Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ZK6573fuwiIOrZ1MIeGAzdHR-2Q.roa
File: ZK6573fuwiIOrZ1MIeGAzdHR-2Q.roa (raw, json)
Hash identifier: 7JgCb1nQZgUhLMnDMsiuXmqwJHdWMZjtpzSjD31tgi8=
Subject key identifier: 64:AE:B9:EF:77:EE:C2:22:0E:AD:9D:4C:21:E1:80:CD:D1:D1:FB:64
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018C11BFF4B1AC5B3FD69CBB405B82161B8D
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ZK6573fuwiIOrZ1MIeGAzdHR-2Q.roa
Signing time: Mon 27 Nov 2023 17:07:21 +0000
ROA not before: Mon 27 Nov 2023 17:07:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43893
IP address blocks: 192.165.66.0/24 maxlen: 24
194.103.221.0/24 maxlen: 24
194.71.224.0/24 maxlen: 24
194.71.161.0/24 maxlen: 24
194.71.162.0/24 maxlen: 24
194.132.80.0/24 maxlen: 24
193.234.52.0/24 maxlen: 24
194.132.82.0/23 maxlen: 23
193.234.53.0/24 maxlen: 24
192.121.13.0/24 maxlen: 24
194.132.30.0/24 maxlen: 24
192.121.62.0/24 maxlen: 24
192.71.58.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:11:bf:f4:b1:ac:5b:3f:d6:9c:bb:40:5b:82:16:1b:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Nov 27 17:07:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64aeb9ef77eec2220ead9d4c21e180cdd1d1fb64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6a:a1:5f:f6:30:29:2b:dc:df:53:c9:30:5b:
7e:68:cb:e9:0f:be:da:47:c4:3e:c0:af:b5:55:42:
0a:69:c7:56:26:cf:59:ce:8c:f3:45:6c:8f:14:61:
8e:67:af:e8:8f:3f:86:90:b5:47:fc:0a:d9:7b:49:
3a:02:29:4e:e1:11:98:55:f8:bd:b9:b5:3c:6a:8a:
f8:db:63:5b:40:e4:ca:b8:1e:45:2d:38:66:95:ad:
e6:70:a1:b3:a7:d6:6f:38:eb:83:bc:81:92:e0:bd:
e9:84:eb:c8:00:73:a4:4b:4f:1b:00:9e:6f:91:82:
42:ac:85:e4:51:00:27:0d:64:f1:2d:e5:aa:37:6b:
a3:6f:3c:18:06:74:8d:58:58:66:1d:d7:de:90:34:
a9:bb:8d:d0:ee:11:ef:ab:4e:05:4e:53:84:b3:dd:
e3:6c:a2:d0:71:19:df:13:24:70:8e:3a:50:3e:cb:
e7:da:92:56:79:04:b9:d6:6e:7a:ee:75:45:54:81:
76:c8:58:1c:09:c4:73:74:38:2c:2f:d2:4b:34:1f:
85:dc:db:65:2c:b8:1a:8d:44:32:4d:77:df:bd:98:
bc:a4:3b:6e:6e:fb:d5:93:9b:86:3d:a0:76:02:ac:
53:83:7c:f2:a8:bf:b3:98:53:66:80:e7:c1:9c:87:
0c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:AE:B9:EF:77:EE:C2:22:0E:AD:9D:4C:21:E1:80:CD:D1:D1:FB:64
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ZK6573fuwiIOrZ1MIeGAzdHR-2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.58.0/24
192.121.13.0/24
192.121.62.0/24
192.165.66.0/24
193.234.52.0/23
