Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/3baacc-4201-4951-8354-f85f721fb1b8/1/ZCKkOWx_07UX8pk0hZ-72stJn0w.roa
File: ZCKkOWx_07UX8pk0hZ-72stJn0w.roa (raw, json)
Hash identifier: oqqAsQ64IQhHFi7uNhtgZCGVxEVPj6efoAvS6GT1OKc=
Subject key identifier: 64:22:A4:39:6C:7F:D3:B5:17:F2:99:34:85:9F:BB:DA:CB:49:9F:4C
Certificate issuer: /CN=88678ca34c3c6365fb616a66077160a494a6e9d6
Certificate serial: 018DC0C266C66B9C69D1DA13695F5FEAB94D
Authority key identifier: 88:67:8C:A3:4C:3C:63:65:FB:61:6A:66:07:71:60:A4:94:A6:E9:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iGeMo0w8Y2X7YWpmB3FgpJSm6dY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/3baacc-4201-4951-8354-f85f721fb1b8/1/ZCKkOWx_07UX8pk0hZ-72stJn0w.roa
Signing time: Mon 19 Feb 2024 09:46:22 +0000
ROA not before: Mon 19 Feb 2024 09:46:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20921
IP address blocks: 83.231.32.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 09:51:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c0:c2:66:c6:6b:9c:69:d1:da:13:69:5f:5f:ea:b9:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88678ca34c3c6365fb616a66077160a494a6e9d6
Validity
Not Before: Feb 19 09:46:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6422a4396c7fd3b517f29934859fbbdacb499f4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f1:d8:3a:4b:a0:8f:33:4c:ea:a2:ef:d3:da:
be:ad:f8:8c:1b:c7:33:b2:f2:b1:60:a0:89:39:c0:
a9:b4:ba:f9:66:6c:04:50:7a:f2:f4:f1:3a:bf:ae:
8b:f8:24:7e:e6:3c:ee:a3:2f:0a:d7:50:d4:17:95:
34:ef:d6:4c:63:8e:0b:03:43:39:22:7e:07:19:2a:
99:ce:8c:d1:65:1a:c6:cd:90:5a:37:35:d3:aa:65:
9f:34:f1:72:05:2c:86:a6:ed:9c:dc:0b:15:b9:7f:
ed:26:50:06:5e:53:d8:fe:27:3a:57:86:f2:37:18:
29:05:ec:10:69:43:94:e2:5d:7f:77:dc:98:b3:e3:
ee:87:c7:de:ee:b7:b3:a7:61:8b:69:fd:c2:49:08:
d9:67:b9:33:5b:c7:e1:4c:3b:08:25:80:1c:41:89:
04:45:2c:4c:ab:d5:f3:6d:d6:a1:cc:47:8c:a4:17:
b8:3c:88:95:11:2b:bb:5b:c1:2a:b0:76:9e:aa:71:
f1:c8:c6:1c:70:db:0b:c5:a4:51:46:58:84:b4:8a:
af:19:f8:4a:b3:b6:09:02:c4:d3:ad:4d:a8:77:83:
08:b4:8f:5a:3f:10:ac:63:53:db:69:21:49:34:cb:
88:6c:10:09:69:24:05:63:1f:2c:98:53:92:48:f5:
f3:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:22:A4:39:6C:7F:D3:B5:17:F2:99:34:85:9F:BB:DA:CB:49:9F:4C
X509v3 Authority Key Identifier:
keyid:88:67:8C:A3:4C:3C:63:65:FB:61:6A:66:07:71:60:A4:94:A6:E9:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iGeMo0w8Y2X7YWpmB3FgpJSm6dY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3baacc-4201-4951-8354-f85f721fb1b8/1/ZCKkOWx_07UX8pk0hZ-72stJn0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3baacc-4201-4951-8354-f85f721fb1b8/1/iGeMo0w8Y2X7YWpmB3FgpJSm6dY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.231.32.0/23
