Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/264934-2a7f-428b-afe5-81d214edf298/1/ZFkAa1TqivLCfoW43deY2dQxTuQ.roa
File: ZFkAa1TqivLCfoW43deY2dQxTuQ.roa (raw, json)
Hash identifier: qxAKzWUfMGXkuDAul70vFQmR4as35r8RLQ0sj2Lq9IA=
Subject key identifier: 64:59:00:6B:54:EA:8A:F2:C2:7E:85:B8:DD:D7:98:D9:D4:31:4E:E4
Certificate issuer: /CN=b4dd6d658e14571e839f7813da31f2217422818e
Certificate serial: 01856FE71506131D03B5F7FFCD2C056875B2
Authority key identifier: B4:DD:6D:65:8E:14:57:1E:83:9F:78:13:DA:31:F2:21:74:22:81:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tN1tZY4UVx6Dn3gT2jHyIXQigY4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/264934-2a7f-428b-afe5-81d214edf298/1/ZFkAa1TqivLCfoW43deY2dQxTuQ.roa
Signing time: Mon 02 Jan 2023 00:34:53 +0000
ROA not before: Mon 02 Jan 2023 00:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50304
IP address blocks: 185.213.52.0/22 maxlen: 24
2a0b:8340::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e7:15:06:13:1d:03:b5:f7:ff:cd:2c:05:68:75:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4dd6d658e14571e839f7813da31f2217422818e
Validity
Not Before: Jan 2 00:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6459006b54ea8af2c27e85b8ddd798d9d4314ee4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:21:cd:d3:08:6c:8b:7e:0e:fd:2a:b8:b3:39:
89:31:8e:b7:51:d2:90:a5:22:bd:f3:aa:30:fc:03:
c5:5c:02:3f:67:f2:04:7f:a6:b6:88:fc:08:12:bb:
64:8b:3a:37:10:e8:68:7c:23:e1:20:97:18:39:53:
d5:0e:a6:05:c5:db:33:7e:e9:ad:20:ba:13:a8:a3:
ef:b7:3b:00:54:15:d6:e6:ba:f3:89:7a:65:1e:93:
87:11:0f:4b:cf:74:c1:2e:5a:cc:96:b6:b7:06:c2:
8e:d3:d1:05:d5:4e:82:93:53:5c:d8:f0:59:47:8a:
1a:7c:31:c8:3b:3a:c2:bf:42:bd:9c:95:4a:c5:c7:
cf:4d:b9:95:72:30:be:6c:ac:30:8d:7f:e4:6b:22:
74:ef:d0:cd:c9:98:3f:11:d2:ce:eb:b3:4d:cc:ec:
f0:46:5d:e3:80:d0:83:91:2f:dd:5e:4b:ac:56:f4:
cb:48:35:fe:e4:5a:4d:0f:e7:38:28:66:44:8a:17:
54:11:9b:40:f9:51:d0:ea:86:f6:fb:4a:47:e1:a1:
18:0f:6f:15:f3:d8:5b:36:36:13:f7:df:b9:fd:cc:
1d:56:c1:69:f0:07:da:75:f9:ba:01:59:c3:cb:d8:
a9:d3:9e:0b:db:2a:50:e2:a1:0e:3d:94:9d:9e:b4:
43:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:59:00:6B:54:EA:8A:F2:C2:7E:85:B8:DD:D7:98:D9:D4:31:4E:E4
X509v3 Authority Key Identifier:
keyid:B4:DD:6D:65:8E:14:57:1E:83:9F:78:13:DA:31:F2:21:74:22:81:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tN1tZY4UVx6Dn3gT2jHyIXQigY4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/264934-2a7f-428b-afe5-81d214edf298/1/ZFkAa1TqivLCfoW43deY2dQxTuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/264934-2a7f-428b-afe5-81d214edf298/1/tN1tZY4UVx6Dn3gT2jHyIXQigY4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.52.0/22
