Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/_ZOgbfqgizFiziFap1XHlIxOi8M.roa
File: _ZOgbfqgizFiziFap1XHlIxOi8M.roa (raw, json)
Hash identifier: atl98FMoOSygSlkaeZCPpmDwjdE6P67rnXmfE/h0Yeg=
Subject key identifier: FD:93:A0:6D:FA:A0:8B:31:62:CE:21:5A:A7:55:C7:94:8C:4E:8B:C3
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018570676B677918FB0C6191BAB720723232
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/_ZOgbfqgizFiziFap1XHlIxOi8M.roa
Signing time: Mon 02 Jan 2023 02:55:03 +0000
ROA not before: Mon 02 Jan 2023 02:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209280
IP address blocks: 185.227.81.0/24 maxlen: 24
194.146.45.0/24 maxlen: 24
2a0b:3c40:13::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:6b:67:79:18:fb:0c:61:91:ba:b7:20:72:32:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jan 2 02:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd93a06dfaa08b3162ce215aa755c7948c4e8bc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:86:93:0c:8c:f9:78:04:7c:77:a8:45:60:6f:
bf:e0:ac:80:2a:ac:60:88:8d:27:b3:f9:67:f7:e6:
61:4b:ae:6e:2b:51:dd:b5:8d:c7:8f:48:d6:fb:d5:
f3:04:b3:14:72:0a:2d:3b:1c:87:42:05:b9:2a:7f:
12:78:98:da:65:0e:b7:eb:7d:e4:44:eb:f8:e0:63:
3b:8b:45:17:a2:05:b3:64:91:19:e1:f0:06:4a:67:
66:11:90:52:55:c5:2e:d8:11:63:ad:fc:fb:5b:09:
6b:60:18:9c:f3:87:8d:fb:f6:ab:1f:8c:05:98:65:
73:bd:59:de:b2:5b:6a:bf:ee:42:26:fd:24:61:53:
1b:a0:c4:87:63:20:d2:ed:60:63:1a:54:6b:fa:7f:
72:4d:d2:6e:dc:e9:c1:47:39:fe:48:60:ef:ad:7d:
d1:f3:77:22:5a:a2:2d:76:00:5a:90:19:3b:01:93:
b5:b7:36:43:53:a1:53:0b:3e:f2:9a:8f:d1:b6:78:
93:c0:d7:df:87:98:8a:a6:fd:61:71:a6:f0:a4:fe:
ca:77:75:4f:f5:79:a7:13:f8:78:7a:e3:c5:3f:c2:
e6:e0:c7:57:a6:d2:96:09:d2:54:e0:b3:5f:c7:71:
4e:8d:9d:1a:fc:4a:da:f9:22:d6:63:e0:c8:52:51:
a2:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:93:A0:6D:FA:A0:8B:31:62:CE:21:5A:A7:55:C7:94:8C:4E:8B:C3
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/_ZOgbfqgizFiziFap1XHlIxOi8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.227.81.0/24
194.146.45.0/24
IPv6:
2a0b:3c40:13::/48
Signature Algorithm: sha256WithRSAEncryption
87:87:9b:95:9a:58:66:5c:a9:1f:55:05:d4:5c:5f:4d:22:63:
8b:79:34:43:99:ca:b6:1e:87:02:3e:b7:93:20:02:98:a5:5e:
b0:a2:31:3f:d5:09:1e:4e:d2:be:9b:d9:81:8a:37:23:5b:1e:
91:92:1c:2b:bb:88:d7:c6:e4:32:7c:8f:8f:77:ce:4a:30:32:
2e:10:a3:3c:49:5a:4a:54:44:f0:8f:40:c3:c4:59:7d:b0:9e:
8d:ef:16:38:8d:ea:4c:8e:3c:08:73:44:b9:21:dd:af:99:71:
10:60:a9:f8:ef:54:0a:75:a1:f3:70:bb:81:0a:b9:0b:d0:6c:
77:de:e2:ef:4d:51:66:25:34:a4:aa:be:e8:73:7d:1d:3a:3b:
91:fc:27:56:e0:aa:72:e2:00:4c:be:80:0a:38:01:fc:8e:90:
e2:59:6b:78:23:fc:68:70:3a:8c:03:4f:88:53:cf:b4:9c:61:
d1:7f:57:26:18:eb:8d:89:9e:8f:29:fe:b6:09:62:51:28:30:
49:06:41:2f:46:ef:e5:6c:49:0e:de:4e:35:bc:6b:2b:d7:df:
46:66:23:d3:8d:b2:92:96:29:d7:c0:b7:fe:e9:21:c2:8d:ec:
41:4d:18:39:64:80:61:58:93:bb:db:8f:57:94:9c:6a:32:f4:
e0:a0:b8:f4
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVwZ2tneRj7DGGRurcgcjIyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMwMTAyMDI1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDkzYTA2ZGZhYTA4YjMxNjJjZTIxNWFhNzU1Yzc5NDhjNGU4YmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4aTDIz5eAR8d6hFYG+/4KyAKqxg
iI0ns/ln9+ZhS65uK1HdtY3Hj0jW+9XzBLMUcgotOxyHQgW5Kn8SeJjaZQ63633k
ROv44GM7i0UXogWzZJEZ4fAGSmdmEZBSVcUu2BFjrfz7WwlrYBic84eN+/arH4wF
mGVzvVnesltqv+5CJv0kYVMboMSHYyDS7WBjGlRr+n9yTdJu3OnBRzn+SGDvrX3R
83ciWqItdgBakBk7AZO1tzZDU6FTCz7ymo/RtniTwNffh5iKpv1hcabwpP7Kd3VP
9XmnE/h4euPFP8Lm4MdXptKWCdJU4LNfx3FOjZ0a/Era+SLWY+DIUlGiHQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFP2ToG36oIsxYs4hWqdVx5SMTovDMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvX1pPZ2JmcWdpekZpemlGYXAxWEhsSXhPaThNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAueNRAwQA
wpItMA8EAgACMAkDBwAqCzxAABMwDQYJKoZIhvcNAQELBQADggEBAIeHm5WaWGZc
qR9VBdRcX00iY4t5NEOZyrYehwI+t5MgApilXrCiMT/VCR5O0r6b2YGKNyNbHpGS
HCu7iNfG5DJ8j493zkowMi4QozxJWkpURPCPQMPEWX2wno3vFjiN6kyOPAhzRLkh
3a+ZcRBgqfjvVAp1ofNwu4EKuQvQbHfe4u9NUWYlNKSqvuhzfR06O5H8J1bgqnLi
AEy+gAo4AfyOkOJZa3gj/GhwOowDT4hTz7ScYdF/VyYY642Jno8p/rYJYlEoMEkG
QS9G7+VsSQ7eTjW8ayvX30ZmI9ONspKWKdfAt/7pIcKN7EFNGDlkgGFYk7vbj1eU
nGoy9OCguPQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org