Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/ZzulzD395cBSoKuykRMGZIjsMfs.roa
File: ZzulzD395cBSoKuykRMGZIjsMfs.roa (raw, json)
Hash identifier: TXF2QL7kNoMHjVcEZ34yU4bm/vfjsSnRV79piYD8Kbs=
Subject key identifier: 67:3B:A5:CC:3D:FD:E5:C0:52:A0:AB:B2:91:13:06:64:88:EC:31:FB
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 018D667C92119648CBAC0E0BF6842DA21C64
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/ZzulzD395cBSoKuykRMGZIjsMfs.roa
Signing time: Thu 01 Feb 2024 21:04:16 +0000
ROA not before: Thu 01 Feb 2024 21:04:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 171.33.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 May 2024 10:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:66:7c:92:11:96:48:cb:ac:0e:0b:f6:84:2d:a2:1c:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Feb 1 21:04:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=673ba5cc3dfde5c052a0abb29113066488ec31fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:da:4d:e1:2e:31:b2:4f:86:d9:b8:3b:dd:ff:
98:6f:0b:ca:7d:33:00:2b:c2:db:d8:bf:b2:c3:fa:
59:a3:68:27:7d:fc:23:cd:b1:d0:ec:82:59:84:59:
72:60:b5:ef:de:df:a9:6b:6a:1d:92:ff:3b:5c:08:
20:41:57:0c:dd:d2:32:7f:2c:d2:ea:67:42:c6:bf:
32:dd:2a:4b:32:63:a7:32:81:c0:c4:99:90:72:40:
21:f3:64:50:33:ed:ae:19:27:5a:ea:8b:b4:f2:35:
84:83:44:20:4e:c7:e2:11:12:4b:68:4b:8e:f5:91:
bf:8a:fa:5d:79:b6:87:a3:8d:e1:a4:66:d2:01:c5:
6e:3d:46:f2:77:3d:f0:dc:39:cb:70:03:df:94:94:
da:9e:0a:fa:aa:86:b7:93:c6:3f:ba:20:60:8f:fc:
11:4b:69:79:fe:73:8f:91:14:4d:f7:70:1f:ad:fb:
70:ec:c8:42:37:29:72:55:8d:1c:14:fb:85:1c:a5:
1b:3f:94:89:ac:e9:8b:3e:97:12:e6:96:cb:f5:86:
4c:bf:41:af:dc:21:94:e6:24:4e:46:bd:33:b9:5b:
0c:1b:19:04:9a:e1:7d:71:41:96:0f:c8:33:e9:d7:
ac:7e:0d:d9:62:c7:f6:02:c5:f4:f8:8e:13:bf:89:
d3:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:3B:A5:CC:3D:FD:E5:C0:52:A0:AB:B2:91:13:06:64:88:EC:31:FB
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/ZzulzD395cBSoKuykRMGZIjsMfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.33.240.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:47:7f:f8:e7:b9:74:75:29:5b:91:3e:2f:3e:64:c8:a8:d1:
f5:58:8f:aa:ec:d7:b4:a2:aa:47:df:8b:bd:eb:10:4b:3c:e4:
b7:a7:37:8b:32:45:c5:0b:fd:37:37:95:65:d5:78:59:0e:d1:
51:8e:ff:a8:46:9b:ab:0a:53:47:f9:0c:1c:21:53:a3:70:36:
08:79:3a:55:84:2d:e9:2c:5a:73:b3:d4:69:7d:52:a4:52:34:
8c:7d:84:6f:e2:dd:71:39:7c:dc:35:39:3b:08:f0:19:13:4d:
12:ad:ed:6a:0a:14:17:ef:a0:9d:11:3c:3d:38:12:a2:28:70:
14:2e:49:99:e3:71:15:f0:2d:a9:18:1e:a0:3c:3f:e9:9f:c9:
c0:86:83:93:d7:b6:32:a2:a7:97:7e:a6:21:b8:d1:66:d6:bb:
66:51:15:ee:0c:e8:60:45:d7:8c:31:7b:f2:a6:5a:ba:a1:14:
8a:d6:f1:34:8a:88:a2:87:3e:76:e9:23:57:07:18:f7:d2:10:
d2:be:07:d4:c3:01:66:53:8c:ee:2e:df:c9:ed:8c:8d:ce:90:
63:76:49:ef:e9:6d:c4:c2:a4:cb:f8:95:56:71:ec:75:5b:6b:
00:6b:b2:90:81:7d:3a:4d:35:20:b9:a2:76:8e:9f:0b:59:0b:
81:0e:d2:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1mfJIRlkjLrA4L9oQtohxkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjQwMjAxMjEwNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzNiYTVjYzNkZmRlNWMwNTJhMGFiYjI5MTEzMDY2NDg4ZWMzMWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdpN4S4xsk+G2bg73f+YbwvKfTMA
K8Lb2L+yw/pZo2gnffwjzbHQ7IJZhFlyYLXv3t+pa2odkv87XAggQVcM3dIyfyzS
6mdCxr8y3SpLMmOnMoHAxJmQckAh82RQM+2uGSda6ou08jWEg0QgTsfiERJLaEuO
9ZG/ivpdebaHo43hpGbSAcVuPUbydz3w3DnLcAPflJTangr6qoa3k8Y/uiBgj/wR
S2l5/nOPkRRN93Afrftw7MhCNylyVY0cFPuFHKUbP5SJrOmLPpcS5pbL9YZMv0Gv
3CGU5iRORr0zuVsMGxkEmuF9cUGWD8gz6desfg3ZYsf2AsX0+I4Tv4nTPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGc7pcw9/eXAUqCrspETBmSI7DH7MB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvWnp1bHpEMzk1Y0JTb0t1eWtSTUdaSWpzTWZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqyHwMA0G
CSqGSIb3DQEBCwUAA4IBAQAcR3/457l0dSlbkT4vPmTIqNH1WI+q7Ne0oqpH34u9
6xBLPOS3pzeLMkXFC/03N5Vl1XhZDtFRjv+oRpurClNH+QwcIVOjcDYIeTpVhC3p
LFpzs9RpfVKkUjSMfYRv4t1xOXzcNTk7CPAZE00Sre1qChQX76CdETw9OBKiKHAU
LkmZ43EV8C2pGB6gPD/pn8nAhoOT17YyoqeXfqYhuNFm1rtmURXuDOhgRdeMMXvy
plq6oRSK1vE0ioiihz526SNXBxj30hDSvgfUwwFmU4zuLt/J7YyNzpBjdknv6W3E
wqTL+JVWcex1W2sAa7KQgX06TTUguaJ2jp8LWQuBDtII
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:59 2024 by rpki-client on console-ams.rpki-client.org