IPv6:
2a0b:8340::/29
Signature Algorithm: sha256WithRSAEncryption
1a:89:0c:fe:49:7c:43:0c:27:f4:91:28:3b:88:93:d5:2b:79:
c8:8f:e8:f9:4b:15:66:91:3e:1f:78:9d:cd:da:c3:6e:3c:c9:
01:8f:7a:d3:f4:6d:af:1c:18:1f:f7:85:74:85:6a:72:51:03:
8d:7e:70:fe:c1:55:b9:e4:76:a8:81:37:d2:95:4f:fc:6d:51:
ea:b8:99:88:9c:fa:6b:0c:1d:0b:0d:73:fb:6f:0a:73:5c:af:
d1:df:6b:b2:e5:5d:f9:e2:83:4b:3e:33:13:c3:1a:d4:2a:a2:
6f:ed:23:4c:94:e9:8e:58:fc:34:77:12:84:4f:e8:1a:ab:7c:
fc:0d:29:22:33:73:30:38:15:b6:af:40:34:39:c9:b9:82:ed:
10:e3:b7:88:68:ca:d3:db:a9:22:25:d6:8f:4d:8f:3e:72:b1:
36:9d:38:49:7f:5b:ff:5c:72:54:87:cf:3f:7a:6c:81:a3:6e:
74:1f:f5:0e:3f:cb:17:a0:cb:88:95:e2:ff:4d:61:4e:4a:a9:
ec:b2:88:ab:0a:d0:57:57:1c:fc:73:b3:36:52:0c:6d:bc:53:
a1:47:5e:bf:e6:84:3e:da:22:4c:04:c9:f8:50:34:b6:40:0a:
5d:91:c6:ee:6e:64:ce:61:98:f5:52:fb:f8:64:d2:08:05:df:
36:3a:fa:a0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv5xUGEx0Dtff/zSwFaHWyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZGQ2ZDY1OGUxNDU3MWU4MzlmNzgxM2RhMzFmMjIxNzQy
MjgxOGUwHhcNMjMwMTAyMDAzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDU5MDA2YjU0ZWE4YWYyYzI3ZTg1YjhkZGQ3OThkOWQ0MzE0ZWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCHN0whsi34O/Sq4szmJMY63UdKQ
pSK986ow/APFXAI/Z/IEf6a2iPwIErtkizo3EOhofCPhIJcYOVPVDqYFxdszfumt
ILoTqKPvtzsAVBXW5rrziXplHpOHEQ9Lz3TBLlrMlra3BsKO09EF1U6Ck1Nc2PBZ
R4oafDHIOzrCv0K9nJVKxcfPTbmVcjC+bKwwjX/kayJ079DNyZg/EdLO67NNzOzw
Rl3jgNCDkS/dXkusVvTLSDX+5FpND+c4KGZEihdUEZtA+VHQ6ob2+0pH4aEYD28V
89hbNjYT99+5/cwdVsFp8Afadfm6AVnDy9ip054L2ypQ4qEOPZSdnrRDEwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGRZAGtU6orywn6FuN3XmNnUMU7kMB8GA1UdIwQY
MBaAFLTdbWWOFFceg594E9ox8iF0IoGOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE4xdFpZNFVWeDZEbjNnVDJqSHlJWFFpZ1k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8yNjQ5MzQtMmE3Zi00MjhiLWFmZTUt
ODFkMjE0ZWRmMjk4LzEvWkZrQWExVHFpdkxDZm9XNDNkZVkyZFF4VHVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8yNjQ5MzQtMmE3Zi00MjhiLWFmZTUtODFkMjE0ZWRmMjk4
LzEvdE4xdFpZNFVWeDZEbjNnVDJqSHlJWFFpZ1k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudU0MA0E
AgACMAcDBQMqC4NAMA0GCSqGSIb3DQEBCwUAA4IBAQAaiQz+SXxDDCf0kSg7iJPV
K3nIj+j5SxVmkT4feJ3N2sNuPMkBj3rT9G2vHBgf94V0hWpyUQONfnD+wVW55Hao
gTfSlU/8bVHquJmInPprDB0LDXP7bwpzXK/R32uy5V354oNLPjMTwxrUKqJv7SNM
lOmOWPw0dxKET+gaq3z8DSkiM3MwOBW2r0A0Ocm5gu0Q47eIaMrT26kiJdaPTY8+
crE2nThJf1v/XHJUh88/emyBo250H/UOP8sXoMuIleL/TWFOSqnssoirCtBXVxz8
c7M2UgxtvFOhR16/5oQ+2iJMBMn4UDS2QApdkcbubmTOYZj1Uvv4ZNIIBd82Ovqg
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:27 2024 by rpki-client on console-ams.rpki-client.org