Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/ZL2FcGX4lQZC7PBb-o4BkfYj5GI.roa
File: ZL2FcGX4lQZC7PBb-o4BkfYj5GI.roa (raw, json)
Hash identifier: +tfX/Ia82dI68VqOxXbdUHfRXh6YCfdxRWBwB+3swyo=
Subject key identifier: 64:BD:85:70:65:F8:95:06:42:EC:F0:5B:FA:8E:01:91:F6:23:E4:62
Certificate issuer: /CN=712f9cb3c298b150beb79080376f74bdeac438ac
Certificate serial: 01856B258DC1C0AE7C461AB12C35DB74FBB3
Authority key identifier: 71:2F:9C:B3:C2:98:B1:50:BE:B7:90:80:37:6F:74:BD:EA:C4:38:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cS-cs8KYsVC-t5CAN290verEOKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/ZL2FcGX4lQZC7PBb-o4BkfYj5GI.roa
Signing time: Sun 01 Jan 2023 02:25:01 +0000
ROA not before: Sun 01 Jan 2023 02:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203433
IP address blocks: 185.22.131.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:25:8d:c1:c0:ae:7c:46:1a:b1:2c:35:db:74:fb:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=712f9cb3c298b150beb79080376f74bdeac438ac
Validity
Not Before: Jan 1 02:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64bd857065f8950642ecf05bfa8e0191f623e462
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:2c:ae:1e:c3:fe:3a:d8:2d:e9:f3:4b:a1:b1:
59:17:09:89:f3:f4:68:ee:b8:41:ad:18:e1:a5:37:
02:9a:94:d8:e0:90:5c:91:89:08:cb:b7:93:9b:d2:
66:55:c1:00:38:ef:0a:fd:b0:33:8a:4b:b4:c0:36:
63:c9:31:cb:26:cc:4f:17:f7:89:31:a5:50:1b:9e:
e3:b7:aa:bd:5d:48:28:39:4a:bf:bc:4a:2d:6d:e6:
ce:9e:b0:ed:bd:be:41:d6:05:64:e0:e9:b8:db:a7:
85:67:15:80:65:70:d4:69:55:f5:ea:14:a6:5e:d3:
ed:ba:88:ee:d6:5a:1f:d7:28:58:6a:a4:db:15:18:
26:64:e7:3f:fd:63:bd:6e:18:22:9e:5b:5c:56:16:
2c:b1:ff:b6:4c:d6:fe:48:69:de:68:99:fd:36:94:
77:2c:2d:a4:37:5e:28:ff:58:21:33:1f:bb:1b:de:
c3:a3:37:45:21:f5:cd:ba:62:84:bf:66:54:96:d0:
e0:b4:d3:9b:03:e0:1d:e3:61:a0:d2:83:01:00:ad:
d6:38:a3:b3:62:27:02:29:a7:a7:97:93:bf:94:90:
e2:43:57:42:fe:01:4b:a1:34:dd:27:e9:b6:04:64:
34:18:42:cd:b1:fc:c3:11:a1:f0:6c:6a:da:89:23:
06:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:BD:85:70:65:F8:95:06:42:EC:F0:5B:FA:8E:01:91:F6:23:E4:62
X509v3 Authority Key Identifier:
keyid:71:2F:9C:B3:C2:98:B1:50:BE:B7:90:80:37:6F:74:BD:EA:C4:38:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cS-cs8KYsVC-t5CAN290verEOKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/ZL2FcGX4lQZC7PBb-o4BkfYj5GI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/cS-cs8KYsVC-t5CAN290verEOKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.131.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:17:83:cf:fc:76:37:3b:30:23:90:7b:4e:d5:53:7f:b8:af:
82:b4:2a:6c:4e:6e:25:b6:8d:92:64:b1:75:1f:92:54:03:96:
d9:3d:f6:0a:16:0e:52:b3:eb:3f:33:fa:86:4d:ae:6d:c0:64:
ff:34:68:d1:98:0d:32:fe:5d:59:f1:78:bc:c6:a1:4b:30:28:
f3:61:38:49:6c:12:4d:be:a0:7e:e4:d6:f5:d1:b2:de:a0:4a:
9c:1b:cf:9f:78:9d:01:0b:77:8a:89:ca:1e:3f:1b:dd:a1:ce:
c8:cd:58:d4:db:f8:26:74:b3:2d:c2:4f:19:2c:13:be:64:f9:
54:c1:cc:f3:86:b9:60:69:64:dc:57:8e:ed:91:25:16:d7:aa:
8a:57:1e:11:67:ba:75:00:06:ce:b7:8c:2d:bb:e2:96:1d:0e:
41:49:4e:71:fc:d3:a4:b2:07:8e:ce:db:cc:cd:2b:3d:6a:31:
24:20:a7:44:0d:2a:9d:e1:03:94:ca:a8:3a:5a:ef:8a:6a:7c:
af:1a:b3:1c:36:81:ee:7f:9b:69:ae:c6:2f:49:1e:ca:06:e3:
fc:e5:b1:ba:48:50:c0:1a:23:ea:5e:bf:d0:7c:4d:97:52:e4:
e7:52:c7:63:b6:49:53:d6:f2:80:e7:e6:28:61:54:39:c1:0b:
48:02:e6:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrJY3BwK58RhqxLDXbdPuzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMmY5Y2IzYzI5OGIxNTBiZWI3OTA4MDM3NmY3NGJkZWFj
NDM4YWMwHhcNMjMwMTAxMDIyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGJkODU3MDY1Zjg5NTA2NDJlY2YwNWJmYThlMDE5MWY2MjNlNDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSyuHsP+Otgt6fNLobFZFwmJ8/Ro
7rhBrRjhpTcCmpTY4JBckYkIy7eTm9JmVcEAOO8K/bAziku0wDZjyTHLJsxPF/eJ
MaVQG57jt6q9XUgoOUq/vEotbebOnrDtvb5B1gVk4Om426eFZxWAZXDUaVX16hSm
XtPtuoju1lof1yhYaqTbFRgmZOc//WO9bhginltcVhYssf+2TNb+SGneaJn9NpR3
LC2kN14o/1ghMx+7G97DozdFIfXNumKEv2ZUltDgtNObA+Ad42Gg0oMBAK3WOKOz
YicCKaenl5O/lJDiQ1dC/gFLoTTdJ+m2BGQ0GELNsfzDEaHwbGraiSMGdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGS9hXBl+JUGQuzwW/qOAZH2I+RiMB8GA1UdIwQY
MBaAFHEvnLPCmLFQvreQgDdvdL3qxDisMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1MtY3M4S1lzVkMtdDVDQU4yOTB2ZXJFT0t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9lMmUxMTktZmQ3OC00YjFhLWIxNmEt
OTg3ZGE0MzkyMDU2LzEvWkwyRmNHWDRsUVpDN1BCYi1vNEJrZllqNUdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9lMmUxMTktZmQ3OC00YjFhLWIxNmEtOTg3ZGE0MzkyMDU2
LzEvY1MtY3M4S1lzVkMtdDVDQU4yOTB2ZXJFT0t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRaDMA0G
CSqGSIb3DQEBCwUAA4IBAQCKF4PP/HY3OzAjkHtO1VN/uK+CtCpsTm4lto2SZLF1
H5JUA5bZPfYKFg5Ss+s/M/qGTa5twGT/NGjRmA0y/l1Z8Xi8xqFLMCjzYThJbBJN
vqB+5Nb10bLeoEqcG8+feJ0BC3eKicoePxvdoc7IzVjU2/gmdLMtwk8ZLBO+ZPlU
wczzhrlgaWTcV47tkSUW16qKVx4RZ7p1AAbOt4wtu+KWHQ5BSU5x/NOksgeOztvM
zSs9ajEkIKdEDSqd4QOUyqg6Wu+KanyvGrMcNoHuf5tprsYvSR7KBuP85bG6SFDA
GiPqXr/QfE2XUuTnUsdjtklT1vKA5+YoYVQ5wQtIAuZx
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:31:00 2024 by rpki-client on console.sobornost.net