Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/f8999c-040a-424a-8896-2a92333f9df6/1/ZG_uR5636c93e32kYyW9o1PaMtQ.roa
File: ZG_uR5636c93e32kYyW9o1PaMtQ.roa (raw, json)
Hash identifier: OndQcTnyrFqhS66M2XU9JIoO3i4fKFmiTagIhuwvADM=
Subject key identifier: 64:6F:EE:47:9E:B7:E9:CF:77:7B:7D:A4:63:25:BD:A3:53:DA:32:D4
Certificate issuer: /CN=715b885c3b302fd50e6c22647a33dc47727fea95
Certificate serial: 01856D0AD53B4DA4AF14120E34A14BE1CFF0
Authority key identifier: 71:5B:88:5C:3B:30:2F:D5:0E:6C:22:64:7A:33:DC:47:72:7F:EA:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cVuIXDswL9UObCJkejPcR3J_6pU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/f8999c-040a-424a-8896-2a92333f9df6/1/ZG_uR5636c93e32kYyW9o1PaMtQ.roa
Signing time: Sun 01 Jan 2023 11:15:04 +0000
ROA not before: Sun 01 Jan 2023 11:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133480
IP address blocks: 5.62.23.0/24 maxlen: 24
5.62.22.0/24 maxlen: 24
5.62.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 Nov 2023 14:30:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:d5:3b:4d:a4:af:14:12:0e:34:a1:4b:e1:cf:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=715b885c3b302fd50e6c22647a33dc47727fea95
Validity
Not Before: Jan 1 11:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=646fee479eb7e9cf777b7da46325bda353da32d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9a:dd:c5:b5:e3:5f:78:e4:bb:9e:7e:9f:ee:
7b:bb:48:de:8e:74:25:ff:31:7a:cf:63:0e:d8:99:
54:b4:1c:ad:38:65:d3:d3:1a:bc:84:1a:4c:d4:98:
7c:a0:54:5f:34:f7:76:61:e4:ec:74:7c:e6:71:23:
5f:01:26:01:e9:93:60:4d:a3:d3:55:99:2c:cd:97:
13:53:cc:b8:26:6c:68:ae:46:12:d8:83:6f:93:66:
73:c9:79:0a:5c:29:09:ed:ae:c0:50:3f:d2:93:e0:
8d:3b:c8:38:f3:d7:82:47:f5:4f:ee:c6:e6:fb:8e:
af:af:93:09:ff:29:27:bc:c5:37:58:10:b6:de:dc:
e2:30:06:e8:12:81:c8:d0:8b:3b:d6:97:29:f8:5b:
ce:92:fc:56:43:8f:a9:72:9e:ac:5b:1b:cb:22:d8:
b9:eb:b2:0f:a9:45:1a:c0:82:72:5b:98:fd:0c:bf:
bf:86:ce:c4:bb:2e:18:3f:c1:e4:9e:ae:41:23:a3:
41:24:56:7a:a9:1e:20:ba:a2:8a:4f:94:73:ea:ca:
32:91:a0:d0:74:01:ae:b4:4e:4b:32:ba:8e:22:d7:
f6:c2:ce:08:d1:75:6f:0e:5a:98:29:bf:f5:7e:d0:
b9:cf:8c:1d:84:07:4c:d4:e7:05:1e:04:23:32:9f:
c3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:6F:EE:47:9E:B7:E9:CF:77:7B:7D:A4:63:25:BD:A3:53:DA:32:D4
X509v3 Authority Key Identifier:
keyid:71:5B:88:5C:3B:30:2F:D5:0E:6C:22:64:7A:33:DC:47:72:7F:EA:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cVuIXDswL9UObCJkejPcR3J_6pU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/f8999c-040a-424a-8896-2a92333f9df6/1/ZG_uR5636c93e32kYyW9o1PaMtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/f8999c-040a-424a-8896-2a92333f9df6/1/cVuIXDswL9UObCJkejPcR3J_6pU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.62.21.0-5.62.23.255
