Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/5d7df8-b464-4ca7-ba6c-800c99851368/1/ztRKDsUFQmiNFpkA-akEJEnEsXo.roa
File: ztRKDsUFQmiNFpkA-akEJEnEsXo.roa (raw, json)
Hash identifier: HF41ArFRc7gzqC5eID89OY0qPJ/l8dX3hIbOiLNZzlI=
Subject key identifier: CE:D4:4A:0E:C5:05:42:68:8D:16:99:00:F9:A9:04:24:49:C4:B1:7A
Certificate issuer: /CN=e36b4c58e6cfd9fa7e7222a58b3626db7b985324
Certificate serial: 01856FC28DB4933C71BFAB5215B142C0C221
Authority key identifier: E3:6B:4C:58:E6:CF:D9:FA:7E:72:22:A5:8B:36:26:DB:7B:98:53:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/42tMWObP2fp-ciKlizYm23uYUyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/5d7df8-b464-4ca7-ba6c-800c99851368/1/ztRKDsUFQmiNFpkA-akEJEnEsXo.roa
Signing time: Sun 01 Jan 2023 23:54:59 +0000
ROA not before: Sun 01 Jan 2023 23:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43016
IP address blocks: 195.181.192.0/20 maxlen: 20
185.121.216.0/22 maxlen: 22
2a06:a0c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:8d:b4:93:3c:71:bf:ab:52:15:b1:42:c0:c2:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e36b4c58e6cfd9fa7e7222a58b3626db7b985324
Validity
Not Before: Jan 1 23:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ced44a0ec50542688d169900f9a9042449c4b17a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c8:f8:df:6c:b4:2b:53:c6:65:9a:a1:ce:5c:
68:90:72:4a:fa:07:48:18:53:a4:e4:a7:15:bc:66:
13:b6:55:3c:71:0e:b0:7a:14:77:c6:45:53:86:a0:
c3:25:8e:82:17:05:64:4a:bf:75:fa:94:f7:5f:92:
67:d4:a6:e4:ab:2f:d3:cb:32:c8:f8:5f:c1:a7:19:
8b:1a:68:8b:b8:41:3d:c1:4a:2b:1a:2e:d3:73:b5:
e7:d3:2c:3d:d7:76:af:49:60:33:10:4f:04:5b:cb:
56:e2:28:47:3e:07:ce:4a:56:4b:06:fd:ea:6d:a1:
fa:f8:70:f2:d0:b1:a9:09:2b:09:bf:1b:66:11:cb:
3b:77:a8:c0:68:f0:07:0c:ff:3d:b6:10:9e:f9:58:
08:be:83:ca:df:05:de:29:e6:a1:e6:ab:5c:23:4f:
f8:d7:d1:92:2d:9b:c3:fd:0b:fa:ed:be:08:82:fc:
86:06:65:11:08:ee:93:04:ac:86:07:23:fc:78:fd:
3f:50:a2:34:4b:bd:94:f6:6b:a0:d5:22:ac:e9:4a:
fc:76:8b:b7:01:3c:c2:77:2b:5c:3a:24:bf:32:ab:
4e:6d:c5:39:2c:df:15:b9:95:ca:cc:2c:9b:4d:94:
f8:20:ed:c0:62:40:fe:f0:9e:f8:b8:d0:6c:38:c8:
22:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:D4:4A:0E:C5:05:42:68:8D:16:99:00:F9:A9:04:24:49:C4:B1:7A
X509v3 Authority Key Identifier:
keyid:E3:6B:4C:58:E6:CF:D9:FA:7E:72:22:A5:8B:36:26:DB:7B:98:53:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/42tMWObP2fp-ciKlizYm23uYUyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/5d7df8-b464-4ca7-ba6c-800c99851368/1/ztRKDsUFQmiNFpkA-akEJEnEsXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/5d7df8-b464-4ca7-ba6c-800c99851368/1/42tMWObP2fp-ciKlizYm23uYUyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.216.0/22
