Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/de5add-ac68-4fb1-8419-3180ae4274f3/1/ZF-jepUrpdGPAjIe89rEHWY980Y.roa
File: ZF-jepUrpdGPAjIe89rEHWY980Y.roa (raw, json)
Hash identifier: yGGvwKXYse7rcVqJyafezEmvjmAak/eR9arxW3BpByg=
Subject key identifier: 64:5F:A3:7A:95:2B:A5:D1:8F:02:32:1E:F3:DA:C4:1D:66:3D:F3:46
Certificate issuer: /CN=5949b31ebb6e4cbbd0cc770cc6f4d50f78f0eb7b
Certificate serial: 01856C6F082B900DC536C87058E746750F4D
Authority key identifier: 59:49:B3:1E:BB:6E:4C:BB:D0:CC:77:0C:C6:F4:D5:0F:78:F0:EB:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WUmzHrtuTLvQzHcMxvTVD3jw63s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/de5add-ac68-4fb1-8419-3180ae4274f3/1/ZF-jepUrpdGPAjIe89rEHWY980Y.roa
Signing time: Sun 01 Jan 2023 08:24:53 +0000
ROA not before: Sun 01 Jan 2023 08:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6453
IP address blocks: 194.104.190.0/24 maxlen: 24
194.104.191.0/24 maxlen: 24
194.104.189.0/24 maxlen: 24
194.104.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6f:08:2b:90:0d:c5:36:c8:70:58:e7:46:75:0f:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5949b31ebb6e4cbbd0cc770cc6f4d50f78f0eb7b
Validity
Not Before: Jan 1 08:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645fa37a952ba5d18f02321ef3dac41d663df346
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a5:7a:a6:da:91:85:52:93:0d:ef:a4:49:3c:
6b:f2:a7:82:4b:38:a3:88:e1:04:30:15:7b:e9:fe:
03:15:21:50:7f:21:78:df:e5:ba:1a:d9:ec:68:68:
74:fc:b0:5f:08:06:02:f3:cd:74:5a:29:34:a8:c1:
0e:cf:c7:26:54:39:1b:c9:5b:dc:fa:e3:7b:53:c9:
9c:18:0c:f6:52:8d:cc:21:a2:6b:0a:03:03:c8:ea:
01:88:6f:b7:29:ca:b5:7d:8a:f2:5b:3a:62:f1:d2:
75:a8:48:6f:ca:d6:d3:b0:ba:1b:57:14:84:29:33:
bf:a3:cb:df:21:1e:0b:20:cd:3b:33:ba:40:23:b1:
4b:cb:e4:c5:f1:30:b4:44:28:ca:01:6d:41:3b:41:
20:e5:79:cf:3d:31:8a:20:81:6e:77:57:3a:64:41:
e5:5b:87:79:ac:b1:a7:04:16:27:2a:61:bf:6e:e6:
f4:10:0c:ab:ee:78:e5:10:eb:2a:b9:0f:b1:b9:3e:
06:fb:f5:ad:d9:ea:99:36:ae:55:02:0f:ae:86:ab:
f0:25:53:dc:b6:ee:09:5f:a9:75:ba:2e:19:49:29:
56:d1:86:63:10:27:06:e0:02:70:74:a0:be:3d:ac:
3f:d2:f9:1c:45:9f:d7:46:d9:7d:73:23:de:66:2d:
d5:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:5F:A3:7A:95:2B:A5:D1:8F:02:32:1E:F3:DA:C4:1D:66:3D:F3:46
X509v3 Authority Key Identifier:
keyid:59:49:B3:1E:BB:6E:4C:BB:D0:CC:77:0C:C6:F4:D5:0F:78:F0:EB:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WUmzHrtuTLvQzHcMxvTVD3jw63s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/de5add-ac68-4fb1-8419-3180ae4274f3/1/ZF-jepUrpdGPAjIe89rEHWY980Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/de5add-ac68-4fb1-8419-3180ae4274f3/1/WUmzHrtuTLvQzHcMxvTVD3jw63s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.104.188.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:94:ab:ac:bd:bb:fb:5d:86:7d:ae:1b:e2:ae:b0:78:51:93:
