Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/cb9c66-f7cc-4de1-bdc1-2f5f4c55262f/1/ZKTewLzVOGSInsYD2IOBSl1KI9I.roa
File: ZKTewLzVOGSInsYD2IOBSl1KI9I.roa (raw, json)
Hash identifier: 8YdI3CFSU0/XJwBMqhFsxpxIcFNk/kWGkKk+bvMpmsM=
Subject key identifier: 64:A4:DE:C0:BC:D5:38:64:88:9E:C6:03:D8:83:81:4A:5D:4A:23:D2
Certificate issuer: /CN=8877da3d483027a01eddcd0e435e8285f1b1bb9e
Certificate serial: 01856E78F10CC7FF5B45E5B41BEE745CE115
Authority key identifier: 88:77:DA:3D:48:30:27:A0:1E:DD:CD:0E:43:5E:82:85:F1:B1:BB:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iHfaPUgwJ6Ae3c0OQ16ChfGxu54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/cb9c66-f7cc-4de1-bdc1-2f5f4c55262f/1/ZKTewLzVOGSInsYD2IOBSl1KI9I.roa
Signing time: Sun 01 Jan 2023 17:54:57 +0000
ROA not before: Sun 01 Jan 2023 17:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62412
IP address blocks: 188.214.242.0/23 maxlen: 24
139.28.228.0/22 maxlen: 24
185.184.88.0/22 maxlen: 24
185.36.210.0/23 maxlen: 24
2a0f:5900::/29 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:f1:0c:c7:ff:5b:45:e5:b4:1b:ee:74:5c:e1:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8877da3d483027a01eddcd0e435e8285f1b1bb9e
Validity
Not Before: Jan 1 17:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64a4dec0bcd53864889ec603d883814a5d4a23d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c4:1c:5f:40:01:39:a9:aa:9b:37:d4:a1:9e:
d5:53:ef:64:e3:06:55:dd:b4:f3:67:1c:dc:57:b0:
1f:f6:05:43:cf:5a:d4:05:3a:2f:71:04:8c:a7:75:
90:65:65:b2:2f:be:69:9b:a0:d2:0f:83:f3:0d:45:
bb:d0:32:1b:34:c5:3b:a1:3a:f8:d4:19:1c:2d:f2:
65:9b:6e:47:8e:38:c4:b0:44:d0:b7:2d:77:86:3f:
b2:70:35:68:be:51:66:e8:10:08:70:e3:1f:0b:88:
bb:b9:c6:87:4e:c0:df:a0:44:7a:f1:37:bf:9d:04:
a6:52:e5:7c:44:1d:66:7d:10:8d:22:77:9b:a9:a0:
49:66:f5:3b:dd:89:22:75:23:9b:b9:33:b6:31:b1:
11:e0:d5:1a:c8:41:4b:b9:41:fd:05:ac:9b:d4:06:
6a:42:20:ee:b9:af:47:9e:8f:b4:16:a0:29:70:60:
8b:42:cd:7d:ef:10:81:43:ea:76:dd:1f:e3:bd:8c:
83:91:a7:a6:a5:87:f0:be:a1:61:1d:e4:46:c7:dc:
2a:f6:15:03:65:37:eb:95:75:3e:97:94:9e:fc:a9:
f7:af:69:9c:96:e3:cc:0a:10:92:1f:f5:30:9a:61:
2e:0a:21:f2:55:e8:22:a1:cb:a1:03:d4:8f:39:0d:
f7:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:A4:DE:C0:BC:D5:38:64:88:9E:C6:03:D8:83:81:4A:5D:4A:23:D2
X509v3 Authority Key Identifier:
keyid:88:77:DA:3D:48:30:27:A0:1E:DD:CD:0E:43:5E:82:85:F1:B1:BB:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iHfaPUgwJ6Ae3c0OQ16ChfGxu54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/cb9c66-f7cc-4de1-bdc1-2f5f4c55262f/1/ZKTewLzVOGSInsYD2IOBSl1KI9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/cb9c66-f7cc-4de1-bdc1-2f5f4c55262f/1/iHfaPUgwJ6Ae3c0OQ16ChfGxu54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.228.0/22
