCMlJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.143.0/24
146.120.0.0/21
146.120.116.0/22
Signature Algorithm: sha256WithRSAEncryption
60:55:7a:f2:70:7d:2c:2c:bc:d0:c7:03:83:08:be:f5:6a:49:
e5:b8:03:c2:be:91:e5:33:0a:6c:68:23:5d:69:22:bb:80:89:
5d:de:dc:5a:25:76:b0:7d:ed:b2:f3:f4:b6:0c:99:d1:91:c6:
06:fd:4e:e7:f3:8b:15:ec:ae:71:f9:ce:c8:77:a5:3f:6f:5c:
18:44:06:f1:d7:48:79:7a:a7:07:75:8f:7c:e5:f3:40:b4:98:
96:70:9e:62:b2:e7:c2:b7:e1:f3:bd:7d:d5:30:07:54:42:01:
ed:e1:ff:3c:ff:0e:db:d5:1c:0c:03:dc:22:45:cf:72:e6:50:
0a:99:e5:9b:d2:b7:0a:ff:06:d0:92:3e:81:83:d1:a0:d4:d2:
b3:60:6d:66:78:d5:33:52:83:2b:f8:e0:6a:2c:6c:1b:cd:ed:
c1:b0:99:3d:a6:9d:44:ba:5d:7d:57:ce:4e:02:88:0e:f0:26:
4a:15:eb:f8:43:30:55:bd:c4:80:43:d1:35:e6:b8:0b:2a:c4:
83:8f:92:84:28:b5:93:c5:ca:f3:09:7d:f5:42:54:3d:27:60:
2f:8b:2e:2b:ef:df:7c:9c:bb:3f:da:d5:f5:72:f8:6a:e4:8d:
9b:f2:25:b3:b2:57:d1:5d:58:32:74:c9:09:e9:fe:e7:53:1b:
34:b5:90:0a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZB4MTKOR4hVeDu+yrYJV64LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwNzAzMTA0MzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGI0YmVlMTJlZDM2MDk5ZmEyZWI0NjYxMTEwODhjYTMwOGM5NDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoJ3+kh9/tqF1Yvxtv7k2J9WTh78
ZUcjHKYmrbwB8tOZiKf8YNo735zUBMCfcdEluuwpKk+KjrzElOhxPbbqvCboeeEa
T0D88sWjImK14XOdyeNW0/0dALOEctVqrAuxIinI/c9RZWD3dmvQZ6xOEBQC7E8K
YHhK00U1rkIS1uRSexTpyKPKI/QKQCmMtSYo5LZD50R0xHkhY0qvf7AX+Eime9qf
zVDcsPCPuyjK1jOs0IhnsEp7bkqjw2OuCxaqDKjF33U8hQcj21v8P/l8VEFQme38
pboyJf97hTf+8ahWNb1wgmmTORJB9WSj61H57AM925hvlLKKLBZupfRMwwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGS0vuEu02CZ+i60ZhEQiMowjJSZMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvWkxTLTRTN1RZSm42THJSbUVSQ0l5akNNbEprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXauPAwQD
kngAAwQCknh0MA0GCSqGSIb3DQEBCwUAA4IBAQBgVXrycH0sLLzQxwODCL71aknl
uAPCvpHlMwpsaCNdaSK7gIld3txaJXawfe2y8/S2DJnRkcYG/U7n84sV7K5x+c7I
d6U/b1wYRAbx10h5eqcHdY985fNAtJiWcJ5isufCt+HzvX3VMAdUQgHt4f88/w7b
1RwMA9wiRc9y5lAKmeWb0rcK/wbQkj6Bg9Gg1NKzYG1meNUzUoMr+OBqLGwbze3B
sJk9pp1Eul19V85OAogO8CZKFev4QzBVvcSAQ9E15rgLKsSDj5KEKLWTxcrzCX31
QlQ9J2Aviy4r7998nLs/2tX1cvhq5I2b8iWzslfRXVgydMkJ6f7nUxs0tZAK
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:41:24 2025 by rpki-client