Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/zixj-gXvpKxJlCpqnlsnyk5zYGc.roa
File: zixj-gXvpKxJlCpqnlsnyk5zYGc.roa (raw, json)
Hash identifier: 4TaNT5T96s5aX9dhfmr0WorLNrP9FyBToWPYAMes9l0=
Subject key identifier: CE:2C:63:FA:05:EF:A4:AC:49:94:2A:6A:9E:5B:27:CA:4E:73:60:67
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0185F1F07F68B4BE8BAB96FEF63841E32AF4
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/zixj-gXvpKxJlCpqnlsnyk5zYGc.roa
Signing time: Fri 27 Jan 2023 06:35:48 +0000
ROA not before: Fri 27 Jan 2023 06:35:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 213.232.93.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f1:f0:7f:68:b4:be:8b:ab:96:fe:f6:38:41:e3:2a:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 27 06:35:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce2c63fa05efa4ac49942a6a9e5b27ca4e736067
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:bd:20:8d:f0:39:da:37:89:1a:eb:41:bc:d0:
09:f8:89:7b:2a:3d:44:13:0e:42:40:42:f2:d2:08:
09:93:62:8e:27:66:04:e0:0f:b3:29:48:1b:15:5b:
a4:78:f4:a8:9a:59:3c:f9:3b:3b:93:82:50:fd:3d:
40:bf:d2:de:d1:6d:32:34:1e:ac:34:23:17:8c:7f:
42:92:9c:39:8a:ca:e4:5f:cb:94:97:13:cd:cb:50:
9a:b1:a0:68:61:bc:0b:24:0f:89:fc:79:c7:f1:7e:
67:14:52:a8:96:1d:70:b5:b1:0f:24:c9:9e:d2:5a:
60:1c:1b:91:e1:ea:3c:3b:84:ac:fe:55:32:ed:2a:
6d:29:7a:77:07:04:7c:97:b3:f8:e6:3e:52:7b:09:
ee:4d:d4:42:bd:09:7c:a5:1e:dd:90:f9:80:b4:6e:
db:40:8b:98:8b:98:d9:8a:88:5b:3a:e6:b5:ce:27:
88:64:37:a8:b1:4d:a8:e1:4c:f6:07:30:89:87:4a:
e6:0c:74:43:5c:e4:b1:c3:c1:90:35:0f:0b:93:01:
ba:4a:b5:8a:5b:1f:df:42:27:36:5e:a0:be:6d:56:
b3:eb:2a:07:e3:44:1f:b7:77:19:2a:24:be:55:b6:
30:2d:20:2e:01:5f:2a:68:5f:45:36:f5:6c:99:b3:
42:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:2C:63:FA:05:EF:A4:AC:49:94:2A:6A:9E:5B:27:CA:4E:73:60:67
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/zixj-gXvpKxJlCpqnlsnyk5zYGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.10.0/24
185.255.168.0/24
213.232.93.0/24
Signature Algorithm: sha256WithRSAEncryption
74:b8:2d:e6:ca:e0:39:ba:14:7e:4f:7f:d3:13:4d:0e:92:f7:
19:19:34:62:90:18:17:8f:a1:1f:15:2d:0a:65:b8:88:2f:5b:
7e:05:5d:a0:0e:97:9a:aa:5e:e0:43:27:96:82:54:57:35:b4:
3b:53:31:6b:8c:bf:7a:4c:77:f4:b8:e8:2a:8f:9d:36:ca:50:
18:47:25:2d:ba:20:5b:8e:48:3c:38:12:01:01:64:41:e9:82:
91:3d:20:47:84:2f:2c:f5:40:00:dd:93:1a:c3:49:37:74:4a:
d2:aa:8e:6d:6a:63:23:cc:03:62:f5:f2:f0:01:4c:ab:68:a9:
1a:1a:95:40:2f:31:e1:e4:9c:6b:31:31:b6:59:56:d4:e4:9c:
70:2d:14:f1:13:02:cf:b4:be:02:27:30:07:47:ca:f5:8b:83:
07:0e:fd:80:98:20:45:f7:63:9e:86:28:c6:f7:db:0a:0a:08:
11:fc:73:8c:3b:46:d2:cc:ee:14:84:8d:df:fa:bb:20:eb:49:
bc:5e:a0:8d:1a:8f:50:40:32:a4:17:8e:de:64:21:f5:12:25:
f5:30:1d:99:1c:73:e7:3e:d0:11:59:0f:d7:e2:cd:43:d5:8e:
06:12:6c:c3:8b:e8:99:06:ab:ff:c6:ab:39:81:c0:48:82:47:
c5:42:88:3a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXx8H9otL6Lq5b+9jhB4yr0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTI3MDYzNTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTJjNjNmYTA1ZWZhNGFjNDk5NDJhNmE5ZTViMjdjYTRlNzM2MDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhb0gjfA52jeJGutBvNAJ+Il7Kj1E
Ew5CQELy0ggJk2KOJ2YE4A+zKUgbFVukePSomlk8+Ts7k4JQ/T1Av9Le0W0yNB6s
NCMXjH9Ckpw5isrkX8uUlxPNy1CasaBoYbwLJA+J/HnH8X5nFFKolh1wtbEPJMme
0lpgHBuR4eo8O4Ss/lUy7SptKXp3BwR8l7P45j5SewnuTdRCvQl8pR7dkPmAtG7b
QIuYi5jZiohbOua1zieIZDeosU2o4Uz2BzCJh0rmDHRDXOSxw8GQNQ8LkwG6SrWK
Wx/fQic2XqC+bVaz6yoH40Qft3cZKiS+VbYwLSAuAV8qaF9FNvVsmbNCPQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM4sY/oF76SsSZQqap5bJ8pOc2BnMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEveml4ai1nWHZwS3hKbENwcW5sc255azV6WUdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAue4KAwQA
uf+oAwQA1ehdMA0GCSqGSIb3DQEBCwUAA4IBAQB0uC3myuA5uhR+T3/TE00OkvcZ
GTRikBgXj6EfFS0KZbiIL1t+BV2gDpeaql7gQyeWglRXNbQ7UzFrjL96THf0uOgq
j502ylAYRyUtuiBbjkg8OBIBAWRB6YKRPSBHhC8s9UAA3ZMaw0k3dErSqo5tamMj
zANi9fLwAUyraKkaGpVALzHh5JxrMTG2WVbU5JxwLRTxEwLPtL4CJzAHR8r1i4MH
Dv2AmCBF92OehijG99sKCggR/HOMO0bSzO4UhI3f+rsg60m8XqCNGo9QQDKkF47e
ZCH1EiX1MB2ZHHPnPtARWQ/X4s1D1Y4GEmzDi+iZBqv/xqs5gcBIgkfFQog6
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:57 2023 by rpki-client on console-ams.rpki-client.org