Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/bbf319-15a9-40d9-beec-36a86f0d0e13/1/Zzorc3HBdF-FQi-55qU4at5W2xA.roa
File: Zzorc3HBdF-FQi-55qU4at5W2xA.roa (raw, json)
Hash identifier: ZL+92QmQyck2dCMziIFOQnwNAQyo9guXnq9BVS4NSgg=
Subject key identifier: 67:3A:2B:73:71:C1:74:5F:85:42:2F:B9:E6:A5:38:6A:DE:56:DB:10
Certificate issuer: /CN=d5b6d2a0a8c538e917fb94aa96791a3be7b8063a
Certificate serial: 0185704BD3873446747DEF0167B8B6CEA458
Authority key identifier: D5:B6:D2:A0:A8:C5:38:E9:17:FB:94:AA:96:79:1A:3B:E7:B8:06:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1bbSoKjFOOkX-5SqlnkaO-e4Bjo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/bbf319-15a9-40d9-beec-36a86f0d0e13/1/Zzorc3HBdF-FQi-55qU4at5W2xA.roa
Signing time: Mon 02 Jan 2023 02:24:55 +0000
ROA not before: Mon 02 Jan 2023 02:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208417
IP address blocks: 45.129.17.0/24 maxlen: 24
45.129.16.0/24 maxlen: 24
45.129.18.0/24 maxlen: 24
45.129.19.0/24 maxlen: 24
2a0e:3640::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:d3:87:34:46:74:7d:ef:01:67:b8:b6:ce:a4:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5b6d2a0a8c538e917fb94aa96791a3be7b8063a
Validity
Not Before: Jan 2 02:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=673a2b7371c1745f85422fb9e6a5386ade56db10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:43:41:48:c7:59:83:a6:10:f2:c3:26:80:76:
1e:74:26:38:5d:a3:a3:ef:2f:e0:bb:30:a8:2c:85:
f7:89:0a:64:c1:77:5c:61:b8:d6:60:64:59:b0:20:
52:41:e2:a1:3c:92:ee:76:71:0f:12:ab:6e:d2:fe:
78:c5:13:ed:87:37:36:e0:56:b8:1d:40:7a:b5:f0:
95:7e:80:20:b5:8e:b9:da:7c:f2:1b:67:ff:c3:95:
1c:ef:d1:d2:f9:b0:5a:18:49:4e:14:82:97:37:48:
b3:f4:35:86:56:8a:a3:b1:ff:af:d7:01:84:79:cc:
84:28:b3:88:4b:a4:cf:2f:53:98:a6:58:4a:e5:b4:
7a:98:4b:8d:5e:d7:87:eb:3b:48:8c:9e:90:45:6b:
e5:a0:f5:95:63:3b:17:f3:87:18:4a:5e:55:54:e7:
75:b8:26:e5:38:85:85:a5:4b:3e:c9:b8:e3:87:54:
0a:c9:f9:8e:9f:d2:37:08:10:fd:20:1a:b1:29:bd:
60:62:b3:20:6b:f5:3f:77:e3:da:89:1a:93:74:aa:
29:5e:94:22:c0:b0:22:0d:55:70:09:df:22:71:7b:
f2:66:87:b2:14:55:81:8c:60:6c:90:c4:08:30:96:
c4:69:f6:b7:96:eb:06:82:d2:09:db:9e:89:b0:a8:
b1:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:3A:2B:73:71:C1:74:5F:85:42:2F:B9:E6:A5:38:6A:DE:56:DB:10
X509v3 Authority Key Identifier:
keyid:D5:B6:D2:A0:A8:C5:38:E9:17:FB:94:AA:96:79:1A:3B:E7:B8:06:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1bbSoKjFOOkX-5SqlnkaO-e4Bjo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/bbf319-15a9-40d9-beec-36a86f0d0e13/1/Zzorc3HBdF-FQi-55qU4at5W2xA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/bbf319-15a9-40d9-beec-36a86f0d0e13/1/1bbSoKjFOOkX-5SqlnkaO-e4Bjo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.16.0/22
