Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a4bdf7-2579-4bd0-8a93-224fd78ef827/1/zjHpRn8XIsbCCZhirCQQstcRiNo.roa
File: zjHpRn8XIsbCCZhirCQQstcRiNo.roa (raw, json)
Hash identifier: TVxVxrHaG+HGH51JJYJuXtp6j7JzxxyzeTV0GCyDuM0=
Subject key identifier: CE:31:E9:46:7F:17:22:C6:C2:09:98:62:AC:24:10:B2:D7:11:88:DA
Certificate issuer: /CN=c115b327e84761685022f47328d6f4cbd6d3041e
Certificate serial: 01856CF8370DBCF8C1F9A8F1A6CE5EC1D963
Authority key identifier: C1:15:B3:27:E8:47:61:68:50:22:F4:73:28:D6:F4:CB:D6:D3:04:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wRWzJ-hHYWhQIvRzKNb0y9bTBB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/a4bdf7-2579-4bd0-8a93-224fd78ef827/1/zjHpRn8XIsbCCZhirCQQstcRiNo.roa
Signing time: Sun 01 Jan 2023 10:54:44 +0000
ROA not before: Sun 01 Jan 2023 10:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212714
IP address blocks: 185.152.172.0/22 maxlen: 24
2a11:180::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:37:0d:bc:f8:c1:f9:a8:f1:a6:ce:5e:c1:d9:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c115b327e84761685022f47328d6f4cbd6d3041e
Validity
Not Before: Jan 1 10:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce31e9467f1722c6c2099862ac2410b2d71188da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:93:6e:bd:99:bd:fe:e1:2b:16:1d:f4:1c:c0:
80:29:1f:17:83:2d:bd:14:01:62:4e:ad:96:2c:2f:
86:69:3d:76:6d:b2:1d:70:c5:13:c8:ad:f8:6f:17:
40:da:c6:00:6c:34:5c:9b:3d:18:6c:bd:eb:f8:c6:
11:eb:79:03:2c:c2:7d:3f:ab:79:8d:2f:a5:8d:a8:
4a:1e:2d:a5:88:04:f3:48:73:47:07:6f:e0:84:58:
56:9a:c9:00:7a:25:3a:52:d1:36:4b:3d:a4:e1:8d:
0b:59:cc:af:af:61:56:f5:b4:f3:a7:c9:bd:b2:9d:
ce:cf:cb:26:99:ac:ad:4f:d5:b5:4a:35:0f:a3:36:
50:ca:bc:8c:ce:f7:e0:4e:cd:80:75:38:7c:3c:ae:
7d:ea:93:74:50:95:30:d1:d5:64:8c:1a:60:7f:e6:
c7:11:e2:ce:97:f3:2a:da:51:92:73:b4:89:a4:ca:
95:9c:ba:c8:1a:78:5a:64:ea:e9:61:78:ac:94:8c:
d6:3c:2f:a9:75:a5:09:0f:c7:33:e3:2c:0e:ac:97:
38:c9:38:b5:92:a6:46:9a:e3:e0:8c:06:9a:df:be:
81:a1:cc:19:2d:1a:d5:e4:43:e7:88:c9:9d:00:97:
c0:9b:1a:bb:e5:3d:4e:41:e0:a2:3a:2a:ca:a2:d4:
f2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:31:E9:46:7F:17:22:C6:C2:09:98:62:AC:24:10:B2:D7:11:88:DA
X509v3 Authority Key Identifier:
keyid:C1:15:B3:27:E8:47:61:68:50:22:F4:73:28:D6:F4:CB:D6:D3:04:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wRWzJ-hHYWhQIvRzKNb0y9bTBB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a4bdf7-2579-4bd0-8a93-224fd78ef827/1/zjHpRn8XIsbCCZhirCQQstcRiNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a4bdf7-2579-4bd0-8a93-224fd78ef827/1/wRWzJ-hHYWhQIvRzKNb0y9bTBB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.172.0/22
