Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/ZZkf7mzdFOj2Sbp6GQNSEC5XBlY.roa
File: ZZkf7mzdFOj2Sbp6GQNSEC5XBlY.roa (raw, json)
Hash identifier: qniI4we7F28mNPu0hYaEkQikICvcgYGNgAhlYc4nd40=
Subject key identifier: 65:99:1F:EE:6C:DD:14:E8:F6:49:BA:7A:19:03:52:10:2E:57:06:56
Certificate issuer: /CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Certificate serial: 019039CC156CE44CCAF19FA336C217DBABEE
Authority key identifier: F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/ZZkf7mzdFOj2Sbp6GQNSEC5XBlY.roa
Signing time: Fri 21 Jun 2024 07:56:34 +0000
ROA not before: Fri 21 Jun 2024 07:56:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208485
IP address blocks: 31.133.80.0/22 maxlen: 24
31.133.88.0/22 maxlen: 24
176.103.224.0/24 maxlen: 24
176.103.225.0/24 maxlen: 24
176.103.226.0/24 maxlen: 24
176.103.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Jun 2024 19:09:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:39:cc:15:6c:e4:4c:ca:f1:9f:a3:36:c2:17:db:ab:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Validity
Not Before: Jun 21 07:56:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65991fee6cdd14e8f649ba7a190352102e570656
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e4:10:76:82:bc:4a:9d:43:1c:fe:07:d4:ba:
b4:5f:37:80:c2:2b:b3:c9:a0:67:1d:05:88:e2:e1:
c9:a5:87:f1:fb:e0:32:a8:fa:4c:1b:22:f9:fd:e2:
72:47:c1:a4:2f:81:d9:d8:b0:23:02:59:df:c2:f4:
fc:45:f7:37:46:33:d6:21:dd:02:b7:9f:74:14:51:
e4:bb:c0:eb:b8:bd:b1:bb:86:29:a1:c6:ee:6b:a5:
23:3e:fa:a9:16:38:53:66:b8:09:d9:f4:e5:a2:62:
22:46:27:8f:62:4d:85:04:be:2f:9c:63:5e:23:25:
ad:3e:dc:81:a1:bb:63:02:e4:30:69:89:c9:09:e8:
c2:e4:34:92:c9:7e:69:ce:f5:8e:a1:6c:5b:bb:06:
3f:cd:8f:a0:f1:b1:6e:59:0e:1b:3b:f9:e6:43:e7:
84:0f:1d:5c:5a:8b:77:d0:3e:32:a7:cf:1c:29:a0:
6b:27:af:52:b4:af:61:14:c9:13:ff:d9:bc:85:ea:
6f:9f:8d:a2:dc:8e:b7:5f:42:ae:ea:b5:9c:cd:f3:
b7:5e:06:dd:d1:c4:b3:18:c7:41:20:a8:83:39:4a:
6d:78:9b:0f:e4:e8:9d:3b:a0:ef:a4:e3:2b:5c:7d:
62:9e:65:54:9d:fa:a5:76:bd:21:48:b1:ab:3c:56:
0c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:99:1F:EE:6C:DD:14:E8:F6:49:BA:7A:19:03:52:10:2E:57:06:56
X509v3 Authority Key Identifier:
keyid:F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/ZZkf7mzdFOj2Sbp6GQNSEC5XBlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.80.0/22
31.133.88.0/22
176.103.224.0/22
Signature Algorithm: sha256WithRSAEncryption
