Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/93da3a-87d5-4433-9f38-a296092be153/1/zkvkoENsL5piwHXOvbWUAt1QPtE.roa
File: zkvkoENsL5piwHXOvbWUAt1QPtE.roa (raw, json)
Hash identifier: GE1txPpgqutIOjnQFxEmFOpUTUP8dlfFQ1rNT9ElMAY=
Subject key identifier: CE:4B:E4:A0:43:6C:2F:9A:62:C0:75:CE:BD:B5:94:02:DD:50:3E:D1
Certificate issuer: /CN=8348da7cbe8ca41865bda1a082e00cb5c25887af
Certificate serial: 018CC4923F7D109B903529E3B75C868C1B27
Authority key identifier: 83:48:DA:7C:BE:8C:A4:18:65:BD:A1:A0:82:E0:0C:B5:C2:58:87:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g0jafL6MpBhlvaGgguAMtcJYh68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/93da3a-87d5-4433-9f38-a296092be153/1/zkvkoENsL5piwHXOvbWUAt1QPtE.roa
Signing time: Mon 01 Jan 2024 10:29:27 +0000
ROA not before: Mon 01 Jan 2024 10:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208419
IP address blocks: 45.138.20.0/22 maxlen: 22
2a0e:ab40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:3f:7d:10:9b:90:35:29:e3:b7:5c:86:8c:1b:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8348da7cbe8ca41865bda1a082e00cb5c25887af
Validity
Not Before: Jan 1 10:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce4be4a0436c2f9a62c075cebdb59402dd503ed1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:9f:0e:51:2e:a8:c4:15:ee:8c:83:8e:87:cb:
a4:64:b9:52:21:37:05:b8:6f:32:7e:89:3c:1f:07:
73:f7:2f:41:cb:01:54:ae:3b:80:8b:c6:c3:ea:0d:
ed:37:73:36:7c:3c:3d:49:2e:90:57:30:88:e1:4b:
9b:2e:3c:18:1e:d5:59:5b:95:af:81:47:8c:bf:09:
9c:17:8f:df:09:60:20:24:49:e9:18:65:4d:24:ec:
80:01:7a:06:b4:6a:e6:d0:c3:7d:6d:33:fd:41:d7:
55:d5:2c:d7:c5:9b:66:d4:5d:59:f5:ca:a4:ed:df:
9a:9d:d0:93:6d:ac:1f:99:0d:3e:5c:93:fe:35:3b:
10:c4:f7:a9:a6:d4:5d:2a:2e:76:c2:df:22:ac:29:
82:20:dc:51:2b:65:c2:01:77:05:70:0f:13:de:74:
c5:e0:cd:fc:4d:a7:1f:bc:5c:4f:42:ec:90:da:59:
17:85:d4:16:82:56:7f:b8:af:1c:b1:7d:d1:b2:39:
7d:7a:a2:b0:bb:76:ba:b8:78:4e:ef:2a:e3:b5:03:
0f:20:7a:c9:ff:a9:09:c6:8c:25:90:f6:2e:9d:d8:
12:96:27:40:c8:3e:e4:a7:61:60:cd:f0:d7:30:63:
fa:e7:db:d3:4f:b8:ee:d2:5a:a4:a3:b9:5a:e4:03:
f3:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:4B:E4:A0:43:6C:2F:9A:62:C0:75:CE:BD:B5:94:02:DD:50:3E:D1
X509v3 Authority Key Identifier:
keyid:83:48:DA:7C:BE:8C:A4:18:65:BD:A1:A0:82:E0:0C:B5:C2:58:87:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g0jafL6MpBhlvaGgguAMtcJYh68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/93da3a-87d5-4433-9f38-a296092be153/1/zkvkoENsL5piwHXOvbWUAt1QPtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/93da3a-87d5-4433-9f38-a296092be153/1/g0jafL6MpBhlvaGgguAMtcJYh68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.20.0/22
