Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/64b8dd-9bcb-475e-bf8f-d87fb767d8bd/1/zkk-JTXqnZWuCYjDpr6RDVE1pYw.roa
File: zkk-JTXqnZWuCYjDpr6RDVE1pYw.roa (raw, json)
Hash identifier: XzzuxlOWjjJWkoNPHqg7HOmcS+drqcsE/XqwAHsjG5g=
Subject key identifier: CE:49:3E:25:35:EA:9D:95:AE:09:88:C3:A6:BE:91:0D:51:35:A5:8C
Certificate issuer: /CN=d8c18b5ad3a25f118a83bb2ffbbe795d6643663c
Certificate serial: 018CC727640697DE2BB82AB0318C180767AB
Authority key identifier: D8:C1:8B:5A:D3:A2:5F:11:8A:83:BB:2F:FB:BE:79:5D:66:43:66:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MGLWtOiXxGKg7sv-755XWZDZjw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/64b8dd-9bcb-475e-bf8f-d87fb767d8bd/1/zkk-JTXqnZWuCYjDpr6RDVE1pYw.roa
Signing time: Mon 01 Jan 2024 22:31:36 +0000
ROA not before: Mon 01 Jan 2024 22:31:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200736
IP address blocks: 91.132.132.0/24 maxlen: 24
91.132.134.0/24 maxlen: 24
91.132.133.0/24 maxlen: 24
91.132.135.0/24 maxlen: 24
185.237.220.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 06 Apr 2024 23:55:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:64:06:97:de:2b:b8:2a:b0:31:8c:18:07:67:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c18b5ad3a25f118a83bb2ffbbe795d6643663c
Validity
Not Before: Jan 1 22:31:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce493e2535ea9d95ae0988c3a6be910d5135a58c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:73:95:2e:de:16:da:5f:50:e4:98:b9:0e:4b:
39:01:fa:bb:27:61:3a:3f:20:5f:49:6d:18:35:73:
00:9e:f5:60:3e:ef:23:9e:55:00:a1:7d:15:59:ed:
17:bc:3a:96:2f:f3:ce:c4:97:de:9c:2b:82:5c:fd:
4c:6e:4d:af:b3:66:c9:2a:f1:64:7e:ee:71:b4:69:
d7:fb:ff:45:1d:94:05:c7:25:53:3f:f9:7b:d7:d6:
75:d4:80:9e:cc:78:fd:dd:1c:05:d1:5c:0b:37:a6:
85:ef:95:37:4e:ad:b0:9c:7d:00:23:9d:4f:90:81:
0f:2a:3b:75:d0:ed:8b:1b:af:85:cc:ef:db:26:da:
79:ef:70:7a:02:44:62:4e:b7:8c:57:ac:34:bc:4e:
81:ef:19:17:cb:ec:00:b9:da:a7:94:a0:18:41:bf:
16:6f:71:fb:31:6b:82:5d:5b:cc:6c:c0:66:6f:04:
87:3d:a3:a9:ad:20:3a:91:f7:91:0a:9d:82:0f:db:
5e:01:f6:7c:3d:a0:db:84:1d:24:b1:80:ae:09:99:
d7:59:3f:a8:bd:af:c4:bf:ac:f2:4f:80:40:68:9b:
ea:b5:02:7f:5d:cd:3a:ea:78:f7:7a:56:e0:ab:9a:
84:6f:00:45:a6:b9:39:59:ed:7f:fc:e3:3d:a7:ce:
c2:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:49:3E:25:35:EA:9D:95:AE:09:88:C3:A6:BE:91:0D:51:35:A5:8C
X509v3 Authority Key Identifier:
keyid:D8:C1:8B:5A:D3:A2:5F:11:8A:83:BB:2F:FB:BE:79:5D:66:43:66:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MGLWtOiXxGKg7sv-755XWZDZjw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/64b8dd-9bcb-475e-bf8f-d87fb767d8bd/1/zkk-JTXqnZWuCYjDpr6RDVE1pYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/64b8dd-9bcb-475e-bf8f-d87fb767d8bd/1/2MGLWtOiXxGKg7sv-755XWZDZjw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.132.0/22