185.36.210.0/23
185.184.88.0/22
188.214.242.0/23
IPv6:
2a0f:5900::/29
Signature Algorithm: sha256WithRSAEncryption
24:62:76:dc:90:1d:72:20:d7:38:d1:f4:78:70:d1:64:b8:d5:
49:b0:5b:76:53:d4:a0:e3:3e:02:1d:e3:b9:57:6e:eb:cc:01:
e4:6a:5f:d4:d3:0f:08:2c:36:9d:38:9e:5a:48:02:5a:8e:14:
da:d0:be:ba:4c:4d:e6:de:8b:96:de:54:26:26:bd:d5:9d:e1:
4d:6c:f2:76:79:c1:64:62:43:36:6c:d1:f6:e0:9f:6a:ee:5f:
1e:91:38:e1:82:a3:75:32:83:de:f0:77:f2:fe:ea:ac:69:15:
fd:11:bb:2e:86:22:b6:89:79:8e:6e:26:5e:46:a4:a9:b9:83:
e2:5c:91:03:28:dc:17:19:48:62:13:5f:63:43:e7:e8:12:b6:
ea:56:1d:e3:94:66:e6:62:15:3f:6f:4a:49:a7:36:15:3a:4d:
2e:e1:8f:7b:e2:43:95:4d:e8:02:35:53:5d:ef:fe:6d:e5:92:
50:09:6f:8f:30:dd:23:c2:5d:4b:58:6f:be:71:54:05:69:32:
e7:32:31:94:05:35:02:c5:55:ac:3a:8a:9d:da:37:86:0c:07:
13:2b:60:10:4e:5e:08:36:80:71:26:f9:bf:86:b1:1d:74:55:
31:47:36:3a:22:40:a6:b3:50:b4:0c:18:67:f2:e7:c3:d6:88:
d3:86:25:b3
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVuePEMx/9bReW0G+50XOEVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NzdkYTNkNDgzMDI3YTAxZWRkY2QwZTQzNWU4Mjg1ZjFi
MWJiOWUwHhcNMjMwMTAxMTc1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGE0ZGVjMGJjZDUzODY0ODg5ZWM2MDNkODgzODE0YTVkNGEyM2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8QcX0ABOamqmzfUoZ7VU+9k4wZV
3bTzZxzcV7Af9gVDz1rUBTovcQSMp3WQZWWyL75pm6DSD4PzDUW70DIbNMU7oTr4
1BkcLfJlm25HjjjEsETQty13hj+ycDVovlFm6BAIcOMfC4i7ucaHTsDfoER68Te/
nQSmUuV8RB1mfRCNInebqaBJZvU73YkidSObuTO2MbER4NUayEFLuUH9Bayb1AZq
QiDuua9Hno+0FqApcGCLQs197xCBQ+p23R/jvYyDkaempYfwvqFhHeRGx9wq9hUD
ZTfrlXU+l5Se/Kn3r2mcluPMChCSH/UwmmEuCiHyVegiocuhA9SPOQ33CwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGSk3sC81ThkiJ7GA9iDgUpdSiPSMB8GA1UdIwQY
MBaAFIh32j1IMCegHt3NDkNegoXxsbueMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUhmYVBVZ3dKNkFlM2MwT1ExNkNoZkd4dTU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9jYjljNjYtZjdjYy00ZGUxLWJkYzEt
MmY1ZjRjNTUyNjJmLzEvWktUZXdMelZPR1NJbnNZRDJJT0JTbDFLSTlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9jYjljNjYtZjdjYy00ZGUxLWJkYzEtMmY1ZjRjNTUyNjJm
LzEvaUhmYVBVZ3dKNkFlM2MwT1ExNkNoZkd4dTU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCixzkAwQB
uSTSAwQCubhYAwQBvNbyMA0EAgACMAcDBQMqD1kAMA0GCSqGSIb3DQEBCwUAA4IB
AQAkYnbckB1yINc40fR4cNFkuNVJsFt2U9Sg4z4CHeO5V27rzAHkal/U0w8ILDad
OJ5aSAJajhTa0L66TE3m3ouW3lQmJr3VneFNbPJ2ecFkYkM2bNH24J9q7l8ekTjh
gqN1MoPe8Hfy/uqsaRX9EbsuhiK2iXmObiZeRqSpuYPiXJEDKNwXGUhiE19jQ+fo
ErbqVh3jlGbmYhU/b0pJpzYVOk0u4Y974kOVTegCNVNd7/5t5ZJQCW+PMN0jwl1L
WG++cVQFaTLnMjGUBTUCxVWsOoqd2jeGDAcTK2AQTl4INoBxJvm/hrEddFUxRzY6
IkCms1C0DBhn8ufD1ojThiWz
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:18:15 2024 by rpki-client on console.sobornost.net