Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/ZkRt2ItB0blCU62zF5Mv70rbeHA.roa
File: ZkRt2ItB0blCU62zF5Mv70rbeHA.roa (raw, json)
Hash identifier: LHbmyHvIZwopmpN3EVSENPKjzcEyRY1BR0yg4UR+Cak=
Subject key identifier: 66:44:6D:D8:8B:41:D1:B9:42:53:AD:B3:17:93:2F:EF:4A:DB:78:70
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 01856BC1160766E00AAFD671EDBE7CB16C1F
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/ZkRt2ItB0blCU62zF5Mv70rbeHA.roa
Signing time: Sun 01 Jan 2023 05:14:54 +0000
ROA not before: Sun 01 Jan 2023 05:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 37.19.64.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:c1:16:07:66:e0:0a:af:d6:71:ed:be:7c:b1:6c:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: Jan 1 05:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66446dd88b41d1b94253adb317932fef4adb7870
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:83:88:09:47:e2:a9:89:fe:a8:78:b1:2a:64:
75:7f:4d:31:45:6c:d0:fe:01:e3:b4:8e:61:70:f2:
ae:ae:0d:89:6b:f7:81:67:b6:74:e2:c5:85:35:36:
5d:83:d5:28:c3:cb:70:d5:a7:22:41:67:83:1b:fc:
3e:21:b2:72:23:50:e1:25:69:dd:26:a0:80:a0:62:
cb:f0:25:4e:40:f9:93:ce:f7:34:df:b0:fd:df:25:
bd:a6:04:48:9d:07:b0:88:be:e9:a8:4d:d8:8d:86:
37:ce:21:f4:23:5b:e0:ce:00:c7:68:5e:f6:96:39:
26:73:8d:d7:e6:7e:3e:9d:e8:03:cc:93:8e:63:d9:
7b:ee:1d:fc:3f:ec:6c:f1:95:ae:12:f0:af:06:9c:
e9:da:81:8c:d6:56:22:f5:b8:3e:b4:fd:68:cb:bb:
ae:2e:2f:37:aa:b2:3e:2a:87:15:10:3f:4f:0b:70:
f5:4c:f5:18:38:27:5e:f9:72:c6:d0:91:95:44:c5:
ef:cb:27:35:95:dc:ff:4b:0f:97:61:4b:fe:0c:69:
e0:89:36:09:52:d0:db:dc:45:e4:89:d9:6c:b9:d1:
47:eb:cf:b4:bd:48:ff:e2:9f:b9:d1:d7:be:5f:69:
f3:9c:db:6a:de:41:ad:32:3a:5d:02:10:2d:ae:dd:
78:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:44:6D:D8:8B:41:D1:B9:42:53:AD:B3:17:93:2F:EF:4A:DB:78:70
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/ZkRt2ItB0blCU62zF5Mv70rbeHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.19.64.0/22
Signature Algorithm: sha256WithRSAEncryption
37:5b:59:b3:35:30:85:69:88:b9:55:72:61:65:0a:c3:9d:2d:
e6:05:18:f8:6f:7e:0f:0b:ee:90:b0:7b:24:25:92:d5:1d:24:
e7:43:68:59:5a:9a:eb:5c:e8:2e:36:43:b4:a2:80:9c:47:11:
5b:cd:f9:64:7e:2b:41:4c:65:3b:b1:79:6f:a9:78:9b:23:64:
f5:ef:8e:b9:9c:45:e8:1a:68:b3:b6:35:f0:5e:6b:e2:b5:3d:
28:b0:db:d4:85:b7:72:21:48:e3:b4:41:d0:e9:eb:49:ae:51:
09:33:1a:7a:83:d9:30:ac:4e:a1:6b:2f:64:35:58:02:2e:f4:
94:69:73:3d:ff:ef:80:69:62:73:d8:9c:5f:3a:1a:f1:b9:a5:
11:29:d5:3f:d7:6c:d8:17:89:7b:65:f1:86:71:be:58:b9:2d:
e4:c7:13:28:04:ef:1f:ee:18:da:96:fa:f2:56:55:bd:51:9b:
e8:0f:1d:a6:7d:ed:16:91:67:7b:65:5a:f8:11:4e:c2:92:e4:
49:11:c7:14:bf:bb:fc:4c:a5:ac:0b:75:06:0b:2c:32:56:6d:
b8:2f:4d:5d:0d:1a:96:06:32:36:d8:49:3c:c3:d4:c4:04:07:
be:1d:8e:99:77:25:27:2f:16:dc:40:8e:20:c9:f9:2a:43:3a:
f5:50:de:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrwRYHZuAKr9Zx7b58sWwfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjMwMTAxMDUxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjQ0NmRkODhiNDFkMWI5NDI1M2FkYjMxNzkzMmZlZjRhZGI3ODcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoOICUfiqYn+qHixKmR1f00xRWzQ
/gHjtI5hcPKurg2Ja/eBZ7Z04sWFNTZdg9Uow8tw1aciQWeDG/w+IbJyI1DhJWnd
JqCAoGLL8CVOQPmTzvc037D93yW9pgRInQewiL7pqE3YjYY3ziH0I1vgzgDHaF72
ljkmc43X5n4+negDzJOOY9l77h38P+xs8ZWuEvCvBpzp2oGM1lYi9bg+tP1oy7uu
Li83qrI+KocVED9PC3D1TPUYOCde+XLG0JGVRMXvyyc1ldz/Sw+XYUv+DGngiTYJ
UtDb3EXkidlsudFH68+0vUj/4p+50de+X2nznNtq3kGtMjpdAhAtrt14WwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGZEbdiLQdG5QlOtsxeTL+9K23hwMB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvWmtSdDJJdEIwYmxDVTYyekY1TXY3MHJiZUhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJRNAMA0G
CSqGSIb3DQEBCwUAA4IBAQA3W1mzNTCFaYi5VXJhZQrDnS3mBRj4b34PC+6QsHsk
JZLVHSTnQ2hZWprrXOguNkO0ooCcRxFbzflkfitBTGU7sXlvqXibI2T17465nEXo
GmiztjXwXmvitT0osNvUhbdyIUjjtEHQ6etJrlEJMxp6g9kwrE6hay9kNVgCLvSU
aXM9/++AaWJz2JxfOhrxuaURKdU/12zYF4l7ZfGGcb5YuS3kxxMoBO8f7hjalvry
VlW9UZvoDx2mfe0WkWd7ZVr4EU7CkuRJEccUv7v8TKWsC3UGCywyVm24L01dDRqW
BjI22Ek8w9TEBAe+HY6ZdyUnLxbcQI4gyfkqQzr1UN49
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:05 2024 by rpki-client on console-fra.rpki-client.org