Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/szyH3pyX8F-AcXw191r-0RgaCDw.roa
File: szyH3pyX8F-AcXw191r-0RgaCDw.roa (raw, json)
Hash identifier: Zb4bj/DShHF+xC9QtAlLuPAe5Z6y/78n1F1aZjv2n7c=
Subject key identifier: B3:3C:87:DE:9C:97:F0:5F:80:71:7C:35:F7:5A:FE:D1:18:1A:08:3C
Certificate issuer: /CN=c5a7c3f4b14693512202595a8a4f95b0d6b7a101
Certificate serial: 0185718C1DCDEE94D62D6E712D9AAECCCDE5
Authority key identifier: C5:A7:C3:F4:B1:46:93:51:22:02:59:5A:8A:4F:95:B0:D6:B7:A1:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/szyH3pyX8F-AcXw191r-0RgaCDw.roa
Signing time: Mon 02 Jan 2023 08:14:46 +0000
ROA not before: Mon 02 Jan 2023 08:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2200
IP address blocks: 134.158.159.0/24 maxlen: 24
134.158.72.0/23 maxlen: 23
134.158.78.0/24 maxlen: 24
134.158.195.0/24 maxlen: 24
134.158.120.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:1d:cd:ee:94:d6:2d:6e:71:2d:9a:ae:cc:cd:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5a7c3f4b14693512202595a8a4f95b0d6b7a101
Validity
Not Before: Jan 2 08:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b33c87de9c97f05f80717c35f75afed1181a083c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:51:a3:76:3d:66:ea:6a:8b:9e:57:aa:d3:64:
25:d6:60:3d:8c:24:6f:5d:c9:9f:e4:0c:e9:3e:b3:
0f:f3:ad:5b:7c:46:16:79:c5:3d:f3:8e:f4:fb:e2:
91:83:ab:fe:e0:d9:fb:ad:2b:fb:53:00:97:14:09:
25:b9:bc:78:53:df:2c:a5:e2:ea:be:2a:e3:08:bd:
8f:68:a3:94:74:d9:86:17:00:2b:cb:ad:ff:e2:86:
09:8c:b5:54:09:f2:a6:c0:11:db:bd:cc:47:06:2a:
b7:cd:e9:dc:57:69:0e:eb:07:54:49:3b:48:b8:e7:
b5:7d:83:1f:c9:0b:27:6b:91:03:ab:fc:14:a2:10:
e6:81:0b:ee:58:f9:66:cf:6d:54:1a:e4:a2:0a:7c:
da:14:21:5c:29:7f:71:60:c8:5e:b1:b1:48:c9:0b:
8c:ce:86:a8:c1:c1:17:b3:99:16:3c:6c:a5:e1:f6:
57:56:50:fa:32:2d:4f:23:e4:33:03:2d:44:d8:c2:
3c:13:8e:5e:6a:f2:7e:fa:a4:24:0d:31:dd:13:43:
70:06:d8:20:eb:9c:81:56:74:12:7b:75:a5:bd:c3:
be:27:f5:8f:d1:ff:7a:d1:5b:76:18:f3:8d:c4:05:
08:6d:eb:78:5c:c3:01:14:26:35:0e:81:47:7e:e4:
b5:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:3C:87:DE:9C:97:F0:5F:80:71:7C:35:F7:5A:FE:D1:18:1A:08:3C
X509v3 Authority Key Identifier:
keyid:C5:A7:C3:F4:B1:46:93:51:22:02:59:5A:8A:4F:95:B0:D6:B7:A1:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/szyH3pyX8F-AcXw191r-0RgaCDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.158.72.0/23
134.158.78.0/24
134.158.120.0/21
134.158.159.0/24
134.158.195.0/24
Signature Algorithm: sha256WithRSAEncryption
42:10:62:b4:16:57:2a:98:35:b4:37:14:dd:cc:74:aa:83:8f:
