Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/zzVGIzXnKWRIo5N0yXRDYKRJr2A.roa
File: zzVGIzXnKWRIo5N0yXRDYKRJr2A.roa (raw, json)
Hash identifier: pLgoD+ztCkk7w9p/Vzypx+BULfnwkboSLrE2eAdUJsc=
Subject key identifier: CF:35:46:23:35:E7:29:64:48:A3:93:74:C9:74:43:60:A4:49:AF:60
Certificate issuer: /CN=e916dc9db4e49de71b2fd0819dae853aeb053b06
Certificate serial: 018CC6B7F763E6EBE95C77C45A8AD4A5218F
Authority key identifier: E9:16:DC:9D:B4:E4:9D:E7:1B:2F:D0:81:9D:AE:85:3A:EB:05:3B:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/zzVGIzXnKWRIo5N0yXRDYKRJr2A.roa
Signing time: Mon 01 Jan 2024 20:29:54 +0000
ROA not before: Mon 01 Jan 2024 20:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216129
IP address blocks: 107.161.154.0/24 maxlen: 24
199.83.103.0/24 maxlen: 24
2a13:d200:7::/48 maxlen: 48
2a13:d200::/29 maxlen: 29
2a13:d200:8::/48 maxlen: 48
2a13:d200:6::/48 maxlen: 48
2a13:d200:9::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:f7:63:e6:eb:e9:5c:77:c4:5a:8a:d4:a5:21:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e916dc9db4e49de71b2fd0819dae853aeb053b06
Validity
Not Before: Jan 1 20:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf35462335e7296448a39374c9744360a449af60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2d:55:11:0a:38:c7:a3:e6:4f:ba:cd:7e:9c:
17:f8:59:d7:98:66:93:09:c2:c6:a9:67:03:ff:24:
23:a3:8f:d5:14:6f:15:58:c3:77:29:d9:5e:15:cf:
61:49:2b:fa:59:46:ba:93:7b:f1:83:eb:c5:c7:8f:
88:2f:bd:e8:02:4f:3c:b3:d7:e6:dc:bf:a1:0f:7a:
9b:f7:ce:27:c7:1a:25:05:1b:6a:b1:d0:0a:c7:a1:
4a:e5:8a:be:9f:6f:d0:36:54:62:5e:80:df:1f:2b:
21:16:ef:b3:d1:54:f0:d8:16:8e:24:7a:72:b4:8b:
8e:7c:f8:6d:5c:8a:d0:ed:e2:0d:94:b4:d0:53:ec:
89:90:af:8e:e0:94:14:60:85:0f:3e:51:b1:3f:52:
d4:7b:d5:80:88:65:68:63:c0:52:c1:0f:29:f8:6e:
74:83:f6:49:5d:f2:f1:03:75:44:70:ff:31:1b:57:
67:e3:2d:6d:fa:16:96:40:08:58:25:4c:74:36:bb:
95:cc:83:38:fd:77:20:4c:37:8a:6a:f2:a7:ac:4c:
78:df:ee:e1:4b:e6:99:2d:a1:89:3e:f5:d6:d7:f5:
64:bc:1d:42:a1:97:25:4a:67:58:2d:14:b9:47:c4:
bd:e2:d7:2a:1a:d5:5f:dc:22:45:28:fd:0f:15:4f:
69:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:35:46:23:35:E7:29:64:48:A3:93:74:C9:74:43:60:A4:49:AF:60
X509v3 Authority Key Identifier:
keyid:E9:16:DC:9D:B4:E4:9D:E7:1B:2F:D0:81:9D:AE:85:3A:EB:05:3B:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/zzVGIzXnKWRIo5N0yXRDYKRJr2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/6RbcnbTknecbL9CBna6FOusFOwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.161.154.0/24
199.83.103.0/24
IPv6:
2a13:d200::/29
Signature Algorithm: sha256WithRSAEncryption
