Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/pZX_NyBDbtbHuPlK4hZuwXpprXI.roa
File: pZX_NyBDbtbHuPlK4hZuwXpprXI.roa (raw, json)
Hash identifier: A1AcRMWOxzQ3lRTSY+QiPvfohn5mKkU1fE6zp/rDtY4=
Subject key identifier: A5:95:FF:37:20:43:6E:D6:C7:B8:F9:4A:E2:16:6E:C1:7A:69:AD:72
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 01916005413246706987F15946F511774EEB
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/pZX_NyBDbtbHuPlK4hZuwXpprXI.roa
Signing time: Sat 17 Aug 2024 11:07:22 +0000
ROA not before: Sat 17 Aug 2024 11:07:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.103.120.0/21 maxlen: 24
91.103.120.0/22 maxlen: 22
95.111.128.0/20 maxlen: 24
171.22.144.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Oct 2024 07:09:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:60:05:41:32:46:70:69:87:f1:59:46:f5:11:77:4e:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Aug 17 11:07:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a595ff3720436ed6c7b8f94ae2166ec17a69ad72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e3:22:8c:70:4d:47:c3:23:eb:8a:6c:75:01:
a6:15:72:7e:da:85:c4:47:e1:fe:03:45:88:1a:52:
32:7d:14:f6:21:27:31:7a:6a:32:c5:3d:5c:12:05:
49:ee:1f:30:f6:d8:65:98:a4:9a:90:8c:7e:47:f2:
31:c7:01:af:57:2a:c5:5a:a8:28:5a:c8:a0:42:fd:
62:32:2c:71:47:b3:07:be:b7:0c:e8:b3:1e:13:2c:
b3:cf:70:fd:51:a7:ec:6f:78:80:7b:0d:f5:c9:1f:
97:75:5b:c2:c7:b7:0c:6f:05:7c:7b:b6:cd:69:be:
36:b5:ef:81:66:f6:67:11:ab:17:61:dc:68:12:4a:
d4:7d:72:e1:6f:56:88:e7:da:c2:62:09:fa:43:fb:
08:59:fb:bd:98:28:ef:2d:5f:26:94:09:59:c2:2c:
c5:29:3e:09:04:9d:c4:c0:f0:f6:30:3a:6f:c9:37:
5c:30:34:18:9e:77:bf:71:cc:6c:6a:e6:d7:09:5f:
c2:11:a9:c4:18:64:4f:a7:3a:93:c9:74:a2:97:87:
d5:98:98:fc:fc:56:f1:02:ad:64:1b:a3:5e:86:c7:
12:9f:18:92:41:2e:ae:b3:cc:f5:45:c7:b6:ae:5f:
75:06:75:96:30:d6:81:89:c1:76:33:78:27:a2:d5:
78:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:95:FF:37:20:43:6E:D6:C7:B8:F9:4A:E2:16:6E:C1:7A:69:AD:72
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/pZX_NyBDbtbHuPlK4hZuwXpprXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.120.0/21
95.111.128.0/20
171.22.144.0/24
Signature Algorithm: sha256WithRSAEncryption
72:7d:3f:bc:41:1c:a8:b8:7b:11:55:35:54:b7:57:05:dc:c0:
c5:59:ab:b7:d5:06:81:b1:d6:9e:f6:46:d9:80:51:36:10:86:
ca:05:7a:2f:fa:3d:d3:e3:f5:1e:a3:88:11:d9:26:b7:e9:8f:
f8:59:cb:bc:a8:e9:01:ed:9e:a6:c6:e1:2f:4a:87:7e:54:98:
ac:d0:43:61:17:66:40:74:b7:c6:8a:c2:17:68:c8:d3:d8:e5:
f9:ac:ee:19:9b:1e:9b:6c:78:86:3d:69:e5:ff:74:14:f1:69:
90:59:22:c5:81:d0:98:88:b4:b0:96:20:c5:43:72:12:2a:e9:
20:1d:c1:91:8e:47:5a:27:02:58:b8:31:25:97:0e:d6:12:15:
cd:01:27:30:bd:37:dd:3a:b4:1f:7f:c2:be:e7:31:25:e3:c1:
d3:15:cc:cb:b9:80:e1:c2:f8:e7:c7:8f:c9:ed:14:ae:ec:02:
b2:71:98:03:0b:1a:bb:73:7a:1c:bd:a8:b2:c5:08:7f:3a:bc:
86:3e:b4:1f:c5:65:90:c9:ed:79:e5:3d:3b:e0:e4:30:1a:08:
2c:1b:53:9f:0b:97:78:fa:fd:59:89:c2:18:bb:ba:15:3d:93:
b5:e5:ad:ad:27:57:d1:f5:ef:37:06:ee:bb:88:f3:fb:ee:df:
89:14:f6:2d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZFgBUEyRnBph/FZRvURd07rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjQwODE3MTEwNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTk1ZmYzNzIwNDM2ZWQ2YzdiOGY5NGFlMjE2NmVjMTdhNjlhZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOMijHBNR8Mj64psdQGmFXJ+2oXE
R+H+A0WIGlIyfRT2IScxemoyxT1cEgVJ7h8w9thlmKSakIx+R/IxxwGvVyrFWqgo
WsigQv1iMixxR7MHvrcM6LMeEyyzz3D9Uafsb3iAew31yR+XdVvCx7cMbwV8e7bN
ab42te+BZvZnEasXYdxoEkrUfXLhb1aI59rCYgn6Q/sIWfu9mCjvLV8mlAlZwizF
KT4JBJ3EwPD2MDpvyTdcMDQYnne/ccxsaubXCV/CEanEGGRPpzqTyXSil4fVmJj8
/FbxAq1kG6NehscSnxiSQS6us8z1Rce2rl91BnWWMNaBicF2M3gnotV4gQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKWV/zcgQ27Wx7j5SuIWbsF6aa1yMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvcFpYX055QkRidGJIdVBsSzRoWnV3WHBwclhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDW2d4AwQE
X2+AAwQAqxaQMA0GCSqGSIb3DQEBCwUAA4IBAQByfT+8QRyouHsRVTVUt1cF3MDF
Wau31QaBsdae9kbZgFE2EIbKBXov+j3T4/Ueo4gR2Sa36Y/4Wcu8qOkB7Z6mxuEv
Sod+VJis0ENhF2ZAdLfGisIXaMjT2OX5rO4Zmx6bbHiGPWnl/3QU8WmQWSLFgdCY
iLSwliDFQ3ISKukgHcGRjkdaJwJYuDEllw7WEhXNAScwvTfdOrQff8K+5zEl48HT
FczLuYDhwvjnx4/J7RSu7AKycZgDCxq7c3ocvaiyxQh/OryGPrQfxWWQye155T07
4OQwGggsG1OfC5d4+v1ZicIYu7oVPZO15a2tJ1fR9e83Bu67iPP77t+JFPYt
-----END CERTIFICATE-----
Generated at Tue Oct 15 09:37:17 2024 by rpki-client on console-ams.rpki-client.org