Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/zGYjm5qxo_XSo6UH8pFERB2CWgw.roa
File: zGYjm5qxo_XSo6UH8pFERB2CWgw.roa (raw, json)
Hash identifier: yAVnqc/6OUQEWHHT58S8dGnum6hxXb8/6cYfjxIIXx8=
Subject key identifier: CC:66:23:9B:9A:B1:A3:F5:D2:A3:A5:07:F2:91:44:44:1D:82:5A:0C
Certificate issuer: /CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Certificate serial: 018572B418E970E8839639CF91E651A3DF13
Authority key identifier: 30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/zGYjm5qxo_XSo6UH8pFERB2CWgw.roa
Signing time: Mon 02 Jan 2023 13:38:03 +0000
ROA not before: Mon 02 Jan 2023 13:38:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.146.155.0/24 maxlen: 24
185.146.154.0/24 maxlen: 24
2a07:4f80:10::/44 maxlen: 44
2a07:4f80::/44 maxlen: 44
2a07:4f80::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 23 Jun 2023 09:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:18:e9:70:e8:83:96:39:cf:91:e6:51:a3:df:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Validity
Not Before: Jan 2 13:38:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc66239b9ab1a3f5d2a3a507f29144441d825a0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:2a:46:fe:20:a6:16:97:9b:86:66:8d:57:a6:
f9:ac:6b:96:c2:99:bf:05:b5:70:97:b1:50:ad:0d:
42:14:30:d8:55:7b:fb:7e:fd:39:6e:c6:d7:a0:bd:
fa:95:8b:48:9d:91:da:73:13:3a:43:71:e7:0a:3b:
f7:c8:0c:5b:27:14:3e:99:00:d7:b0:d2:cb:44:8d:
7b:8c:67:ee:91:bc:a3:eb:b7:4a:e5:21:2f:5f:46:
01:87:44:a2:63:06:84:1f:e8:3c:38:44:6f:44:55:
23:75:68:1d:76:25:d5:61:0e:f4:f2:e4:2b:c5:4b:
29:ce:9a:ca:8f:17:cc:ca:a1:14:e3:e0:7f:c5:ad:
41:3a:c5:6e:eb:fc:66:cc:d3:24:23:5c:97:9f:a2:
af:0a:6f:68:0b:83:bc:28:18:71:15:1a:02:f7:91:
14:68:40:9c:84:40:62:b4:e1:84:11:c6:a9:1e:cb:
1d:25:1d:63:36:dc:c9:19:c8:f9:cd:bd:14:30:72:
74:5b:f0:5b:a4:6c:42:7f:83:5c:30:66:09:b3:51:
db:2e:0b:78:05:91:7c:43:dd:c3:1c:8a:3b:1f:a7:
94:43:40:e1:54:7b:e1:62:e1:ef:18:fc:46:99:77:
7d:5a:ed:23:56:8f:fa:f0:25:12:9c:77:4c:f7:db:
3f:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:66:23:9B:9A:B1:A3:F5:D2:A3:A5:07:F2:91:44:44:1D:82:5A:0C
X509v3 Authority Key Identifier:
keyid:30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/zGYjm5qxo_XSo6UH8pFERB2CWgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/MAVrA3XYlLk8sOJtm01koIxYNx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.154.0/23
IPv6:
2a07:4f80::/43
Signature Algorithm: sha256WithRSAEncryption
0f:ca:94:aa:67:40:0d:23:f3:49:26:33:77:a8:94:bc:db:e6:
93:e9:10:58:c9:46:71:7f:af:7b:8c:0b:38:e1:2e:9e:35:85:
ed:26:2a:f5:82:13:c2:68:2f:69:26:3f:54:26:d2:bb:52:eb:
7f:bf:bb:3a:75:4a:2c:df:34:88:94:6e:85:86:03:4f:2d:eb:
c9:38:b7:8c:d2:73:16:98:f8:68:48:91:2d:2e:8b:db:f2:02:
79:b9:67:11:80:2c:4b:c5:8b:ca:32:50:a6:20:bb:a2:ef:4a:
8e:1a:88:d3:7e:7c:13:64:d4:20:7f:c0:d3:d9:ff:e3:a1:43:
61:7a:92:64:39:10:20:c8:2e:0d:71:e0:c3:e5:c5:97:a4:ed:
79:29:6b:e8:67:13:53:9a:8b:a1:26:a2:35:6d:53:f1:50:7d:
03:a2:0e:2a:10:4f:d3:74:b9:62:3b:73:ea:0b:df:91:e2:df:
44:6b:03:de:c6:86:58:98:1c:b8:07:c8:51:87:3f:c9:de:c9:
d0:e7:c4:9b:27:81:9b:6a:af:44:4d:25:82:7c:10:29:86:71:
b6:06:da:b1:d8:45:4d:79:fb:a6:0d:a6:b0:b1:f1:17:a5:13:
cf:b1:3c:c2:d1:31:be:5a:50:97:2b:4a:7e:f1:bb:55:95:f1:
c1:48:14:a2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVytBjpcOiDljnPkeZRo98TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMDU2YjAzNzVkODk0YjkzY2IwZTI2ZDliNGQ2NGEwOGM1
ODM3MWUwHhcNMjMwMTAyMTMzODAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzY2MjM5YjlhYjFhM2Y1ZDJhM2E1MDdmMjkxNDQ0NDFkODI1YTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyipG/iCmFpebhmaNV6b5rGuWwpm/
BbVwl7FQrQ1CFDDYVXv7fv05bsbXoL36lYtInZHacxM6Q3HnCjv3yAxbJxQ+mQDX
sNLLRI17jGfukbyj67dK5SEvX0YBh0SiYwaEH+g8OERvRFUjdWgddiXVYQ708uQr
xUspzprKjxfMyqEU4+B/xa1BOsVu6/xmzNMkI1yXn6KvCm9oC4O8KBhxFRoC95EU
aECchEBitOGEEcapHssdJR1jNtzJGcj5zb0UMHJ0W/BbpGxCf4NcMGYJs1HbLgt4
BZF8Q93DHIo7H6eUQ0DhVHvhYuHvGPxGmXd9Wu0jVo/68CUSnHdM99s/zwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMxmI5uasaP10qOlB/KRREQdgloMMB8GA1UdIwQY
MBaAFDAFawN12JS5PLDibZtNZKCMWDceMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEt
MTFiNGFmYmVkZTE5LzEvekdZam01cXhvX1hTbzZVSDhwRkVSQjJDV2d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEtMTFiNGFmYmVkZTE5
LzEvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuZKaMA8E
AgACMAkDBwUqB0+AAAAwDQYJKoZIhvcNAQELBQADggEBAA/KlKpnQA0j80kmM3eo
lLzb5pPpEFjJRnF/r3uMCzjhLp41he0mKvWCE8JoL2kmP1Qm0rtS63+/uzp1Sizf
NIiUboWGA08t68k4t4zScxaY+GhIkS0ui9vyAnm5ZxGALEvFi8oyUKYgu6LvSo4a
iNN+fBNk1CB/wNPZ/+OhQ2F6kmQ5ECDILg1x4MPlxZek7Xkpa+hnE1Oai6EmojVt
U/FQfQOiDioQT9N0uWI7c+oL35Hi30RrA97GhliYHLgHyFGHP8neydDnxJsngZtq
r0RNJYJ8ECmGcbYG2rHYRU15+6YNprCx8RelE8+xPMLRMb5aUJcrSn7xu1WV8cFI
FKI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:49 2024 by rpki-client on console-ams.rpki-client.org