47:cd:9f:f2:2d:e5:9a:2c:fd:f6:2c:59:ec:2b:6a:7d:cb:59:
6d:30:65:37:e8:d5:4a:6a:53:7b:2f:97:ef:ae:1d:c2:1b:16:
c7:bc:8c:0a:6f:09:70:fb:a7:df:b3:fc:5f:17:c0:f2:cb:44:
91:37:b2:7b:a0:7e:ba:64:96:48:70:a1:69:07:d1:eb:f9:75:
5f:fb:0c:6a:8f:ef:2b:9d:3e:82:53:c1:84:4b:3b:d5:5b:03:
c8:87:32:bd:64:a7:e6:19:65:10:4d:e8:39:4f:d6:8e:3c:cb:
18:82:a9:f6:35:a1:71:9e:f6:53:8c:bf:c9:98:27:f5:80:c2:
e2:26:d3:a7:0a:73:fa:e5:46:3f:e2:e3:17:66:e4:c9:98:1e:
f4:ca:7a:c3:f8:cd:a8:3d:c5:29:a5:a6:0d:27:20:02:50:1e:
52:6b:97:16:11:c6:ed:8f:e2:d5:2a:97:2e:d7:52:1e:93:da:
17:97:f1:c2:6e:7b:63:27:76:5c:74:c1:2a:cb:3b:26:1e:8c:
0e:ef:36:8b:7b:01:98:32:6a:f5:2b:82:58:0b:aa:db:3a:1a:
b2:d3:c0:96:dc:5d:b2:e6:d6:5d:05:95:59:54:b2:96:66:9a:
0b:7a:21:53:c2:41:26:90:a8:6d:54:c9:79:4f:f6:c4:e3:da:
8f:48:fb:6f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZA5zBVs5EzK8Z+jNsIX26vuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjllYTRkOWQ4M2E3MjhkZDQxMDI5ZTg2YWY4YTEzMGQz
ODllZDQwHhcNMjQwNjIxMDc1NjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTk5MWZlZTZjZGQxNGU4ZjY0OWJhN2ExOTAzNTIxMDJlNTcwNjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOQQdoK8Sp1DHP4H1Lq0XzeAwiuz
yaBnHQWI4uHJpYfx++AyqPpMGyL5/eJyR8GkL4HZ2LAjAlnfwvT8Rfc3RjPWId0C
t590FFHku8DruL2xu4Ypocbua6UjPvqpFjhTZrgJ2fTlomIiRiePYk2FBL4vnGNe
IyWtPtyBobtjAuQwaYnJCejC5DSSyX5pzvWOoWxbuwY/zY+g8bFuWQ4bO/nmQ+eE
Dx1cWot30D4yp88cKaBrJ69StK9hFMkT/9m8hepvn42i3I63X0Ku6rWczfO3Xgbd
0cSzGMdBIKiDOUpteJsP5OidO6DvpOMrXH1inmVUnfqldr0hSLGrPFYMjQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGWZH+5s3RTo9km6ehkDUhAuVwZWMB8GA1UdIwQY
MBaAFPS56k2dg6co3UECnoavihMNOJ7UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMt
MDgxY2IyYjE3YWI1LzEvWlprZjdtemRGT2oyU2JwNkdRTlNFQzVYQmxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMtMDgxY2IyYjE3YWI1
LzEvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCH4VQAwQC
H4VYAwQCsGfgMA0GCSqGSIb3DQEBCwUAA4IBAQBHzZ/yLeWaLP32LFnsK2p9y1lt
MGU36NVKalN7L5fvrh3CGxbHvIwKbwlw+6ffs/xfF8Dyy0SRN7J7oH66ZJZIcKFp
B9Hr+XVf+wxqj+8rnT6CU8GESzvVWwPIhzK9ZKfmGWUQTeg5T9aOPMsYgqn2NaFx
nvZTjL/JmCf1gMLiJtOnCnP65UY/4uMXZuTJmB70ynrD+M2oPcUppaYNJyACUB5S
a5cWEcbtj+LVKpcu11Iek9oXl/HCbntjJ3ZcdMEqyzsmHowO7zaLewGYMmr1K4JY
C6rbOhqy08CW3F2y5tZdBZVZVLKWZpoLeiFTwkEmkKhtVMl5T/bE49qPSPtv
-----END CERTIFICATE-----
Generated at Wed Jun 26 00:34:34 2024 by rpki-client on console-ams.rpki-client.org