Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/zyLvvQUWhEluJrnWvKJMrz_zVjc.roa
File: zyLvvQUWhEluJrnWvKJMrz_zVjc.roa (raw, json)
Hash identifier: zJF88B9aCjGzxj//nnJamyeWDZDJ6paelyAl9miA71w=
Subject key identifier: CF:22:EF:BD:05:16:84:49:6E:26:B9:D6:BC:A2:4C:AF:3F:F3:56:37
Certificate issuer: /CN=7d149f62447853689c12fb288afeb6b681cfebc1
Certificate serial: 0185B8FDAA89FFD50E84C0452CCE7757D141
Authority key identifier: 7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/zyLvvQUWhEluJrnWvKJMrz_zVjc.roa
Signing time: Mon 16 Jan 2023 05:11:49 +0000
ROA not before: Mon 16 Jan 2023 05:11:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49091
IP address blocks: 178.172.253.0/24 maxlen: 24
178.172.150.0/24 maxlen: 24
217.21.38.0/24 maxlen: 24
217.21.39.0/24 maxlen: 24
185.70.14.0/24 maxlen: 24
185.70.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b8:fd:aa:89:ff:d5:0e:84:c0:45:2c:ce:77:57:d1:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d149f62447853689c12fb288afeb6b681cfebc1
Validity
Not Before: Jan 16 05:11:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf22efbd051684496e26b9d6bca24caf3ff35637
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:88:de:4a:34:9d:8e:0c:e2:24:62:30:83:61:
e7:34:ba:4b:90:07:9e:c2:78:02:58:57:da:8e:7b:
8e:d3:2d:45:15:47:a6:67:16:68:88:8c:eb:d8:6e:
e4:5d:b1:63:b2:d6:4a:35:8a:21:f2:54:b5:6c:76:
de:eb:c4:cd:a4:4c:c1:ae:31:e7:4d:f4:70:22:5e:
e0:36:0d:ac:8e:8d:7e:0b:55:ae:d4:44:02:ac:7a:
73:5a:36:bc:a3:9a:f2:20:4b:8f:e4:38:2b:95:57:
85:d1:2c:4c:bb:a4:6a:df:0e:a9:80:c6:98:47:4c:
98:95:91:3e:2d:81:40:43:13:fb:90:e9:93:8c:49:
6d:5a:d1:44:d0:e7:65:71:f2:42:2a:22:b7:ba:7b:
a8:0b:ae:1e:4e:3c:41:f8:a0:df:b5:ca:c9:ee:5c:
4a:64:df:db:f1:b7:7a:1a:ac:0a:28:c7:75:12:da:
ca:c1:c2:56:84:e8:6d:63:2a:40:0b:ef:64:59:24:
dc:a8:57:95:d1:73:e3:63:8c:ec:42:85:b8:9a:4c:
35:e9:35:84:20:3a:19:c7:ea:cc:cc:44:d9:77:48:
ce:c4:61:79:88:d2:84:6b:62:a3:18:f5:2f:54:3e:
76:8c:76:70:b4:20:87:0f:9f:2a:7a:bf:fd:86:3e:
9c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:22:EF:BD:05:16:84:49:6E:26:B9:D6:BC:A2:4C:AF:3F:F3:56:37
X509v3 Authority Key Identifier:
keyid:7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/zyLvvQUWhEluJrnWvKJMrz_zVjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.172.150.0/24
178.172.253.0/24
185.70.14.0/23
217.21.38.0/23
Signature Algorithm: sha256WithRSAEncryption
