Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/36362a-d91c-4ad4-92c7-1d2513308d21/1/ZK-ftVR7C1cupoysXjLfQaeTElQ.roa
File: ZK-ftVR7C1cupoysXjLfQaeTElQ.roa (raw, json)
Hash identifier: bhISXt5h1DzraH+CQOcN2Dy2pT4/TiNk+vlZgQV6qMk=
Subject key identifier: 64:AF:9F:B5:54:7B:0B:57:2E:A6:8C:AC:5E:32:DF:41:A7:93:12:54
Certificate issuer: /CN=fc9be4ed4e54b601e6b6a42d0ba04cfb7ab2c3bf
Certificate serial: 018CC8715C213436CA90EC53BF1EFEAD6C8B
Authority key identifier: FC:9B:E4:ED:4E:54:B6:01:E6:B6:A4:2D:0B:A0:4C:FB:7A:B2:C3:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Jvk7U5UtgHmtqQtC6BM-3qyw78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/36362a-d91c-4ad4-92c7-1d2513308d21/1/ZK-ftVR7C1cupoysXjLfQaeTElQ.roa
Signing time: Tue 02 Jan 2024 04:32:01 +0000
ROA not before: Tue 02 Jan 2024 04:32:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49801
IP address blocks: 185.166.106.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 24 Mar 2024 19:54:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:5c:21:34:36:ca:90:ec:53:bf:1e:fe:ad:6c:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc9be4ed4e54b601e6b6a42d0ba04cfb7ab2c3bf
Validity
Not Before: Jan 2 04:32:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64af9fb5547b0b572ea68cac5e32df41a7931254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:1c:b1:2e:a4:54:f2:16:0f:36:83:f2:aa:0d:
d0:43:ec:fb:14:46:0c:07:d0:fa:53:7c:67:da:7d:
24:cf:59:cd:f8:69:16:57:01:6e:c8:59:a9:ca:0f:
93:c6:cd:d2:0f:d1:98:79:ee:cc:98:be:52:26:28:
b7:e9:b5:9c:4b:c1:53:2c:01:02:c3:59:d8:29:2e:
27:eb:f2:69:33:e9:5e:30:75:b7:0d:4d:ea:9b:4e:
99:b6:4d:eb:80:81:64:d2:af:d9:c0:f2:83:58:4e:
89:4f:d4:1f:c1:2b:77:44:ab:1d:ea:0c:9f:a2:58:
b3:d9:8e:c5:14:92:a8:4b:2f:4f:1d:49:0b:e7:fc:
d3:db:41:fd:1b:7a:65:cf:cd:96:9b:89:b6:9e:f8:
4a:29:81:21:d7:92:a1:3f:1c:d8:69:02:f1:25:6f:
2a:df:00:a4:2c:62:2d:c1:a1:6b:5e:78:5f:56:53:
f1:ad:80:fe:e8:b5:6f:0f:dd:6d:4f:c0:f3:3c:20:
b8:ff:cf:a5:5b:75:8a:7c:2c:6f:f9:15:fe:78:5a:
01:7e:5f:99:41:76:a0:94:91:7a:b3:92:ac:39:1b:
a4:51:bb:ab:21:42:2d:59:e4:0b:c7:23:17:0a:e5:
d6:e3:09:50:6a:96:93:7c:a6:d8:32:c2:47:a0:e1:
7f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:AF:9F:B5:54:7B:0B:57:2E:A6:8C:AC:5E:32:DF:41:A7:93:12:54
X509v3 Authority Key Identifier:
keyid:FC:9B:E4:ED:4E:54:B6:01:E6:B6:A4:2D:0B:A0:4C:FB:7A:B2:C3:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Jvk7U5UtgHmtqQtC6BM-3qyw78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/36362a-d91c-4ad4-92c7-1d2513308d21/1/ZK-ftVR7C1cupoysXjLfQaeTElQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/36362a-d91c-4ad4-92c7-1d2513308d21/1/_Jvk7U5UtgHmtqQtC6BM-3qyw78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.106.0/24
