Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/kzGGJFi6fUXxK8wez3Mr_m4enDY.roa
File: kzGGJFi6fUXxK8wez3Mr_m4enDY.roa (raw, json)
Hash identifier: qzsiAT9g5ktG4N6GbcQOkYJR1VPfxuRWtjktf+OJEiA=
Subject key identifier: 93:31:86:24:58:BA:7D:45:F1:2B:CC:1E:CF:73:2B:FE:6E:1E:9C:36
Certificate issuer: /CN=345ae646ea34ad2688aca2fdd1a6f3340356495e
Certificate serial: 018571151A71E6070D1B203714DE5774ED59
Authority key identifier: 34:5A:E6:46:EA:34:AD:26:88:AC:A2:FD:D1:A6:F3:34:03:56:49:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NFrmRuo0rSaIrKL90abzNANWSV4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/kzGGJFi6fUXxK8wez3Mr_m4enDY.roa
Signing time: Mon 02 Jan 2023 06:04:46 +0000
ROA not before: Mon 02 Jan 2023 06:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.120.172.0/24 maxlen: 24
185.120.174.0/24 maxlen: 24
185.120.173.0/24 maxlen: 24
185.120.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:1a:71:e6:07:0d:1b:20:37:14:de:57:74:ed:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=345ae646ea34ad2688aca2fdd1a6f3340356495e
Validity
Not Before: Jan 2 06:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9331862458ba7d45f12bcc1ecf732bfe6e1e9c36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d9:12:31:12:3d:30:ff:4e:c0:44:fd:39:6b:
ad:ce:b9:66:ba:b8:84:17:6b:f5:15:f0:db:4a:de:
43:95:e8:ed:19:1d:d1:12:8c:bc:fc:37:eb:c8:df:
a4:75:f2:d3:96:65:ec:37:d5:51:34:db:da:7a:73:
8c:4e:35:50:1a:d5:4b:61:9d:8d:f0:f7:45:3a:0c:
d3:f7:c2:8d:93:9e:72:c2:16:af:e9:b9:4e:e7:ec:
87:de:35:ee:ff:01:90:43:10:28:29:58:90:5c:34:
5f:96:3d:be:f4:c7:ca:45:12:c2:46:dd:a3:53:df:
68:49:af:09:16:aa:2f:41:dd:8b:8f:21:bd:98:9a:
d2:3b:8e:99:b4:3e:2e:4d:5d:24:72:cd:22:bf:31:
d5:b3:33:7a:8a:14:a7:94:5c:49:72:d7:2c:5d:fb:
b7:3b:10:57:fb:dc:c1:1f:70:bc:74:83:9e:c6:ba:
79:de:1e:b1:4c:3d:11:81:6c:7c:90:56:ab:84:5d:
a3:8a:d9:9b:dd:ec:f3:1b:f9:16:34:ea:fb:3f:fb:
87:19:b0:2e:c2:80:e7:51:dc:d1:b4:31:f6:e3:54:
7f:eb:b3:7c:6d:ca:78:57:fc:aa:06:2f:fd:1f:96:
64:b9:30:14:6a:cb:2f:7f:f6:56:f4:98:08:12:a0:
77:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:31:86:24:58:BA:7D:45:F1:2B:CC:1E:CF:73:2B:FE:6E:1E:9C:36
X509v3 Authority Key Identifier:
keyid:34:5A:E6:46:EA:34:AD:26:88:AC:A2:FD:D1:A6:F3:34:03:56:49:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NFrmRuo0rSaIrKL90abzNANWSV4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/kzGGJFi6fUXxK8wez3Mr_m4enDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/NFrmRuo0rSaIrKL90abzNANWSV4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.172.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:29:38:49:80:bb:5c:ef:2b:4d:b5:0a:49:d2:f6:db:1c:18:
1b:d5:26:1a:d1:9a:06:23:5f:6f:1a:15:10:4e:f6:94:05:c5:
c9:18:17:81:d4:cb:3e:e1:7e:ce:d9:a8:e9:ef:e7:cd:5f:80:
e2:a6:cc:fa:c1:3b:8a:1f:cd:65:5e:a1:75:ed:d3:f6:7f:2b:
9f:fa:da:ce:78:72:a3:71:e1:1c:a4:0f:5e:2e:c1:f6:a5:bb:
83:b5:60:6e:e4:d8:66:47:3b:04:6a:92:4d:f1:12:9d:c4:68:
5c:65:e8:46:df:47:cf:88:61:0f:b2:b9:3d:eb:e7:d1:88:6b:
b5:dc:70:34:e8:13:15:a4:8b:5f:d8:66:6a:87:33:41:74:61:
35:aa:83:3d:30:be:4a:16:b4:5d:f7:1c:7a:24:1b:88:ba:da:
73:4f:80:46:75:94:1f:f4:64:e5:bf:ce:da:8f:57:42:8c:58:
9d:9e:0c:2d:7c:6a:26:59:a1:fa:c9:ad:7f:f4:f8:51:2c:a8:
72:ca:c6:7e:4c:43:cf:b2:31:f3:77:4b:96:ea:e8:21:02:86:
c4:0a:3f:6d:a4:67:89:11:36:be:64:a9:20:7a:c5:84:28:00:
24:3e:73:f1:74:a0:2e:c9:d7:3b:d4:7a:cc:d5:17:6a:96:14:
d3:48:84:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxFRpx5gcNGyA3FN5XdO1ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NWFlNjQ2ZWEzNGFkMjY4OGFjYTJmZGQxYTZmMzM0MDM1
NjQ5NWUwHhcNMjMwMTAyMDYwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzMxODYyNDU4YmE3ZDQ1ZjEyYmNjMWVjZjczMmJmZTZlMWU5YzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtkSMRI9MP9OwET9OWutzrlmuriE
F2v1FfDbSt5DlejtGR3REoy8/DfryN+kdfLTlmXsN9VRNNvaenOMTjVQGtVLYZ2N
8PdFOgzT98KNk55ywhav6blO5+yH3jXu/wGQQxAoKViQXDRflj2+9MfKRRLCRt2j
U99oSa8JFqovQd2LjyG9mJrSO46ZtD4uTV0kcs0ivzHVszN6ihSnlFxJctcsXfu3
OxBX+9zBH3C8dIOexrp53h6xTD0RgWx8kFarhF2jitmb3ezzG/kWNOr7P/uHGbAu
woDnUdzRtDH241R/67N8bcp4V/yqBi/9H5ZkuTAUassvf/ZW9JgIEqB36wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJMxhiRYun1F8SvMHs9zK/5uHpw2MB8GA1UdIwQY
MBaAFDRa5kbqNK0miKyi/dGm8zQDVkleMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkZybVJ1bzByU2FJcktMOTBhYnpOQU5XU1Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8zY2MxMzUtZjE2Ni00MmViLTgyMDMt
ZjQ5MTIwYmVkNTFjLzEva3pHR0pGaTZmVVh4Szh3ZXozTXJfbTRlbkRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8zY2MxMzUtZjE2Ni00MmViLTgyMDMtZjQ5MTIwYmVkNTFj
LzEvTkZybVJ1bzByU2FJcktMOTBhYnpOQU5XU1Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXisMA0G
CSqGSIb3DQEBCwUAA4IBAQAbKThJgLtc7ytNtQpJ0vbbHBgb1SYa0ZoGI19vGhUQ
TvaUBcXJGBeB1Ms+4X7O2ajp7+fNX4Dipsz6wTuKH81lXqF17dP2fyuf+trOeHKj
ceEcpA9eLsH2pbuDtWBu5NhmRzsEapJN8RKdxGhcZehG30fPiGEPsrk96+fRiGu1
3HA06BMVpItf2GZqhzNBdGE1qoM9ML5KFrRd9xx6JBuIutpzT4BGdZQf9GTlv87a
j1dCjFidngwtfGomWaH6ya1/9PhRLKhyysZ+TEPPsjHzd0uW6ughAobECj9tpGeJ
ETa+ZKkgesWEKAAkPnPxdKAuydc71HrM1RdqlhTTSISP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:33 2024 by rpki-client on console-ams.rpki-client.org