b0:5b:ad:84:a5:cd:67:11:80:8a:7b:34:f4:cb:0e:2e:98:0c:
fc:08:fe:c5:af:36:28:a0:86:04:07:c1:c0:02:7b:81:3e:b8:
40:9d:b3:4e:44:be:cb:12:5e:3d:80:65:a3:57:b0:ed:ba:6f:
13:a0:82:c7:8f:ce:60:14:04:15:46:9a:2e:f8:48:dd:78:d6:
6d:94:fe:51:12:0f:d1:bc:de:82:c5:a4:de:f0:58:6a:26:f4:
62:f9:3e:34:ea:8b:d3:62:d5:b2:0c:1f:68:fd:58:60:52:52:
48:e6:bd:1e:f3:56:e2:ea:5f:27:e7:cb:83:14:7e:09:a5:35:
5b:a9:c9:72:f2:93:42:d3:6e:46:70:42:1a:01:d8:eb:73:04:
40:11:a9:bb:84:df:73:44:f7:29:7a:de:1c:6a:13:60:bd:e3:
c6:44:d0:53:9b:38:96:ff:f8:7e:c9:34:19:bd:30:3a:63:93:
17:06:9e:af:09:14:fc:9f:ec:52:40:f5:dd:c3:7c:74:92:59:
fc:f5:20:d2:4c:ff:6a:17:d8:b8:fb:ac:24:cd:d4:bb:a5:47:
96:95:f3:9a:00:86:97:04:21:0f:45:cd:04:1b:90:c9:e8:39:
9e:34:7c:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsbwgrkA3FNshwWOdGdQ9NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NDliMzFlYmI2ZTRjYmJkMGNjNzcwY2M2ZjRkNTBmNzhm
MGViN2IwHhcNMjMwMTAxMDgyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDVmYTM3YTk1MmJhNWQxOGYwMjMyMWVmM2RhYzQxZDY2M2RmMzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0aV6ptqRhVKTDe+kSTxr8qeCSzij
iOEEMBV76f4DFSFQfyF43+W6GtnsaGh0/LBfCAYC8810Wik0qMEOz8cmVDkbyVvc
+uN7U8mcGAz2Uo3MIaJrCgMDyOoBiG+3Kcq1fYryWzpi8dJ1qEhvytbTsLobVxSE
KTO/o8vfIR4LIM07M7pAI7FLy+TF8TC0RCjKAW1BO0Eg5XnPPTGKIIFud1c6ZEHl
W4d5rLGnBBYnKmG/bub0EAyr7njlEOsquQ+xuT4G+/Wt2eqZNq5VAg+uhqvwJVPc
tu4JX6l1ui4ZSSlW0YZjECcG4AJwdKC+Paw/0vkcRZ/XRtl9cyPeZi3VCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGRfo3qVK6XRjwIyHvPaxB1mPfNGMB8GA1UdIwQY
MBaAFFlJsx67bky70Mx3DMb01Q948Ot7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1VtekhydHVUTHZRekhjTXh2VFZEM2p3NjNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9kZTVhZGQtYWM2OC00ZmIxLTg0MTkt
MzE4MGFlNDI3NGYzLzEvWkYtamVwVXJwZEdQQWpJZTg5ckVIV1k5ODBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9kZTVhZGQtYWM2OC00ZmIxLTg0MTktMzE4MGFlNDI3NGYz
LzEvV1VtekhydHVUTHZRekhjTXh2VFZEM2p3NjNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwmi8MA0G
CSqGSIb3DQEBCwUAA4IBAQCblKusvbv7XYZ9rhvirrB4UZOwW62Epc1nEYCKezT0
yw4umAz8CP7FrzYooIYEB8HAAnuBPrhAnbNORL7LEl49gGWjV7Dtum8ToILHj85g
FAQVRpou+EjdeNZtlP5REg/RvN6CxaTe8FhqJvRi+T406ovTYtWyDB9o/VhgUlJI
5r0e81bi6l8n58uDFH4JpTVbqcly8pNC025GcEIaAdjrcwRAEam7hN9zRPcpet4c
ahNgvePGRNBTmziW//h+yTQZvTA6Y5MXBp6vCRT8n+xSQPXdw3x0kln89SDSTP9q
F9i4+6wkzdS7pUeWlfOaAIaXBCEPRc0EG5DJ6DmeNHwJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:03 2024 by rpki-client on console-ams.rpki-client.org