Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/f8999c-040a-424a-8896-2a92333f9df6/1/ZXOKJujcaV5M00ihgVDdixwtX8Y.roa
File: ZXOKJujcaV5M00ihgVDdixwtX8Y.roa (raw, json)
Hash identifier: rX6F4XTykKJOMgYq88uR77ejrLYaSB8MiwpDXG3j0oc=
Subject key identifier: 65:73:8A:26:E8:DC:69:5E:4C:D3:48:A1:81:50:DD:8B:1C:2D:5F:C6
Certificate issuer: /CN=715b885c3b302fd50e6c22647a33dc47727fea95
Certificate serial: 01896DE35B5DD81E9C4877939363CBBCAB9A
Authority key identifier: 71:5B:88:5C:3B:30:2F:D5:0E:6C:22:64:7A:33:DC:47:72:7F:EA:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cVuIXDswL9UObCJkejPcR3J_6pU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/f8999c-040a-424a-8896-2a92333f9df6/1/ZXOKJujcaV5M00ihgVDdixwtX8Y.roa
Signing time: Wed 19 Jul 2023 11:22:43 +0000
ROA not before: Wed 19 Jul 2023 11:22:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 36351
IP address blocks: 5.62.35.0/24 maxlen: 24
5.62.33.0/24 maxlen: 24
5.62.21.0/24 maxlen: 24
5.62.23.0/24 maxlen: 24
5.62.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 Nov 2023 14:30:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6d:e3:5b:5d:d8:1e:9c:48:77:93:93:63:cb:bc:ab:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=715b885c3b302fd50e6c22647a33dc47727fea95
Validity
Not Before: Jul 19 11:22:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65738a26e8dc695e4cd348a18150dd8b1c2d5fc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d0:81:61:2c:ae:b7:82:5c:72:9a:67:9a:ca:
9e:93:19:a9:a6:30:6c:c3:45:2e:8d:19:1c:9c:ac:
c0:f5:c7:b9:1e:59:7b:d0:fa:84:0a:06:6c:b9:0c:
d8:41:59:d4:63:00:fe:db:26:f3:38:63:d8:a9:48:
74:96:93:bf:f0:a0:fc:f8:e7:0c:73:9d:38:52:13:
18:96:70:bb:43:e2:8f:a9:fe:ad:6a:9e:1a:fe:f9:
c3:39:41:80:af:fa:bb:9c:d3:e5:f7:4c:a1:7a:b1:
49:5b:42:87:b3:ae:0d:ff:e1:ce:2f:2f:59:43:72:
7d:91:29:5d:4f:1a:b0:b4:09:8e:da:63:ee:25:5f:
3b:87:fb:df:09:dd:d2:4b:14:20:40:fb:15:10:fe:
cc:25:ad:02:01:00:8d:18:3d:95:fb:e3:dd:e0:ce:
66:22:4a:80:8d:5e:95:ac:48:25:78:6b:73:83:1e:
b3:44:67:97:73:59:61:56:34:6c:94:af:ec:4b:57:
28:cf:89:de:88:02:96:68:ab:5a:e4:db:01:0c:6d:
7c:f7:bf:22:7c:27:ae:84:98:cd:fb:c2:58:91:3a:
dc:25:69:d0:4a:d5:46:2d:39:f7:f9:ef:15:6f:93:
8d:39:63:72:c2:69:c6:8e:a6:14:39:49:48:68:85:
91:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:73:8A:26:E8:DC:69:5E:4C:D3:48:A1:81:50:DD:8B:1C:2D:5F:C6
X509v3 Authority Key Identifier:
keyid:71:5B:88:5C:3B:30:2F:D5:0E:6C:22:64:7A:33:DC:47:72:7F:EA:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cVuIXDswL9UObCJkejPcR3J_6pU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/f8999c-040a-424a-8896-2a92333f9df6/1/ZXOKJujcaV5M00ihgVDdixwtX8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/f8999c-040a-424a-8896-2a92333f9df6/1/cVuIXDswL9UObCJkejPcR3J_6pU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.62.21.0-5.62.23.255
