Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/21zgQ6rbsopIQDRPmi2Q0pZ4dcw.roa
File: 21zgQ6rbsopIQDRPmi2Q0pZ4dcw.roa (raw, json)
Hash identifier: 2GcGW665sbt4u0CJn9yNIQ5ZOPsH9/lyZVwUNoCYB8g=
Subject key identifier: DB:5C:E0:43:AA:DB:B2:8A:48:40:34:4F:9A:2D:90:D2:96:78:75:CC
Certificate issuer: /CN=ff4705a363dc1d8d0ea51c9b9a1ecbd3807bd054
Certificate serial: 018939A399BE0FF70BEBF80912AB5BBBA302
Authority key identifier: FF:47:05:A3:63:DC:1D:8D:0E:A5:1C:9B:9A:1E:CB:D3:80:7B:D0:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0cFo2PcHY0OpRybmh7L04B70FQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/21zgQ6rbsopIQDRPmi2Q0pZ4dcw.roa
Signing time: Sun 09 Jul 2023 07:52:50 +0000
ROA not before: Sun 09 Jul 2023 07:52:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199346
IP address blocks: 185.12.158.0/23 maxlen: 24
185.12.156.0/24 maxlen: 24
81.24.248.0/21 maxlen: 24
2a03:2240::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 09 Jul 2023 09:57:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:39:a3:99:be:0f:f7:0b:eb:f8:09:12:ab:5b:bb:a3:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff4705a363dc1d8d0ea51c9b9a1ecbd3807bd054
Validity
Not Before: Jul 9 07:52:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db5ce043aadbb28a4840344f9a2d90d2967875cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f0:c6:b2:cb:d3:b1:d4:56:8b:a9:1b:36:c5:
9c:41:08:c7:a0:89:8f:f9:01:3f:ad:86:e9:65:13:
64:df:2b:22:01:6e:3d:cb:36:d2:08:09:11:ec:a9:
6c:5e:44:64:a3:28:a8:ce:12:a2:59:f5:54:4b:e1:
40:43:d8:12:ad:53:eb:05:1e:0d:2d:9f:60:0a:bc:
c8:09:85:5e:57:6d:a7:9f:3e:d9:d7:9e:67:f2:c1:
35:f5:5b:c2:b2:90:f3:c0:5a:07:11:6d:54:9d:39:
7c:84:91:d8:36:19:6f:c9:af:2c:ca:b6:a9:c7:6d:
a2:ca:21:45:a6:c0:56:12:81:e7:8b:26:9f:55:2f:
43:4e:d1:48:b5:fe:34:77:9e:2c:3e:32:f3:d3:ea:
ea:e1:62:fd:5a:53:99:26:51:5b:6d:68:a5:61:17:
7f:37:c4:5e:5d:af:19:53:5d:9e:6f:8b:7a:90:b7:
9a:9e:f0:96:05:fd:e4:bb:8b:a0:d0:4b:8c:7a:46:
b3:dd:a9:4c:d7:d7:1b:c9:6d:6c:5b:a8:91:6d:c5:
2e:91:70:c7:06:7d:ac:0e:cc:98:e2:1b:36:33:54:
03:75:f6:7e:aa:db:9c:1a:e1:ca:c5:fb:16:e6:ac:
e9:f5:47:3f:11:1f:67:5c:10:93:b3:af:95:1e:f9:
d7:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:5C:E0:43:AA:DB:B2:8A:48:40:34:4F:9A:2D:90:D2:96:78:75:CC
X509v3 Authority Key Identifier:
keyid:FF:47:05:A3:63:DC:1D:8D:0E:A5:1C:9B:9A:1E:CB:D3:80:7B:D0:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0cFo2PcHY0OpRybmh7L04B70FQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/21zgQ6rbsopIQDRPmi2Q0pZ4dcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/_0cFo2PcHY0OpRybmh7L04B70FQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.24.248.0/21
