Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/ZALfKwqBCkt3-ZmbNbRouj1EkFE.roa
File: ZALfKwqBCkt3-ZmbNbRouj1EkFE.roa (raw, json)
Hash identifier: pmNUbYT1TXOZaNcmbNeJ9lrdFcfFC/NLPTk/9ZslPqM=
Subject key identifier: 64:02:DF:2B:0A:81:0A:4B:77:F9:99:9B:35:B4:68:BA:3D:44:90:51
Certificate issuer: /CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Certificate serial: 018C1BAAB5BB495FA418BA93C0FB9D30C2F6
Authority key identifier: F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/ZALfKwqBCkt3-ZmbNbRouj1EkFE.roa
Signing time: Wed 29 Nov 2023 15:20:21 +0000
ROA not before: Wed 29 Nov 2023 15:20:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34549
IP address blocks: 31.133.84.0/22 maxlen: 22
176.103.236.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1b:aa:b5:bb:49:5f:a4:18:ba:93:c0:fb:9d:30:c2:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Validity
Not Before: Nov 29 15:20:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6402df2b0a810a4b77f9999b35b468ba3d449051
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:61:76:80:c9:25:1a:b3:d0:35:a8:65:92:ee:
33:30:29:94:93:06:8f:01:35:ec:79:0e:6b:1c:11:
43:2f:c6:1b:1b:3a:95:33:c0:55:2f:e5:60:46:11:
5e:ce:df:42:6d:ce:a3:ea:62:97:b9:f4:63:a0:f5:
92:50:b3:72:2d:c1:39:6a:eb:2b:bb:fb:99:8e:80:
a9:07:80:a9:fe:e7:35:b7:7a:b6:b1:8d:bb:ae:1a:
d3:28:14:56:2b:19:c4:bb:27:67:0c:f7:81:15:dd:
a5:50:3d:bb:81:f0:15:ef:eb:99:b6:fa:ff:96:b6:
cb:15:6e:a6:be:c3:c0:c4:0c:41:6a:c8:17:05:3f:
d8:d3:cf:f1:1c:3a:c0:35:d1:1b:95:a5:d7:6b:38:
c1:c1:09:37:16:15:07:aa:90:07:c6:bd:74:ea:3b:
5b:59:16:0d:ef:76:0f:f8:af:6f:cc:2c:28:aa:e9:
aa:8e:b6:67:ec:c6:8c:f8:85:a9:d7:e6:e8:30:27:
e6:e7:95:e7:48:2c:31:7e:b9:d9:92:4f:b5:c4:9a:
9f:c4:e2:71:2b:10:7e:be:b7:f3:e4:b6:79:c9:2e:
7a:c6:67:87:6d:32:98:bd:f1:1b:32:7a:e6:6a:f9:
b8:6d:33:68:e3:8a:11:29:3a:f4:21:2f:94:a8:5a:
f3:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:02:DF:2B:0A:81:0A:4B:77:F9:99:9B:35:B4:68:BA:3D:44:90:51
X509v3 Authority Key Identifier:
keyid:F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/ZALfKwqBCkt3-ZmbNbRouj1EkFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.84.0/22
176.103.236.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:a3:7e:98:0e:e6:42:b0:5e:10:7f:0d:a9:06:f8:a2:dd:d8:
aa:1d:b0:1f:f0:c7:2d:4a:33:70:08:24:2e:44:58:4a:bb:c6:
52:4e:7c:4c:99:d8:de:d6:dc:df:5f:4b:e6:46:87:b7:53:15:
f5:1c:a5:a0:47:e9:48:84:86:47:27:69:50:de:29:cd:90:f4:
02:83:cb:28:2a:c6:69:3d:9f:2e:6e:a8:54:43:9a:06:3a:a9:
02:4f:70:fb:6d:97:ee:1e:b5:3b:84:ae:87:0c:ef:e8:f5:ef:
5a:ef:15:53:57:84:49:f1:f6:24:90:a4:6e:5e:64:58:7b:0c:
1e:7d:c9:09:8a:78:83:f5:c8:c2:4c:c6:6c:5b:d9:9d:9a:2f:
4a:32:d8:fb:cc:12:86:07:8c:d2:63:bb:31:5d:82:67:79:63:
55:83:f7:e8:aa:3f:3e:72:5e:fc:27:9b:19:bd:60:06:ab:a7:
c4:ff:83:8a:5c:38:41:ab:da:8e:9e:67:d3:32:f4:b8:d3:d6:
c1:1e:4f:44:d1:54:3e:41:69:19:89:76:90:f4:7b:1f:52:3d:
47:ed:ea:4a:3f:73:e5:26:62:42:c8:d4:6b:8f:19:ed:e0:33:
51:3f:84:b8:2f:35:b0:a8:be:9b:7b:22:0e:e7:b7:19:40:88:
74:50:6b:75
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwbqrW7SV+kGLqTwPudMML2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjllYTRkOWQ4M2E3MjhkZDQxMDI5ZTg2YWY4YTEzMGQz
ODllZDQwHhcNMjMxMTI5MTUyMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDAyZGYyYjBhODEwYTRiNzdmOTk5OWIzNWI0NjhiYTNkNDQ5MDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGF2gMklGrPQNahlku4zMCmUkwaP
ATXseQ5rHBFDL8YbGzqVM8BVL+VgRhFezt9Cbc6j6mKXufRjoPWSULNyLcE5ausr
u/uZjoCpB4Cp/uc1t3q2sY27rhrTKBRWKxnEuydnDPeBFd2lUD27gfAV7+uZtvr/
lrbLFW6mvsPAxAxBasgXBT/Y08/xHDrANdEblaXXazjBwQk3FhUHqpAHxr106jtb
WRYN73YP+K9vzCwoqumqjrZn7MaM+IWp1+boMCfm55XnSCwxfrnZkk+1xJqfxOJx
KxB+vrfz5LZ5yS56xmeHbTKYvfEbMnrmavm4bTNo44oRKTr0IS+UqFrzRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGQC3ysKgQpLd/mZmzW0aLo9RJBRMB8GA1UdIwQY
MBaAFPS56k2dg6co3UECnoavihMNOJ7UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMt
MDgxY2IyYjE3YWI1LzEvWkFMZkt3cUJDa3QzLVptYk5iUm91ajFFa0ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMtMDgxY2IyYjE3YWI1
LzEvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCH4VUAwQC
sGfsMA0GCSqGSIb3DQEBCwUAA4IBAQAdo36YDuZCsF4Qfw2pBvii3diqHbAf8Mct
SjNwCCQuRFhKu8ZSTnxMmdje1tzfX0vmRoe3UxX1HKWgR+lIhIZHJ2lQ3inNkPQC
g8soKsZpPZ8ubqhUQ5oGOqkCT3D7bZfuHrU7hK6HDO/o9e9a7xVTV4RJ8fYkkKRu
XmRYewwefckJiniD9cjCTMZsW9mdmi9KMtj7zBKGB4zSY7sxXYJneWNVg/foqj8+
cl78J5sZvWAGq6fE/4OKXDhBq9qOnmfTMvS409bBHk9E0VQ+QWkZiXaQ9HsfUj1H
7epKP3PlJmJCyNRrjxnt4DNRP4S4LzWwqL6beyIO57cZQIh0UGt1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:34 2024 by rpki-client on console-ams.rpki-client.org