Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/z61ySULdobVvc-ZtjuHS7EEokNY.roa
File: z61ySULdobVvc-ZtjuHS7EEokNY.roa (raw, json)
Hash identifier: mA/UhKh+/UU5YPericFI7/ZAFWWJ+SdbiNmoUAHQ1D4=
Subject key identifier: CF:AD:72:49:42:DD:A1:B5:6F:73:E6:6D:8E:E1:D2:EC:41:28:90:D6
Certificate issuer: /CN=345ae646ea34ad2688aca2fdd1a6f3340356495e
Certificate serial: 018571151B4C3BE91B623539C0AA23EADB43
Authority key identifier: 34:5A:E6:46:EA:34:AD:26:88:AC:A2:FD:D1:A6:F3:34:03:56:49:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NFrmRuo0rSaIrKL90abzNANWSV4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/z61ySULdobVvc-ZtjuHS7EEokNY.roa
Signing time: Mon 02 Jan 2023 06:04:46 +0000
ROA not before: Mon 02 Jan 2023 06:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203887
IP address blocks: 185.120.172.0/24 maxlen: 24
185.120.172.0/22 maxlen: 24
185.120.175.0/24 maxlen: 24
185.120.174.0/23 maxlen: 24
185.120.174.0/24 maxlen: 24
185.120.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:1b:4c:3b:e9:1b:62:35:39:c0:aa:23:ea:db:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=345ae646ea34ad2688aca2fdd1a6f3340356495e
Validity
Not Before: Jan 2 06:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cfad724942dda1b56f73e66d8ee1d2ec412890d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2e:2c:12:80:d7:84:49:23:76:b6:f6:f5:4c:
48:ef:84:69:9a:aa:83:72:3b:48:bd:d0:f6:6c:f0:
a9:11:37:bc:df:37:05:56:57:ef:30:ee:e8:18:27:
d6:3d:d9:f2:9d:d6:29:c1:c6:36:50:2c:fb:55:12:
8c:e0:65:50:64:49:bc:25:f6:46:dd:38:d0:77:da:
fa:24:c5:f9:72:b5:d5:88:fc:cf:88:9a:cd:2d:1e:
55:34:54:89:bd:24:e4:75:28:da:68:ee:64:4d:43:
e6:ae:00:ce:74:d3:8b:98:6e:af:26:51:eb:f6:50:
77:65:d9:45:e5:03:4c:85:24:ae:b2:a9:f9:10:80:
d2:58:3d:77:27:69:0d:8e:35:ab:ad:de:89:71:4a:
09:52:9b:04:84:ec:1c:06:ec:1a:79:9b:56:87:9b:
f4:f7:7e:34:89:0e:56:fc:38:62:d8:c2:94:54:41:
a1:db:c5:cc:26:94:9e:67:fe:17:8d:76:45:08:19:
e5:60:bf:f3:9e:3f:d4:20:17:1c:93:06:73:e1:d8:
92:62:c5:9e:c7:12:9f:d2:ad:e7:a6:d4:92:9c:14:
38:6b:70:24:19:97:4f:6a:35:ef:a2:46:22:17:83:
38:34:78:55:42:c8:5a:c3:9f:05:af:15:a7:33:60:
0a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:AD:72:49:42:DD:A1:B5:6F:73:E6:6D:8E:E1:D2:EC:41:28:90:D6
X509v3 Authority Key Identifier:
keyid:34:5A:E6:46:EA:34:AD:26:88:AC:A2:FD:D1:A6:F3:34:03:56:49:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NFrmRuo0rSaIrKL90abzNANWSV4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/z61ySULdobVvc-ZtjuHS7EEokNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/NFrmRuo0rSaIrKL90abzNANWSV4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.172.0/22