IPv6:
2a0e:3640::/48
Signature Algorithm: sha256WithRSAEncryption
8c:73:9d:15:61:f2:61:5c:55:d6:25:6a:bd:b2:fa:3b:bc:68:
6f:27:c6:e6:6f:14:4f:01:92:50:52:bc:89:01:6e:4b:b3:c8:
57:19:ad:57:7d:28:4c:73:b2:74:fb:eb:74:76:1f:51:cb:5b:
ea:5b:2e:85:fa:0a:70:86:79:e1:f7:01:e8:8b:55:a7:2c:af:
71:71:df:4b:13:2b:67:18:bc:24:86:92:d1:53:35:1c:fc:48:
57:ca:35:3e:5c:43:8d:dd:08:ca:0e:75:21:1a:61:1a:cf:40:
5a:76:a4:3c:e1:08:88:47:14:43:0f:b4:7e:b3:ea:55:fd:8c:
2b:6b:06:fd:97:4f:eb:a2:07:8d:56:88:a5:4b:d2:52:ab:3e:
20:25:ff:85:28:a3:de:48:43:2f:31:f6:f0:76:42:56:f3:c6:
8c:44:fe:e8:7b:9c:81:81:7d:1a:88:de:f2:08:0a:97:75:30:
47:e8:65:57:86:9c:ed:09:93:7b:04:01:4f:c9:72:0a:12:d7:
f4:f5:f6:31:30:bc:58:ae:2b:e1:8c:b8:da:58:44:d8:6f:f7:
4d:3f:f3:b7:23:2b:0e:3c:d1:89:9e:22:5f:bc:4a:5e:fe:33:
45:38:39:16:07:7a:9e:ee:46:36:7d:8c:55:f2:36:4f:a1:a0:
fe:a0:3a:6d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwS9OHNEZ0fe8BZ7i2zqRYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1YjZkMmEwYThjNTM4ZTkxN2ZiOTRhYTk2NzkxYTNiZTdi
ODA2M2EwHhcNMjMwMTAyMDIyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzNhMmI3MzcxYzE3NDVmODU0MjJmYjllNmE1Mzg2YWRlNTZkYjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10NBSMdZg6YQ8sMmgHYedCY4XaOj
7y/guzCoLIX3iQpkwXdcYbjWYGRZsCBSQeKhPJLudnEPEqtu0v54xRPthzc24Fa4
HUB6tfCVfoAgtY652nzyG2f/w5Uc79HS+bBaGElOFIKXN0iz9DWGVoqjsf+v1wGE
ecyEKLOIS6TPL1OYplhK5bR6mEuNXteH6ztIjJ6QRWvloPWVYzsX84cYSl5VVOd1
uCblOIWFpUs+ybjjh1QKyfmOn9I3CBD9IBqxKb1gYrMga/U/d+PaiRqTdKopXpQi
wLAiDVVwCd8icXvyZoeyFFWBjGBskMQIMJbEafa3lusGgtIJ256JsKix0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGc6K3NxwXRfhUIvuealOGreVtsQMB8GA1UdIwQY
MBaAFNW20qCoxTjpF/uUqpZ5GjvnuAY6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWJiU29LakZPT2tYLTVTcWxua2FPLWU0QmpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9iYmYzMTktMTVhOS00MGQ5LWJlZWMt
MzZhODZmMGQwZTEzLzEvWnpvcmMzSEJkRi1GUWktNTVxVTRhdDVXMnhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9iYmYzMTktMTVhOS00MGQ5LWJlZWMtMzZhODZmMGQwZTEz
LzEvMWJiU29LakZPT2tYLTVTcWxua2FPLWU0QmpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCLYEQMA8E
AgACMAkDBwAqDjZAAAAwDQYJKoZIhvcNAQELBQADggEBAIxznRVh8mFcVdYlar2y
+ju8aG8nxuZvFE8BklBSvIkBbkuzyFcZrVd9KExzsnT763R2H1HLW+pbLoX6CnCG
eeH3AeiLVacsr3Fx30sTK2cYvCSGktFTNRz8SFfKNT5cQ43dCMoOdSEaYRrPQFp2
pDzhCIhHFEMPtH6z6lX9jCtrBv2XT+uiB41WiKVL0lKrPiAl/4Uoo95IQy8x9vB2
QlbzxoxE/uh7nIGBfRqI3vIICpd1MEfoZVeGnO0Jk3sEAU/JcgoS1/T19jEwvFiu
K+GMuNpYRNhv900/87cjKw480YmeIl+8Sl7+M0U4ORYHep7uRjZ9jFXyNk+hoP6g
Om0=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:19:30 2024 by rpki-client on console-fra.rpki-client.org