Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Zkx6DovcHjzuwAxe4VB7xl3Ty_o.roa
File: Zkx6DovcHjzuwAxe4VB7xl3Ty_o.roa (raw, json)
Hash identifier: nM/3/K5AZDSWMGjLLsOEupmAfN+B/9SuqruNu3/fpvs=
Subject key identifier: 66:4C:7A:0E:8B:DC:1E:3C:EE:C0:0C:5E:E1:50:7B:C6:5D:D3:CB:FA
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0189DB10CDF8B49C81A1617F454367380B64
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Zkx6DovcHjzuwAxe4VB7xl3Ty_o.roa
Signing time: Wed 09 Aug 2023 16:10:58 +0000
ROA not before: Wed 09 Aug 2023 16:10:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200385
IP address blocks: 91.216.185.0/24 maxlen: 24
93.114.244.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Aug 2023 10:13:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:db:10:cd:f8:b4:9c:81:a1:61:7f:45:43:67:38:0b:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Aug 9 16:10:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=664c7a0e8bdc1e3ceec00c5ee1507bc65dd3cbfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:0a:62:f9:21:77:c2:11:07:c0:dd:b8:ac:01:
e7:a2:af:55:55:fd:72:80:e1:31:b2:11:2e:1e:cc:
b5:62:b4:c0:b9:81:2b:d4:02:5a:46:bb:8b:6d:a9:
3b:3b:4c:dc:c6:5b:b9:e3:cd:22:eb:0e:83:9c:ad:
2a:02:d1:fd:a0:0a:10:f7:8d:59:3f:fc:c8:b1:7e:
fb:4a:e1:53:1a:db:0b:46:65:cd:8e:a3:c6:7a:6b:
cd:a9:12:61:dc:29:78:3b:c9:c9:55:32:84:91:e7:
ac:63:a0:d3:31:a9:0f:ca:30:ef:61:6e:d8:64:0d:
5a:56:f0:18:7a:f4:73:7d:f5:d4:e8:1b:28:d1:be:
15:23:03:d8:fa:75:b9:c7:ad:a8:24:74:b0:aa:35:
d2:4a:17:5a:0b:af:37:d5:b4:a9:f0:a8:64:72:cc:
25:9c:4d:6e:0d:80:2f:4f:2b:e4:25:40:0c:df:00:
fb:08:83:3f:b1:9b:32:1f:ed:d4:b4:84:6c:b0:9e:
61:d3:0c:69:a1:b6:82:22:85:e3:8f:a2:ec:91:88:
3f:c2:30:67:cc:65:22:5b:b6:af:a3:14:8b:e1:31:
88:67:5f:d8:ec:fe:1b:7e:ef:32:da:30:b8:34:42:
ff:b0:ed:22:e6:17:97:7c:12:ca:34:e3:8d:04:e0:
3a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:4C:7A:0E:8B:DC:1E:3C:EE:C0:0C:5E:E1:50:7B:C6:5D:D3:CB:FA
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Zkx6DovcHjzuwAxe4VB7xl3Ty_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.185.0/24
93.114.244.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:a7:64:39:5c:c0:f7:62:1b:6a:be:09:e5:45:d5:db:c1:7a:
de:3c:93:8c:6e:2e:16:ea:65:50:2f:de:d5:32:76:c1:b2:fb:
71:a4:77:9a:79:7b:eb:b6:cb:62:7e:d2:85:6a:ac:40:b0:68:
40:56:dc:aa:85:7c:93:fd:81:94:5a:22:a9:61:44:5e:23:00:
73:03:71:68:ba:03:8e:5d:16:78:d8:df:da:e2:23:56:b6:a2:
65:59:31:46:0a:34:4b:14:4d:5e:2b:7c:1c:8b:df:dd:5a:f2:
67:d4:78:b6:7b:6b:a7:ee:ca:18:cf:90:81:bb:92:96:c0:7c:
fd:12:57:33:80:54:ca:8f:93:82:9a:b1:2b:f1:a4:bc:8b:6c:
00:22:62:5c:47:5b:1a:55:cc:1d:0e:dc:25:96:bf:a5:9d:61:
05:03:12:57:40:7d:65:be:f4:a2:03:f3:1a:0c:dd:a0:b9:50:
40:a9:d3:5a:f0:69:d5:b0:70:ca:27:c4:94:1b:53:74:e6:99:
8a:71:45:60:dc:7a:a4:d1:e8:82:1b:bb:1b:6f:d0:84:1d:cd:
1b:97:f6:e0:9a:53:73:7d:9c:6d:fd:75:2b:32:56:02:55:63:
40:51:33:a8:6c:c7:53:93:9c:97:11:00:0c:8c:5f:78:ce:d3:
f8:c2:e2:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnbEM34tJyBoWF/RUNnOAtkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwODA5MTYxMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjRjN2EwZThiZGMxZTNjZWVjMDBjNWVlMTUwN2JjNjVkZDNjYmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgpi+SF3whEHwN24rAHnoq9VVf1y
gOExshEuHsy1YrTAuYEr1AJaRruLbak7O0zcxlu5480i6w6DnK0qAtH9oAoQ941Z
P/zIsX77SuFTGtsLRmXNjqPGemvNqRJh3Cl4O8nJVTKEkeesY6DTMakPyjDvYW7Y
ZA1aVvAYevRzffXU6Bso0b4VIwPY+nW5x62oJHSwqjXSShdaC6831bSp8Khkcswl
nE1uDYAvTyvkJUAM3wD7CIM/sZsyH+3UtIRssJ5h0wxpobaCIoXjj6LskYg/wjBn
zGUiW7avoxSL4TGIZ1/Y7P4bfu8y2jC4NEL/sO0i5heXfBLKNOONBOA6QQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGZMeg6L3B487sAMXuFQe8Zd08v6MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvWmt4NkRvdmNIanp1d0F4ZTRWQjd4bDNUeV9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9i5AwQA
XXL0MA0GCSqGSIb3DQEBCwUAA4IBAQBqp2Q5XMD3YhtqvgnlRdXbwXrePJOMbi4W
6mVQL97VMnbBsvtxpHeaeXvrtstiftKFaqxAsGhAVtyqhXyT/YGUWiKpYUReIwBz
A3FougOOXRZ42N/a4iNWtqJlWTFGCjRLFE1eK3wci9/dWvJn1Hi2e2un7soYz5CB
u5KWwHz9ElczgFTKj5OCmrEr8aS8i2wAImJcR1saVcwdDtwllr+lnWEFAxJXQH1l
vvSiA/MaDN2guVBAqdNa8GnVsHDKJ8SUG1N05pmKcUVg3Hqk0eiCG7sbb9CEHc0b
l/bgmlNzfZxt/XUrMlYCVWNAUTOobMdTk5yXEQAMjF94ztP4wuKY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:07 2024 by rpki-client on console-fra.rpki-client.org