Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/7ffcb3-357f-436d-8ae3-009477e84a86/1/Zl8hHURdh2-RaevxYIcg655s3-Q.roa
File: Zl8hHURdh2-RaevxYIcg655s3-Q.roa (raw, json)
Hash identifier: 96E4sqlIwEInvaJ2viwzJqrAaYXhAXxNK2iwx5LIs5g=
Subject key identifier: 66:5F:21:1D:44:5D:87:6F:91:69:EB:F1:60:87:20:EB:9E:6C:DF:E4
Certificate issuer: /CN=78024d480b37705fa0091b5774174e80fdd8add8
Certificate serial: 01856C780AC597FE7A6FFA2875EC8306EFCB
Authority key identifier: 78:02:4D:48:0B:37:70:5F:A0:09:1B:57:74:17:4E:80:FD:D8:AD:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eAJNSAs3cF-gCRtXdBdOgP3Yrdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/7ffcb3-357f-436d-8ae3-009477e84a86/1/Zl8hHURdh2-RaevxYIcg655s3-Q.roa
Signing time: Sun 01 Jan 2023 08:34:44 +0000
ROA not before: Sun 01 Jan 2023 08:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62252
IP address blocks: 185.41.157.0/24 maxlen: 24
185.41.158.0/24 maxlen: 24
185.41.159.0/24 maxlen: 24
185.41.156.0/22 maxlen: 22
185.41.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:0a:c5:97:fe:7a:6f:fa:28:75:ec:83:06:ef:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78024d480b37705fa0091b5774174e80fdd8add8
Validity
Not Before: Jan 1 08:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=665f211d445d876f9169ebf1608720eb9e6cdfe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:7f:83:e6:4c:09:04:89:27:03:9b:0f:da:7b:
0d:6a:41:97:32:bc:9a:7f:cf:8c:d8:f4:07:5e:25:
67:2c:ee:0a:09:25:33:d4:3a:70:dc:7a:89:35:da:
76:1f:71:ef:6d:22:87:72:d1:72:e5:e9:1e:fd:14:
bd:c2:53:07:d0:d3:42:2b:f0:1c:23:34:64:dc:20:
b7:ee:e9:93:94:7f:df:f2:f8:35:77:e3:1d:54:77:
f7:9b:4a:32:e6:4d:23:9a:15:bf:cf:db:a1:c0:7d:
d8:72:09:6e:ec:d7:47:3d:4e:94:2d:ca:c8:83:3e:
5b:6c:a5:25:76:03:05:00:49:cd:ae:cb:88:18:24:
13:3f:4b:d4:13:f2:c1:9b:9f:8b:6f:89:85:32:a1:
38:68:99:75:9d:17:60:41:57:8b:96:6c:6a:07:6e:
3c:b0:a4:d1:29:f2:81:56:12:c4:b4:0e:da:fc:15:
ba:6a:b5:ea:c7:61:d7:eb:2c:c2:23:aa:0e:04:55:
62:c2:37:ce:3d:cb:56:73:3c:e9:25:f2:4f:c9:e3:
97:ff:d7:f5:7f:d3:b5:f1:3a:50:37:5b:52:8a:e4:
bb:d7:cb:09:ee:0b:3e:2a:2f:02:fd:a6:ba:78:c1:
65:72:93:b2:bf:69:4a:e1:45:ed:5f:36:d3:51:26:
85:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:5F:21:1D:44:5D:87:6F:91:69:EB:F1:60:87:20:EB:9E:6C:DF:E4
X509v3 Authority Key Identifier:
keyid:78:02:4D:48:0B:37:70:5F:A0:09:1B:57:74:17:4E:80:FD:D8:AD:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eAJNSAs3cF-gCRtXdBdOgP3Yrdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7ffcb3-357f-436d-8ae3-009477e84a86/1/Zl8hHURdh2-RaevxYIcg655s3-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7ffcb3-357f-436d-8ae3-009477e84a86/1/eAJNSAs3cF-gCRtXdBdOgP3Yrdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.41.156.0/22
