Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/140105-e462-48d2-a58f-a57035792e57/1/J1zkz-i4U4IL3Js5zXmgvBxGad8.roa
File: J1zkz-i4U4IL3Js5zXmgvBxGad8.roa (raw, json)
Hash identifier: 2fRwvXCTKx+rdYSQIarcjgHFEaVL9bT4QVH4tx8eZj4=
Subject key identifier: 27:5C:E4:CF:E8:B8:53:82:0B:DC:9B:39:CD:79:A0:BC:1C:46:69:DF
Certificate issuer: /CN=70f5d9eeefa305aecaee31e6fcb4e22321b2804a
Certificate serial: 01903637A3C7030B0B34BDD5F654470D60FC
Authority key identifier: 70:F5:D9:EE:EF:A3:05:AE:CA:EE:31:E6:FC:B4:E2:23:21:B2:80:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPXZ7u-jBa7K7jHm_LTiIyGygEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/140105-e462-48d2-a58f-a57035792e57/1/J1zkz-i4U4IL3Js5zXmgvBxGad8.roa
Signing time: Thu 20 Jun 2024 15:15:34 +0000
ROA not before: Thu 20 Jun 2024 15:15:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48402
IP address blocks: 185.141.128.0/22 maxlen: 24
2a07:2400::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 12 Aug 2024 09:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:36:37:a3:c7:03:0b:0b:34:bd:d5:f6:54:47:0d:60:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70f5d9eeefa305aecaee31e6fcb4e22321b2804a
Validity
Not Before: Jun 20 15:15:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=275ce4cfe8b853820bdc9b39cd79a0bc1c4669df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:48:b8:2a:67:f2:48:6b:52:01:11:06:73:04:
05:0f:d5:77:a8:ab:89:38:ae:26:76:c1:6c:3a:5b:
b4:f7:65:6d:ba:f9:43:24:44:39:06:b0:f7:fc:28:
42:69:dc:f6:fc:51:3d:b5:1c:54:6f:5c:37:8a:14:
ee:ce:fd:d0:fe:56:cf:93:7f:17:36:5f:1c:e0:1d:
b3:4a:1d:22:15:e1:1e:68:de:b0:08:d6:7e:8e:ce:
55:5d:9b:32:3e:48:08:48:71:f6:77:db:cc:c3:b6:
e2:b4:51:2f:4f:30:39:7e:2c:d1:cf:92:5d:47:34:
df:b9:02:6b:78:26:ce:6d:95:7e:2e:88:db:18:0d:
e4:d5:2f:b5:cd:b0:24:66:8d:e3:ff:5c:4a:be:a9:
c5:42:ee:9b:5b:bd:4b:02:bb:ff:4d:97:b0:76:8f:
f0:50:77:d8:84:d3:0d:9e:ad:5f:1a:0d:fc:e7:4b:
3d:f0:37:23:b1:86:fd:fc:6f:10:d6:28:07:ca:0d:
ac:97:fb:5e:10:ca:ad:b9:c6:da:cd:01:8a:9f:03:
13:c2:29:aa:b0:06:4d:89:25:25:0b:82:b6:69:cb:
6d:dc:75:95:09:47:e1:8f:8b:82:a4:51:cc:33:c5:
6a:7e:52:35:0c:8e:7e:b5:6a:32:7a:e7:28:eb:56:
d9:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:5C:E4:CF:E8:B8:53:82:0B:DC:9B:39:CD:79:A0:BC:1C:46:69:DF
X509v3 Authority Key Identifier:
keyid:70:F5:D9:EE:EF:A3:05:AE:CA:EE:31:E6:FC:B4:E2:23:21:B2:80:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPXZ7u-jBa7K7jHm_LTiIyGygEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/140105-e462-48d2-a58f-a57035792e57/1/J1zkz-i4U4IL3Js5zXmgvBxGad8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/140105-e462-48d2-a58f-a57035792e57/1/cPXZ7u-jBa7K7jHm_LTiIyGygEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.128.0/22
