Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/ZX7oa7-apzBpn2pKA77I9-IqvT0.roa
File: ZX7oa7-apzBpn2pKA77I9-IqvT0.roa (raw, json)
Hash identifier: 72qx2B17im71qJsItGi1yK1Rva1sLNPV2TmtO2Uzksg=
Subject key identifier: 65:7E:E8:6B:BF:9A:A7:30:69:9F:6A:4A:03:BE:C8:F7:E2:2A:BD:3D
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018C7A85EC41658C0E4604F15AD3EB9C938D
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/ZX7oa7-apzBpn2pKA77I9-IqvT0.roa
Signing time: Mon 18 Dec 2023 01:24:06 +0000
ROA not before: Mon 18 Dec 2023 01:24:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211936
IP address blocks: 185.225.170.0/23 maxlen: 23
185.199.148.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7a:85:ec:41:65:8c:0e:46:04:f1:5a:d3:eb:9c:93:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Dec 18 01:24:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=657ee86bbf9aa730699f6a4a03bec8f7e22abd3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:96:a9:c9:9b:bf:6f:d2:ee:8e:24:7c:34:f5:
3a:79:60:bf:0f:83:44:5e:fe:73:4b:b5:55:85:21:
bd:d4:77:42:17:a8:34:20:d2:39:84:1a:32:cc:a7:
b3:12:7b:d8:a8:2f:39:24:15:81:2a:85:60:4f:b2:
e3:9c:35:26:ef:fd:04:10:f4:0d:fe:3d:80:4e:d9:
8e:b2:bd:63:2c:60:ac:7a:bb:25:ab:63:b0:8f:88:
62:bc:dd:11:fe:a5:d4:c6:67:10:d2:d2:fb:bc:6b:
1f:5d:86:60:58:92:e7:58:0b:08:08:8c:70:9f:af:
04:00:60:e4:35:2a:4b:1c:ac:7a:92:ec:80:47:98:
53:25:24:17:86:1b:13:2a:4a:34:be:7c:c9:d3:48:
bf:28:ff:46:2d:99:cf:ef:2a:5a:b2:c1:80:1e:a4:
17:3b:d2:fb:9b:5c:08:c8:96:17:da:b3:3b:f2:c2:
b2:f3:71:db:08:da:f6:b3:b7:c1:fe:fa:b0:51:37:
b1:8e:27:5b:42:f3:a8:62:1c:2d:e6:7a:11:4f:d9:
45:64:0a:5d:f4:25:d8:d8:46:bb:5b:74:2c:1d:3c:
0b:ec:c3:4b:84:d7:4a:a3:6c:fc:46:20:63:2c:99:
0a:2c:a2:47:cb:ab:42:8d:d0:3c:43:d5:fc:5d:75:
af:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:7E:E8:6B:BF:9A:A7:30:69:9F:6A:4A:03:BE:C8:F7:E2:2A:BD:3D
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/ZX7oa7-apzBpn2pKA77I9-IqvT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.148.0/23
185.225.170.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:d5:dd:a7:ef:47:67:ef:bc:c4:1e:1f:7a:ff:79:85:9f:bf:
cc:af:31:cc:0a:a2:a1:e1:86:12:32:f2:9f:18:e5:aa:c8:5e:
d3:15:45:eb:cf:8d:1e:33:0b:bf:ad:73:be:8e:a1:08:ce:90:
09:ea:11:db:ff:f5:9d:db:9d:a7:22:ff:c1:b1:80:90:15:32:
d7:c9:3c:13:64:a8:2c:3e:c6:4b:2f:72:4e:57:e9:59:af:0f:
d1:79:9a:66:0b:b8:e9:87:1a:ed:e6:ee:07:f5:db:71:e2:ed:
b3:d7:22:2a:c1:76:ab:fe:5c:02:5a:02:0e:93:fd:d1:c5:47:
19:23:a5:30:e0:65:df:b7:a5:75:1d:a2:eb:54:1b:0b:ec:80:
36:2a:6c:32:06:ba:d8:14:bc:2a:d9:7e:9d:26:ec:79:dc:ff:
b8:b5:7a:4b:4c:5c:d9:0a:bd:a7:db:2a:33:37:07:54:c5:07:
ce:57:62:21:12:ef:ec:98:71:a4:40:48:15:54:11:37:5b:17:
77:98:91:fc:f0:6f:52:f1:93:ff:68:d7:55:13:89:5f:b7:83:
19:88:b8:f6:ff:7f:d2:79:6f:60:43:0c:6a:a5:9d:56:59:d2:
9b:55:d9:2e:b9:aa:58:3e:ea:8d:62:c5:4b:da:7a:c4:00:0b:
07:2d:86:ec
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYx6hexBZYwORgTxWtPrnJONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMxMjE4MDEyNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTdlZTg2YmJmOWFhNzMwNjk5ZjZhNGEwM2JlYzhmN2UyMmFiZDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZapyZu/b9LujiR8NPU6eWC/D4NE
Xv5zS7VVhSG91HdCF6g0INI5hBoyzKezEnvYqC85JBWBKoVgT7LjnDUm7/0EEPQN
/j2ATtmOsr1jLGCserslq2Owj4hivN0R/qXUxmcQ0tL7vGsfXYZgWJLnWAsICIxw
n68EAGDkNSpLHKx6kuyAR5hTJSQXhhsTKko0vnzJ00i/KP9GLZnP7ypassGAHqQX
O9L7m1wIyJYX2rM78sKy83HbCNr2s7fB/vqwUTexjidbQvOoYhwt5noRT9lFZApd
9CXY2Ea7W3QsHTwL7MNLhNdKo2z8RiBjLJkKLKJHy6tCjdA8Q9X8XXWvXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGV+6Gu/mqcwaZ9qSgO+yPfiKr09MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvWlg3b2E3LWFwekJwbjJwS0E3N0k5LUlxdlQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuceUAwQB
ueGqMA0GCSqGSIb3DQEBCwUAA4IBAQBr1d2n70dn77zEHh96/3mFn7/MrzHMCqKh
4YYSMvKfGOWqyF7TFUXrz40eMwu/rXO+jqEIzpAJ6hHb//Wd252nIv/BsYCQFTLX
yTwTZKgsPsZLL3JOV+lZrw/ReZpmC7jphxrt5u4H9dtx4u2z1yIqwXar/lwCWgIO
k/3RxUcZI6Uw4GXft6V1HaLrVBsL7IA2KmwyBrrYFLwq2X6dJux53P+4tXpLTFzZ
Cr2n2yozNwdUxQfOV2IhEu/smHGkQEgVVBE3Wxd3mJH88G9S8ZP/aNdVE4lft4MZ
iLj2/3/SeW9gQwxqpZ1WWdKbVdkuuapYPuqNYsVL2nrEAAsHLYbs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org