Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/699704-8004-4614-b44c-2ca492f6d7a8/1/Zs5-pc0N6TqmG7DBud3iy61MM74.roa
File: Zs5-pc0N6TqmG7DBud3iy61MM74.roa (raw, json)
Hash identifier: kKU+kFhiNtEDwvaJ8JH7L29xFlYNfriA6kL1gk9j58s=
Subject key identifier: 66:CE:7E:A5:CD:0D:E9:3A:A6:1B:B0:C1:B9:DD:E2:CB:AD:4C:33:BE
Certificate issuer: /CN=74a4f3c0b66a4c93e80ff5f6d89ad8673e943c5f
Certificate serial: 01856FF02BE523AA8E152CF094C4EE66A7EA
Authority key identifier: 74:A4:F3:C0:B6:6A:4C:93:E8:0F:F5:F6:D8:9A:D8:67:3E:94:3C:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dKTzwLZqTJPoD_X22JrYZz6UPF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/699704-8004-4614-b44c-2ca492f6d7a8/1/Zs5-pc0N6TqmG7DBud3iy61MM74.roa
Signing time: Mon 02 Jan 2023 00:44:48 +0000
ROA not before: Mon 02 Jan 2023 00:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50213
IP address blocks: 91.213.203.0/24 maxlen: 24
2001:67c:398::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:2b:e5:23:aa:8e:15:2c:f0:94:c4:ee:66:a7:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74a4f3c0b66a4c93e80ff5f6d89ad8673e943c5f
Validity
Not Before: Jan 2 00:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66ce7ea5cd0de93aa61bb0c1b9dde2cbad4c33be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:69:b2:dc:b1:ac:e6:a0:b4:93:38:d3:70:0d:
e8:80:a2:3d:e2:65:f1:f7:4f:61:fd:e2:22:f0:78:
49:67:41:0d:9d:eb:18:91:1f:55:07:b6:20:d4:a6:
1f:b5:ba:a5:7e:a4:ea:c7:34:1f:b5:e3:b9:56:6d:
3c:36:a6:7c:b0:87:96:03:90:e8:05:91:fa:bf:56:
bc:ed:02:bc:58:c6:ea:a6:e9:f2:7a:2c:ca:66:83:
74:93:13:dc:13:55:73:8d:b0:c5:aa:fc:49:97:c6:
79:59:3f:71:51:7b:22:35:5f:22:4c:b2:51:d7:45:
c9:47:00:37:44:0c:5d:a6:73:08:5c:a9:a1:3d:5f:
d7:5d:fb:89:b0:c5:43:ab:fe:1e:f8:7a:be:32:fe:
9d:4d:6b:e0:b2:ba:b8:02:9d:fa:24:04:4b:c6:e7:
75:f2:49:fe:6d:99:c5:d0:82:0d:e1:4c:e3:8f:db:
dc:a9:96:0b:c8:1c:df:75:9a:5a:83:06:10:0b:2a:
47:29:7f:b1:6d:f6:26:8e:5d:e3:38:a3:29:b0:fe:
47:a3:a3:b0:71:e1:1b:04:a6:8f:71:43:30:4c:28:
29:4c:f8:e5:cc:d5:50:af:bf:76:01:81:80:e8:60:
1f:50:e1:30:85:ad:f8:82:4d:0f:bc:3e:78:9d:23:
88:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:CE:7E:A5:CD:0D:E9:3A:A6:1B:B0:C1:B9:DD:E2:CB:AD:4C:33:BE
X509v3 Authority Key Identifier:
keyid:74:A4:F3:C0:B6:6A:4C:93:E8:0F:F5:F6:D8:9A:D8:67:3E:94:3C:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dKTzwLZqTJPoD_X22JrYZz6UPF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/699704-8004-4614-b44c-2ca492f6d7a8/1/Zs5-pc0N6TqmG7DBud3iy61MM74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/699704-8004-4614-b44c-2ca492f6d7a8/1/dKTzwLZqTJPoD_X22JrYZz6UPF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.203.0/24
