Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/53f75e-42b9-4fae-b1be-26e7f3f2b11e/1/Czce2-nSa01r8RLZtf-WYOlNMzo.roa
File: Czce2-nSa01r8RLZtf-WYOlNMzo.roa (raw, json)
Hash identifier: lBlx7wgyRCJtezBzuhsOCJuhzebEFQzFE4qVqVdSr9s=
Subject key identifier: 0B:37:1E:DB:E9:D2:6B:4D:6B:F1:12:D9:B5:FF:96:60:E9:4D:33:3A
Certificate issuer: /CN=668d7f75ef42f0bd71aa9c66668e0a33dbe1634f
Certificate serial: 01856D385F5F86F6F904FBF332AE603F4D7A
Authority key identifier: 66:8D:7F:75:EF:42:F0:BD:71:AA:9C:66:66:8E:0A:33:DB:E1:63:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zo1_de9C8L1xqpxmZo4KM9vhY08.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/53f75e-42b9-4fae-b1be-26e7f3f2b11e/1/Czce2-nSa01r8RLZtf-WYOlNMzo.roa
Signing time: Sun 01 Jan 2023 12:04:49 +0000
ROA not before: Sun 01 Jan 2023 12:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198089
IP address blocks: 185.46.28.0/22 maxlen: 24
85.222.240.0/20 maxlen: 24
141.136.120.0/21 maxlen: 24
157.97.192.0/18 maxlen: 24
2a01:8580::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:5f:5f:86:f6:f9:04:fb:f3:32:ae:60:3f:4d:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=668d7f75ef42f0bd71aa9c66668e0a33dbe1634f
Validity
Not Before: Jan 1 12:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b371edbe9d26b4d6bf112d9b5ff9660e94d333a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:75:e4:58:da:77:1f:5f:20:8b:a6:97:87:02:
e7:9a:6f:09:bc:ec:14:ca:5a:4d:fa:82:2e:10:94:
47:74:ba:8d:c7:e2:65:1b:9d:74:94:9b:25:9a:34:
61:1f:68:36:8e:ae:85:3a:da:1f:c7:b9:63:99:db:
8b:20:e5:71:a2:8f:33:b2:82:10:10:c8:e1:1a:3c:
a5:50:1a:90:18:b0:b0:97:be:6e:5a:23:df:55:ce:
59:3f:31:df:29:cd:b7:db:ff:4e:95:b0:d6:a3:e2:
da:39:26:10:a8:03:ad:d9:4c:f7:3b:43:28:c8:a2:
55:7f:a1:f7:59:91:f8:62:60:91:34:12:99:d8:e0:
f5:23:8c:15:4e:65:17:48:bb:7a:19:2d:f0:c7:08:
a2:38:eb:cc:23:7b:b0:9c:1c:94:2d:e4:8a:b8:77:
86:99:99:ae:b7:58:5f:22:bb:b4:a9:22:5d:2a:0a:
c6:9b:47:c1:a8:38:a2:04:9c:b1:5c:0c:4c:c8:56:
df:97:33:de:b7:71:bc:5d:44:31:66:37:e4:79:cd:
90:8f:50:dc:a9:c7:91:30:fe:70:a9:dc:e2:33:dc:
78:69:3d:23:a7:3e:19:ce:01:64:fe:1a:94:24:03:
ff:47:e3:86:97:e2:14:a0:8f:91:4c:b1:86:d1:07:
a6:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:37:1E:DB:E9:D2:6B:4D:6B:F1:12:D9:B5:FF:96:60:E9:4D:33:3A
X509v3 Authority Key Identifier:
keyid:66:8D:7F:75:EF:42:F0:BD:71:AA:9C:66:66:8E:0A:33:DB:E1:63:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zo1_de9C8L1xqpxmZo4KM9vhY08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/53f75e-42b9-4fae-b1be-26e7f3f2b11e/1/Czce2-nSa01r8RLZtf-WYOlNMzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/53f75e-42b9-4fae-b1be-26e7f3f2b11e/1/Zo1_de9C8L1xqpxmZo4KM9vhY08.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.222.240.0/20
