Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/cazoN-6Z0L2BMgPracpuJXsu_0Y.roa
File: cazoN-6Z0L2BMgPracpuJXsu_0Y.roa (raw, json)
Hash identifier: E+DToABdD9zbKsBslM6ky1WO4T2iE0hBHtlzMOSVHUA=
Subject key identifier: 71:AC:E8:37:EE:99:D0:BD:81:32:03:EB:69:CA:6E:25:7B:2E:FF:46
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 018CDA26D8DC850A2B029DC44DAA297A40AE
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/cazoN-6Z0L2BMgPracpuJXsu_0Y.roa
Signing time: Fri 05 Jan 2024 15:03:48 +0000
ROA not before: Fri 05 Jan 2024 15:03:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 185.135.212.0/22 maxlen: 22
155.254.44.0/22 maxlen: 22
155.254.40.0/22 maxlen: 22
155.254.50.0/23 maxlen: 23
107.181.156.0/22 maxlen: 22
91.210.64.0/22 maxlen: 22
103.206.232.0/22 maxlen: 22
43.239.88.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 17 Jan 2024 14:17:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:da:26:d8:dc:85:0a:2b:02:9d:c4:4d:aa:29:7a:40:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jan 5 15:03:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71ace837ee99d0bd813203eb69ca6e257b2eff46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c2:d9:f4:b5:cb:d3:8c:33:2a:12:f0:95:21:
8d:5c:d8:c7:68:28:a2:72:f2:13:d5:b4:b6:e7:68:
5f:42:27:f4:39:e1:99:35:2b:96:6c:69:24:de:5e:
b5:d9:d1:43:c8:b6:5c:76:58:5a:dd:45:2b:59:02:
66:72:0c:4f:6f:16:2d:2c:3f:c4:f0:80:de:d6:16:
c5:a2:2f:ac:4f:61:a7:0d:38:13:3a:6c:d4:04:33:
1d:13:63:d6:39:c6:d4:7c:a3:cb:37:50:8e:d7:a3:
18:fe:d0:68:e7:9f:2e:0d:0b:ae:e3:9f:6a:8f:39:
03:0c:d8:b6:5c:9e:b7:97:86:6b:f5:e1:61:c1:92:
f8:77:6c:09:0a:6e:76:e0:5d:bd:32:94:ae:37:b0:
79:c6:8d:2d:ef:dc:03:7f:24:34:e5:35:6c:90:c0:
25:8d:ae:11:85:0d:41:b6:c7:f5:84:a7:e0:db:87:
3f:a6:de:0e:c9:f3:15:54:a0:d7:01:77:f4:f8:99:
3b:9d:39:9f:43:61:52:4d:3b:20:6e:02:bd:ca:a3:
fe:aa:ae:19:d2:32:2a:c9:22:49:58:8b:4b:ca:d7:
ef:33:e1:30:6c:a2:b5:f6:c1:be:7d:98:2f:31:8c:
d4:ac:38:85:0d:5c:98:18:45:b4:33:e5:d7:ec:14:
2a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:AC:E8:37:EE:99:D0:BD:81:32:03:EB:69:CA:6E:25:7B:2E:FF:46
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/cazoN-6Z0L2BMgPracpuJXsu_0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.239.88.0/22
91.210.64.0/22
103.206.232.0/22
107.181.156.0/22
155.254.40.0/21
155.254.50.0/23
185.135.212.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:01:03:7a:fe:81:67:9d:78:29:b6:c0:35:ad:e1:10:6f:52:
df:40:62:9b:57:c4:f6:b9:54:3b:48:7a:a0:5a:6d:a6:a4:e4:
66:57:9c:bb:85:1e:58:b7:3d:b8:20:9b:4b:12:32:a7:9c:2a:
43:ca:f4:ad:08:dd:9f:c9:eb:94:42:a5:6d:be:9c:bf:c4:15:
9d:26:17:53:10:06:ab:b7:0e:46:21:95:2d:1d:16:02:f2:3f:
7e:ea:66:94:7f:c8:70:b1:dc:45:07:6d:34:14:60:3f:0b:9f:
80:9e:4a:6b:a0:f0:94:a1:ee:09:84:51:52:77:43:c7:28:8f:
c0:57:66:39:4c:4a:77:be:2b:16:29:2c:95:6c:b1:4f:62:36:
60:90:ca:63:17:c6:91:de:a9:50:8f:63:8b:28:28:e0:71:a3:
ba:0e:a7:83:18:4e:46:be:8d:cd:3e:30:1a:31:9c:ea:4e:a5:
08:74:57:e1:b8:22:35:37:30:59:7e:0e:a9:4e:e8:2f:86:b9:
75:37:de:4e:bc:10:52:b6:3f:05:57:f6:de:90:9a:57:0c:6f:
56:a6:32:e1:2c:a3:e0:09:5e:f1:5b:a9:5a:db:17:e1:df:74:
9d:e2:d3:47:32:9b:6e:85:55:ea:88:7c:3c:ec:1e:5f:b0:06:
1e:89:33:d7
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzaJtjchQorAp3ETaopekCuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjQwMTA1MTUwMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWFjZTgzN2VlOTlkMGJkODEzMjAzZWI2OWNhNmUyNTdiMmVmZjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsLZ9LXL04wzKhLwlSGNXNjHaCii
cvIT1bS252hfQif0OeGZNSuWbGkk3l612dFDyLZcdlha3UUrWQJmcgxPbxYtLD/E
8IDe1hbFoi+sT2GnDTgTOmzUBDMdE2PWOcbUfKPLN1CO16MY/tBo558uDQuu459q
jzkDDNi2XJ63l4Zr9eFhwZL4d2wJCm524F29MpSuN7B5xo0t79wDfyQ05TVskMAl
ja4RhQ1Btsf1hKfg24c/pt4OyfMVVKDXAXf0+Jk7nTmfQ2FSTTsgbgK9yqP+qq4Z
0jIqySJJWItLytfvM+EwbKK19sG+fZgvMYzUrDiFDVyYGEW0M+XX7BQqdwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHGs6DfumdC9gTID62nKbiV7Lv9GMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvY2F6b04tNlowTDJCTWdQcmFjcHVKWHN1XzBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCK+9YAwQC
W9JAAwQCZ87oAwQCa7WcAwQDm/4oAwQBm/4yAwQCuYfUMA0GCSqGSIb3DQEBCwUA
A4IBAQAKAQN6/oFnnXgptsA1reEQb1LfQGKbV8T2uVQ7SHqgWm2mpORmV5y7hR5Y
tz24IJtLEjKnnCpDyvStCN2fyeuUQqVtvpy/xBWdJhdTEAartw5GIZUtHRYC8j9+
6maUf8hwsdxFB200FGA/C5+AnkproPCUoe4JhFFSd0PHKI/AV2Y5TEp3visWKSyV
bLFPYjZgkMpjF8aR3qlQj2OLKCjgcaO6DqeDGE5Gvo3NPjAaMZzqTqUIdFfhuCI1
NzBZfg6pTugvhrl1N95OvBBStj8FV/bekJpXDG9WpjLhLKPgCV7xW6la2xfh33Sd
4tNHMptuhVXqiHw87B5fsAYeiTPX
-----END CERTIFICATE-----
Generated at Wed Jan 17 18:55:37 2024 by rpki-client on console-fra.rpki-client.org