Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/rtEYEOGA1BgZ487OdlTWk5qxpMs.roa
File: rtEYEOGA1BgZ487OdlTWk5qxpMs.roa (raw, json)
Hash identifier: wDEivU5wTjQwdBADTLe+3lyWKM3kS0dNJlAtM3ppUp8=
Subject key identifier: AE:D1:18:10:E1:80:D4:18:19:E3:CE:CE:76:54:D6:93:9A:B1:A4:CB
Certificate issuer: /CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Certificate serial: 01856BDC6A80693ECD5F0BD2D04DEEA6E022
Authority key identifier: 9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/rtEYEOGA1BgZ487OdlTWk5qxpMs.roa
Signing time: Sun 01 Jan 2023 05:44:45 +0000
ROA not before: Sun 01 Jan 2023 05:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60111
IP address blocks: 185.254.128.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:30:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:6a:80:69:3e:cd:5f:0b:d2:d0:4d:ee:a6:e0:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f3f9871536d60bf74bdf69060c90d54107d8e38
Validity
Not Before: Jan 1 05:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aed11810e180d41819e3cece7654d6939ab1a4cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:a9:dc:b1:f8:b3:17:40:5e:8a:9f:1f:46:78:
e6:99:a4:50:5c:74:03:1c:e6:5a:51:fa:31:23:8f:
d0:1b:2e:06:4c:f1:52:c2:3e:4e:09:d1:d2:d3:3e:
b1:6a:e9:91:b7:c4:6a:d5:aa:af:f0:13:52:3c:3c:
ab:9c:59:85:a6:dc:b4:a7:8c:8c:61:43:df:6a:63:
d7:d9:21:1c:ba:12:1f:4f:6c:d0:31:c0:1d:4a:dc:
62:83:18:19:82:d5:03:05:a1:3e:35:79:33:46:1f:
e2:53:10:fc:b3:53:7c:60:10:a7:d9:96:36:af:ad:
a4:af:3f:f1:97:67:c2:60:04:55:7a:3e:e9:be:68:
8d:f5:80:e0:50:66:26:4b:4c:e9:d8:fb:88:a2:c7:
98:e9:f3:9f:99:11:32:11:4c:6a:5e:81:07:fa:f0:
40:1b:2f:ee:05:89:49:46:8c:45:08:16:e4:64:f1:
fb:43:86:db:fb:84:bc:27:ec:88:10:c9:fa:79:6a:
b5:b9:17:fd:60:dd:a4:7d:7f:3b:22:db:f4:b4:85:
ca:a0:17:80:c7:90:6f:59:ac:85:9a:15:d9:f7:16:
03:4a:1d:d2:9e:4f:96:98:6c:d5:e0:ac:08:9a:50:
24:d3:31:6c:4a:d7:85:24:c3:2a:28:d4:7b:2c:47:
8f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:D1:18:10:E1:80:D4:18:19:E3:CE:CE:76:54:D6:93:9A:B1:A4:CB
X509v3 Authority Key Identifier:
keyid:9F:3F:98:71:53:6D:60:BF:74:BD:F6:90:60:C9:0D:54:10:7D:8E:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nz-YcVNtYL90vfaQYMkNVBB9jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/rtEYEOGA1BgZ487OdlTWk5qxpMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f6bbd3-ae27-4dc7-b669-c5263b3303b9/1/nz-YcVNtYL90vfaQYMkNVBB9jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.254.128.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:72:fd:9b:d6:9c:3e:e8:18:94:f6:82:d0:2b:c2:09:60:e9:
