Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/zWk-sNkHbt87WX4IKezIfQYIy8E.roa
File: zWk-sNkHbt87WX4IKezIfQYIy8E.roa (raw, json)
Hash identifier: fHq/EvvHuIvZAjwNj0N6LIvHV8K9OPHETCF4nmDtwaA=
Subject key identifier: CD:69:3E:B0:D9:07:6E:DF:3B:59:7E:08:29:EC:C8:7D:06:08:CB:C1
Certificate issuer: /CN=db42059ce291d49a66920731c767da563ef21124
Certificate serial: 01874371A6C91A5DBB291C43F3D663AA8A30
Authority key identifier: DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/zWk-sNkHbt87WX4IKezIfQYIy8E.roa
Signing time: Sun 02 Apr 2023 19:28:54 +0000
ROA not before: Sun 02 Apr 2023 19:28:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57815
IP address blocks: 91.235.165.0/24 maxlen: 24
194.40.210.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:43:71:a6:c9:1a:5d:bb:29:1c:43:f3:d6:63:aa:8a:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db42059ce291d49a66920731c767da563ef21124
Validity
Not Before: Apr 2 19:28:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd693eb0d9076edf3b597e0829ecc87d0608cbc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:08:63:35:ec:f6:ec:f4:73:e7:6a:f3:54:69:
8e:78:c0:ab:64:82:c1:d6:4a:bf:ed:47:bd:a8:e7:
df:1c:19:de:82:fd:e8:ad:43:34:4f:10:18:b8:a5:
65:07:c6:3e:22:68:27:1a:40:c2:30:fa:4f:e1:a6:
fb:40:19:d5:81:6a:e1:e1:ba:33:61:c5:a5:2b:9f:
49:d2:52:78:1a:56:cd:71:4d:38:a3:c3:89:a2:f5:
e8:76:15:cf:f7:af:c6:9c:f6:39:0c:d8:2d:5f:d0:
31:0f:93:62:8c:14:4b:23:44:bf:a7:bc:34:44:23:
61:56:71:f9:91:64:f5:4e:02:c7:af:1d:3a:9b:f6:
85:b9:48:e6:22:c1:21:ef:29:3d:94:5b:d7:13:29:
9e:08:2c:0c:13:8e:12:68:76:f0:f0:d7:51:0c:2c:
a8:0e:86:76:84:5b:64:c8:9b:60:b6:cc:f6:43:98:
24:f8:fa:76:2f:ca:16:ea:f6:da:e2:c9:07:82:4c:
a4:24:ea:b9:b5:52:43:bd:f5:11:0c:c0:07:e8:1b:
ef:c7:f9:7e:f0:bb:91:d8:8e:ff:b8:b9:26:11:b0:
ff:dc:02:f6:eb:dd:0d:23:33:a8:df:de:09:a2:86:
3f:87:7a:e8:7f:77:14:c4:7d:4b:ca:bc:c2:58:fa:
ad:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:69:3E:B0:D9:07:6E:DF:3B:59:7E:08:29:EC:C8:7D:06:08:CB:C1
X509v3 Authority Key Identifier:
keyid:DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/zWk-sNkHbt87WX4IKezIfQYIy8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.165.0/24
194.40.210.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:55:2e:89:2c:c1:90:56:13:f1:4b:f1:5d:32:26:f2:31:8e:
a8:7e:e6:d2:b0:78:d4:56:17:5e:04:60:f8:f6:4d:2e:8e:2e:
c5:bf:38:a4:6c:ea:11:8d:96:a7:1c:b0:33:ed:13:69:ff:58:
e0:b4:db:a9:bb:e9:4e:72:7e:46:ee:e5:90:97:51:50:08:14:
1f:15:aa:20:6a:79:1c:ab:1e:5a:56:90:1b:dc:58:16:22:f0:
83:98:01:f9:ef:aa:b4:3c:75:9f:23:a7:b8:b9:86:3d:6f:af:
67:3b:e5:8c:88:ea:c3:9d:47:b6:29:7c:5d:5e:79:c8:2a:a2:
72:a2:81:e0:85:fb:c3:8e:8a:c2:c8:9b:e8:3d:2a:61:9b:47:
aa:eb:db:10:81:82:8e:15:34:c4:ab:85:07:b8:70:9e:51:2c:
a0:fb:f7:04:cf:d4:6d:c4:54:67:1e:49:9c:13:72:73:51:88:
66:f9:59:d9:e1:2c:dc:fe:2c:f0:be:81:1d:c3:f5:4a:32:c0:
df:d2:c8:79:c0:ba:c3:c9:6d:50:51:63:f3:01:9c:b5:39:c3:
84:cb:a2:49:92:6a:a1:fc:f0:11:13:71:27:64:bc:bd:31:04:
25:23:9e:b2:71:42:1e:65:40:fa:f5:b1:aa:f5:18:b1:f4:54:
52:15:66:ff
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdDcabJGl27KRxD89ZjqoowMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDIwNTljZTI5MWQ0OWE2NjkyMDczMWM3NjdkYTU2M2Vm
MjExMjQwHhcNMjMwNDAyMTkyODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDY5M2ViMGQ5MDc2ZWRmM2I1OTdlMDgyOWVjYzg3ZDA2MDhjYmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmghjNez27PRz52rzVGmOeMCrZILB
1kq/7Ue9qOffHBnegv3orUM0TxAYuKVlB8Y+ImgnGkDCMPpP4ab7QBnVgWrh4boz
YcWlK59J0lJ4GlbNcU04o8OJovXodhXP96/GnPY5DNgtX9AxD5NijBRLI0S/p7w0
RCNhVnH5kWT1TgLHrx06m/aFuUjmIsEh7yk9lFvXEymeCCwME44SaHbw8NdRDCyo
DoZ2hFtkyJtgtsz2Q5gk+Pp2L8oW6vba4skHgkykJOq5tVJDvfURDMAH6Bvvx/l+
8LuR2I7/uLkmEbD/3AL2690NIzOo394JooY/h3rof3cUxH1LyrzCWPqtiwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM1pPrDZB27fO1l+CCnsyH0GCMvBMB8GA1UdIwQY
MBaAFNtCBZzikdSaZpIHMcdn2lY+8hEkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzIt
OTMxMmQwODdkZmNhLzEveldrLXNOa0hidDg3V1g0SUtleklmUVlJeThFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzItOTMxMmQwODdkZmNh
LzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+ulAwQA
wijSMA0GCSqGSIb3DQEBCwUAA4IBAQCKVS6JLMGQVhPxS/FdMibyMY6ofubSsHjU
VhdeBGD49k0uji7FvzikbOoRjZanHLAz7RNp/1jgtNupu+lOcn5G7uWQl1FQCBQf
Faogankcqx5aVpAb3FgWIvCDmAH576q0PHWfI6e4uYY9b69nO+WMiOrDnUe2KXxd
XnnIKqJyooHghfvDjorCyJvoPSphm0eq69sQgYKOFTTEq4UHuHCeUSyg+/cEz9Rt
xFRnHkmcE3JzUYhm+VnZ4Szc/izwvoEdw/VKMsDf0sh5wLrDyW1QUWPzAZy1OcOE
y6JJkmqh/PARE3EnZLy9MQQlI56ycUIeZUD69bGq9Rix9FRSFWb/
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:06 2024 by rpki-client on console-fra.rpki-client.org