141.136.120.0/21
157.97.192.0/18
185.46.28.0/22
IPv6:
2a01:8580::/32
Signature Algorithm: sha256WithRSAEncryption
5b:0d:c0:76:f1:bd:07:9b:e4:7b:b3:1a:56:54:0e:78:9c:6a:
28:4c:10:74:2f:9e:19:57:63:6f:aa:d4:bc:67:fb:1e:b0:70:
ac:1e:02:75:21:c1:35:dc:5e:9a:85:16:0d:09:e6:6d:fa:6a:
78:8e:51:46:8e:f7:1e:a9:39:43:ec:31:ca:0c:63:69:37:15:
44:14:df:ed:dd:bc:7d:cb:65:9b:95:02:18:e5:4e:49:09:ef:
53:3c:7f:5e:69:f9:b1:aa:6c:ad:3f:5b:66:33:3c:d1:c5:ee:
eb:d6:92:19:8e:40:d8:48:c6:c6:88:24:d2:ed:e2:41:c8:f8:
49:47:ec:e4:64:c8:09:19:a0:f4:f0:4c:e8:f1:c4:49:5e:04:
e9:44:a0:6a:3e:dd:02:88:b7:22:3c:03:a5:bf:7b:21:7d:d6:
e3:c5:5f:d9:3b:ba:40:6d:3d:15:69:df:21:61:f3:29:f6:92:
01:d1:eb:8f:e4:45:85:12:6c:e8:d1:c2:0f:32:af:01:af:06:
3b:9b:3d:18:28:c8:98:72:38:9d:e4:04:9c:ba:19:5c:4e:65:
4d:65:08:03:0b:20:70:0e:88:6b:e9:26:a7:22:80:6c:27:0a:
10:ff:0e:82:be:b6:0d:ae:68:a2:64:a7:05:63:d9:d5:20:df:
68:54:a0:3a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVtOF9fhvb5BPvzMq5gP016MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OGQ3Zjc1ZWY0MmYwYmQ3MWFhOWM2NjY2OGUwYTMzZGJl
MTYzNGYwHhcNMjMwMTAxMTIwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjM3MWVkYmU5ZDI2YjRkNmJmMTEyZDliNWZmOTY2MGU5NGQzMzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXXkWNp3H18gi6aXhwLnmm8JvOwU
ylpN+oIuEJRHdLqNx+JlG510lJslmjRhH2g2jq6FOtofx7ljmduLIOVxoo8zsoIQ
EMjhGjylUBqQGLCwl75uWiPfVc5ZPzHfKc232/9OlbDWo+LaOSYQqAOt2Uz3O0Mo
yKJVf6H3WZH4YmCRNBKZ2OD1I4wVTmUXSLt6GS3wxwiiOOvMI3uwnByULeSKuHeG
mZmut1hfIru0qSJdKgrGm0fBqDiiBJyxXAxMyFbflzPet3G8XUQxZjfkec2Qj1Dc
qceRMP5wqdziM9x4aT0jpz4ZzgFk/hqUJAP/R+OGl+IUoI+RTLGG0QemrQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAs3Htvp0mtNa/ES2bX/lmDpTTM6MB8GA1UdIwQY
MBaAFGaNf3XvQvC9caqcZmaOCjPb4WNPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm8xX2RlOUM4TDF4cXB4bVpvNEtNOXZoWTA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi81M2Y3NWUtNDJiOS00ZmFlLWIxYmUt
MjZlN2YzZjJiMTFlLzEvQ3pjZTItblNhMDFyOFJMWnRmLVdZT2xOTXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi81M2Y3NWUtNDJiOS00ZmFlLWIxYmUtMjZlN2YzZjJiMTFl
LzEvWm8xX2RlOUM4TDF4cXB4bVpvNEtNOXZoWTA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEVd7wAwQD
jYh4AwQGnWHAAwQCuS4cMA0EAgACMAcDBQAqAYWAMA0GCSqGSIb3DQEBCwUAA4IB
AQBbDcB28b0Hm+R7sxpWVA54nGooTBB0L54ZV2NvqtS8Z/sesHCsHgJ1IcE13F6a
hRYNCeZt+mp4jlFGjvceqTlD7DHKDGNpNxVEFN/t3bx9y2WblQIY5U5JCe9TPH9e
afmxqmytP1tmMzzRxe7r1pIZjkDYSMbGiCTS7eJByPhJR+zkZMgJGaD08Ezo8cRJ
XgTpRKBqPt0CiLciPAOlv3shfdbjxV/ZO7pAbT0Vad8hYfMp9pIB0euP5EWFEmzo
0cIPMq8BrwY7mz0YKMiYcjid5AScuhlcTmVNZQgDCyBwDohr6SanIoBsJwoQ/w6C
vrYNrmiiZKcFY9nVIN9oVKA6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:02 2024 by rpki-client on console-fra.rpki-client.org