Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/663c6c-13bf-4400-8482-21e0a66d5444/1/ZDE9R0sj5k62OoFtSnvJdikEKSI.roa
File: ZDE9R0sj5k62OoFtSnvJdikEKSI.roa (raw, json)
Hash identifier: bKAvsiKKtQ0x8nD4zKHozmqmWKC24akIUdlV0e+UU/w=
Subject key identifier: 64:31:3D:47:4B:23:E6:4E:B6:3A:81:6D:4A:7B:C9:76:29:04:29:22
Certificate issuer: /CN=67edadc765fa8f2fa19eb20963cf5bd235d01b43
Certificate serial: 0185710C1AD8C86D3CCEABFA95E195F938F6
Authority key identifier: 67:ED:AD:C7:65:FA:8F:2F:A1:9E:B2:09:63:CF:5B:D2:35:D0:1B:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z-2tx2X6jy-hnrIJY89b0jXQG0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/663c6c-13bf-4400-8482-21e0a66d5444/1/ZDE9R0sj5k62OoFtSnvJdikEKSI.roa
Signing time: Mon 02 Jan 2023 05:54:56 +0000
ROA not before: Mon 02 Jan 2023 05:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20974
IP address blocks: 178.251.52.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:1a:d8:c8:6d:3c:ce:ab:fa:95:e1:95:f9:38:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67edadc765fa8f2fa19eb20963cf5bd235d01b43
Validity
Not Before: Jan 2 05:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64313d474b23e64eb63a816d4a7bc97629042922
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:07:45:78:8b:73:d5:7d:a7:69:76:a5:9e:e0:
e3:0e:a9:b3:ee:00:a4:0d:86:9b:13:fd:37:8d:7e:
7b:d2:dc:82:90:7f:9f:d7:f0:6b:dc:ba:74:21:5a:
26:90:d6:74:18:5d:2d:1e:e7:75:7b:93:04:88:ef:
19:49:64:2f:b5:84:18:bb:87:88:7b:34:d8:fd:93:
f7:53:fb:ae:e5:63:90:7d:f7:0b:77:ec:9f:bb:67:
cf:f1:f6:25:44:5f:a4:48:55:fb:d7:99:2b:6e:28:
16:0a:b2:03:c2:7e:b6:d4:8d:05:e7:92:dd:6e:a0:
69:fc:88:f9:c2:3e:a5:7a:6c:a4:3e:70:d4:d9:5f:
fe:5e:ee:81:06:75:c8:04:0b:47:a7:28:60:4a:7f:
7b:d9:57:20:cb:18:30:71:fb:fe:44:20:2e:44:89:
39:0d:a7:bd:06:ce:66:fe:8d:64:c4:6e:f3:16:79:
a3:55:f4:32:21:9f:6c:1b:f7:bd:61:a7:02:91:7b:
ac:1e:71:c6:c5:41:f8:10:5f:4f:f7:1f:c0:ce:42:
d1:8a:7b:41:bf:00:0a:03:89:54:bf:81:f2:02:90:
64:8e:f3:21:d3:81:a0:7f:83:5e:49:b3:10:46:6f:
c6:7a:42:4d:76:33:e2:4e:f1:e4:ba:98:1e:a0:d7:
6a:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:31:3D:47:4B:23:E6:4E:B6:3A:81:6D:4A:7B:C9:76:29:04:29:22
X509v3 Authority Key Identifier:
keyid:67:ED:AD:C7:65:FA:8F:2F:A1:9E:B2:09:63:CF:5B:D2:35:D0:1B:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z-2tx2X6jy-hnrIJY89b0jXQG0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/663c6c-13bf-4400-8482-21e0a66d5444/1/ZDE9R0sj5k62OoFtSnvJdikEKSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/663c6c-13bf-4400-8482-21e0a66d5444/1/Z-2tx2X6jy-hnrIJY89b0jXQG0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.251.52.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:09:26:c9:d9:e2:00:b5:3b:b6:6b:58:0a:03:70:ae:e2:8a:
b4:89:ce:ba:86:94:d8:a5:aa:d4:5e:6f:7a:30:cc:cc:c7:cd:
79:59:2f:11:ac:21:6b:66:98:5f:b5:ff:1f:27:42:62:53:4f:
b9:29:5e:07:a8:5f:65:a8:04:93:d8:f3:cf:5b:a2:bb:4a:fa:
6f:5b:2f:82:7a:90:86:a2:44:97:e0:3b:48:50:19:30:d7:95:
27:ab:1b:55:e8:73:94:dc:a0:2b:55:5b:28:38:4a:88:bc:6b:
6c:e2:0f:07:0d:eb:ab:aa:ae:e0:52:c6:5f:d3:d8:16:12:4e:
5c:ae:1e:f4:5e:5d:de:1c:ff:42:26:42:6e:ed:34:a6:0c:0a:
b7:06:89:f9:fb:56:ef:b9:1e:20:8a:92:b5:13:ac:20:b9:e8:
6b:30:51:49:71:2d:bd:f7:70:3a:6d:66:43:39:5f:6f:9f:72:
17:03:10:18:dd:e4:85:7d:e9:2f:e7:f0:2c:6b:33:70:4e:90:
3d:92:70:5c:b6:0d:3c:2a:fe:e3:4e:23:a8:eb:05:e6:b6:e0:
68:9f:15:9f:08:de:d8:28:e4:e1:f5:c6:85:14:62:89:36:10:
0d:ad:42:29:d1:b4:de:c1:59:4f:55:91:6c:0e:65:d7:fb:45:
fe:dc:29:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxDBrYyG08zqv6leGV+Tj2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZWRhZGM3NjVmYThmMmZhMTllYjIwOTYzY2Y1YmQyMzVk
MDFiNDMwHhcNMjMwMTAyMDU1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDMxM2Q0NzRiMjNlNjRlYjYzYTgxNmQ0YTdiYzk3NjI5MDQyOTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggdFeItz1X2naXalnuDjDqmz7gCk
DYabE/03jX570tyCkH+f1/Br3Lp0IVomkNZ0GF0tHud1e5MEiO8ZSWQvtYQYu4eI
ezTY/ZP3U/uu5WOQffcLd+yfu2fP8fYlRF+kSFX715krbigWCrIDwn621I0F55Ld
bqBp/Ij5wj6lemykPnDU2V/+Xu6BBnXIBAtHpyhgSn972Vcgyxgwcfv+RCAuRIk5
Dae9Bs5m/o1kxG7zFnmjVfQyIZ9sG/e9YacCkXusHnHGxUH4EF9P9x/AzkLRintB
vwAKA4lUv4HyApBkjvMh04Ggf4NeSbMQRm/GekJNdjPiTvHkupgeoNdqowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGQxPUdLI+ZOtjqBbUp7yXYpBCkiMB8GA1UdIwQY
MBaAFGftrcdl+o8voZ6yCWPPW9I10BtDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWi0ydHgyWDZqeS1obnJJSlk4OWIwalhRRzBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC82NjNjNmMtMTNiZi00NDAwLTg0ODIt
MjFlMGE2NmQ1NDQ0LzEvWkRFOVIwc2o1azYyT29GdFNudkpkaWtFS1NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC82NjNjNmMtMTNiZi00NDAwLTg0ODItMjFlMGE2NmQ1NDQ0
LzEvWi0ydHgyWDZqeS1obnJJSlk4OWIwalhRRzBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsvs0MA0G
CSqGSIb3DQEBCwUAA4IBAQAqCSbJ2eIAtTu2a1gKA3Cu4oq0ic66hpTYparUXm96
MMzMx815WS8RrCFrZphftf8fJ0JiU0+5KV4HqF9lqAST2PPPW6K7SvpvWy+CepCG
okSX4DtIUBkw15UnqxtV6HOU3KArVVsoOEqIvGts4g8HDeurqq7gUsZf09gWEk5c
rh70Xl3eHP9CJkJu7TSmDAq3Bon5+1bvuR4gipK1E6wguehrMFFJcS2993A6bWZD
OV9vn3IXAxAY3eSFfekv5/AsazNwTpA9knBctg08Kv7jTiOo6wXmtuBonxWfCN7Y
KOTh9caFFGKJNhANrUIp0bTewVlPVZFsDmXX+0X+3ClM
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:57 2024 by rpki-client on console-ams.rpki-client.org