33:9b:b8:a5:9b:57:80:a8:70:55:fd:73:2b:c5:f3:11:b1:0f:
af:d8:7d:0c:5a:75:a9:87:18:14:da:fb:3e:aa:6e:95:ad:3b:
fd:6d:f4:d4:b4:00:ae:5b:3f:9f:39:cf:e7:25:5d:01:71:86:
c4:65:ce:52:ab:f6:eb:f2:8e:67:09:25:85:38:34:e2:5e:1e:
5c:11:a2:36:01:84:3e:be:2f:81:5e:4a:7a:5e:53:c0:fe:85:
bb:da:d2:bd:f4:3a:63:b8:0a:cc:f8:de:ce:5a:b9:4b:2d:e2:
dc:5a:a0:be:32:bf:52:0a:2f:95:e1:47:ea:95:ba:44:5d:66:
8d:22:f4:75:3c:a2:74:ca:48:80:b7:35:19:f8:2a:0d:75:b5:
0a:69:f4:69:ac:a6:c8:ff:8d:9a:14:ea:26:42:1a:2d:f7:9a:
47:38:09:ef:ed:e6:74:4e:57:ae:fe:fa:d0:81:20:b8:8b:a2:
4d:84:ca:37:85:72:52:e5:6e:1b:20:60:d1:59:47:dc:33:97:
6c:4b:90:8e:75:81:00:ab:94:62:ba:55:6d:2c:db:33:f5:47:
6a:20:f4:2f:ec:e9:37:5f:96:ff:8b:ec:91:b4:ef:32:f1:f0:
57:43:8c:09:bd:aa:a0:dc:43:74:55:e0:00:64:44:4b:0c:78:
63:d7:af:bb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGt/dj5uvpXHfEWorUpSGPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MTZkYzlkYjRlNDlkZTcxYjJmZDA4MTlkYWU4NTNhZWIw
NTNiMDYwHhcNMjQwMTAxMjAyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjM1NDYyMzM1ZTcyOTY0NDhhMzkzNzRjOTc0NDM2MGE0NDlhZjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuS1VEQo4x6PmT7rNfpwX+FnXmGaT
CcLGqWcD/yQjo4/VFG8VWMN3KdleFc9hSSv6WUa6k3vxg+vFx4+IL73oAk88s9fm
3L+hD3qb984nxxolBRtqsdAKx6FK5Yq+n2/QNlRiXoDfHyshFu+z0VTw2BaOJHpy
tIuOfPhtXIrQ7eINlLTQU+yJkK+O4JQUYIUPPlGxP1LUe9WAiGVoY8BSwQ8p+G50
g/ZJXfLxA3VEcP8xG1dn4y1t+haWQAhYJUx0NruVzIM4/XcgTDeKavKnrEx43+7h
S+aZLaGJPvXW1/VkvB1CoZclSmdYLRS5R8S94tcqGtVf3CJFKP0PFU9pdQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM81RiM15ylkSKOTdMl0Q2CkSa9gMB8GA1UdIwQY
MBaAFOkW3J205J3nGy/QgZ2uhTrrBTsGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlJiY25iVGtuZWNiTDlDQm5hNkZPdXNGT3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8xYWY0YTUtMGQ2Yy00Nzc2LWJlNWMt
YmU4NTJmNjQ0MjAxLzEvenpWR0l6WG5LV1JJbzVOMHlYUkRZS1JKcjJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8xYWY0YTUtMGQ2Yy00Nzc2LWJlNWMtYmU4NTJmNjQ0MjAx
LzEvNlJiY25iVGtuZWNiTDlDQm5hNkZPdXNGT3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAa6GaAwQA
x1NnMA0EAgACMAcDBQMqE9IAMA0GCSqGSIb3DQEBCwUAA4IBAQAzm7ilm1eAqHBV
/XMrxfMRsQ+v2H0MWnWphxgU2vs+qm6VrTv9bfTUtACuWz+fOc/nJV0BcYbEZc5S
q/br8o5nCSWFODTiXh5cEaI2AYQ+vi+BXkp6XlPA/oW72tK99DpjuArM+N7OWrlL
LeLcWqC+Mr9SCi+V4UfqlbpEXWaNIvR1PKJ0ykiAtzUZ+CoNdbUKafRprKbI/42a
FOomQhot95pHOAnv7eZ0Tleu/vrQgSC4i6JNhMo3hXJS5W4bIGDRWUfcM5dsS5CO
dYEAq5RiulVtLNsz9UdqIPQv7Ok3X5b/i+yRtO8y8fBXQ4wJvaqg3EN0VeAAZERL
DHhj16+7
-----END CERTIFICATE-----
Generated at Tue Jan 2 23:53:06 2024 by rpki-client on console-ams.rpki-client.org