Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/ZJHKKP0Qs09hbfU3Epyub2kKZig.roa
File: ZJHKKP0Qs09hbfU3Epyub2kKZig.roa (raw, json)
Hash identifier: SvhD8ljKx2UJgFcZBhgLsipqvgicqrzIUs2AXLCfc7s=
Subject key identifier: 64:91:CA:28:FD:10:B3:4F:61:6D:F5:37:12:9C:AE:6F:69:0A:66:28
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 018775E78B9DFF2A4CC10AAC8C7B7F48B86B
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/ZJHKKP0Qs09hbfU3Epyub2kKZig.roa
Signing time: Wed 12 Apr 2023 14:38:41 +0000
ROA not before: Wed 12 Apr 2023 14:38:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1104
IP address blocks: 145.116.48.0/20 maxlen: 20
194.171.96.0/21 maxlen: 21
145.107.4.0/22 maxlen: 22
145.107.12.0/22 maxlen: 22
145.110.0.0/16 maxlen: 16
145.102.132.0/22 maxlen: 22
145.116.208.0/21 maxlen: 21
2001:610:120::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:75:e7:8b:9d:ff:2a:4c:c1:0a:ac:8c:7b:7f:48:b8:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Apr 12 14:38:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6491ca28fd10b34f616df537129cae6f690a6628
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:a5:78:80:ec:ef:03:66:53:08:0e:16:14:0e:
dc:11:c1:99:68:9d:22:bc:25:75:6a:63:cd:e3:23:
d0:d6:a6:8e:cd:a2:1a:8a:57:9b:e7:9e:fb:e5:d8:
6a:86:1a:4d:dd:6c:26:90:5a:42:a9:97:32:50:a2:
95:6f:75:49:de:3b:21:5c:3a:cc:26:9b:a3:89:c8:
9c:f4:ca:26:71:e0:10:35:be:a8:f9:64:67:25:28:
2a:ab:96:ea:03:25:f2:d4:95:06:bc:36:81:8c:04:
1d:1b:a1:54:6b:38:72:cc:6d:13:51:39:1f:65:d2:
8f:55:51:2d:51:10:de:21:04:72:ee:5e:cf:b3:db:
35:50:59:9e:f8:08:5d:8f:bd:64:64:27:9e:f5:b2:
dc:00:d0:7b:18:b5:48:f7:0e:65:a0:96:51:ce:58:
54:6e:d7:81:72:f0:5a:40:2f:b5:2e:13:1f:2d:9c:
df:b0:c4:18:3b:74:57:92:bf:a6:34:67:17:c2:ad:
ee:40:05:38:20:7c:a0:3c:4e:9d:8c:88:ba:17:1c:
4c:e6:83:5b:b1:2a:3c:f7:d0:33:ad:e0:a7:6f:1a:
76:de:93:50:bd:ad:a7:ce:39:cb:72:5c:1d:24:68:
c9:29:c8:9c:2d:93:f4:15:f6:7f:e0:17:e4:0d:8b:
31:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:91:CA:28:FD:10:B3:4F:61:6D:F5:37:12:9C:AE:6F:69:0A:66:28
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/ZJHKKP0Qs09hbfU3Epyub2kKZig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.102.132.0/22
145.107.4.0/22
145.107.12.0/22
145.110.0.0/16
145.116.48.0/20
145.116.208.0/21
194.171.96.0/21
IPv6:
2001:610:120::/48
Signature Algorithm: sha256WithRSAEncryption
3c:09:2f:e9:e0:07:c4:6a:bd:4e:c8:c4:e8:4f:b2:0c:84:df:
0d:9e:33:a7:65:1f:45:a3:79:e6:3b:3f:13:ef:4b:90:6a:75:
06:54:3f:f8:bb:c3:98:53:2f:48:55:94:02:7e:26:8c:95:ba:
84:fd:db:97:aa:23:2c:06:de:ec:5e:39:b9:2d:77:8b:f6:93:
35:d6:4b:eb:33:78:34:40:19:ae:ad:3c:2f:14:75:55:16:c1:
59:3e:b6:f1:82:66:6e:f9:c2:4d:42:66:b0:1d:f8:47:71:22:
3f:f0:28:67:ba:aa:a4:dc:ef:1c:8c:d0:35:86:99:f8:56:e2:
d1:55:74:1e:d0:7c:f9:b9:7a:93:05:33:88:e9:ae:fd:b8:32:
7c:6a:17:fa:68:17:8b:69:eb:f9:26:f5:ec:3d:59:18:c9:74:
8c:84:1e:a5:fb:32:7d:dc:a8:1a:29:be:f8:2c:67:d6:e0:7e:
0b:15:40:85:3e:4d:f1:59:f9:6c:96:f0:98:10:2e:14:56:d6:
fd:3f:f3:b7:5b:ed:09:a5:d5:39:47:36:89:2f:5a:dd:5d:46:
d1:54:dc:9e:dc:02:75:f9:ee:35:05:62:cc:34:c6:57:cb:45:
35:d3:20:bf:cb:30:fc:79:68:11:7b:15:88:2d:76:58:22:09:
7b:f4:78:00
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYd154ud/ypMwQqsjHt/SLhrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjMwNDEyMTQzODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDkxY2EyOGZkMTBiMzRmNjE2ZGY1MzcxMjljYWU2ZjY5MGE2NjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKV4gOzvA2ZTCA4WFA7cEcGZaJ0i
vCV1amPN4yPQ1qaOzaIaileb55775dhqhhpN3WwmkFpCqZcyUKKVb3VJ3jshXDrM
Jpujicic9MomceAQNb6o+WRnJSgqq5bqAyXy1JUGvDaBjAQdG6FUazhyzG0TUTkf
ZdKPVVEtURDeIQRy7l7Ps9s1UFme+Ahdj71kZCee9bLcANB7GLVI9w5loJZRzlhU
bteBcvBaQC+1LhMfLZzfsMQYO3RXkr+mNGcXwq3uQAU4IHygPE6djIi6FxxM5oNb
sSo899AzreCnbxp23pNQva2nzjnLclwdJGjJKcicLZP0FfZ/4BfkDYsx3QIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFGSRyij9ELNPYW31NxKcrm9pCmYoMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvWkpIS0tQMFFzMDloYmZVM0VweXViMmtLWmlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAvBAIAATApAwQCkWaEAwQC
kWsEAwQCkWsMAwMAkW4DBASRdDADBAORdNADBAPCq2AwDwQCAAIwCQMHACABBhAB
IDANBgkqhkiG9w0BAQsFAAOCAQEAPAkv6eAHxGq9TsjE6E+yDITfDZ4zp2UfRaN5
5js/E+9LkGp1BlQ/+LvDmFMvSFWUAn4mjJW6hP3bl6ojLAbe7F45uS13i/aTNdZL
6zN4NEAZrq08LxR1VRbBWT628YJmbvnCTUJmsB34R3EiP/AoZ7qqpNzvHIzQNYaZ
+Fbi0VV0HtB8+bl6kwUziOmu/bgyfGoX+mgXi2nr+Sb17D1ZGMl0jIQepfsyfdyo
Gim++Cxn1uB+CxVAhT5N8Vn5bJbwmBAuFFbW/T/zt1vtCaXVOUc2iS9a3V1G0VTc
ntwCdfnuNQVizDTGV8tFNdMgv8sw/HloEXsViC12WCIJe/R4AA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:09 2024 by rpki-client on console-fra.rpki-client.org