Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/ZDUJjKBRBBxzKLrJmg-tgICbjdY.roa
File: ZDUJjKBRBBxzKLrJmg-tgICbjdY.roa (raw, json)
Hash identifier: dUQyyDsd0bm59W9Nnp+tH6NJlBQ0oHwc4sDi/6R/CNY=
Subject key identifier: 64:35:09:8C:A0:51:04:1C:73:28:BA:C9:9A:0F:AD:80:80:9B:8D:D6
Certificate issuer: /CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
Certificate serial: 01907661CB0A4A7F433A6371C57658257B3A
Authority key identifier: FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/ZDUJjKBRBBxzKLrJmg-tgICbjdY.roa
Signing time: Wed 03 Jul 2024 02:17:18 +0000
ROA not before: Wed 03 Jul 2024 02:17:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54203
IP address blocks: 176.67.80.0/23 maxlen: 23
176.67.85.0/24 maxlen: 24
176.67.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Jul 2024 15:36:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:76:61:cb:0a:4a:7f:43:3a:63:71:c5:76:58:25:7b:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
Validity
Not Before: Jul 3 02:17:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6435098ca051041c7328bac99a0fad80809b8dd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:39:a5:ce:1d:f2:be:dd:8b:57:58:63:81:f9:
7a:77:9d:69:36:b4:ae:0a:55:fe:d5:eb:4e:46:bd:
5b:df:98:17:5c:d1:7f:c0:7a:c1:82:4d:a5:01:2a:
2b:a9:5c:f6:d8:17:31:31:6c:09:1c:f2:95:3b:cc:
d3:0f:b7:50:b9:a1:44:99:d6:7f:0e:25:d8:e7:9f:
fd:4b:ad:d0:9f:d5:fe:46:53:a4:b9:99:59:2d:b7:
83:3b:13:b8:f0:87:1d:a3:d6:c7:c2:95:2a:6b:2a:
33:57:4f:de:b3:6e:7a:d9:32:24:20:c8:b9:c0:33:
ca:ac:83:d1:eb:8b:22:7b:8c:99:c5:9b:66:86:68:
e2:1a:d2:6c:6c:99:85:23:95:48:9c:e4:b3:80:d9:
b9:c4:7b:46:66:43:32:52:e4:0f:f5:e6:bb:f2:cb:
36:c7:56:1b:71:9f:46:b5:31:ae:99:4c:85:57:72:
9b:bf:af:01:b9:d5:a5:8c:36:31:79:a4:77:e0:d2:
54:9b:64:84:0e:47:b2:c5:9d:4e:60:c7:be:e9:3e:
bc:b3:d2:59:96:08:fe:24:05:e3:43:6c:cb:f9:ac:
a5:9d:61:a7:eb:92:3f:bf:37:11:71:e6:ef:e1:69:
2b:a0:c5:7e:89:33:bd:65:db:b0:c4:83:2c:94:3c:
b3:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:35:09:8C:A0:51:04:1C:73:28:BA:C9:9A:0F:AD:80:80:9B:8D:D6
X509v3 Authority Key Identifier:
keyid:FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/ZDUJjKBRBBxzKLrJmg-tgICbjdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.67.80.0/23
176.67.85.0-176.67.86.255
Signature Algorithm: sha256WithRSAEncryption
8f:ec:f7:89:b3:6f:53:e4:61:15:47:28:96:29:c2:0d:e0:19:
ea:b5:43:2b:fd:57:1c:19:f3:62:5a:67:a8:73:34:0f:fb:86:
81:e2:cd:09:36:b5:02:69:ee:3b:fd:99:85:06:8f:b4:07:2f:
5b:8f:c2:28:10:af:d4:5e:b1:c0:35:2b:e0:84:76:2e:8c:3f:
a8:f4:84:bb:a4:95:dd:c2:02:d4:7f:84:bc:a5:d2:c6:e7:c3:
df:95:00:60:a2:d1:11:28:67:15:bd:08:4d:06:4e:4e:d4:77:
78:08:31:4c:51:40:41:3f:22:e5:3b:2a:6b:e5:73:b7:c5:f3:
6e:a8:e9:d9:12:51:4b:0a:21:1b:e0:fa:4f:e2:99:3b:eb:28:
9c:0a:6e:ee:e1:de:4b:4c:51:f1:70:9d:f7:c4:4f:88:94:16:
04:0b:cf:3e:d3:d3:95:d6:a9:82:ea:60:26:8b:4f:c3:20:b7:
77:82:a1:51:d0:a1:57:52:af:7c:51:b6:0d:52:3a:71:3c:0b:
1d:29:77:65:10:03:e3:42:a7:e4:fe:89:1d:b5:57:d8:52:3c:
2c:f0:0e:47:f8:d8:df:92:2e:29:31:8b:3f:96:ea:8e:ae:fb:
2b:6e:42:a4:68:4e:10:5f:7d:92:96:bc:26:5f:fa:a3:fa:08:
f9:93:88:ee
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZB2YcsKSn9DOmNxxXZYJXs6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlODE5OWU4MzQ1NTY3ZDg1MTZiNzg4ZmUyZTFkMzk3ZTI3
YzczYTQwHhcNMjQwNzAzMDIxNzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDM1MDk4Y2EwNTEwNDFjNzMyOGJhYzk5YTBmYWQ4MDgwOWI4ZGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zmlzh3yvt2LV1hjgfl6d51pNrSu
ClX+1etORr1b35gXXNF/wHrBgk2lASorqVz22BcxMWwJHPKVO8zTD7dQuaFEmdZ/
DiXY55/9S63Qn9X+RlOkuZlZLbeDOxO48Icdo9bHwpUqayozV0/es2562TIkIMi5
wDPKrIPR64sie4yZxZtmhmjiGtJsbJmFI5VInOSzgNm5xHtGZkMyUuQP9ea78ss2
x1YbcZ9GtTGumUyFV3Kbv68BudWljDYxeaR34NJUm2SEDkeyxZ1OYMe+6T68s9JZ
lgj+JAXjQ2zL+aylnWGn65I/vzcRcebv4WkroMV+iTO9ZduwxIMslDyzBwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGQ1CYygUQQccyi6yZoPrYCAm43WMB8GA1UdIwQY
MBaAFP6Bmeg0VWfYUWt4j+Lh05fifHOkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQt
ODQwY2NiMzRiM2Y1LzEvWkRVSmpLQlJCQnh6S0xySm1nLXRnSUNiamRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQtODQwY2NiMzRiM2Y1
LzEvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBsENQMAwD
BACwQ1UDBACwQ1YwDQYJKoZIhvcNAQELBQADggEBAI/s94mzb1PkYRVHKJYpwg3g
Geq1Qyv9VxwZ82JaZ6hzNA/7hoHizQk2tQJp7jv9mYUGj7QHL1uPwigQr9RescA1
K+CEdi6MP6j0hLukld3CAtR/hLyl0sbnw9+VAGCi0REoZxW9CE0GTk7Ud3gIMUxR
QEE/IuU7Kmvlc7fF826o6dkSUUsKIRvg+k/imTvrKJwKbu7h3ktMUfFwnffET4iU
FgQLzz7T05XWqYLqYCaLT8Mgt3eCoVHQoVdSr3xRtg1SOnE8Cx0pd2UQA+NCp+T+
iR21V9hSPCzwDkf42N+SLikxiz+W6o6u+ytuQqRoThBffZKWvCZf+qP6CPmTiO4=
-----END CERTIFICATE-----
Generated at Fri Jul 19 18:33:20 2024 by rpki-client on console-fra.rpki-client.org