Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/ce88a2-eb87-42a5-916d-b56bb0647868/1/Z9rsl2t2I1wEbrlJB27zcnFeaiU.roa
File: Z9rsl2t2I1wEbrlJB27zcnFeaiU.roa (raw, json)
Hash identifier: 8NSYtiHmWkZbjL9tHFIGJEL4GsrKb9GMSP8FfjK5+PI=
Subject key identifier: 67:DA:EC:97:6B:76:23:5C:04:6E:B9:49:07:6E:F3:72:71:5E:6A:25
Certificate issuer: /CN=a61a8f667a3dddbd4a352318d8f0606c46e9f063
Certificate serial: 01856BC113D8336688A1B1A51AB1E4D3CCAB
Authority key identifier: A6:1A:8F:66:7A:3D:DD:BD:4A:35:23:18:D8:F0:60:6C:46:E9:F0:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/phqPZno93b1KNSMY2PBgbEbp8GM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/ce88a2-eb87-42a5-916d-b56bb0647868/1/Z9rsl2t2I1wEbrlJB27zcnFeaiU.roa
Signing time: Sun 01 Jan 2023 05:14:53 +0000
ROA not before: Sun 01 Jan 2023 05:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34373
IP address blocks: 185.64.120.0/22 maxlen: 24
2a03:1460::/32 maxlen: 36
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:c1:13:d8:33:66:88:a1:b1:a5:1a:b1:e4:d3:cc:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a61a8f667a3dddbd4a352318d8f0606c46e9f063
Validity
Not Before: Jan 1 05:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67daec976b76235c046eb949076ef372715e6a25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:37:9f:c0:a5:7f:b7:22:e4:47:c1:df:9c:80:
7e:bf:6e:8f:4b:41:98:d0:67:44:9f:8e:ca:4a:8d:
47:aa:f5:5f:8d:e5:c8:48:2d:f9:67:d4:32:f1:f1:
44:66:b4:28:f9:6c:35:d3:9e:a9:9b:05:b9:60:00:
95:d3:43:16:1c:a6:8f:d4:f5:d9:c6:c3:1a:b3:ca:
01:b1:ad:1b:17:0f:6f:d3:55:d1:9f:53:36:69:b8:
94:16:0b:75:f4:3f:9d:29:4b:97:0d:d1:4a:24:21:
c1:97:ac:81:07:f9:92:7c:e7:cc:15:d4:20:a5:98:
ce:8a:1c:45:67:bf:70:89:95:33:9c:b0:20:15:02:
ab:34:c5:63:af:dd:0a:5e:1d:b7:0d:c0:9b:7e:82:
e9:11:b1:e7:c3:58:3a:68:54:3a:82:a1:24:b9:8c:
f7:18:d4:25:e1:a0:28:9b:1e:a4:cb:7c:a0:db:32:
f5:8d:2c:c3:4b:74:e1:32:33:71:8c:90:2f:19:fd:
70:75:fb:7c:c8:a9:58:a9:c2:43:81:5a:3c:69:e0:
7a:8f:54:de:74:49:b7:eb:9c:9c:8b:53:d9:3a:e6:
20:58:b0:5b:cc:1e:08:33:ba:74:45:3f:06:e5:59:
52:51:a2:9b:37:57:f4:25:78:a2:a8:44:06:47:c7:
a5:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:DA:EC:97:6B:76:23:5C:04:6E:B9:49:07:6E:F3:72:71:5E:6A:25
X509v3 Authority Key Identifier:
keyid:A6:1A:8F:66:7A:3D:DD:BD:4A:35:23:18:D8:F0:60:6C:46:E9:F0:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/phqPZno93b1KNSMY2PBgbEbp8GM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/ce88a2-eb87-42a5-916d-b56bb0647868/1/Z9rsl2t2I1wEbrlJB27zcnFeaiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/ce88a2-eb87-42a5-916d-b56bb0647868/1/phqPZno93b1KNSMY2PBgbEbp8GM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.120.0/22