Signature Algorithm: sha256WithRSAEncryption
14:c8:4e:43:44:54:a5:44:9c:a2:69:3b:5c:bc:f3:53:42:98:
10:4d:86:97:0b:7f:3c:1a:15:20:23:01:44:3a:85:87:a5:3d:
b8:5a:03:83:3b:eb:58:80:bd:12:70:62:57:c0:c8:59:0f:42:
fe:cb:ea:59:af:e3:4a:5f:86:a0:1e:b1:fd:b6:db:c0:06:d1:
1f:89:d7:71:31:08:59:fd:d8:e4:d5:77:a6:5c:d4:66:35:77:
80:08:db:66:42:d0:48:a1:ca:53:b8:8f:f3:a9:7d:1c:3c:a2:
f4:0a:8a:18:ec:89:cd:a8:d2:c3:0e:72:ab:a6:59:71:f5:6d:
e3:e7:86:b3:ed:c8:ab:1e:f1:4c:51:17:49:a4:49:dd:f8:36:
81:80:40:ae:a7:58:cc:99:f1:9c:b6:22:6f:74:15:c7:1e:4c:
65:94:7e:4d:c1:60:eb:3d:68:4f:72:de:64:99:80:da:45:9a:
26:cb:9e:94:81:4d:0e:f4:ab:fe:f5:75:9e:c9:3d:24:1a:a9:
6b:27:f7:b9:32:1a:2c:c1:24:82:7a:9e:6c:55:d8:5f:e0:fd:
ea:b7:7a:2b:8a:df:87:d0:62:b4:99:dc:d8:27:d6:8f:a0:ab:
b8:fc:42:a0:00:20:37:ea:3b:d4:c9:28:93:87:c3:2b:bb:79:
bb:4b:8f:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxFRtMO+kbYjU5wKoj6ttDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NWFlNjQ2ZWEzNGFkMjY4OGFjYTJmZGQxYTZmMzM0MDM1
NjQ5NWUwHhcNMjMwMTAyMDYwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmFkNzI0OTQyZGRhMWI1NmY3M2U2NmQ4ZWUxZDJlYzQxMjg5MGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAry4sEoDXhEkjdrb29UxI74RpmqqD
cjtIvdD2bPCpETe83zcFVlfvMO7oGCfWPdnyndYpwcY2UCz7VRKM4GVQZEm8JfZG
3TjQd9r6JMX5crXViPzPiJrNLR5VNFSJvSTkdSjaaO5kTUPmrgDOdNOLmG6vJlHr
9lB3ZdlF5QNMhSSusqn5EIDSWD13J2kNjjWrrd6JcUoJUpsEhOwcBuwaeZtWh5v0
9340iQ5W/Dhi2MKUVEGh28XMJpSeZ/4XjXZFCBnlYL/znj/UIBcckwZz4diSYsWe
xxKf0q3nptSSnBQ4a3AkGZdPajXvokYiF4M4NHhVQshaw58FrxWnM2AK8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM+tcklC3aG1b3PmbY7h0uxBKJDWMB8GA1UdIwQY
MBaAFDRa5kbqNK0miKyi/dGm8zQDVkleMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkZybVJ1bzByU2FJcktMOTBhYnpOQU5XU1Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8zY2MxMzUtZjE2Ni00MmViLTgyMDMt
ZjQ5MTIwYmVkNTFjLzEvejYxeVNVTGRvYlZ2Yy1adGp1SFM3RUVva05ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8zY2MxMzUtZjE2Ni00MmViLTgyMDMtZjQ5MTIwYmVkNTFj
LzEvTkZybVJ1bzByU2FJcktMOTBhYnpOQU5XU1Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXisMA0G
CSqGSIb3DQEBCwUAA4IBAQAUyE5DRFSlRJyiaTtcvPNTQpgQTYaXC388GhUgIwFE
OoWHpT24WgODO+tYgL0ScGJXwMhZD0L+y+pZr+NKX4agHrH9ttvABtEfiddxMQhZ
/djk1XemXNRmNXeACNtmQtBIocpTuI/zqX0cPKL0CooY7InNqNLDDnKrpllx9W3j
54az7cirHvFMURdJpEnd+DaBgECup1jMmfGctiJvdBXHHkxllH5NwWDrPWhPct5k
mYDaRZomy56UgU0O9Kv+9XWeyT0kGqlrJ/e5MhoswSSCep5sVdhf4P3qt3orit+H
0GK0mdzYJ9aPoKu4/EKgACA36jvUySiTh8Mru3m7S48x
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:11 2024 by rpki-client on console-fra.rpki-client.org