Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZXYkGtCaOxDW8m-7xrww4vSLzEk.roa
File: ZXYkGtCaOxDW8m-7xrww4vSLzEk.roa (raw, json)
Hash identifier: KQkm4WLIGW0OrZIdUhVnTOeYDTUl5ZqhAZmf7KW+miU=
Subject key identifier: 65:76:24:1A:D0:9A:3B:10:D6:F2:6F:BB:C6:BC:30:E2:F4:8B:CC:49
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 0192B38083A966C49588F6F0E0D685B6CBEF
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZXYkGtCaOxDW8m-7xrww4vSLzEk.roa
Signing time: Tue 22 Oct 2024 09:13:16 +0000
ROA not before: Tue 22 Oct 2024 09:13:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7922
IP address blocks: 77.111.118.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Oct 2024 07:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b3:80:83:a9:66:c4:95:88:f6:f0:e0:d6:85:b6:cb:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Oct 22 09:13:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6576241ad09a3b10d6f26fbbc6bc30e2f48bcc49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:c7:15:91:24:08:df:d2:e5:1a:e5:70:11:75:
86:7e:02:d3:64:20:91:33:20:21:25:8c:2e:68:d9:
55:b6:7f:50:18:5b:64:fb:2e:45:0d:04:f7:92:82:
bf:fc:ed:94:e6:8e:92:95:9e:63:fe:25:13:97:c0:
1d:fd:84:1a:f5:8b:b5:82:ea:90:ad:18:0f:4d:4b:
ca:9d:91:43:71:80:28:ae:4b:e3:4b:82:5f:86:88:
c5:c0:0b:85:a6:28:24:83:6c:42:97:43:62:d0:d0:
4c:f2:32:94:f3:c2:6c:42:61:b4:c7:a2:71:66:e1:
57:3a:36:56:50:ff:1d:bc:69:3f:b7:73:05:12:81:
e4:61:c4:52:c7:98:c0:a6:3e:19:12:bd:5d:7a:55:
64:a3:6d:7d:83:fb:50:6c:9d:d8:fa:e7:18:bf:0c:
49:01:aa:c7:83:0f:be:30:79:ff:11:50:b6:87:b9:
14:a2:56:25:57:02:73:82:a5:9c:63:2d:61:75:9f:
d6:12:ab:32:78:13:da:7b:83:d9:2e:3b:43:91:3e:
9e:d3:85:77:e4:dc:94:cf:10:45:41:a2:67:98:6b:
24:c1:8e:e7:32:1d:52:90:eb:9b:78:ae:0f:22:ec:
79:99:f2:42:44:96:32:02:70:d1:96:65:44:10:e2:
f6:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:76:24:1A:D0:9A:3B:10:D6:F2:6F:BB:C6:BC:30:E2:F4:8B:CC:49
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZXYkGtCaOxDW8m-7xrww4vSLzEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.118.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:63:46:8a:30:6d:23:9d:15:30:1b:17:4a:46:08:02:62:3c:
c4:99:14:19:f3:15:29:d1:35:68:85:40:48:83:0e:50:f5:dc:
37:a0:f0:a3:b6:b4:2d:1e:5a:6e:47:37:7f:dc:03:b6:29:d2:
df:ec:f1:62:33:02:0a:5a:e7:91:a8:a9:b3:7e:2f:8e:1f:4c:
3e:71:1d:93:d9:e0:ab:75:33:07:83:f2:36:08:78:f8:47:5d:
eb:53:06:72:b4:2d:f9:d2:81:b4:25:55:d5:0b:2a:5b:ae:c4:
1a:74:f0:da:0e:c7:86:c3:95:50:c0:0c:3b:36:2c:aa:c0:7c:
0f:eb:ad:c1:d1:d9:2d:6a:57:6a:74:2f:23:1e:46:8c:f9:2e:
71:d3:89:4b:f8:57:b0:23:5b:eb:73:17:3d:ed:60:3d:2a:60:
4b:f1:4e:8f:dc:09:12:1a:6f:44:55:95:89:1c:36:fb:3c:fd:
31:67:9b:55:82:34:c7:f8:93:c7:3d:d5:c7:91:09:0e:88:8f:
cf:95:9e:9b:bb:48:f3:22:b5:4d:6e:83:0a:03:b0:8c:22:4c:
13:4f:05:e1:70:a5:eb:1f:7f:4b:36:69:d4:a3:c2:f4:3c:11:
ca:16:6f:f8:17:8b:00:06:a6:b5:26:ab:a2:12:42:40:1d:24:
90:5a:d0:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKzgIOpZsSViPbw4NaFtsvvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjQxMDIyMDkxMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTc2MjQxYWQwOWEzYjEwZDZmMjZmYmJjNmJjMzBlMmY0OGJjYzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4McVkSQI39LlGuVwEXWGfgLTZCCR
MyAhJYwuaNlVtn9QGFtk+y5FDQT3koK//O2U5o6SlZ5j/iUTl8Ad/YQa9Yu1guqQ
rRgPTUvKnZFDcYAorkvjS4JfhojFwAuFpigkg2xCl0Ni0NBM8jKU88JsQmG0x6Jx
ZuFXOjZWUP8dvGk/t3MFEoHkYcRSx5jApj4ZEr1delVko219g/tQbJ3Y+ucYvwxJ
AarHgw++MHn/EVC2h7kUolYlVwJzgqWcYy1hdZ/WEqsyeBPae4PZLjtDkT6e04V3
5NyUzxBFQaJnmGskwY7nMh1SkOubeK4PIux5mfJCRJYyAnDRlmVEEOL2CQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGV2JBrQmjsQ1vJvu8a8MOL0i8xJMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvWlhZa0d0Q2FPeERXOG0tN3hyd3c0dlNMekVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATW92MA0G
CSqGSIb3DQEBCwUAA4IBAQCsY0aKMG0jnRUwGxdKRggCYjzEmRQZ8xUp0TVohUBI
gw5Q9dw3oPCjtrQtHlpuRzd/3AO2KdLf7PFiMwIKWueRqKmzfi+OH0w+cR2T2eCr
dTMHg/I2CHj4R13rUwZytC350oG0JVXVCypbrsQadPDaDseGw5VQwAw7NiyqwHwP
663B0dktaldqdC8jHkaM+S5x04lL+FewI1vrcxc97WA9KmBL8U6P3AkSGm9EVZWJ
HDb7PP0xZ5tVgjTH+JPHPdXHkQkOiI/PlZ6bu0jzIrVNboMKA7CMIkwTTwXhcKXr
H39LNmnUo8L0PBHKFm/4F4sABqa1JquiEkJAHSSQWtCX
-----END CERTIFICATE-----
Generated at Wed Oct 23 10:37:17 2024 by rpki-client on console-ams.rpki-client.org