68:1b:76:1a:9a:ec:8a:ff:a0:15:2a:f8:d0:b9:e5:71:ea:4a:
d5:b2:d4:d0:33:21:c3:e4:2d:b2:af:e8:23:e2:c8:2d:ec:b7:
81:ff:80:81:e8:57:df:a3:fa:1e:0e:9f:6c:a3:87:bb:5b:34:
2d:41:b3:06:88:37:a4:44:ec:38:5d:14:a7:65:b0:5f:55:53:
7e:b6:26:9a:85:13:e9:1a:96:38:60:d4:09:ae:00:36:0f:08:
6e:76:81:81:06:ac:e8:00:68:a0:62:94:d0:4e:fc:1d:ef:16:
1d:42:85:90:79:e2:37:96:aa:d9:d6:5f:8d:f9:5f:f8:b8:4c:
cd:a0:86:88:a1:5d:ea:66:dc:6d:b9:bb:65:e3:c9:de:4a:96:
11:a4:97:74:93:91:99:b1:62:88:75:1b:a3:46:d2:1c:be:6f:
53:b8:d6:17:b8:3e:94:70:c5:ae:13:23:3b:eb:b0:cf:bc:b5:
49:55:0f:6b:aa:9a:60:d0:a1:d7:e4:6a:67:95:a9:64:49:ea:
1c:e2:ba:77:af:bf:7e:07:0c:fd:28:30:c5:39:69:7b:ad:f4:
b3:3f:84:31:ed:a5:52:6b:c5:24:00:68:25:12:37:db:aa:6b:
20:2b:32:19:e1:69:84:f2:7b:9d:5b:54:55:dd:49:e8:90:eb:
45:0c:d4:33
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYW4/aqJ/9UOhMBFLM53V9FBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMTQ5ZjYyNDQ3ODUzNjg5YzEyZmIyODhhZmViNmI2ODFj
ZmViYzEwHhcNMjMwMTE2MDUxMTQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjIyZWZiZDA1MTY4NDQ5NmUyNmI5ZDZiY2EyNGNhZjNmZjM1NjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4jeSjSdjgziJGIwg2HnNLpLkAee
wngCWFfajnuO0y1FFUemZxZoiIzr2G7kXbFjstZKNYoh8lS1bHbe68TNpEzBrjHn
TfRwIl7gNg2sjo1+C1Wu1EQCrHpzWja8o5ryIEuP5DgrlVeF0SxMu6Rq3w6pgMaY
R0yYlZE+LYFAQxP7kOmTjEltWtFE0OdlcfJCKiK3unuoC64eTjxB+KDftcrJ7lxK
ZN/b8bd6GqwKKMd1EtrKwcJWhOhtYypAC+9kWSTcqFeV0XPjY4zsQoW4mkw16TWE
IDoZx+rMzETZd0jOxGF5iNKEa2KjGPUvVD52jHZwtCCHD58qer/9hj6cswIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM8i770FFoRJbia51ryiTK8/81Y3MB8GA1UdIwQY
MBaAFH0Un2JEeFNonBL7KIr+traBz+vBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTct
YWFiMGU0MTRjYzYzLzEvenlMdnZRVVdoRWx1SnJuV3ZLSk1yel96VmpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTctYWFiMGU0MTRjYzYz
LzEvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAsqyWAwQA
sqz9AwQBuUYOAwQB2RUmMA0GCSqGSIb3DQEBCwUAA4IBAQBoG3YamuyK/6AVKvjQ
ueVx6krVstTQMyHD5C2yr+gj4sgt7LeB/4CB6Fffo/oeDp9so4e7WzQtQbMGiDek
ROw4XRSnZbBfVVN+tiaahRPpGpY4YNQJrgA2DwhudoGBBqzoAGigYpTQTvwd7xYd
QoWQeeI3lqrZ1l+N+V/4uEzNoIaIoV3qZtxtubtl48neSpYRpJd0k5GZsWKIdRuj
RtIcvm9TuNYXuD6UcMWuEyM767DPvLVJVQ9rqppg0KHX5GpnlalkSeoc4rp3r79+
Bwz9KDDFOWl7rfSzP4Qx7aVSa8UkAGglEjfbqmsgKzIZ4WmE8nudW1RV3UnokOtF
DNQz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:22 2024 by rpki-client on console-fra.rpki-client.org