IPv6:
2a03:1460::/32
Signature Algorithm: sha256WithRSAEncryption
95:63:71:31:7d:dc:2b:b2:58:36:1e:c1:71:a8:04:12:fc:9e:
c9:c9:b4:3a:99:6e:12:b4:65:88:f9:82:31:93:7a:7a:76:ed:
b5:cd:57:61:e6:a0:5d:5c:d3:05:39:ee:44:93:02:3e:e0:a8:
85:4d:12:b7:4e:84:be:00:e8:98:9b:38:b7:2a:0d:4e:df:26:
fd:d0:86:83:a7:90:ab:76:be:c8:7c:7e:1a:9a:c1:33:e8:4a:
05:28:2c:65:a5:32:b1:15:35:f5:a6:57:89:dd:13:8e:16:90:
fa:49:5b:2d:15:b5:f2:58:86:67:26:30:41:5a:2f:31:12:8d:
59:b7:e5:9e:91:2b:cf:3c:57:94:7d:5e:33:cf:b8:48:9c:56:
15:ea:37:31:72:0a:dd:69:93:d1:0e:70:de:83:39:19:10:1e:
26:50:c3:97:25:1f:75:88:47:a6:ef:1a:44:6f:7f:62:7e:86:
e8:2c:5b:b1:fa:83:18:77:b8:c3:13:1a:0e:94:f8:9b:d7:17:
07:ab:cb:a2:3a:2d:6a:b6:87:73:d9:68:5f:a0:19:01:2d:8e:
d3:ed:a8:da:dc:f5:9c:fd:bd:6f:5c:3d:d9:50:20:77:fa:e4:
43:98:94:26:ab:62:1a:bd:58:26:be:e4:7c:2b:58:11:3d:49:
2e:fd:c8:71
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVrwRPYM2aIobGlGrHk08yrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MWE4ZjY2N2EzZGRkYmQ0YTM1MjMxOGQ4ZjA2MDZjNDZl
OWYwNjMwHhcNMjMwMTAxMDUxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2RhZWM5NzZiNzYyMzVjMDQ2ZWI5NDkwNzZlZjM3MjcxNWU2YTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDefwKV/tyLkR8HfnIB+v26PS0GY
0GdEn47KSo1HqvVfjeXISC35Z9Qy8fFEZrQo+Ww1056pmwW5YACV00MWHKaP1PXZ
xsMas8oBsa0bFw9v01XRn1M2abiUFgt19D+dKUuXDdFKJCHBl6yBB/mSfOfMFdQg
pZjOihxFZ79wiZUznLAgFQKrNMVjr90KXh23DcCbfoLpEbHnw1g6aFQ6gqEkuYz3
GNQl4aAomx6ky3yg2zL1jSzDS3ThMjNxjJAvGf1wdft8yKlYqcJDgVo8aeB6j1Te
dEm365yci1PZOuYgWLBbzB4IM7p0RT8G5VlSUaKbN1f0JXiiqEQGR8eljQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGfa7JdrdiNcBG65SQdu83JxXmolMB8GA1UdIwQY
MBaAFKYaj2Z6Pd29SjUjGNjwYGxG6fBjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGhxUFpubzkzYjFLTlNNWTJQQmdiRWJwOEdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9jZTg4YTItZWI4Ny00MmE1LTkxNmQt
YjU2YmIwNjQ3ODY4LzEvWjlyc2wydDJJMXdFYnJsSkIyN3pjbkZlYWlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9jZTg4YTItZWI4Ny00MmE1LTkxNmQtYjU2YmIwNjQ3ODY4
LzEvcGhxUFpubzkzYjFLTlNNWTJQQmdiRWJwOEdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUB4MA0E
AgACMAcDBQAqAxRgMA0GCSqGSIb3DQEBCwUAA4IBAQCVY3Exfdwrslg2HsFxqAQS
/J7JybQ6mW4StGWI+YIxk3p6du21zVdh5qBdXNMFOe5EkwI+4KiFTRK3ToS+AOiY
mzi3Kg1O3yb90IaDp5Crdr7IfH4amsEz6EoFKCxlpTKxFTX1pleJ3ROOFpD6SVst
FbXyWIZnJjBBWi8xEo1Zt+WekSvPPFeUfV4zz7hInFYV6jcxcgrdaZPRDnDegzkZ
EB4mUMOXJR91iEem7xpEb39ifoboLFux+oMYd7jDExoOlPib1xcHq8uiOi1qtodz
2WhfoBkBLY7T7aja3PWc/b1vXD3ZUCB3+uRDmJQmq2IavVgmvuR8K1gRPUku/chx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:42 2024 by rpki-client on console-ams.rpki-client.org