6a:2a:f7:8a:3f:87:15:a7:c3:b7:62:54:32:13:af:1e:74:62:
c4:4c:92:9e:ab:f9:17:a8:7a:35:7b:e6:72:9b:74:c5:68:47:
4a:0d:bf:8a:b2:97:19:34:e7:7a:59:9d:aa:71:75:48:52:b4:
93:85:84:5f:99:e1:af:f1:7b:e4:c1:f8:f4:6f:12:f3:79:c6:
33:7d:a7:ee:05:9b:21:80:99:d3:d2:3f:21:da:93:66:84:82:
46:ea:9f:e9:19:91:12:76:76:ef:b5:c8:c0:05:0f:17:d5:41:
47:61:ac:da:c3:de:ce:40:17:a2:2f:06:e3:fc:94:6c:f9:3d:
98:fc:a1:fb:b3:38:3f:d5:e2:73:f7:1d:29:cd:71:f7:0d:a7:
c6:93:13:23:34:79:5f:de:eb:0c:04:69:b8:44:30:81:30:03:
51:01:19:e1:c1:12:c8:d8:b4:8b:51:29:46:c4:5e:61:76:c6:
11:75:65:6b:d3:23:99:dd:b9:ac:1b:54:94:b5:14:98:43:99:
9d:cb:84:b5:84:7d:56:24:5b:2e:9b:d8:72:08:0d:4b:9d:69:
55:f2:f7:6d:d7:52:cb:13:a0:fa:55:54:e8:af:51:25:03:7b:
da:a0:fe:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr3GqAaT7NXwvS0E3upuAiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmM2Y5ODcxNTM2ZDYwYmY3NGJkZjY5MDYwYzkwZDU0MTA3
ZDhlMzgwHhcNMjMwMTAxMDU0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWQxMTgxMGUxODBkNDE4MTllM2NlY2U3NjU0ZDY5MzlhYjFhNGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6ncsfizF0Beip8fRnjmmaRQXHQD
HOZaUfoxI4/QGy4GTPFSwj5OCdHS0z6xaumRt8Rq1aqv8BNSPDyrnFmFpty0p4yM
YUPfamPX2SEcuhIfT2zQMcAdStxigxgZgtUDBaE+NXkzRh/iUxD8s1N8YBCn2ZY2
r62krz/xl2fCYARVej7pvmiN9YDgUGYmS0zp2PuIoseY6fOfmREyEUxqXoEH+vBA
Gy/uBYlJRoxFCBbkZPH7Q4bb+4S8J+yIEMn6eWq1uRf9YN2kfX87Itv0tIXKoBeA
x5BvWayFmhXZ9xYDSh3Snk+WmGzV4KwImlAk0zFsSteFJMMqKNR7LEeP0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK7RGBDhgNQYGePOznZU1pOasaTLMB8GA1UdIwQY
MBaAFJ8/mHFTbWC/dL32kGDJDVQQfY44MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2Njkt
YzUyNjNiMzMwM2I5LzEvcnRFWUVPR0ExQmdaNDg3T2RsVFdrNXF4cE1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mNmJiZDMtYWUyNy00ZGM3LWI2NjktYzUyNjNiMzMwM2I5
LzEvbnotWWNWTnRZTDkwdmZhUVlNa05WQkI5ampnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuf6AMA0G
CSqGSIb3DQEBCwUAA4IBAQA/cv2b1pw+6BiU9oLQK8IJYOlqKveKP4cVp8O3YlQy
E68edGLETJKeq/kXqHo1e+Zym3TFaEdKDb+KspcZNOd6WZ2qcXVIUrSThYRfmeGv
8Xvkwfj0bxLzecYzfafuBZshgJnT0j8h2pNmhIJG6p/pGZESdnbvtcjABQ8X1UFH
Yazaw97OQBeiLwbj/JRs+T2Y/KH7szg/1eJz9x0pzXH3DafGkxMjNHlf3usMBGm4
RDCBMANRARnhwRLI2LSLUSlGxF5hdsYRdWVr0yOZ3bmsG1SUtRSYQ5mdy4S1hH1W
JFsum9hyCA1LnWlV8vdt11LLE6D6VVTor1ElA3vaoP66
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:18 2024 by rpki-client on console-ams.rpki-client.org