185.237.220.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:0a:0a:7b:7d:6e:d7:a4:71:c9:b4:83:51:fc:08:30:82:3f:
80:cf:57:ee:86:23:d9:d1:82:8b:c7:7b:6b:5c:f4:c6:57:1d:
b6:f4:51:cc:27:1c:a1:78:74:2b:86:43:5a:b8:99:50:82:28:
51:ef:e2:f8:bc:e6:51:be:12:ea:c9:d5:ae:0b:d0:51:ae:a3:
8c:78:0f:95:93:21:fa:7e:7e:2a:18:a6:88:2c:8c:b8:6c:23:
c5:32:5d:fa:dc:46:08:0d:23:94:28:44:2a:72:68:e4:4a:3b:
96:d5:14:f2:bd:72:9b:77:a5:e3:aa:4d:8d:81:54:bc:34:f9:
d6:3a:2d:6b:5f:20:af:7b:c3:47:23:ee:c3:8e:60:54:02:a0:
1c:65:ef:79:4e:35:32:7a:5b:42:71:df:f1:89:87:6e:38:51:
cd:9f:b2:f0:2e:65:a9:3d:48:1e:4e:29:28:4c:ff:6c:ad:96:
31:c3:91:d4:f1:9f:05:f3:1b:36:4d:b8:5e:c1:f6:8f:46:46:
87:08:6e:d6:9d:9c:96:7e:a3:29:58:62:66:8e:0f:ee:dd:28:
7c:cf:be:8d:a2:7d:aa:7e:de:3a:a1:e4:85:d3:41:ff:2a:43:
d0:39:67:47:e3:27:19:71:18:6f:79:35:07:26:3f:e7:2e:de:
ce:ff:41:83
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHJ2QGl94ruCqwMYwYB2erMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzE4YjVhZDNhMjVmMTE4YTgzYmIyZmZiYmU3OTVkNjY0
MzY2M2MwHhcNMjQwMTAxMjIzMTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTQ5M2UyNTM1ZWE5ZDk1YWUwOTg4YzNhNmJlOTEwZDUxMzVhNThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynOVLt4W2l9Q5Ji5Dks5Afq7J2E6
PyBfSW0YNXMAnvVgPu8jnlUAoX0VWe0XvDqWL/POxJfenCuCXP1Mbk2vs2bJKvFk
fu5xtGnX+/9FHZQFxyVTP/l719Z11ICezHj93RwF0VwLN6aF75U3Tq2wnH0AI51P
kIEPKjt10O2LG6+FzO/bJtp573B6AkRiTreMV6w0vE6B7xkXy+wAudqnlKAYQb8W
b3H7MWuCXVvMbMBmbwSHPaOprSA6kfeRCp2CD9teAfZ8PaDbhB0ksYCuCZnXWT+o
va/Ev6zyT4BAaJvqtQJ/Xc066nj3elbgq5qEbwBFprk5We1//OM9p87CMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM5JPiU16p2VrgmIw6a+kQ1RNaWMMB8GA1UdIwQY
MBaAFNjBi1rTol8RioO7L/u+eV1mQ2Y8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1HTFd0T2lYeEdLZzdzdi03NTVYV1pEWmp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy82NGI4ZGQtOWJjYi00NzVlLWJmOGYt
ZDg3ZmI3NjdkOGJkLzEvemtrLUpUWHFuWld1Q1lqRHByNlJEVkUxcFl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy82NGI4ZGQtOWJjYi00NzVlLWJmOGYtZDg3ZmI3NjdkOGJk
LzEvMk1HTFd0T2lYeEdLZzdzdi03NTVYV1pEWmp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW4SEAwQC
ue3cMA0GCSqGSIb3DQEBCwUAA4IBAQAcCgp7fW7XpHHJtINR/Agwgj+Az1fuhiPZ
0YKLx3trXPTGVx229FHMJxyheHQrhkNauJlQgihR7+L4vOZRvhLqydWuC9BRrqOM
eA+VkyH6fn4qGKaILIy4bCPFMl363EYIDSOUKEQqcmjkSjuW1RTyvXKbd6Xjqk2N
gVS8NPnWOi1rXyCve8NHI+7DjmBUAqAcZe95TjUyeltCcd/xiYduOFHNn7LwLmWp
PUgeTikoTP9srZYxw5HU8Z8F8xs2TbhewfaPRkaHCG7WnZyWfqMpWGJmjg/u3Sh8
z76Non2qft46oeSF00H/KkPQOWdH4ycZcRhveTUHJj/nLt7O/0GD
-----END CERTIFICATE-----
Generated at Sun Apr 7 00:23:15 2024 by rpki-client on console-ams.rpki-client.org