Signature Algorithm: sha256WithRSAEncryption
3f:a9:a4:bb:43:d0:78:15:26:a0:b3:a5:c1:9d:61:f0:9b:30:
90:a6:61:05:0a:d8:58:be:f6:68:62:4c:e9:34:ce:09:13:db:
26:9f:39:5e:d3:bc:b1:f8:d5:58:92:40:b0:e2:2f:7a:54:b3:
20:2a:1a:50:ef:5a:c0:3a:07:cc:43:03:24:32:79:78:cb:27:
df:c3:39:50:dd:fd:90:be:1d:cd:03:fd:ff:d6:ed:45:aa:a7:
c9:27:93:b3:ac:8a:ac:0f:19:e1:ae:78:db:7e:3b:8f:18:3e:
47:de:2b:f7:48:2b:68:b2:35:5b:d2:dc:58:55:24:38:87:89:
46:9a:a0:ad:80:07:d9:e9:ef:bf:84:67:68:7e:4d:45:31:04:
85:f6:4e:19:4c:54:05:74:3e:7b:dc:95:f2:22:ab:e9:ab:dd:
04:f0:aa:3d:5b:46:d0:af:e8:85:5d:2e:3f:ed:41:f5:8d:b0:
63:05:93:da:37:84:a8:9c:aa:b5:ec:f2:ad:90:af:96:b0:f0:
76:2d:85:d5:c6:86:f7:d7:a5:0d:af:d0:7d:d8:6f:b9:0a:6a:
a0:25:e8:fc:07:45:ac:ca:c8:b2:ee:e2:64:74:85:58:08:f8:
f6:c7:30:bc:e1:4c:dd:4b:c7:70:ef:2a:90:60:71:1e:aa:e4:
98:9f:cb:c9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVtCtU7TaSvFBIONKFL4c/wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNWI4ODVjM2IzMDJmZDUwZTZjMjI2NDdhMzNkYzQ3NzI3
ZmVhOTUwHhcNMjMwMTAxMTExNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDZmZWU0NzllYjdlOWNmNzc3YjdkYTQ2MzI1YmRhMzUzZGEzMmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJrdxbXjX3jku55+n+57u0jejnQl
/zF6z2MO2JlUtBytOGXT0xq8hBpM1Jh8oFRfNPd2YeTsdHzmcSNfASYB6ZNgTaPT
VZkszZcTU8y4JmxorkYS2INvk2ZzyXkKXCkJ7a7AUD/Sk+CNO8g489eCR/VP7sbm
+46vr5MJ/yknvMU3WBC23tziMAboEoHI0Is71pcp+FvOkvxWQ4+pcp6sWxvLIti5
67IPqUUawIJyW5j9DL+/hs7Euy4YP8Hknq5BI6NBJFZ6qR4guqKKT5Rz6soykaDQ
dAGutE5LMrqOItf2ws4I0XVvDlqYKb/1ftC5z4wdhAdM1OcFHgQjMp/DGwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGRv7keet+nPd3t9pGMlvaNT2jLUMB8GA1UdIwQY
MBaAFHFbiFw7MC/VDmwiZHoz3Edyf+qVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1Z1SVhEc3dMOVVPYkNKa2VqUGNSM0pfNnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9mODk5OWMtMDQwYS00MjRhLTg4OTYt
MmE5MjMzM2Y5ZGY2LzEvWkdfdVI1NjM2YzkzZTMya1l5VzlvMVBhTXRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9mODk5OWMtMDQwYS00MjRhLTg4OTYtMmE5MjMzM2Y5ZGY2
LzEvY1Z1SVhEc3dMOVVPYkNKa2VqUGNSM0pfNnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAFPhUD
BAMFPhAwDQYJKoZIhvcNAQELBQADggEBAD+ppLtD0HgVJqCzpcGdYfCbMJCmYQUK
2Fi+9mhiTOk0zgkT2yafOV7TvLH41ViSQLDiL3pUsyAqGlDvWsA6B8xDAyQyeXjL
J9/DOVDd/ZC+Hc0D/f/W7UWqp8knk7OsiqwPGeGueNt+O48YPkfeK/dIK2iyNVvS
3FhVJDiHiUaaoK2AB9np77+EZ2h+TUUxBIX2ThlMVAV0PnvclfIiq+mr3QTwqj1b
RtCv6IVdLj/tQfWNsGMFk9o3hKicqrXs8q2Qr5aw8HYthdXGhvfXpQ2v0H3Yb7kK
aqAl6PwHRazKyLLu4mR0hVgI+PbHMLzhTN1Lx3DvKpBgcR6q5Jify8k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:21 2024 by rpki-client on console-fra.rpki-client.org