5.62.33.0/24
5.62.35.0/24
Signature Algorithm: sha256WithRSAEncryption
66:f3:17:76:12:5e:aa:8e:87:4e:fc:bf:c5:25:df:f7:db:49:
47:27:cb:01:06:f3:28:63:87:a4:40:5d:e5:50:73:5f:83:e9:
92:86:98:b4:83:40:38:d2:ec:c4:ed:4d:01:cb:7b:eb:03:53:
27:5f:74:66:df:c0:64:01:01:1e:d1:ea:bc:62:e7:42:b5:df:
24:59:d4:02:b7:22:a7:e5:81:79:0b:ec:47:df:1b:56:2f:a1:
4f:74:8d:d1:83:ac:7c:f3:37:3c:40:99:31:15:f9:cb:79:cf:
8c:08:9e:e9:02:15:5e:69:2b:2e:fa:66:ae:c7:e9:48:25:52:
a1:8f:85:8a:65:55:34:a3:0b:e1:7e:2d:39:5b:36:e6:14:c0:
0b:00:eb:9e:b5:a0:8c:95:28:32:96:26:60:70:70:83:60:24:
e0:e8:17:0b:20:fa:c3:6c:d3:55:68:a6:fc:d7:e8:c3:d6:a7:
2e:67:db:b3:e6:c7:0e:16:4a:f8:0e:65:ba:ba:10:13:8b:ed:
5a:ce:d2:22:58:71:10:dc:22:58:77:18:f5:21:35:f3:3f:6e:
52:0f:20:03:bc:e5:78:dc:cf:cd:d2:76:5e:b9:25:cc:a6:01:
a3:7e:17:4f:9c:18:f1:63:9c:8f:a6:7f:94:af:12:ad:09:cd:
54:48:da:59
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYlt41td2B6cSHeTk2PLvKuaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNWI4ODVjM2IzMDJmZDUwZTZjMjI2NDdhMzNkYzQ3NzI3
ZmVhOTUwHhcNMjMwNzE5MTEyMjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTczOGEyNmU4ZGM2OTVlNGNkMzQ4YTE4MTUwZGQ4YjFjMmQ1ZmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9CBYSyut4JccppnmsqekxmppjBs
w0UujRkcnKzA9ce5Hll70PqECgZsuQzYQVnUYwD+2ybzOGPYqUh0lpO/8KD8+OcM
c504UhMYlnC7Q+KPqf6tap4a/vnDOUGAr/q7nNPl90yherFJW0KHs64N/+HOLy9Z
Q3J9kSldTxqwtAmO2mPuJV87h/vfCd3SSxQgQPsVEP7MJa0CAQCNGD2V++Pd4M5m
IkqAjV6VrEgleGtzgx6zRGeXc1lhVjRslK/sS1coz4neiAKWaKta5NsBDG18978i
fCeuhJjN+8JYkTrcJWnQStVGLTn3+e8Vb5ONOWNywmnGjqYUOUlIaIWRlQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGVziibo3GleTNNIoYFQ3YscLV/GMB8GA1UdIwQY
MBaAFHFbiFw7MC/VDmwiZHoz3Edyf+qVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1Z1SVhEc3dMOVVPYkNKa2VqUGNSM0pfNnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9mODk5OWMtMDQwYS00MjRhLTg4OTYt
MmE5MjMzM2Y5ZGY2LzEvWlhPS0p1amNhVjVNMDBpaGdWRGRpeHd0WDhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9mODk5OWMtMDQwYS00MjRhLTg4OTYtMmE5MjMzM2Y5ZGY2
LzEvY1Z1SVhEc3dMOVVPYkNKa2VqUGNSM0pfNnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAFPhUD
BAMFPhADBAAFPiEDBAAFPiMwDQYJKoZIhvcNAQELBQADggEBAGbzF3YSXqqOh078
v8Ul3/fbSUcnywEG8yhjh6RAXeVQc1+D6ZKGmLSDQDjS7MTtTQHLe+sDUydfdGbf
wGQBAR7R6rxi50K13yRZ1AK3IqflgXkL7EffG1YvoU90jdGDrHzzNzxAmTEV+ct5
z4wInukCFV5pKy76Zq7H6UglUqGPhYplVTSjC+F+LTlbNuYUwAsA6561oIyVKDKW
JmBwcINgJODoFwsg+sNs01VopvzX6MPWpy5n27Pmxw4WSvgOZbq6EBOL7VrO0iJY
cRDcIlh3GPUhNfM/blIPIAO85Xjcz83Sdl65JcymAaN+F0+cGPFjnI+mf5SvEq0J
zVRI2lk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:21 2024 by rpki-client on console-fra.rpki-client.org