Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/7a13ee-b731-4ff9-bef0-4b1581f09d3b/1/z5DaMPZZBfRl8HrZa3WNG_k-vU0.roa
File: z5DaMPZZBfRl8HrZa3WNG_k-vU0.roa (raw, json)
Hash identifier: aK9rXXxAjM/ScXRk2TCpf+R0CqCwBU6MHmW+n8bBHFw=
Subject key identifier: CF:90:DA:30:F6:59:05:F4:65:F0:7A:D9:6B:75:8D:1B:F9:3E:BD:4D
Certificate issuer: /CN=4be896a4195385d4b94b7295988ccfbfa8ac99c5
Certificate serial: 01857139AC788E1EDDCE90692571A6907CDA
Authority key identifier: 4B:E8:96:A4:19:53:85:D4:B9:4B:72:95:98:8C:CF:BF:A8:AC:99:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S-iWpBlThdS5S3KVmIzPv6ismcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/7a13ee-b731-4ff9-bef0-4b1581f09d3b/1/z5DaMPZZBfRl8HrZa3WNG_k-vU0.roa
Signing time: Mon 02 Jan 2023 06:44:42 +0000
ROA not before: Mon 02 Jan 2023 06:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205052
IP address blocks: 185.231.198.0/23 maxlen: 23
185.231.196.0/23 maxlen: 23
2a0c:7900::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:ac:78:8e:1e:dd:ce:90:69:25:71:a6:90:7c:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4be896a4195385d4b94b7295988ccfbfa8ac99c5
Validity
Not Before: Jan 2 06:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf90da30f65905f465f07ad96b758d1bf93ebd4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b7:37:25:f8:f2:a6:34:53:8f:44:d5:ec:2e:
97:6d:72:67:7a:8e:12:12:f0:73:f8:db:4d:02:35:
14:ec:0e:aa:48:36:30:b2:08:fd:83:4b:0f:8d:3e:
59:51:ab:35:02:ed:d0:51:6b:bb:52:4b:57:cb:11:
59:64:0f:32:e5:6a:6b:52:ec:0c:32:60:cc:ec:78:
f9:25:47:e1:ae:f4:c2:fb:7c:46:8d:0c:11:fa:f1:
d4:37:3b:65:da:42:bc:92:cd:09:e7:06:f3:93:a4:
56:2d:a0:7f:3c:85:29:65:c8:84:cc:7a:9a:fe:6d:
09:74:c1:4d:08:49:98:92:27:ab:cd:5b:db:4d:e4:
31:a3:3e:54:78:8d:07:11:aa:bd:6f:53:d5:62:06:
33:fb:ff:42:a7:d4:b6:27:b9:d5:fa:df:ad:4b:77:
21:41:41:64:70:08:1a:78:81:38:0f:0a:41:1f:32:
5f:26:e4:fd:33:b5:0d:cd:d2:67:9e:69:d0:ee:7d:
56:ae:ce:aa:18:d2:8d:ca:e4:68:3f:35:40:7b:63:
83:95:fe:ed:fb:78:a4:b1:a7:9f:aa:64:34:fa:92:
b4:0d:57:af:49:91:a8:12:c4:01:33:73:1b:99:7a:
f7:71:32:75:d2:35:5a:c3:2d:c4:ec:63:9c:ed:70:
e1:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:90:DA:30:F6:59:05:F4:65:F0:7A:D9:6B:75:8D:1B:F9:3E:BD:4D
X509v3 Authority Key Identifier:
keyid:4B:E8:96:A4:19:53:85:D4:B9:4B:72:95:98:8C:CF:BF:A8:AC:99:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S-iWpBlThdS5S3KVmIzPv6ismcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/7a13ee-b731-4ff9-bef0-4b1581f09d3b/1/z5DaMPZZBfRl8HrZa3WNG_k-vU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/7a13ee-b731-4ff9-bef0-4b1581f09d3b/1/S-iWpBlThdS5S3KVmIzPv6ismcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.196.0/22