71:19:82:ff:6f:5c:08:6a:4a:8e:21:cf:31:78:06:9c:3c:86:
06:10:0b:55:dd:97:dd:be:5d:0e:3b:be:c5:03:0e:be:56:cb:
ad:23:c9:c1:50:7c:61:6d:bd:3d:ad:76:47:a6:e1:df:4d:14:
66:e9:3d:91:78:2f:49:fa:31:06:4d:18:6f:78:48:e2:93:2a:
94:73:c7:8d:a7:20:b8:41:74:d4:19:80:0e:73:0c:9f:22:0b:
cc:17:ba:de:65:8a:1c:cc:7f:b6:da:9f:5b:3a:f4:15:6d:96:
fa:67:32:e4:8f:bf:18:a7:5b:58:0f:42:f8:23:f3:03:c9:9b:
61:30:c5:24:16:1b:e8:f7:5e:1d:b7:60:7a:8c:6e:ec:d8:3c:
99:cf:e4:15:de:51:e1:54:45:12:16:cc:17:f1:8b:14:62:3b:
c9:11:50:9d:6b:93:d2:14:46:4c:1e:f2:07:21:6d:df:98:d3:
b1:50:7e:5d:95:3d:3c:84:18:80:ba:1a:0e:41:7d:51:b0:ea:
48:d7:f2:3a:d5:ed:8f:54:71:49:95:54:da:44:e3:fd:c3:43:
90:58:3f:75:28:b3:16:38:fd:cf:1b:4f:52:8f:53:07:86:84:
f0:6f:af:12
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVxjB3N7pTWLW5xLZquzM3lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTdjM2Y0YjE0NjkzNTEyMjAyNTk1YThhNGY5NWIwZDZi
N2ExMDEwHhcNMjMwMTAyMDgxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzNjODdkZTljOTdmMDVmODA3MTdjMzVmNzVhZmVkMTE4MWEwODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVGjdj1m6mqLnleq02Ql1mA9jCRv
Xcmf5AzpPrMP861bfEYWecU98470++KRg6v+4Nn7rSv7UwCXFAklubx4U98speLq
virjCL2PaKOUdNmGFwAry63/4oYJjLVUCfKmwBHbvcxHBiq3zencV2kO6wdUSTtI
uOe1fYMfyQsna5EDq/wUohDmgQvuWPlmz21UGuSiCnzaFCFcKX9xYMhesbFIyQuM
zoaowcEXs5kWPGyl4fZXVlD6Mi1PI+QzAy1E2MI8E45eavJ++qQkDTHdE0NwBtgg
65yBVnQSe3WlvcO+J/WP0f960Vt2GPONxAUIbet4XMMBFCY1DoFHfuS1CwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLM8h96cl/BfgHF8Nfda/tEYGgg8MB8GA1UdIwQY
MBaAFMWnw/SxRpNRIgJZWopPlbDWt6EBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFmRDlMRkdrMUVpQWxsYWlrLVZzTmEzb1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8zYTNiMmMtNzZiOS00OWI0LTgyMTgt
ZDEyZjFlMjQ1NmJhLzEvc3p5SDNweVg4Ri1BY1h3MTkxci0wUmdhQ0R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8zYTNiMmMtNzZiOS00OWI0LTgyMTgtZDEyZjFlMjQ1NmJh
LzEveGFmRDlMRkdrMUVpQWxsYWlrLVZzTmEzb1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBhp5IAwQA
hp5OAwQDhp54AwQAhp6fAwQAhp7DMA0GCSqGSIb3DQEBCwUAA4IBAQBCEGK0Flcq
mDW0NxTdzHSqg49xGYL/b1wIakqOIc8xeAacPIYGEAtV3Zfdvl0OO77FAw6+Vsut
I8nBUHxhbb09rXZHpuHfTRRm6T2ReC9J+jEGTRhveEjikyqUc8eNpyC4QXTUGYAO
cwyfIgvMF7reZYoczH+22p9bOvQVbZb6ZzLkj78Yp1tYD0L4I/MDyZthMMUkFhvo
914dt2B6jG7s2DyZz+QV3lHhVEUSFswX8YsUYjvJEVCda5PSFEZMHvIHIW3fmNOx
UH5dlT08hBiAuhoOQX1RsOpI1/I61e2PVHFJlVTaROP9w0OQWD91KLMWOP3PG09S
j1MHhoTwb68S
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:20 2024 by rpki-client on console-fra.rpki-client.org