IPv6:
2001:67c:398::/48
Signature Algorithm: sha256WithRSAEncryption
14:c3:e6:82:e4:aa:0d:60:91:1b:af:86:42:d1:ef:c1:22:80:
a1:31:fc:7c:11:82:ca:da:61:b1:8a:16:98:c3:f2:57:3b:46:
8b:9c:25:87:76:1e:9d:f2:15:35:a9:bf:2a:df:6c:aa:bf:28:
dd:87:d4:d4:ac:96:31:6d:12:f6:ab:0f:5c:14:19:d5:33:f3:
ed:a1:46:d7:87:15:d6:6a:73:82:d1:ad:c0:38:ad:5b:52:77:
81:14:a1:7b:e5:74:ef:b7:4e:5c:ff:80:04:b2:6d:05:c2:89:
d4:a7:78:aa:50:65:4b:c3:1c:b1:24:a2:d6:fa:6c:63:74:00:
b0:79:fe:9f:e6:55:f1:9a:4d:16:8d:25:0f:91:af:6f:b1:7b:
bb:fd:fe:7b:c3:1e:5a:66:9a:7f:2e:27:9c:0a:e2:f7:33:d7:
5b:41:37:9d:04:ad:b9:d8:22:11:f6:5e:7d:ec:3c:1f:3d:f6:
18:93:40:dc:02:95:c3:6c:3b:b7:6d:f0:47:f5:bc:55:f0:27:
3b:1b:0a:36:c5:aa:25:62:34:2c:97:3a:3b:fc:96:29:3e:da:
3e:42:47:c0:59:d3:a1:e1:e6:e9:37:6d:89:ef:f7:9e:74:f7:
01:ad:0d:a2:c0:e2:4f:04:00:25:af:27:cd:6e:54:8d:7c:56:
14:22:df:f9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVv8CvlI6qOFSzwlMTuZqfqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YTRmM2MwYjY2YTRjOTNlODBmZjVmNmQ4OWFkODY3M2U5
NDNjNWYwHhcNMjMwMTAyMDA0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmNlN2VhNWNkMGRlOTNhYTYxYmIwYzFiOWRkZTJjYmFkNGMzM2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmmy3LGs5qC0kzjTcA3ogKI94mXx
909h/eIi8HhJZ0ENnesYkR9VB7Yg1KYftbqlfqTqxzQfteO5Vm08NqZ8sIeWA5Do
BZH6v1a87QK8WMbqpunyeizKZoN0kxPcE1VzjbDFqvxJl8Z5WT9xUXsiNV8iTLJR
10XJRwA3RAxdpnMIXKmhPV/XXfuJsMVDq/4e+Hq+Mv6dTWvgsrq4Ap36JARLxud1
8kn+bZnF0IIN4Uzjj9vcqZYLyBzfdZpagwYQCypHKX+xbfYmjl3jOKMpsP5Ho6Ow
ceEbBKaPcUMwTCgpTPjlzNVQr792AYGA6GAfUOEwha34gk0PvD54nSOIfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGbOfqXNDek6phuwwbnd4sutTDO+MB8GA1UdIwQY
MBaAFHSk88C2akyT6A/19tia2Gc+lDxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEtUendMWnFUSlBvRF9YMjJKcllaejZVUEY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi82OTk3MDQtODAwNC00NjE0LWI0NGMt
MmNhNDkyZjZkN2E4LzEvWnM1LXBjME42VHFtRzdEQnVkM2l5NjFNTTc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi82OTk3MDQtODAwNC00NjE0LWI0NGMtMmNhNDkyZjZkN2E4
LzEvZEtUendMWnFUSlBvRF9YMjJKcllaejZVUEY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9XLMA8E
AgACMAkDBwAgAQZ8A5gwDQYJKoZIhvcNAQELBQADggEBABTD5oLkqg1gkRuvhkLR
78EigKEx/HwRgsraYbGKFpjD8lc7RoucJYd2Hp3yFTWpvyrfbKq/KN2H1NSsljFt
EvarD1wUGdUz8+2hRteHFdZqc4LRrcA4rVtSd4EUoXvldO+3Tlz/gASybQXCidSn
eKpQZUvDHLEkotb6bGN0ALB5/p/mVfGaTRaNJQ+Rr2+xe7v9/nvDHlpmmn8uJ5wK
4vcz11tBN50ErbnYIhH2Xn3sPB899hiTQNwClcNsO7dt8Ef1vFXwJzsbCjbFqiVi
NCyXOjv8lik+2j5CR8BZ06Hh5uk3bYnv95509wGtDaLA4k8EACWvJ81uVI18VhQi
3/k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:37 2024 by rpki-client on console-fra.rpki-client.org