185.12.156.0/24
185.12.158.0/23
IPv6:
2a03:2240::/32
Signature Algorithm: sha256WithRSAEncryption
4a:90:ce:d8:c9:05:e3:42:f8:95:c2:af:cf:8b:22:cb:86:4e:
97:14:99:05:28:a3:d7:83:96:14:fb:e9:96:df:0f:b8:1e:81:
49:a1:19:f4:3c:6e:e1:f7:d7:ff:92:b5:58:95:48:b1:79:6c:
26:bd:49:99:2e:54:d7:0f:27:30:86:90:80:58:cb:64:65:ad:
01:a3:00:6a:4b:43:b2:85:4b:f3:92:1e:ba:f5:f5:9b:cd:84:
d5:b3:aa:4b:5c:11:be:37:b7:aa:c2:55:f7:b6:0a:ae:a3:16:
bd:76:25:51:65:2d:f8:48:42:01:69:3b:b3:6e:22:9f:a4:05:
5b:29:7c:d2:9f:84:69:10:72:e0:fc:c6:78:70:3f:a8:d6:67:
f8:64:09:54:9d:8a:92:52:af:b1:23:5b:b0:3f:bb:48:b0:dd:
0d:59:f3:8c:0e:ad:66:61:f4:e8:d7:4f:13:7e:ac:bf:e4:60:
c3:93:0d:43:c5:fd:d1:f8:28:9b:c1:5c:d0:e8:89:b2:7d:0a:
b8:f7:dc:69:c3:86:1f:34:d2:6f:97:fc:c8:bf:7a:44:31:72:
20:f2:41:95:34:fa:f3:62:0f:4f:63:40:f9:a4:d1:4c:85:de:
0e:67:90:97:4c:fa:b5:c1:b2:73:79:22:99:83:11:af:4b:cd:
25:7c:0d:53
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYk5o5m+D/cL6/gJEqtbu6MCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNDcwNWEzNjNkYzFkOGQwZWE1MWM5YjlhMWVjYmQzODA3
YmQwNTQwHhcNMjMwNzA5MDc1MjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjVjZTA0M2FhZGJiMjhhNDg0MDM0NGY5YTJkOTBkMjk2Nzg3NWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvDGssvTsdRWi6kbNsWcQQjHoImP
+QE/rYbpZRNk3ysiAW49yzbSCAkR7KlsXkRkoyiozhKiWfVUS+FAQ9gSrVPrBR4N
LZ9gCrzICYVeV22nnz7Z155n8sE19VvCspDzwFoHEW1UnTl8hJHYNhlvya8syrap
x22iyiFFpsBWEoHniyafVS9DTtFItf40d54sPjLz0+rq4WL9WlOZJlFbbWilYRd/
N8ReXa8ZU12eb4t6kLeanvCWBf3ku4ug0EuMekaz3alM19cbyW1sW6iRbcUukXDH
Bn2sDsyY4hs2M1QDdfZ+qtucGuHKxfsW5qzp9Uc/ER9nXBCTs6+VHvnXhQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNtc4EOq27KKSEA0T5otkNKWeHXMMB8GA1UdIwQY
MBaAFP9HBaNj3B2NDqUcm5oey9OAe9BUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzBjRm8yUGNIWTBPcFJ5Ym1oN0wwNEI3MEZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wNWIzZDEtMTE2Zi00ZDYwLWExNzYt
NTZiYmUzOGY3NDA3LzEvMjF6Z1E2cmJzb3BJUURSUG1pMlEwcFo0ZGN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wNWIzZDEtMTE2Zi00ZDYwLWExNzYtNTZiYmUzOGY3NDA3
LzEvXzBjRm8yUGNIWTBPcFJ5Ym1oN0wwNEI3MEZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDURj4AwQA
uQycAwQBuQyeMA0EAgACMAcDBQAqAyJAMA0GCSqGSIb3DQEBCwUAA4IBAQBKkM7Y
yQXjQviVwq/PiyLLhk6XFJkFKKPXg5YU++mW3w+4HoFJoRn0PG7h99f/krVYlUix
eWwmvUmZLlTXDycwhpCAWMtkZa0BowBqS0OyhUvzkh669fWbzYTVs6pLXBG+N7eq
wlX3tgquoxa9diVRZS34SEIBaTuzbiKfpAVbKXzSn4RpEHLg/MZ4cD+o1mf4ZAlU
nYqSUq+xI1uwP7tIsN0NWfOMDq1mYfTo108Tfqy/5GDDkw1Dxf3R+CibwVzQ6Imy
fQq499xpw4YfNNJvl/zIv3pEMXIg8kGVNPrzYg9PY0D5pNFMhd4OZ5CXTPq1wbJz
eSKZgxGvS80lfA1T
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:21 2024 by rpki-client on console-ams.rpki-client.org