IPv6:
2a11:180::/29
Signature Algorithm: sha256WithRSAEncryption
7d:89:f6:63:50:88:35:5f:05:ae:a9:3c:6a:80:37:3b:bf:b1:
0c:af:ef:4f:65:cf:d3:92:bf:fa:5f:7c:0a:26:40:12:26:9e:
3c:1a:ab:24:53:78:b4:78:25:8a:2c:16:7f:c7:d3:d9:0b:c3:
5d:f1:91:20:7d:76:f2:f7:8c:d0:8b:b0:40:6e:c6:2f:e2:2f:
3e:74:26:2d:d5:0d:8c:10:37:f5:01:09:82:5f:40:3c:52:32:
4a:a6:1b:57:f0:ee:9f:30:b6:59:2d:82:00:53:93:ff:52:37:
d9:23:2f:4f:91:23:10:4b:67:41:63:92:25:5c:a8:28:ba:6b:
3a:07:86:29:f9:90:81:8f:27:d3:c1:9a:06:f6:a7:1c:20:31:
e0:7a:1a:02:0b:6d:04:11:9e:67:e3:ac:9c:2d:54:d0:b4:c5:
6f:cc:f7:b5:da:9c:a7:5a:56:18:ba:c9:80:61:67:83:0c:1c:
91:6a:71:e5:c3:70:aa:96:c0:b0:67:05:63:47:90:4a:21:bc:
d0:e7:9b:aa:19:ee:a0:3c:1a:93:ca:97:6c:bb:42:ab:c2:1d:
4b:4a:05:dc:fe:f4:43:9d:92:b1:a8:dd:e4:52:69:c6:d4:c1:
19:c5:3c:b1:f2:bd:38:10:42:ad:f9:1b:17:74:10:de:d8:00:
e5:9d:18:9e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVs+DcNvPjB+ajxps5ewdljMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMTViMzI3ZTg0NzYxNjg1MDIyZjQ3MzI4ZDZmNGNiZDZk
MzA0MWUwHhcNMjMwMTAxMTA1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTMxZTk0NjdmMTcyMmM2YzIwOTk4NjJhYzI0MTBiMmQ3MTE4OGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopNuvZm9/uErFh30HMCAKR8Xgy29
FAFiTq2WLC+GaT12bbIdcMUTyK34bxdA2sYAbDRcmz0YbL3r+MYR63kDLMJ9P6t5
jS+ljahKHi2liATzSHNHB2/ghFhWmskAeiU6UtE2Sz2k4Y0LWcyvr2FW9bTzp8m9
sp3Oz8smmaytT9W1SjUPozZQyryMzvfgTs2AdTh8PK596pN0UJUw0dVkjBpgf+bH
EeLOl/Mq2lGSc7SJpMqVnLrIGnhaZOrpYXislIzWPC+pdaUJD8cz4ywOrJc4yTi1
kqZGmuPgjAaa376BocwZLRrV5EPniMmdAJfAmxq75T1OQeCiOirKotTyIwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM4x6UZ/FyLGwgmYYqwkELLXEYjaMB8GA1UdIwQY
MBaAFMEVsyfoR2FoUCL0cyjW9MvW0wQeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1JXekotaEhZV2hRSXZSektOYjB5OWJUQkI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hNGJkZjctMjU3OS00YmQwLThhOTMt
MjI0ZmQ3OGVmODI3LzEvempIcFJuOFhJc2JDQ1poaXJDUVFzdGNSaU5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hNGJkZjctMjU3OS00YmQwLThhOTMtMjI0ZmQ3OGVmODI3
LzEvd1JXekotaEhZV2hRSXZSektOYjB5OWJUQkI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZisMA0E
AgACMAcDBQMqEQGAMA0GCSqGSIb3DQEBCwUAA4IBAQB9ifZjUIg1XwWuqTxqgDc7
v7EMr+9PZc/Tkr/6X3wKJkASJp48GqskU3i0eCWKLBZ/x9PZC8Nd8ZEgfXby94zQ
i7BAbsYv4i8+dCYt1Q2MEDf1AQmCX0A8UjJKphtX8O6fMLZZLYIAU5P/UjfZIy9P
kSMQS2dBY5IlXKgoums6B4Yp+ZCBjyfTwZoG9qccIDHgehoCC20EEZ5n46ycLVTQ
tMVvzPe12pynWlYYusmAYWeDDByRanHlw3CqlsCwZwVjR5BKIbzQ55uqGe6gPBqT
ypdsu0Krwh1LSgXc/vRDnZKxqN3kUmnG1MEZxTyx8r04EEKt+RsXdBDe2ADlnRie
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:03 2024 by rpki-client on console-fra.rpki-client.org