194.71.161.0-194.71.162.255
194.71.224.0/24
194.103.221.0/24
194.132.30.0/24
194.132.80.0/24
194.132.82.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:2a:d5:70:05:81:07:5a:0a:e4:be:2a:cf:e4:ed:1b:ff:2d:
8c:fc:ad:a8:8e:6b:f5:0f:5e:de:c3:4d:21:a9:13:18:5c:4e:
16:70:65:8e:c3:93:09:8b:ac:c9:ff:67:60:75:e1:ac:2a:b6:
7e:f5:0d:6d:30:d7:e4:e6:88:02:ed:69:01:12:7e:0d:35:45:
6a:46:84:5b:d1:2d:d4:cd:08:62:16:b5:97:ac:05:76:0c:4a:
ad:41:aa:72:52:4a:5c:a0:74:4d:37:f2:cb:14:96:b1:88:4f:
03:fe:86:1b:bc:b2:9c:c1:e0:c8:37:36:c4:3a:11:10:91:e7:
05:42:2c:4c:d6:4c:29:21:4d:bf:6e:69:16:61:13:91:41:55:
3e:fb:94:b5:fc:39:59:cf:21:62:6c:77:fd:da:ef:83:f8:9f:
b6:52:cf:2d:dd:e1:05:bd:e9:73:36:06:37:93:25:e2:96:ad:
ba:33:a3:98:9e:0a:ff:e2:e6:1c:4d:1a:72:bd:82:13:62:a5:
57:13:08:8b:5d:3a:73:f9:b7:f8:c0:17:01:36:05:34:90:97:
0c:0d:7f:19:60:ec:6d:3c:87:eb:87:65:19:ca:af:a3:de:89:
ad:67:51:76:73:1a:8c:79:07:3f:fc:53:2d:a2:d1:4d:5d:9a:
19:33:ce:3a
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYwRv/SxrFs/1py7QFuCFhuNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMxMTI3MTcwNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGFlYjllZjc3ZWVjMjIyMGVhZDlkNGMyMWUxODBjZGQxZDFmYjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmqhX/YwKSvc31PJMFt+aMvpD77a
R8Q+wK+1VUIKacdWJs9ZzozzRWyPFGGOZ6/ojz+GkLVH/ArZe0k6AilO4RGYVfi9
ubU8aor422NbQOTKuB5FLThmla3mcKGzp9ZvOOuDvIGS4L3phOvIAHOkS08bAJ5v
kYJCrIXkUQAnDWTxLeWqN2ujbzwYBnSNWFhmHdfekDSpu43Q7hHvq04FTlOEs93j
bKLQcRnfEyRwjjpQPsvn2pJWeQS51m567nVFVIF2yFgcCcRzdDgsL9JLNB+F3Ntl
LLgajUQyTXffvZi8pDtubvvVk5uGPaB2AqxTg3zyqL+zmFNmgOfBnIcMdQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFGSuue937sIiDq2dTCHhgM3R0ftkMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvWks2NTczZnV3aUlPcloxTUllR0F6ZEhSLTJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAwEc6AwQA
wHkNAwQAwHk+AwQAwKVCAwQBweo0MAwDBADCR6EDBADCR6IDBADCR+ADBADCZ90D
BADChB4DBADChFADBAHChFIwDQYJKoZIhvcNAQELBQADggEBAE4q1XAFgQdaCuS+
Ks/k7Rv/LYz8raiOa/UPXt7DTSGpExhcThZwZY7DkwmLrMn/Z2B14awqtn71DW0w
1+TmiALtaQESfg01RWpGhFvRLdTNCGIWtZesBXYMSq1BqnJSSlygdE038ssUlrGI
TwP+hhu8spzB4Mg3NsQ6ERCR5wVCLEzWTCkhTb9uaRZhE5FBVT77lLX8OVnPIWJs
d/3a74P4n7ZSzy3d4QW96XM2BjeTJeKWrbozo5ieCv/i5hxNGnK9ghNipVcTCItd
OnP5t/jAFwE2BTSQlwwNfxlg7G08h+uHZRnKr6Peia1nUXZzGox5Bz/8Uy2i0U1d
mhkzzjo=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:53 2024 by rpki-client on console-fra.rpki-client.org