Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/b9c906-1e85-4573-8f62-8257d51928a9/1/ZD830W9hY6GjIfDXgw-Rtl2GAas.roa
File: ZD830W9hY6GjIfDXgw-Rtl2GAas.roa (raw, json)
Hash identifier: B9cHpOABgo2mMfiUMxKRcHuQFg5REY/gYjhRvposqhY=
Subject key identifier: 64:3F:37:D1:6F:61:63:A1:A3:21:F0:D7:83:0F:91:B6:5D:86:01:AB
Certificate issuer: /CN=7d35c0b209135c22cc8005a7c2e222c63c136cb0
Certificate serial: 01856BC10CF4F21178EA48792B382E0BEAC2
Authority key identifier: 7D:35:C0:B2:09:13:5C:22:CC:80:05:A7:C2:E2:22:C6:3C:13:6C:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fTXAsgkTXCLMgAWnwuIixjwTbLA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/b9c906-1e85-4573-8f62-8257d51928a9/1/ZD830W9hY6GjIfDXgw-Rtl2GAas.roa
Signing time: Sun 01 Jan 2023 05:14:51 +0000
ROA not before: Sun 01 Jan 2023 05:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 10474
IP address blocks: 176.67.176.0/21 maxlen: 24
185.39.236.0/22 maxlen: 24
2a01:5380::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:c1:0c:f4:f2:11:78:ea:48:79:2b:38:2e:0b:ea:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d35c0b209135c22cc8005a7c2e222c63c136cb0
Validity
Not Before: Jan 1 05:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=643f37d16f6163a1a321f0d7830f91b65d8601ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:4d:fd:6d:6b:75:d6:3f:4a:90:f5:f9:b9:ac:
d1:4c:4d:9b:db:9b:36:1b:6e:ab:fd:f4:af:f6:f8:
0d:67:3f:fa:76:e0:6c:7f:b4:70:d3:0d:73:80:a6:
32:bf:77:14:22:6b:ae:b1:23:d8:69:a7:6f:40:d1:
99:ef:9b:4e:f4:47:a5:19:24:59:34:6d:5e:c8:9f:
fb:b6:6b:e4:14:f2:3f:a4:66:34:bb:b9:b7:36:fc:
47:3a:b3:05:be:02:4a:66:86:fd:97:2e:8b:e9:f1:
34:e8:ec:e9:0a:a8:ae:04:59:c1:d3:a8:0b:f9:e0:
2c:75:96:dd:20:77:e3:e6:68:a9:33:a3:a4:98:b3:
3c:5c:e3:bf:98:91:2e:6f:eb:77:bb:57:e1:e8:8a:
59:81:8d:cf:84:1f:30:ee:15:19:28:b8:c6:47:f1:
06:e9:48:a3:3d:87:0c:d9:bf:de:19:3c:d0:1a:b9:
69:17:78:ab:55:34:f3:84:5c:36:84:ab:a4:59:7d:
eb:47:53:a9:79:ce:aa:1a:81:12:b6:ba:a5:a8:ee:
ba:fa:b0:6e:50:31:9c:a1:ac:16:f4:5c:06:c8:a1:
fd:d9:8f:f9:77:9d:ac:1f:fb:05:9c:1d:1a:4a:86:
54:e3:54:59:83:bb:f1:c5:5b:ee:be:66:62:ce:ed:
b0:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:3F:37:D1:6F:61:63:A1:A3:21:F0:D7:83:0F:91:B6:5D:86:01:AB
X509v3 Authority Key Identifier:
keyid:7D:35:C0:B2:09:13:5C:22:CC:80:05:A7:C2:E2:22:C6:3C:13:6C:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fTXAsgkTXCLMgAWnwuIixjwTbLA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/b9c906-1e85-4573-8f62-8257d51928a9/1/ZD830W9hY6GjIfDXgw-Rtl2GAas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/b9c906-1e85-4573-8f62-8257d51928a9/1/fTXAsgkTXCLMgAWnwuIixjwTbLA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.67.176.0/21
