Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZURUbt8GClyMcCv_i0PUlee6QdM.roa
File: ZURUbt8GClyMcCv_i0PUlee6QdM.roa (raw, json)
Hash identifier: mEmpSumAEzCz4rtoKXA2lcUqXIl2QG3CLUWS8pBYr/M=
Subject key identifier: 65:44:54:6E:DF:06:0A:5C:8C:70:2B:FF:8B:43:D4:95:E7:BA:41:D3
Certificate issuer: /CN=64d4e8723450d0a710c32d90ffea18529104e538
Certificate serial: 018793815CF247493BBDCAF3AE16BB276B38
Authority key identifier: 64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZURUbt8GClyMcCv_i0PUlee6QdM.roa
Signing time: Tue 18 Apr 2023 08:35:41 +0000
ROA not before: Tue 18 Apr 2023 08:35:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202656
IP address blocks: 193.203.51.0/24 maxlen: 24
193.203.50.0/24 maxlen: 24
193.203.50.0/23 maxlen: 23
2a13:f580:7::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:93:81:5c:f2:47:49:3b:bd:ca:f3:ae:16:bb:27:6b:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64d4e8723450d0a710c32d90ffea18529104e538
Validity
Not Before: Apr 18 08:35:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6544546edf060a5c8c702bff8b43d495e7ba41d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:04:2f:ae:6e:33:09:63:a5:e1:44:0e:0f:13:
57:15:c7:e3:cd:b9:b6:55:1a:be:a7:6c:b9:88:3e:
f4:25:b7:5f:44:e0:e5:df:11:97:cc:92:64:0a:54:
03:78:9b:f8:52:57:e3:df:16:c5:de:fd:1a:03:a4:
c8:6e:fe:37:e9:14:6f:62:2f:a5:3a:4b:02:85:28:
f3:f8:e0:77:51:d6:c4:e4:84:97:a4:25:a2:9d:14:
9b:00:ae:69:4b:03:04:0e:4c:1e:9c:93:8c:97:8b:
00:19:b4:38:89:d9:74:73:8d:46:bd:06:9e:c8:14:
82:66:61:a5:35:53:41:06:34:c0:63:ef:d4:0f:f1:
33:26:14:68:24:b5:8c:9f:a9:c9:e0:be:76:a2:38:
a0:ec:a5:a4:9a:1e:29:85:55:6c:6b:4d:69:66:50:
b2:e2:66:5c:0f:40:5f:34:06:af:48:ba:5b:e6:de:
e5:c1:99:f0:56:a8:30:a0:1c:c0:2b:db:2e:a6:f1:
4f:51:7f:f3:8e:96:0c:b5:30:06:f9:ce:28:db:04:
9c:4e:66:37:f4:89:dc:7e:89:66:d9:21:1e:b0:17:
62:09:d2:85:1d:e1:c0:d8:60:02:f1:8c:f8:01:ed:
9b:4f:81:13:8c:7a:2c:87:6d:4f:16:35:c5:7b:86:
fb:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:44:54:6E:DF:06:0A:5C:8C:70:2B:FF:8B:43:D4:95:E7:BA:41:D3
X509v3 Authority Key Identifier:
keyid:64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZURUbt8GClyMcCv_i0PUlee6QdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.50.0/23
IPv6:
2a13:f580:7::/48
Signature Algorithm: sha256WithRSAEncryption
27:c7:26:7f:0a:51:c2:03:99:1b:00:cb:3a:69:5f:97:b4:80:
fb:ce:54:b7:88:01:f4:c9:82:0b:fb:23:8a:5e:3b:79:1d:1f:
b0:0b:0b:3e:6f:26:a1:34:cf:12:f8:b5:c3:3f:c8:f7:5f:a4:
34:68:a3:c1:d3:86:53:a2:82:e6:61:ed:fa:b9:bb:72:6b:b7:
91:db:12:a1:78:a1:72:fa:c0:6f:b6:77:cf:47:5d:75:97:4d:
4c:2a:2b:29:e8:87:f7:5e:c5:1e:da:27:d0:98:52:87:c5:d9:
38:1a:d4:53:10:d1:56:f2:d3:80:6c:2d:89:82:a2:ce:99:21:
2b:f0:62:05:a2:b2:ae:d9:1d:00:37:05:d0:7a:d8:17:72:09:
e0:9b:f4:3b:95:fb:fe:92:8a:94:a7:0b:f2:ab:14:fe:7b:51:
56:bf:c4:c7:87:a9:a4:c2:db:2e:f9:b2:10:8d:6d:d6:c5:89:
cf:01:18:12:e8:db:9c:ba:dc:c3:26:6e:df:43:ff:cf:ec:92:
47:57:57:59:3f:69:f4:7f:7b:66:9d:8a:28:56:82:52:2a:7d:
86:94:a9:83:12:5f:e0:b1:27:56:b0:55:c2:cc:de:99:72:93:
9b:7a:29:09:39:34:cc:e6:9a:f0:e0:64:18:ce:67:61:57:cd:
3e:1e:76:36
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYeTgVzyR0k7vcrzrha7J2s4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDRlODcyMzQ1MGQwYTcxMGMzMmQ5MGZmZWExODUyOTEw
NGU1MzgwHhcNMjMwNDE4MDgzNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTQ0NTQ2ZWRmMDYwYTVjOGM3MDJiZmY4YjQzZDQ5NWU3YmE0MWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwQvrm4zCWOl4UQODxNXFcfjzbm2
VRq+p2y5iD70JbdfRODl3xGXzJJkClQDeJv4Ulfj3xbF3v0aA6TIbv436RRvYi+l
OksChSjz+OB3UdbE5ISXpCWinRSbAK5pSwMEDkwenJOMl4sAGbQ4idl0c41GvQae
yBSCZmGlNVNBBjTAY+/UD/EzJhRoJLWMn6nJ4L52ojig7KWkmh4phVVsa01pZlCy
4mZcD0BfNAavSLpb5t7lwZnwVqgwoBzAK9supvFPUX/zjpYMtTAG+c4o2wScTmY3
9Incfolm2SEesBdiCdKFHeHA2GAC8Yz4Ae2bT4ETjHosh21PFjXFe4b7MQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGVEVG7fBgpcjHAr/4tD1JXnukHTMB8GA1UdIwQY
MBaAFGTU6HI0UNCnEMMtkP/qGFKRBOU4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzIt
NDIyYWVkM2E3NzAyLzEvWlVSVWJ0OEdDbHlNY0N2X2kwUFVsZWU2UWRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzItNDIyYWVkM2E3NzAy
LzEvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwcsyMA8E
AgACMAkDBwAqE/WAAAcwDQYJKoZIhvcNAQELBQADggEBACfHJn8KUcIDmRsAyzpp
X5e0gPvOVLeIAfTJggv7I4peO3kdH7ALCz5vJqE0zxL4tcM/yPdfpDRoo8HThlOi
guZh7fq5u3Jrt5HbEqF4oXL6wG+2d89HXXWXTUwqKynoh/dexR7aJ9CYUofF2Tga
1FMQ0Vby04BsLYmCos6ZISvwYgWisq7ZHQA3BdB62BdyCeCb9DuV+/6SipSnC/Kr
FP57UVa/xMeHqaTC2y75shCNbdbFic8BGBLo25y63MMmbt9D/8/skkdXV1k/afR/
e2adiihWglIqfYaUqYMSX+CxJ1awVcLM3plyk5t6KQk5NMzmmvDgZBjOZ2FXzT4e
djY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:37 2024 by rpki-client on console-ams.rpki-client.org