IPv6:
2a07:2400::/29
Signature Algorithm: sha256WithRSAEncryption
53:e9:1d:57:e3:6e:8e:89:8e:01:f3:0e:61:74:ae:96:bd:9c:
cf:8c:e4:3a:82:25:9d:ea:db:f7:b1:e3:65:cc:ad:89:29:1b:
39:94:5e:bb:39:b5:5b:03:55:42:b1:30:f8:f1:3f:75:be:cd:
a7:7d:9f:aa:a1:07:2d:84:44:d5:c2:a6:71:98:04:48:09:4d:
96:31:88:c4:80:b4:25:24:d7:ab:f2:29:dc:c5:17:fc:05:d6:
47:88:40:75:54:e4:fa:9d:da:52:58:f7:83:73:38:3d:58:79:
51:63:1b:e5:9a:17:2e:56:79:02:b8:b9:5c:1c:e1:e9:0f:1a:
0a:1b:5a:cd:16:ae:30:29:53:2b:77:19:e9:53:15:3d:1f:8c:
e8:9e:b3:64:57:78:99:55:68:b1:ca:97:2d:a8:55:76:ee:8a:
3a:ce:e5:94:5d:f8:b4:69:d8:ab:f4:fb:6c:b5:e6:ec:24:3b:
23:ff:0f:b9:1b:4d:d8:72:d4:f4:8a:b1:ce:35:e2:48:1d:fd:
6f:86:aa:30:d8:35:50:a6:8d:c0:24:d6:6b:ef:f3:ed:a5:72:
8d:6e:1a:4a:7d:f5:8e:40:ed:34:a7:48:be:a8:7c:5f:07:e9:
18:06:5d:44:fd:a3:fe:e5:6a:06:92:60:07:5c:a4:5c:78:86:
68:2c:b5:fa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZA2N6PHAwsLNL3V9lRHDWD8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZjVkOWVlZWZhMzA1YWVjYWVlMzFlNmZjYjRlMjIzMjFi
MjgwNGEwHhcNMjQwNjIwMTUxNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzVjZTRjZmU4Yjg1MzgyMGJkYzliMzljZDc5YTBiYzFjNDY2OWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Ui4KmfySGtSAREGcwQFD9V3qKuJ
OK4mdsFsOlu092VtuvlDJEQ5BrD3/ChCadz2/FE9tRxUb1w3ihTuzv3Q/lbPk38X
Nl8c4B2zSh0iFeEeaN6wCNZ+js5VXZsyPkgISHH2d9vMw7bitFEvTzA5fizRz5Jd
RzTfuQJreCbObZV+LojbGA3k1S+1zbAkZo3j/1xKvqnFQu6bW71LArv/TZewdo/w
UHfYhNMNnq1fGg3850s98DcjsYb9/G8Q1igHyg2sl/teEMqtucbazQGKnwMTwimq
sAZNiSUlC4K2actt3HWVCUfhj4uCpFHMM8VqflI1DI5+tWoyeuco61bZjQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCdc5M/ouFOCC9ybOc15oLwcRmnfMB8GA1UdIwQY
MBaAFHD12e7vowWuyu4x5vy04iMhsoBKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1BYWjd1LWpCYTdLN2pIbV9MVGlJeUd5Z0VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8xNDAxMDUtZTQ2Mi00OGQyLWE1OGYt
YTU3MDM1NzkyZTU3LzEvSjF6a3otaTRVNElMM0pzNXpYbWd2QnhHYWQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8xNDAxMDUtZTQ2Mi00OGQyLWE1OGYtYTU3MDM1NzkyZTU3
LzEvY1BYWjd1LWpCYTdLN2pIbV9MVGlJeUd5Z0VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuY2AMA0E
AgACMAcDBQMqByQAMA0GCSqGSIb3DQEBCwUAA4IBAQBT6R1X426OiY4B8w5hdK6W
vZzPjOQ6giWd6tv3seNlzK2JKRs5lF67ObVbA1VCsTD48T91vs2nfZ+qoQcthETV
wqZxmARICU2WMYjEgLQlJNer8incxRf8BdZHiEB1VOT6ndpSWPeDczg9WHlRYxvl
mhcuVnkCuLlcHOHpDxoKG1rNFq4wKVMrdxnpUxU9H4zonrNkV3iZVWixypctqFV2
7oo6zuWUXfi0adir9PtstebsJDsj/w+5G03YctT0irHONeJIHf1vhqow2DVQpo3A
JNZr7/PtpXKNbhpKffWOQO00p0i+qHxfB+kYBl1E/aP+5WoGkmAHXKRceIZoLLX6
-----END CERTIFICATE-----
Generated at Mon Aug 12 10:21:00 2024 by rpki-client on console-fra.rpki-client.org