185.39.236.0/22
IPv6:
2a01:5380::/32
Signature Algorithm: sha256WithRSAEncryption
86:67:40:94:07:e0:de:ed:c5:96:0c:49:1e:24:f3:ee:be:c3:
e0:2f:3c:49:26:c1:4d:75:91:cc:e6:91:29:e3:a9:56:3f:e2:
45:a6:5f:87:63:90:50:98:9e:1e:11:27:d7:a6:e3:73:9b:0a:
47:5c:9f:05:8c:d2:07:5e:3b:72:56:2f:f4:50:46:d5:5b:3c:
4a:67:ec:9c:e3:95:3a:ea:5c:4e:db:cf:60:8d:4d:5b:11:76:
b2:bc:f2:ca:26:c1:8a:79:c9:15:7b:28:62:bc:c4:35:3f:60:
29:d3:ff:79:f2:dd:f2:46:60:e9:68:91:db:00:5f:02:54:eb:
4d:c7:26:e0:a1:19:4d:d4:1c:58:cb:be:51:9b:ab:ae:8b:53:
48:04:4a:83:63:c0:dd:4f:75:9a:c7:2b:12:ef:5a:3d:c6:d8:
9b:0a:ff:07:e1:35:f7:e8:bf:28:cf:db:28:a8:9c:66:9f:7d:
cb:0b:49:73:2d:d2:fe:7a:b0:97:62:aa:ee:b8:08:e6:55:2c:
34:21:2c:58:5c:48:8d:d8:f6:d4:d7:3b:0c:44:33:ad:7a:71:
cb:85:cc:59:76:f4:c3:2c:4d:09:30:5d:c1:a7:f3:d1:00:24:
1d:48:43:4c:6e:33:a1:04:2c:7c:bf:ed:ce:57:68:eb:d0:b6:
41:fa:c6:4a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVrwQz08hF46kh5KzguC+rCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMzVjMGIyMDkxMzVjMjJjYzgwMDVhN2MyZTIyMmM2M2Mx
MzZjYjAwHhcNMjMwMTAxMDUxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDNmMzdkMTZmNjE2M2ExYTMyMWYwZDc4MzBmOTFiNjVkODYwMWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwU39bWt11j9KkPX5uazRTE2b25s2
G26r/fSv9vgNZz/6duBsf7Rw0w1zgKYyv3cUImuusSPYaadvQNGZ75tO9EelGSRZ
NG1eyJ/7tmvkFPI/pGY0u7m3NvxHOrMFvgJKZob9ly6L6fE06OzpCqiuBFnB06gL
+eAsdZbdIHfj5mipM6OkmLM8XOO/mJEub+t3u1fh6IpZgY3PhB8w7hUZKLjGR/EG
6UijPYcM2b/eGTzQGrlpF3irVTTzhFw2hKukWX3rR1Opec6qGoEStrqlqO66+rBu
UDGcoawW9FwGyKH92Y/5d52sH/sFnB0aSoZU41RZg7vxxVvuvmZizu2w+QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGQ/N9FvYWOhoyHw14MPkbZdhgGrMB8GA1UdIwQY
MBaAFH01wLIJE1wizIAFp8LiIsY8E2ywMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlRYQXNna1RYQ0xNZ0FXbnd1SWl4andUYkxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9iOWM5MDYtMWU4NS00NTczLThmNjIt
ODI1N2Q1MTkyOGE5LzEvWkQ4MzBXOWhZNkdqSWZEWGd3LVJ0bDJHQWFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9iOWM5MDYtMWU4NS00NTczLThmNjItODI1N2Q1MTkyOGE5
LzEvZlRYQXNna1RYQ0xNZ0FXbnd1SWl4andUYkxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsEOwAwQC
uSfsMA0EAgACMAcDBQAqAVOAMA0GCSqGSIb3DQEBCwUAA4IBAQCGZ0CUB+De7cWW
DEkeJPPuvsPgLzxJJsFNdZHM5pEp46lWP+JFpl+HY5BQmJ4eESfXpuNzmwpHXJ8F
jNIHXjtyVi/0UEbVWzxKZ+yc45U66lxO289gjU1bEXayvPLKJsGKeckVeyhivMQ1
P2Ap0/958t3yRmDpaJHbAF8CVOtNxybgoRlN1BxYy75Rm6uui1NIBEqDY8DdT3Wa
xysS71o9xtibCv8H4TX36L8oz9soqJxmn33LC0lzLdL+erCXYqruuAjmVSw0ISxY
XEiN2PbU1zsMRDOtenHLhcxZdvTDLE0JMF3Bp/PRACQdSENMbjOhBCx8v+3OV2jr
0LZB+sZK
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:01:02 2024 by rpki-client on console.sobornost.net