Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/zsMI7Iz5R_vwQnM80ZI4bENgkd4.roa
File: zsMI7Iz5R_vwQnM80ZI4bENgkd4.roa (raw, json)
Hash identifier: UQjzS2OWtxZtJLQ0KCeyxny+Y4mN9ATVxGU0XtRcPIw=
Subject key identifier: CE:C3:08:EC:8C:F9:47:FB:F0:42:73:3C:D1:92:38:6C:43:60:91:DE
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0187FBC9A73FFBF72C40E9DF9920D991BFEE
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/zsMI7Iz5R_vwQnM80ZI4bENgkd4.roa
Signing time: Mon 08 May 2023 14:35:09 +0000
ROA not before: Mon 08 May 2023 14:35:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3507
IP address blocks: 64.137.33.0/24 maxlen: 24
64.137.47.0/24 maxlen: 24
64.137.50.0/24 maxlen: 24
64.137.51.0/24 maxlen: 24
64.137.55.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fb:c9:a7:3f:fb:f7:2c:40:e9:df:99:20:d9:91:bf:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: May 8 14:35:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cec308ec8cf947fbf042733cd192386c436091de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:7b:b2:4a:87:63:b9:70:3e:f2:75:28:fb:5c:
32:ac:9c:a5:3c:4b:31:39:24:3d:a1:19:3d:d4:eb:
13:cc:f6:0b:55:a1:f4:11:49:0c:dd:66:91:f0:4a:
3e:0d:32:38:38:cc:07:b4:fa:a8:3e:66:87:23:eb:
2a:6d:22:75:cc:80:92:b0:b6:84:d2:86:85:09:1f:
e7:d3:1a:0e:a6:9f:64:d2:c8:df:b3:41:a1:b7:17:
98:02:9f:9f:b9:2d:b5:f9:ee:5d:65:5b:5a:d1:27:
b1:d8:55:bf:0e:da:15:9b:49:47:54:ef:94:d7:f8:
bd:eb:f2:a5:78:01:55:42:e1:3c:b0:07:93:ff:c9:
9c:cd:99:b5:28:63:28:be:76:9e:ba:19:f0:6c:ce:
2c:ec:fb:24:2b:fe:31:1c:a3:50:bd:19:65:eb:35:
eb:ae:7a:a1:e5:b8:da:16:f7:c0:9a:ee:3e:8e:5f:
39:71:e4:e9:78:3b:0c:ad:f8:95:df:89:91:fd:82:
6d:14:5d:68:2f:bb:32:0b:d0:ff:61:3d:8a:dc:e8:
81:94:02:1d:2e:08:c5:c4:4e:1c:48:06:a2:4b:b9:
eb:a2:3b:f9:8f:d2:cd:9a:fe:61:aa:a2:a2:57:60:
7a:60:52:90:23:e4:1c:ae:e3:ff:6b:da:98:b6:3e:
5d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:C3:08:EC:8C:F9:47:FB:F0:42:73:3C:D1:92:38:6C:43:60:91:DE
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/zsMI7Iz5R_vwQnM80ZI4bENgkd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.33.0/24
64.137.47.0/24
64.137.50.0/23
64.137.55.0/24
Signature Algorithm: sha256WithRSAEncryption
28:f9:71:64:8f:e8:e8:f4:14:83:85:04:b3:a5:94:9d:ea:8c:
25:93:44:90:ad:b7:d8:9f:b3:a1:41:5c:35:7f:a6:f8:cd:90:
3a:4f:66:ac:28:5c:df:29:98:aa:e0:5e:17:87:a0:c6:f6:4c:
ac:28:59:e8:be:3a:7b:07:d9:cf:b9:50:bd:c4:f5:1c:09:18:
d7:50:db:c2:b5:d4:8f:3c:62:bd:61:66:27:59:74:d9:1c:d8:
d6:ca:3c:77:16:99:63:99:d7:5f:4c:2e:69:45:42:30:96:cb:
42:3a:f9:2d:25:dd:95:fa:53:a3:42:42:23:3e:7c:c6:bc:c2:
54:fa:78:4b:05:3c:70:69:12:d8:ec:eb:3e:1f:94:c7:82:c2:
6d:75:db:09:f9:39:a1:4c:69:19:48:18:bb:ec:3d:c0:6e:a8:
1e:38:fb:50:91:d2:a4:c6:b1:42:2e:c5:b6:35:97:7e:c4:4d:
11:86:c9:b0:74:c4:5e:80:f3:f5:02:f0:80:2c:80:f3:dc:ae:
45:d7:26:cc:0a:2f:de:96:73:13:c3:dc:9f:7a:b7:3f:32:ac:
2b:f6:46:c7:7d:4c:39:36:2a:a0:7f:d5:93:73:80:8b:f3:45:
d9:dc:66:ff:b3:8a:e4:47:e6:5f:33:81:e3:5c:90:51:28:31:
39:0c:e2:63
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYf7yac/+/csQOnfmSDZkb/uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwNTA4MTQzNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWMzMDhlYzhjZjk0N2ZiZjA0MjczM2NkMTkyMzg2YzQzNjA5MWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHuySodjuXA+8nUo+1wyrJylPEsx
OSQ9oRk91OsTzPYLVaH0EUkM3WaR8Eo+DTI4OMwHtPqoPmaHI+sqbSJ1zICSsLaE
0oaFCR/n0xoOpp9k0sjfs0GhtxeYAp+fuS21+e5dZVta0Sex2FW/DtoVm0lHVO+U
1/i96/KleAFVQuE8sAeT/8mczZm1KGMovnaeuhnwbM4s7PskK/4xHKNQvRll6zXr
rnqh5bjaFvfAmu4+jl85ceTpeDsMrfiV34mR/YJtFF1oL7syC9D/YT2K3OiBlAId
LgjFxE4cSAaiS7nrojv5j9LNmv5hqqKiV2B6YFKQI+QcruP/a9qYtj5dLQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM7DCOyM+Uf78EJzPNGSOGxDYJHeMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvenNNSTdJejVSX3Z3UW5NODBaSTRiRU5na2Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAQIkhAwQA
QIkvAwQBQIkyAwQAQIk3MA0GCSqGSIb3DQEBCwUAA4IBAQAo+XFkj+jo9BSDhQSz
pZSd6owlk0SQrbfYn7OhQVw1f6b4zZA6T2asKFzfKZiq4F4Xh6DG9kysKFnovjp7
B9nPuVC9xPUcCRjXUNvCtdSPPGK9YWYnWXTZHNjWyjx3FpljmddfTC5pRUIwlstC
OvktJd2V+lOjQkIjPnzGvMJU+nhLBTxwaRLY7Os+H5THgsJtddsJ+TmhTGkZSBi7
7D3AbqgeOPtQkdKkxrFCLsW2NZd+xE0RhsmwdMRegPP1AvCALIDz3K5F1ybMCi/e
lnMTw9yferc/Mqwr9kbHfUw5Niqgf9WTc4CL80XZ3Gb/s4rkR+ZfM4HjXJBRKDE5
DOJj
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:57 2023 by rpki-client on console-fra.rpki-client.org