Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/03a3bf-0cfc-430a-985d-28e773db91c2/1/ZHZxExArhqZvHmPR3KaC38DWpok.roa
File: ZHZxExArhqZvHmPR3KaC38DWpok.roa (raw, json)
Hash identifier: cJp7UQr7CI2g/9uNP2Nr8IUbUKOHQP09ju+q1npC2+Q=
Subject key identifier: 64:76:71:13:10:2B:86:A6:6F:1E:63:D1:DC:A6:82:DF:C0:D6:A6:89
Certificate issuer: /CN=e08945d1fc7b470e6873655f7559300e097a65e8
Certificate serial: 01857246AEFA967C0B21C6BD75A8070759E9
Authority key identifier: E0:89:45:D1:FC:7B:47:0E:68:73:65:5F:75:59:30:0E:09:7A:65:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4IlF0fx7Rw5oc2VfdVkwDgl6Zeg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/03a3bf-0cfc-430a-985d-28e773db91c2/1/ZHZxExArhqZvHmPR3KaC38DWpok.roa
Signing time: Mon 02 Jan 2023 11:38:33 +0000
ROA not before: Mon 02 Jan 2023 11:38:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201959
IP address blocks: 185.58.64.0/22 maxlen: 22
2a04:df40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:ae:fa:96:7c:0b:21:c6:bd:75:a8:07:07:59:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e08945d1fc7b470e6873655f7559300e097a65e8
Validity
Not Before: Jan 2 11:38:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64767113102b86a66f1e63d1dca682dfc0d6a689
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ea:31:cb:69:47:a2:d7:d9:9b:cd:d4:1a:47:
0a:07:e3:ea:2b:9f:b9:14:40:64:96:a3:fd:dc:3d:
42:87:3b:5a:74:eb:4a:31:98:c3:62:95:11:f1:d8:
a4:0c:db:27:d9:24:75:2d:22:fa:dc:22:ee:cc:3a:
dd:c8:be:f9:53:47:17:4c:48:23:55:77:f3:a1:8f:
27:db:7f:50:04:b5:8a:e4:72:f9:fc:ae:46:cd:c1:
40:1b:f9:10:d7:a0:85:1b:28:6a:0e:5d:77:6c:19:
17:bc:6d:73:93:3c:5b:f3:94:9d:7e:e5:ce:75:aa:
66:f7:87:c8:80:71:1e:2c:e8:96:7b:37:3e:30:e3:
e1:b8:07:27:ed:7b:a0:10:ba:d9:ab:9d:40:d7:f6:
15:b7:fc:53:b2:dc:05:54:84:77:c2:1d:be:f6:50:
48:86:8c:e5:76:f9:35:b5:b1:67:a9:25:7d:e0:be:
52:55:35:db:5b:7e:b2:02:b5:01:fc:9e:aa:44:ab:
44:a3:3a:48:dd:52:1a:54:96:9d:a4:d9:3c:80:9d:
93:f3:f3:d2:fa:80:7c:57:8d:9f:a6:51:32:e3:fd:
38:e2:df:30:2e:12:11:8a:85:5c:54:8c:c1:4a:b9:
61:b3:bd:f1:77:22:9a:bb:e9:2d:a8:0a:cf:f6:78:
f5:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:76:71:13:10:2B:86:A6:6F:1E:63:D1:DC:A6:82:DF:C0:D6:A6:89
X509v3 Authority Key Identifier:
keyid:E0:89:45:D1:FC:7B:47:0E:68:73:65:5F:75:59:30:0E:09:7A:65:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4IlF0fx7Rw5oc2VfdVkwDgl6Zeg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/03a3bf-0cfc-430a-985d-28e773db91c2/1/ZHZxExArhqZvHmPR3KaC38DWpok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/03a3bf-0cfc-430a-985d-28e773db91c2/1/4IlF0fx7Rw5oc2VfdVkwDgl6Zeg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.58.64.0/22