Signature Algorithm: sha256WithRSAEncryption
20:7b:0d:1f:b1:2c:02:a1:db:86:8d:a3:c1:75:0d:ef:7e:8c:
53:d3:06:2a:16:87:6c:b4:62:60:e7:5e:2b:07:36:21:ff:9a:
86:02:5e:6e:ba:09:f9:a5:33:1f:25:45:22:39:3c:2e:d3:09:
c6:80:cb:7d:1b:cb:27:cd:c4:a8:0d:cc:12:85:57:db:a7:cc:
4b:a9:17:82:b5:42:84:8a:89:29:a3:09:e8:27:7d:f8:5d:12:
d8:e7:4d:c9:4b:38:2c:3a:07:ab:68:8c:2c:1c:a3:26:86:d3:
df:ec:7f:69:2b:72:e4:d2:46:de:cd:94:8a:87:1c:91:46:f7:
c1:94:0e:b2:39:73:1c:30:34:59:da:c0:7a:84:8d:b2:38:2f:
f3:37:84:be:b2:01:b3:c4:09:c8:76:b7:42:d5:f0:7a:73:78:
51:c2:7c:3d:77:92:f0:69:9f:1d:93:65:d7:55:33:62:d5:fc:
c8:1a:95:b8:fe:76:ba:b0:ff:6f:bb:ac:dc:a8:7f:e5:cb:d1:
60:16:05:49:99:db:11:38:ec:b7:e2:d1:9a:d5:79:1c:b5:66:
96:f5:38:a8:9f:43:a0:f4:2c:ec:09:b8:ff:79:5e:3a:2c:89:
8f:96:f0:a7:11:c5:7d:a2:75:32:ad:3e:78:3d:e7:73:7f:49:
35:55:e1:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVseArFl/56b/oodeyDBu/LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4MDI0ZDQ4MGIzNzcwNWZhMDA5MWI1Nzc0MTc0ZTgwZmRk
OGFkZDgwHhcNMjMwMTAxMDgzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjVmMjExZDQ0NWQ4NzZmOTE2OWViZjE2MDg3MjBlYjllNmNkZmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3+D5kwJBIknA5sP2nsNakGXMrya
f8+M2PQHXiVnLO4KCSUz1Dpw3HqJNdp2H3HvbSKHctFy5eke/RS9wlMH0NNCK/Ac
IzRk3CC37umTlH/f8vg1d+MdVHf3m0oy5k0jmhW/z9uhwH3Ycglu7NdHPU6ULcrI
gz5bbKUldgMFAEnNrsuIGCQTP0vUE/LBm5+Lb4mFMqE4aJl1nRdgQVeLlmxqB248
sKTRKfKBVhLEtA7a/BW6arXqx2HX6yzCI6oOBFViwjfOPctWczzpJfJPyeOX/9f1
f9O18TpQN1tSiuS718sJ7gs+Ki8C/aa6eMFlcpOyv2lK4UXtXzbTUSaF7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGZfIR1EXYdvkWnr8WCHIOuebN/kMB8GA1UdIwQY
MBaAFHgCTUgLN3BfoAkbV3QXToD92K3YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUFKTlNBczNjRi1nQ1J0WGRCZE9nUDNZcmRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi83ZmZjYjMtMzU3Zi00MzZkLThhZTMt
MDA5NDc3ZTg0YTg2LzEvWmw4aEhVUmRoMi1SYWV2eFlJY2c2NTVzMy1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi83ZmZjYjMtMzU3Zi00MzZkLThhZTMtMDA5NDc3ZTg0YTg2
LzEvZUFKTlNBczNjRi1nQ1J0WGRCZE9nUDNZcmRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSmcMA0G
CSqGSIb3DQEBCwUAA4IBAQAgew0fsSwCoduGjaPBdQ3vfoxT0wYqFodstGJg514r
BzYh/5qGAl5uugn5pTMfJUUiOTwu0wnGgMt9G8snzcSoDcwShVfbp8xLqReCtUKE
iokpownoJ334XRLY503JSzgsOgeraIwsHKMmhtPf7H9pK3Lk0kbezZSKhxyRRvfB
lA6yOXMcMDRZ2sB6hI2yOC/zN4S+sgGzxAnIdrdC1fB6c3hRwnw9d5LwaZ8dk2XX
VTNi1fzIGpW4/na6sP9vu6zcqH/ly9FgFgVJmdsROOy34tGa1XkctWaW9Tion0Og
9CzsCbj/eV46LImPlvCnEcV9onUyrT54Pedzf0k1VeFL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:03 2024 by rpki-client on console-ams.rpki-client.org