195.181.192.0/20
IPv6:
2a06:a0c0::/29
Signature Algorithm: sha256WithRSAEncryption
29:c9:e3:57:26:ad:ad:11:1f:4b:62:6e:17:89:09:84:66:08:
bf:09:f6:2a:cd:7a:0e:12:d9:5c:83:83:0a:8c:15:db:c0:d9:
8d:b9:19:a9:5e:5e:67:45:4c:83:fa:6a:99:a6:bf:2e:ce:5e:
a3:fc:e9:8a:d4:c9:24:cb:10:91:ff:4f:30:35:9e:43:b6:73:
53:7f:d8:73:ec:df:f2:d4:bd:ee:c8:b5:32:c5:87:44:9f:81:
7f:2f:7b:68:85:ff:a8:96:4f:ce:b5:85:0b:18:96:11:8c:a8:
40:d7:4b:98:64:18:3d:67:06:90:8b:29:19:56:a5:2c:94:4b:
a0:bb:25:9a:da:ea:55:85:fb:e6:0c:6f:f2:d8:7a:94:b8:0b:
fe:0e:93:9b:50:ba:03:da:c1:2a:f0:cf:fe:25:be:46:75:b1:
c2:e8:b2:36:f2:d2:a3:2d:8e:ad:2b:e4:52:62:85:44:1c:bc:
f3:29:18:9c:da:5c:0f:90:14:c8:07:cc:2b:15:bc:2a:b9:ef:
aa:85:6d:de:20:f8:b5:fc:6a:d7:1a:64:de:43:7c:09:5d:23:
31:f4:f6:83:df:76:7d:29:17:c3:15:ce:77:1b:f1:a9:23:6d:
53:6b:68:23:d5:5d:5c:87:62:d4:c0:81:7c:b8:8e:78:17:27:
79:d5:d0:e2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvwo20kzxxv6tSFbFCwMIhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzNmI0YzU4ZTZjZmQ5ZmE3ZTcyMjJhNThiMzYyNmRiN2I5
ODUzMjQwHhcNMjMwMTAxMjM1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWQ0NGEwZWM1MDU0MjY4OGQxNjk5MDBmOWE5MDQyNDQ5YzRiMTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsj432y0K1PGZZqhzlxokHJK+gdI
GFOk5KcVvGYTtlU8cQ6wehR3xkVThqDDJY6CFwVkSr91+pT3X5Jn1Kbkqy/TyzLI
+F/BpxmLGmiLuEE9wUorGi7Tc7Xn0yw913avSWAzEE8EW8tW4ihHPgfOSlZLBv3q
baH6+HDy0LGpCSsJvxtmEcs7d6jAaPAHDP89thCe+VgIvoPK3wXeKeah5qtcI0/4
19GSLZvD/Qv67b4IgvyGBmURCO6TBKyGByP8eP0/UKI0S72U9mug1SKs6Ur8dou3
ATzCdytcOiS/MqtObcU5LN8VuZXKzCybTZT4IO3AYkD+8J74uNBsOMgiawIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM7USg7FBUJojRaZAPmpBCRJxLF6MB8GA1UdIwQY
MBaAFONrTFjmz9n6fnIipYs2Jtt7mFMkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDJ0TVdPYlAyZnAtY2lLbGl6WW0yM3VZVXlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC81ZDdkZjgtYjQ2NC00Y2E3LWJhNmMt
ODAwYzk5ODUxMzY4LzEvenRSS0RzVUZRbWlORnBrQS1ha0VKRW5Fc1hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC81ZDdkZjgtYjQ2NC00Y2E3LWJhNmMtODAwYzk5ODUxMzY4
LzEvNDJ0TVdPYlAyZnAtY2lLbGl6WW0yM3VZVXlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuXnYAwQE
w7XAMA0EAgACMAcDBQMqBqDAMA0GCSqGSIb3DQEBCwUAA4IBAQApyeNXJq2tER9L
Ym4XiQmEZgi/CfYqzXoOEtlcg4MKjBXbwNmNuRmpXl5nRUyD+mqZpr8uzl6j/OmK
1MkkyxCR/08wNZ5DtnNTf9hz7N/y1L3uyLUyxYdEn4F/L3tohf+olk/OtYULGJYR
jKhA10uYZBg9ZwaQiykZVqUslEuguyWa2upVhfvmDG/y2HqUuAv+DpObULoD2sEq
8M/+Jb5GdbHC6LI28tKjLY6tK+RSYoVEHLzzKRic2lwPkBTIB8wrFbwque+qhW3e
IPi1/GrXGmTeQ3wJXSMx9PaD33Z9KRfDFc53G/GpI21Ta2gj1V1ch2LUwIF8uI54
Fyd51dDi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:44 2024 by rpki-client on console-ams.rpki-client.org