Signature Algorithm: sha256WithRSAEncryption
43:b1:36:e2:a8:5e:4d:dc:0b:f6:6e:0c:04:30:fd:61:76:e0:
83:8d:00:aa:e8:3e:42:0c:d5:53:c4:17:03:41:d7:45:88:b6:
3b:a8:59:ff:7b:48:ec:c1:bb:b7:6e:95:2a:20:e3:0e:96:a2:
31:86:3e:c8:09:08:ac:c7:21:a0:f2:17:08:2d:fd:1e:26:5b:
dc:27:0c:dd:cd:b9:03:43:9e:b1:42:9a:75:b7:68:ec:bf:6a:
37:77:51:61:d1:d3:cc:49:41:17:bc:e9:16:6e:54:51:e2:1e:
08:92:9d:b7:b9:be:68:3e:18:c1:14:f5:37:2e:53:fb:69:bc:
1a:28:d7:ac:62:6d:be:1a:52:99:cd:94:ec:b8:6b:2e:65:53:
92:f6:11:a2:63:f9:05:a4:e5:27:c8:13:29:b5:aa:44:f0:9c:
65:c8:b9:8e:8f:f7:ab:22:ff:b0:84:a8:89:4e:b2:aa:79:c2:
c2:7c:fd:1f:0b:d7:d1:f5:7c:18:5c:c1:48:08:4f:99:5d:4b:
a4:14:6f:01:36:bb:a8:d2:a1:d6:ff:d8:59:f9:d7:5d:e3:86:
04:f7:91:98:3b:b7:7e:e0:84:93:05:62:05:8a:74:9c:e3:7a:
38:3e:2a:4b:b6:7d:5d:cf:f0:63:08:d4:3b:20:56:35:46:fb:
f0:c6:6f:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3AwmbGa5xp0doTaV9f6rlNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4Njc4Y2EzNGMzYzYzNjVmYjYxNmE2NjA3NzE2MGE0OTRh
NmU5ZDYwHhcNMjQwMjE5MDk0NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDIyYTQzOTZjN2ZkM2I1MTdmMjk5MzQ4NTlmYmJkYWNiNDk5ZjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfHYOkugjzNM6qLv09q+rfiMG8cz
svKxYKCJOcCptLr5ZmwEUHry9PE6v66L+CR+5jzuoy8K11DUF5U079ZMY44LA0M5
In4HGSqZzozRZRrGzZBaNzXTqmWfNPFyBSyGpu2c3AsVuX/tJlAGXlPY/ic6V4by
NxgpBewQaUOU4l1/d9yYs+Puh8fe7rezp2GLaf3CSQjZZ7kzW8fhTDsIJYAcQYkE
RSxMq9XzbdahzEeMpBe4PIiVESu7W8EqsHaeqnHxyMYccNsLxaRRRliEtIqvGfhK
s7YJAsTTrU2od4MItI9aPxCsY1PbaSFJNMuIbBAJaSQFYx8smFOSSPXz4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGQipDlsf9O1F/KZNIWfu9rLSZ9MMB8GA1UdIwQY
MBaAFIhnjKNMPGNl+2FqZgdxYKSUpunWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUdlTW8wdzhZMlg3WVdwbUIzRmdwSlNtNmRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zYmFhY2MtNDIwMS00OTUxLTgzNTQt
Zjg1ZjcyMWZiMWI4LzEvWkNLa09XeF8wN1VYOHBrMGhaLTcyc3RKbjB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8zYmFhY2MtNDIwMS00OTUxLTgzNTQtZjg1ZjcyMWZiMWI4
LzEvaUdlTW8wdzhZMlg3WVdwbUIzRmdwSlNtNmRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBU+cgMA0G
CSqGSIb3DQEBCwUAA4IBAQBDsTbiqF5N3Av2bgwEMP1hduCDjQCq6D5CDNVTxBcD
QddFiLY7qFn/e0jswbu3bpUqIOMOlqIxhj7ICQisxyGg8hcILf0eJlvcJwzdzbkD
Q56xQpp1t2jsv2o3d1Fh0dPMSUEXvOkWblRR4h4Ikp23ub5oPhjBFPU3LlP7abwa
KNesYm2+GlKZzZTsuGsuZVOS9hGiY/kFpOUnyBMptapE8JxlyLmOj/erIv+whKiJ
TrKqecLCfP0fC9fR9XwYXMFICE+ZXUukFG8BNruo0qHW/9hZ+ddd44YE95GYO7d+
4ISTBWIFinSc43o4PipLtn1dz/BjCNQ7IFY1Rvvwxm8D
-----END CERTIFICATE-----
Generated at Tue Apr 29 05:21:45 2025 by rpki-client