Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/ZkusOC4TE2EkiuOp61sqgyrJJGs.roa
File: ZkusOC4TE2EkiuOp61sqgyrJJGs.roa (raw, json)
Hash identifier: J+54IneIHA6cVO8jX/LcNEf4pW1MoFEdrHDD8CKP9Ks=
Subject key identifier: 66:4B:AC:38:2E:13:13:61:24:8A:E3:A9:EB:5B:2A:83:2A:C9:24:6B
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 01890299269029E0A24594A31A00772B053F
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/ZkusOC4TE2EkiuOp61sqgyrJJGs.roa
Signing time: Wed 28 Jun 2023 15:22:18 +0000
ROA not before: Wed 28 Jun 2023 15:22:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204544
IP address blocks: 87.107.152.0/23 maxlen: 24
87.107.166.0/23 maxlen: 24
62.220.126.0/23 maxlen: 24
81.12.24.0/23 maxlen: 24
81.12.30.0/23 maxlen: 24
87.107.174.0/23 maxlen: 24
87.107.144.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:02:99:26:90:29:e0:a2:45:94:a3:1a:00:77:2b:05:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jun 28 15:22:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=664bac382e131361248ae3a9eb5b2a832ac9246b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:04:b7:00:c8:6a:73:39:81:73:82:00:8b:62:
e5:64:86:63:94:c8:20:2f:5d:5c:a0:bf:4b:62:33:
19:4f:f1:26:9a:8d:0a:68:c5:84:f1:ed:84:bd:59:
f8:40:5b:24:67:0c:21:9b:22:a8:9d:a9:2c:69:84:
d7:0b:f3:f1:d9:65:cf:dc:62:e3:c3:19:6a:b3:f6:
1a:85:3a:73:c9:51:4b:58:c1:15:84:d6:25:dd:c7:
ad:f7:64:fb:27:a7:47:d4:36:28:54:ce:33:21:66:
af:fe:97:4b:0c:1c:91:6a:be:4b:a8:50:21:21:72:
3c:0a:26:c1:fd:06:04:14:e9:06:b9:d7:09:b6:68:
0a:da:51:b4:f9:62:f9:c2:85:fb:14:77:27:51:20:
92:79:4e:55:97:b3:1b:6a:bf:4f:4b:7d:c0:fe:ff:
22:c5:68:5c:56:14:40:c7:04:ec:24:d6:db:55:0c:
c6:75:34:ba:0e:0a:5f:bb:3d:bc:59:d9:f0:de:cf:
9d:7e:13:87:d3:da:07:46:9b:3c:18:ab:30:10:02:
63:20:31:3d:e0:32:a4:6a:fe:9d:32:30:8e:be:b9:
d8:c1:41:18:79:dc:1d:ec:21:62:67:b0:dc:99:33:
18:bc:6b:0f:b1:41:03:b4:96:5f:43:84:7f:f3:c5:
73:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:4B:AC:38:2E:13:13:61:24:8A:E3:A9:EB:5B:2A:83:2A:C9:24:6B
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/ZkusOC4TE2EkiuOp61sqgyrJJGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.126.0/23
81.12.24.0/23
81.12.30.0/23
87.107.144.0/24
87.107.152.0/23
87.107.166.0/23
87.107.174.0/23
Signature Algorithm: sha256WithRSAEncryption
96:15:9b:11:cd:25:c0:32:52:23:c5:65:65:23:32:32:ec:4f:
8e:c6:20:97:79:dc:f5:d2:6b:54:be:8a:b5:62:7b:cd:ec:7e:
f0:92:e4:32:83:b9:a9:fc:55:56:cb:8d:f6:32:93:47:03:71:
b8:10:17:74:f8:6c:fb:fd:a4:20:cb:a6:88:34:d6:3d:62:35:
96:d5:9a:5c:71:54:7a:45:bf:b3:96:da:55:ea:c6:fc:a8:9f:
f6:f0:db:65:5e:ce:57:53:0b:f5:c8:0d:3b:6a:dc:fa:14:58:
d8:61:cc:57:4f:cb:52:61:42:aa:dd:c4:85:11:10:7a:f1:a6:
96:0b:de:e8:8d:fb:62:f9:38:5b:50:a2:57:5e:60:77:d0:75:
f6:ef:c2:52:9e:b4:b2:97:38:c1:69:2e:d0:0b:e5:52:60:4b:
a4:c4:9a:16:6f:56:65:c4:94:d6:a3:c8:d5:d6:d8:bb:86:ff:
2f:e0:43:0c:3d:84:09:15:0c:1a:6c:43:f1:57:81:cf:da:4e:
2a:70:df:2c:20:b1:03:6a:ed:97:cb:e2:a5:ea:1d:da:39:fa:
a7:0c:18:d6:ba:ac:8a:b5:1d:4c:47:af:1d:18:2b:c6:59:77:
04:3c:4a:72:30:80:1b:b5:37:cf:35:91:58:1e:52:01:29:b0:
19:70:9d:83
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYkCmSaQKeCiRZSjGgB3KwU/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjMwNjI4MTUyMjE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjRiYWMzODJlMTMxMzYxMjQ4YWUzYTllYjViMmE4MzJhYzkyNDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggS3AMhqczmBc4IAi2LlZIZjlMgg
L11coL9LYjMZT/Emmo0KaMWE8e2EvVn4QFskZwwhmyKonaksaYTXC/Px2WXP3GLj
wxlqs/YahTpzyVFLWMEVhNYl3cet92T7J6dH1DYoVM4zIWav/pdLDByRar5LqFAh
IXI8CibB/QYEFOkGudcJtmgK2lG0+WL5woX7FHcnUSCSeU5Vl7Mbar9PS33A/v8i
xWhcVhRAxwTsJNbbVQzGdTS6Dgpfuz28Wdnw3s+dfhOH09oHRps8GKswEAJjIDE9
4DKkav6dMjCOvrnYwUEYedwd7CFiZ7DcmTMYvGsPsUEDtJZfQ4R/88VzrwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGZLrDguExNhJIrjqetbKoMqySRrMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvWmt1c09DNFRFMkVraXVPcDYxc3FneXJKSkdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBPtx+AwQB
UQwYAwQBUQweAwQAV2uQAwQBV2uYAwQBV2umAwQBV2uuMA0GCSqGSIb3DQEBCwUA
A4IBAQCWFZsRzSXAMlIjxWVlIzIy7E+OxiCXedz10mtUvoq1YnvN7H7wkuQyg7mp
/FVWy432MpNHA3G4EBd0+Gz7/aQgy6aINNY9YjWW1ZpccVR6Rb+zltpV6sb8qJ/2
8NtlXs5XUwv1yA07atz6FFjYYcxXT8tSYUKq3cSFERB68aaWC97ojfti+ThbUKJX
XmB30HX278JSnrSylzjBaS7QC+VSYEukxJoWb1ZlxJTWo8jV1ti7hv8v4EMMPYQJ
FQwabEPxV4HP2k4qcN8sILEDau2Xy+Kl6h3aOfqnDBjWuqyKtR1MR68dGCvGWXcE
PEpyMIAbtTfPNZFYHlIBKbAZcJ2D
-----END CERTIFICATE-----
Generated at Mon Oct 16 10:56:46 2023 by rpki-client on console-fra.rpki-client.org