Signature Algorithm: sha256WithRSAEncryption
70:95:47:13:f1:12:25:03:e0:2a:78:18:5f:6b:d0:c9:dd:72:
95:ef:f1:38:72:ff:b3:11:ba:9d:a2:f9:9f:34:2f:9b:ab:31:
80:94:0a:7b:e8:54:b7:37:be:50:c6:a0:0f:8c:e0:24:0c:4a:
a6:e3:89:a5:8d:f7:15:41:e9:b8:6b:c9:00:4e:13:80:39:20:
78:05:c5:3a:f3:8e:23:09:ac:bc:af:a4:79:bc:0d:18:49:cf:
a3:f3:77:34:34:88:5b:d4:44:6c:80:34:e0:a7:0f:9d:b3:b0:
99:a6:fc:64:39:dc:b9:77:df:27:70:54:f7:09:cf:c6:3e:a6:
55:31:e7:3d:1a:c1:9c:f6:07:ad:40:1a:c8:ff:1f:06:c2:c7:
06:98:93:f3:0c:b8:3a:43:3b:a4:17:66:21:f6:13:63:e8:2e:
60:20:06:35:49:7d:3f:d0:b6:c2:9d:5e:15:d2:bb:16:c8:1d:
9c:74:19:f8:d8:92:57:40:ba:08:12:b9:81:70:4e:6c:78:f6:
b7:9b:d6:3e:fd:09:6d:41:b4:8c:1b:c4:be:4e:ae:33:10:9a:
61:ff:79:e0:fe:af:a3:44:37:f9:b1:18:71:86:36:12:a3:bc:
44:de:4c:b5:32:c2:11:bc:fc:e5:6b:95:73:ee:49:d1:e8:9b:
f1:c6:5c:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcVwhNDbKkOxTvx7+rWyLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjOWJlNGVkNGU1NGI2MDFlNmI2YTQyZDBiYTA0Y2ZiN2Fi
MmMzYmYwHhcNMjQwMTAyMDQzMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGFmOWZiNTU0N2IwYjU3MmVhNjhjYWM1ZTMyZGY0MWE3OTMxMjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRyxLqRU8hYPNoPyqg3QQ+z7FEYM
B9D6U3xn2n0kz1nN+GkWVwFuyFmpyg+Txs3SD9GYee7MmL5SJii36bWcS8FTLAEC
w1nYKS4n6/JpM+leMHW3DU3qm06Ztk3rgIFk0q/ZwPKDWE6JT9QfwSt3RKsd6gyf
oliz2Y7FFJKoSy9PHUkL5/zT20H9G3plz82Wm4m2nvhKKYEh15KhPxzYaQLxJW8q
3wCkLGItwaFrXnhfVlPxrYD+6LVvD91tT8DzPCC4/8+lW3WKfCxv+RX+eFoBfl+Z
QXaglJF6s5KsORukUburIUItWeQLxyMXCuXW4wlQapaTfKbYMsJHoOF/JwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGSvn7VUewtXLqaMrF4y30GnkxJUMB8GA1UdIwQY
MBaAFPyb5O1OVLYB5rakLQugTPt6ssO/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0p2azdVNVV0Z0htdHFRdEM2Qk0tM3F5dzc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8zNjM2MmEtZDkxYy00YWQ0LTkyYzct
MWQyNTEzMzA4ZDIxLzEvWkstZnRWUjdDMWN1cG95c1hqTGZRYWVURWxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8zNjM2MmEtZDkxYy00YWQ0LTkyYzctMWQyNTEzMzA4ZDIx
LzEvX0p2azdVNVV0Z0htdHFRdEM2Qk0tM3F5dzc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaZqMA0G
CSqGSIb3DQEBCwUAA4IBAQBwlUcT8RIlA+AqeBhfa9DJ3XKV7/E4cv+zEbqdovmf
NC+bqzGAlAp76FS3N75QxqAPjOAkDEqm44mljfcVQem4a8kAThOAOSB4BcU6844j
Cay8r6R5vA0YSc+j83c0NIhb1ERsgDTgpw+ds7CZpvxkOdy5d98ncFT3Cc/GPqZV
Mec9GsGc9getQBrI/x8GwscGmJPzDLg6QzukF2Yh9hNj6C5gIAY1SX0/0LbCnV4V
0rsWyB2cdBn42JJXQLoIErmBcE5sePa3m9Y+/QltQbSMG8S+Tq4zEJph/3ng/q+j
RDf5sRhxhjYSo7xE3ky1MsIRvPzla5Vz7knR6Jvxxlx1
-----END CERTIFICATE-----
Generated at Sun Mar 24 21:55:46 2024 by rpki-client on console.sobornost.net