Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/36720e-ebf2-4b41-8cc2-faff211ea4c6/1/ZIm2kBsm_5M9kHiyLa7uD1srgbs.roa
File: ZIm2kBsm_5M9kHiyLa7uD1srgbs.roa (raw, json)
Hash identifier: vUHyuWow9uZRY2u/y/YaHqBVaso5BjaKyPXcouLG+NY=
Subject key identifier: 64:89:B6:90:1B:26:FF:93:3D:90:78:B2:2D:AE:EE:0F:5B:2B:81:BB
Certificate issuer: /CN=015f2ef6db502994d7b0c8e49cd4a777bdb93572
Certificate serial: 018570FBAA159928739D6E3C515A890F8C5B
Authority key identifier: 01:5F:2E:F6:DB:50:29:94:D7:B0:C8:E4:9C:D4:A7:77:BD:B9:35:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AV8u9ttQKZTXsMjknNSnd725NXI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/36720e-ebf2-4b41-8cc2-faff211ea4c6/1/ZIm2kBsm_5M9kHiyLa7uD1srgbs.roa
Signing time: Mon 02 Jan 2023 05:36:59 +0000
ROA not before: Mon 02 Jan 2023 05:36:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203123
IP address blocks: 185.144.8.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:aa:15:99:28:73:9d:6e:3c:51:5a:89:0f:8c:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=015f2ef6db502994d7b0c8e49cd4a777bdb93572
Validity
Not Before: Jan 2 05:36:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6489b6901b26ff933d9078b22daeee0f5b2b81bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:81:e1:a9:2e:35:e6:2c:6b:82:4a:77:ff:c9:
a9:ea:72:ce:29:0c:53:7e:67:18:fc:79:69:e5:53:
72:8f:27:72:df:aa:0b:20:1f:c2:1b:d2:e2:74:95:
79:8e:46:27:21:7b:97:77:e9:5c:5d:9a:96:35:76:
0c:57:b7:a7:b0:06:fc:84:95:c1:7e:67:05:8d:c3:
8b:d2:e3:85:5b:2f:2b:54:ae:27:d5:37:28:ba:6b:
d2:aa:1a:3a:3a:73:2a:18:4f:c7:1b:a9:1f:c3:82:
9d:6f:d6:50:31:1d:6b:72:1c:67:8c:2f:83:5e:e1:
07:c6:7d:9d:37:96:f9:f5:30:bc:78:7a:40:2b:7d:
84:41:3b:d8:f7:c5:e0:3a:d3:10:92:a9:38:a3:06:
93:80:90:44:2e:de:e4:d7:da:ad:df:85:f3:95:2d:
ce:0b:54:e2:30:e2:1b:b7:cf:79:05:e9:5b:23:f3:
49:f6:7b:a0:cb:46:b6:09:7d:3b:e3:33:7b:4d:d5:
fa:91:6f:b6:9b:22:45:96:f2:40:87:7e:df:d7:69:
d4:c1:86:9f:d1:80:be:c7:18:37:bc:41:8f:46:6d:
23:4c:e0:8d:48:90:9c:23:3b:03:be:62:cb:16:f2:
89:a7:40:63:80:c3:9c:cf:f6:f4:fc:cb:07:3b:ab:
c6:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:89:B6:90:1B:26:FF:93:3D:90:78:B2:2D:AE:EE:0F:5B:2B:81:BB
X509v3 Authority Key Identifier:
keyid:01:5F:2E:F6:DB:50:29:94:D7:B0:C8:E4:9C:D4:A7:77:BD:B9:35:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AV8u9ttQKZTXsMjknNSnd725NXI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/36720e-ebf2-4b41-8cc2-faff211ea4c6/1/ZIm2kBsm_5M9kHiyLa7uD1srgbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/36720e-ebf2-4b41-8cc2-faff211ea4c6/1/AV8u9ttQKZTXsMjknNSnd725NXI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.8.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:4b:ea:1b:fd:aa:90:f1:64:21:8b:79:54:46:c5:30:63:e0:
1e:6f:2d:82:65:0b:33:a3:5d:50:1a:30:ea:69:f6:b1:05:c5:
1b:9f:63:48:cf:ba:49:a3:13:a6:b6:3a:50:12:dc:80:7c:7e:
66:50:f0:c4:f0:c7:ea:85:54:fa:16:86:91:96:94:35:8d:ea:
bd:8c:c1:13:22:10:12:cd:04:6e:23:f0:74:a6:3e:4e:88:c1:
e5:68:47:e7:cc:74:fc:16:a1:6c:ea:53:45:22:02:b2:43:6f:
6b:54:b1:22:1c:6f:c7:b4:c6:b1:68:80:cb:94:8c:30:a2:60:
d1:14:52:52:42:0f:0f:c0:83:67:c7:48:c2:45:4f:5f:fd:6f:
58:c5:67:f9:e9:de:92:b1:c5:11:83:f7:96:13:dd:ca:30:37:
fd:f6:13:04:ce:29:20:e8:83:d0:05:bc:26:c2:d9:9a:e1:80:
69:f0:30:49:03:51:40:b7:26:10:af:59:c2:0d:b4:af:c6:83:
04:a9:12:72:0a:ee:6a:88:cc:f4:60:08:f7:f2:c1:22:c3:b0:
1f:b5:e9:40:c1:c7:9e:32:e8:e4:8d:54:b5:86:ac:7e:5a:7d:
5a:c3:66:82:00:ce:bd:c7:52:08:91:c9:76:7c:eb:51:ce:b1:
da:0e:ba:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw+6oVmShznW48UVqJD4xbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNWYyZWY2ZGI1MDI5OTRkN2IwYzhlNDljZDRhNzc3YmRi
OTM1NzIwHhcNMjMwMTAyMDUzNjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDg5YjY5MDFiMjZmZjkzM2Q5MDc4YjIyZGFlZWUwZjViMmI4MWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoHhqS415ixrgkp3/8mp6nLOKQxT
fmcY/Hlp5VNyjydy36oLIB/CG9LidJV5jkYnIXuXd+lcXZqWNXYMV7ensAb8hJXB
fmcFjcOL0uOFWy8rVK4n1TcoumvSqho6OnMqGE/HG6kfw4Kdb9ZQMR1rchxnjC+D
XuEHxn2dN5b59TC8eHpAK32EQTvY98XgOtMQkqk4owaTgJBELt7k19qt34XzlS3O
C1TiMOIbt895BelbI/NJ9nugy0a2CX074zN7TdX6kW+2myJFlvJAh37f12nUwYaf
0YC+xxg3vEGPRm0jTOCNSJCcIzsDvmLLFvKJp0BjgMOcz/b0/MsHO6vGdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGSJtpAbJv+TPZB4si2u7g9bK4G7MB8GA1UdIwQY
MBaAFAFfLvbbUCmU17DI5JzUp3e9uTVyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVY4dTl0dFFLWlRYc01qa25OU25kNzI1TlhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zNjcyMGUtZWJmMi00YjQxLThjYzIt
ZmFmZjIxMWVhNGM2LzEvWkltMmtCc21fNU05a0hpeUxhN3VEMXNyZ2JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zNjcyMGUtZWJmMi00YjQxLThjYzItZmFmZjIxMWVhNGM2
LzEvQVY4dTl0dFFLWlRYc01qa25OU25kNzI1TlhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZAIMA0G
CSqGSIb3DQEBCwUAA4IBAQC4S+ob/aqQ8WQhi3lURsUwY+Aeby2CZQszo11QGjDq
afaxBcUbn2NIz7pJoxOmtjpQEtyAfH5mUPDE8MfqhVT6FoaRlpQ1jeq9jMETIhAS
zQRuI/B0pj5OiMHlaEfnzHT8FqFs6lNFIgKyQ29rVLEiHG/HtMaxaIDLlIwwomDR
FFJSQg8PwINnx0jCRU9f/W9YxWf56d6SscURg/eWE93KMDf99hMEzikg6IPQBbwm
wtma4YBp8DBJA1FAtyYQr1nCDbSvxoMEqRJyCu5qiMz0YAj38sEiw7AftelAwcee
MujkjVS1hqx+Wn1aw2aCAM69x1IIkcl2fOtRzrHaDrrF
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:53:48 2024 by rpki-client on console-ams.rpki-client.org