IPv6:
2a04:df40::/29
Signature Algorithm: sha256WithRSAEncryption
25:2d:c4:fc:d9:86:ac:2a:5d:35:6c:e7:11:70:bf:0f:f5:5e:
ab:34:82:6d:35:b7:da:ff:77:54:54:0b:51:96:78:12:4e:46:
fd:af:8b:a2:29:2e:99:2f:42:e7:cb:55:12:ed:f4:fb:18:80:
81:df:cd:76:ee:ec:25:16:80:57:d5:2c:5c:31:c5:ac:ca:a9:
49:04:41:2a:5b:dd:ee:c2:68:c6:1c:4e:0f:93:bb:f1:5b:a1:
79:a1:bc:cb:92:9c:77:cf:de:bc:d7:08:9a:7c:40:00:88:07:
c8:e1:f6:67:f3:fa:ce:0a:79:ad:1b:92:81:a2:30:3b:67:60:
e2:77:bb:e0:93:d7:bd:3c:f3:67:92:cf:c0:1d:37:a0:1e:9e:
e2:6c:85:e8:79:53:20:f8:50:9f:4d:28:c2:c9:31:f2:3d:6c:
23:22:a3:b7:c2:1e:b5:2f:cf:6d:c0:ba:b9:30:79:7b:78:a4:
72:f1:60:8e:d0:8e:6a:8b:0f:72:24:8f:22:60:b8:aa:6f:37:
d4:a5:e8:62:4b:7f:8e:78:2b:1f:b7:c6:01:fb:ed:7b:52:f4:
b4:25:a4:73:53:6b:23:7e:ba:f4:a1:9b:e2:fe:60:33:44:bf:
cb:cb:4a:2c:fa:46:ca:40:e0:55:48:47:8e:a2:1f:09:c6:c1:
12:fb:8c:d6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyRq76lnwLIca9dagHB1npMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwODk0NWQxZmM3YjQ3MGU2ODczNjU1Zjc1NTkzMDBlMDk3
YTY1ZTgwHhcNMjMwMTAyMTEzODMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDc2NzExMzEwMmI4NmE2NmYxZTYzZDFkY2E2ODJkZmMwZDZhNjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleoxy2lHotfZm83UGkcKB+PqK5+5
FEBklqP93D1ChztadOtKMZjDYpUR8dikDNsn2SR1LSL63CLuzDrdyL75U0cXTEgj
VXfzoY8n239QBLWK5HL5/K5GzcFAG/kQ16CFGyhqDl13bBkXvG1zkzxb85SdfuXO
dapm94fIgHEeLOiWezc+MOPhuAcn7XugELrZq51A1/YVt/xTstwFVIR3wh2+9lBI
hozldvk1tbFnqSV94L5SVTXbW36yArUB/J6qRKtEozpI3VIaVJadpNk8gJ2T8/PS
+oB8V42fplEy4/044t8wLhIRioVcVIzBSrlhs73xdyKau+ktqArP9nj1vQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGR2cRMQK4ambx5j0dymgt/A1qaJMB8GA1UdIwQY
MBaAFOCJRdH8e0cOaHNlX3VZMA4JemXoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNElsRjBmeDdSdzVvYzJWZmRWa3dEZ2w2WmVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC8wM2EzYmYtMGNmYy00MzBhLTk4NWQt
MjhlNzczZGI5MWMyLzEvWkhaeEV4QXJocVp2SG1QUjNLYUMzOERXcG9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC8wM2EzYmYtMGNmYy00MzBhLTk4NWQtMjhlNzczZGI5MWMy
LzEvNElsRjBmeDdSdzVvYzJWZmRWa3dEZ2w2WmVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTpAMA0E
AgACMAcDBQMqBN9AMA0GCSqGSIb3DQEBCwUAA4IBAQAlLcT82YasKl01bOcRcL8P
9V6rNIJtNbfa/3dUVAtRlngSTkb9r4uiKS6ZL0Lny1US7fT7GICB38127uwlFoBX
1SxcMcWsyqlJBEEqW93uwmjGHE4Pk7vxW6F5obzLkpx3z9681wiafEAAiAfI4fZn
8/rOCnmtG5KBojA7Z2Did7vgk9e9PPNnks/AHTegHp7ibIXoeVMg+FCfTSjCyTHy
PWwjIqO3wh61L89twLq5MHl7eKRy8WCO0I5qiw9yJI8iYLiqbzfUpehiS3+OeCsf
t8YB++17UvS0JaRzU2sjfrr0oZvi/mAzRL/Ly0os+kbKQOBVSEeOoh8JxsES+4zW
-----END CERTIFICATE-----
Generated at Mon Jan 1 07:05:10 2024 by rpki-client on console.sobornost.net