IPv6:
2a0c:7900::/29
Signature Algorithm: sha256WithRSAEncryption
0b:b4:4d:af:56:97:0d:ce:2d:e8:0f:ca:c3:06:fc:e6:d3:dd:
dc:91:b9:b4:af:b0:02:58:c5:56:76:25:07:df:c1:c4:f5:9e:
dc:0e:c8:56:89:87:f9:32:9d:73:cf:e7:c2:62:ed:58:15:77:
d0:5b:18:91:22:8c:a3:36:12:41:2a:58:cf:3e:28:2f:60:74:
7d:c0:be:e7:79:71:16:4e:19:da:4b:28:8b:da:64:a0:38:a4:
c1:38:41:fa:33:04:82:48:6d:65:c7:ba:58:f3:8b:de:fb:3f:
64:0a:62:85:0e:e1:91:09:5b:85:fd:e4:62:15:e3:1e:de:a6:
45:76:4c:77:19:1d:fa:2b:ad:fd:ef:86:67:b3:30:bb:0c:e4:
f3:52:1a:2c:c7:8f:45:85:fe:ca:f1:06:42:9b:cf:4e:b9:fe:
64:8a:7c:59:ba:7f:48:6c:1a:61:f8:e6:ff:1f:00:b8:30:db:
48:ee:84:e2:55:dc:c5:27:4f:2c:29:14:c8:43:cb:92:1d:8b:
ff:70:ae:85:16:65:bc:70:db:58:7b:0b:f8:2e:b6:4d:2e:e0:
09:aa:a4:48:9b:ed:44:15:3c:13:4f:9f:92:c3:81:60:73:f8:
c8:2b:f9:77:15:ae:71:25:67:3d:a1:ed:f4:f8:30:17:74:ce:
65:43:b9:de
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxOax4jh7dzpBpJXGmkHzaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZTg5NmE0MTk1Mzg1ZDRiOTRiNzI5NTk4OGNjZmJmYThh
Yzk5YzUwHhcNMjMwMTAyMDY0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjkwZGEzMGY2NTkwNWY0NjVmMDdhZDk2Yjc1OGQxYmY5M2ViZDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbc3JfjypjRTj0TV7C6XbXJneo4S
EvBz+NtNAjUU7A6qSDYwsgj9g0sPjT5ZUas1Au3QUWu7UktXyxFZZA8y5WprUuwM
MmDM7Hj5JUfhrvTC+3xGjQwR+vHUNztl2kK8ks0J5wbzk6RWLaB/PIUpZciEzHqa
/m0JdMFNCEmYkierzVvbTeQxoz5UeI0HEaq9b1PVYgYz+/9Cp9S2J7nV+t+tS3ch
QUFkcAgaeIE4DwpBHzJfJuT9M7UNzdJnnmnQ7n1Wrs6qGNKNyuRoPzVAe2ODlf7t
+3iksaefqmQ0+pK0DVevSZGoEsQBM3MbmXr3cTJ10jVawy3E7GOc7XDh1wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM+Q2jD2WQX0ZfB62Wt1jRv5Pr1NMB8GA1UdIwQY
MBaAFEvolqQZU4XUuUtylZiMz7+orJnFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUy1pV3BCbFRoZFM1UzNLVm1JelB2NmlzbWNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS83YTEzZWUtYjczMS00ZmY5LWJlZjAt
NGIxNTgxZjA5ZDNiLzEvejVEYU1QWlpCZlJsOEhyWmEzV05HX2stdlUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS83YTEzZWUtYjczMS00ZmY5LWJlZjAtNGIxNTgxZjA5ZDNi
LzEvUy1pV3BCbFRoZFM1UzNLVm1JelB2NmlzbWNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuefEMA0E
AgACMAcDBQMqDHkAMA0GCSqGSIb3DQEBCwUAA4IBAQALtE2vVpcNzi3oD8rDBvzm
093ckbm0r7ACWMVWdiUH38HE9Z7cDshWiYf5Mp1zz+fCYu1YFXfQWxiRIoyjNhJB
KljPPigvYHR9wL7neXEWThnaSyiL2mSgOKTBOEH6MwSCSG1lx7pY84ve+z9kCmKF
DuGRCVuF/eRiFeMe3qZFdkx3GR36K63974ZnszC7DOTzUhosx49Fhf7K8QZCm89O
uf5kinxZun9IbBph+Ob/HwC4MNtI7oTiVdzFJ08sKRTIQ8uSHYv/cK6FFmW8cNtY
ewv4LrZNLuAJqqRIm+1EFTwTT5+Sw4Fgc/jIK/l3Fa5xJWc9oe30+DAXdM5lQ7ne
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:58 2024 by rpki-client on console-ams.rpki-client.org