IPv6:
2a0e:ab40::/29
Signature Algorithm: sha256WithRSAEncryption
0d:11:67:8f:a3:6a:aa:eb:16:f2:7a:a0:09:e1:81:7b:a9:dc:
9f:1d:7b:54:a3:36:87:fd:ff:fd:e7:bb:1f:51:80:96:87:3d:
0d:45:8a:f0:56:2c:9c:0b:9b:72:14:61:c4:6a:c6:69:a6:9b:
1f:02:aa:5a:b1:3a:bc:7c:f2:90:0c:8a:7e:54:6f:23:1c:9c:
ea:00:67:ce:2a:ac:c8:d7:e6:70:c0:86:de:0e:2c:da:bb:a7:
49:5b:6f:12:54:af:2c:af:d4:91:68:3d:fe:e3:da:4a:19:ef:
54:c2:c7:02:5f:2d:94:cb:bd:fb:9c:2f:ab:1f:a0:e2:71:80:
01:33:71:03:c9:71:1a:1a:0a:80:43:c4:f4:1f:0c:08:80:23:
27:3e:94:33:0c:3b:f6:51:8a:7b:28:7c:7c:2e:68:87:a1:79:
26:1d:4d:a9:14:b6:f3:63:95:9b:a5:59:72:2b:28:52:34:9e:
02:f5:62:0f:ee:69:09:37:89:fc:ba:f9:b8:89:58:a8:84:a8:
4c:91:b4:20:9d:f1:35:43:d3:9d:82:32:c0:e0:50:50:6b:c6:
5b:f0:c0:dd:83:34:58:99:e9:a3:be:6d:26:03:83:b6:97:92:
92:47:f2:5d:fa:0f:0b:29:37:ee:08:cd:e0:3f:e0:c7:2f:4f:
11:e8:22:ee
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEkj99EJuQNSnjt1yGjBsnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNDhkYTdjYmU4Y2E0MTg2NWJkYTFhMDgyZTAwY2I1YzI1
ODg3YWYwHhcNMjQwMTAxMTAyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTRiZTRhMDQzNmMyZjlhNjJjMDc1Y2ViZGI1OTQwMmRkNTAzZWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk58OUS6oxBXujIOOh8ukZLlSITcF
uG8yfok8Hwdz9y9BywFUrjuAi8bD6g3tN3M2fDw9SS6QVzCI4UubLjwYHtVZW5Wv
gUeMvwmcF4/fCWAgJEnpGGVNJOyAAXoGtGrm0MN9bTP9QddV1SzXxZtm1F1Z9cqk
7d+andCTbawfmQ0+XJP+NTsQxPepptRdKi52wt8irCmCINxRK2XCAXcFcA8T3nTF
4M38TacfvFxPQuyQ2lkXhdQWglZ/uK8csX3Rsjl9eqKwu3a6uHhO7yrjtQMPIHrJ
/6kJxowlkPYundgSlidAyD7kp2FgzfDXMGP659vTT7ju0lqko7la5APzWwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM5L5KBDbC+aYsB1zr21lALdUD7RMB8GA1UdIwQY
MBaAFINI2ny+jKQYZb2hoILgDLXCWIevMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzBqYWZMNk1wQmhsdmFHZ2d1QU10Y0pZaDY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS85M2RhM2EtODdkNS00NDMzLTlmMzgt
YTI5NjA5MmJlMTUzLzEvemt2a29FTnNMNXBpd0hYT3ZiV1VBdDFRUHRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS85M2RhM2EtODdkNS00NDMzLTlmMzgtYTI5NjA5MmJlMTUz
LzEvZzBqYWZMNk1wQmhsdmFHZ2d1QU10Y0pZaDY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYoUMA0E
AgACMAcDBQMqDqtAMA0GCSqGSIb3DQEBCwUAA4IBAQANEWePo2qq6xbyeqAJ4YF7
qdyfHXtUozaH/f/957sfUYCWhz0NRYrwViycC5tyFGHEasZpppsfAqpasTq8fPKQ
DIp+VG8jHJzqAGfOKqzI1+ZwwIbeDizau6dJW28SVK8sr9SRaD3+49pKGe9UwscC
Xy2Uy737nC+rH6DicYABM3EDyXEaGgqAQ8T0HwwIgCMnPpQzDDv2UYp7KHx8LmiH
oXkmHU2pFLbzY5WbpVlyKyhSNJ4C9WIP7mkJN4n8uvm4iViohKhMkbQgnfE1Q9Od
gjLA4FBQa8Zb8MDdgzRYmemjvm0mA4O2l5KSR/Jd+g8LKTfuCM3gP+DHL08R6CLu
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:07 2025 by rpki-client