Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/2b3f2f-14ae-464b-9b7c-7980a2e23007/1/ZsmySnx2UrWApemPxEPantFyYL0.roa
File: ZsmySnx2UrWApemPxEPantFyYL0.roa (raw, json)
Hash identifier: TfKLTKQ1/Bn8MjSP84HrIj3484d/7IxrxvUiFgzGh5Y=
Subject key identifier: 66:C9:B2:4A:7C:76:52:B5:80:A5:E9:8F:C4:43:DA:9E:D1:72:60:BD
Certificate issuer: /CN=9d581ff8954a8978b34d849101546cce61c4afa3
Certificate serial: 018CC56DFDF9FED2AD54B5209DF88037556A
Authority key identifier: 9D:58:1F:F8:95:4A:89:78:B3:4D:84:91:01:54:6C:CE:61:C4:AF:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nVgf-JVKiXizTYSRAVRszmHEr6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/2b3f2f-14ae-464b-9b7c-7980a2e23007/1/ZsmySnx2UrWApemPxEPantFyYL0.roa
Signing time: Mon 01 Jan 2024 14:29:28 +0000
ROA not before: Mon 01 Jan 2024 14:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203087
IP address blocks: 185.120.77.0/24 maxlen: 24
185.120.76.0/24 maxlen: 24
185.120.78.0/24 maxlen: 24
185.120.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Nov 2024 19:46:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:fd:f9:fe:d2:ad:54:b5:20:9d:f8:80:37:55:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d581ff8954a8978b34d849101546cce61c4afa3
Validity
Not Before: Jan 1 14:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66c9b24a7c7652b580a5e98fc443da9ed17260bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ae:aa:ca:b3:f1:af:c0:7d:7c:28:c9:53:f1:
d6:06:e6:07:c4:85:ec:78:f3:e6:34:ba:09:6b:f4:
e5:bd:7c:1c:3d:06:3b:8d:fa:08:b8:aa:bb:8f:40:
34:13:d0:72:91:67:a5:cc:dd:e7:5a:9b:99:48:e9:
2d:4c:30:0c:19:ab:3c:08:92:0d:96:56:ce:7f:39:
99:40:5d:f7:5c:e9:bc:1b:ba:19:64:d3:4d:b2:24:
70:fb:9d:a8:d4:00:35:bc:3e:b9:40:60:24:a8:17:
b0:6e:6b:be:fb:dd:47:4d:6d:92:56:e4:b3:06:92:
c6:50:f0:19:27:9e:86:34:3d:47:3a:e7:29:0b:bc:
3c:58:a9:f6:e9:38:84:31:e3:b5:39:b9:88:4b:29:
1b:62:5b:3d:5d:48:69:1b:91:a5:a9:89:a5:ec:1e:
a1:8e:f3:77:ac:28:a3:e7:db:89:d1:01:65:b3:7b:
cf:2a:e8:78:b0:52:2d:3b:4c:5d:7b:1e:a6:f5:e8:
57:8a:ec:bd:9e:7d:cc:d3:55:a5:0c:07:fb:dc:20:
19:74:e0:3d:a9:fa:ef:03:48:3b:a5:dc:45:7a:f4:
83:6c:46:18:db:e5:0a:fa:f7:e7:e7:b9:9a:6f:73:
19:50:89:70:3a:c0:51:2b:2b:cf:be:67:6c:78:97:
43:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:C9:B2:4A:7C:76:52:B5:80:A5:E9:8F:C4:43:DA:9E:D1:72:60:BD
X509v3 Authority Key Identifier:
keyid:9D:58:1F:F8:95:4A:89:78:B3:4D:84:91:01:54:6C:CE:61:C4:AF:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nVgf-JVKiXizTYSRAVRszmHEr6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/2b3f2f-14ae-464b-9b7c-7980a2e23007/1/ZsmySnx2UrWApemPxEPantFyYL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/2b3f2f-14ae-464b-9b7c-7980a2e23007/1/nVgf-JVKiXizTYSRAVRszmHEr6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.76.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:55:08:0e:20:e0:85:9a:32:9e:03:2f:9f:ed:9e:be:9b:a9:
73:b0:44:9e:6a:32:90:1f:59:83:1c:10:02:dd:d0:c4:49:90:
1f:7e:3e:83:aa:2d:45:ec:b3:f0:f7:a1:8e:56:23:19:7d:02:
7c:98:ed:ad:0c:80:58:be:44:0a:f6:ce:d7:77:41:58:36:98:
b7:f9:59:1b:59:95:4d:16:f0:39:b9:68:90:4d:16:22:05:52:
73:31:9a:ae:68:c0:e8:c6:eb:e0:f0:2e:6b:9c:9f:d5:12:bf:
59:10:40:06:bd:27:1d:60:59:84:19:fa:8a:cd:33:3f:9d:27:
8e:41:4c:59:70:b3:f8:68:b6:24:8d:a7:8c:97:65:b7:79:65:
ae:5b:95:7c:c0:7d:53:b7:15:44:09:25:50:95:9f:96:dc:28:
2c:2a:55:ac:f2:f3:4c:ae:31:9c:7e:82:50:a5:b7:e7:93:9a:
b9:ef:3f:42:db:7a:52:a8:c0:bd:3d:22:5b:83:47:d9:50:2e:
c2:65:91:59:f0:fb:db:9f:ec:20:66:d4:e7:de:0a:16:e6:84:
c9:05:fa:6b:0d:50:ab:3f:b1:61:2f:fa:d9:58:b2:45:e4:86:
b7:3d:0d:f3:9d:0e:70:92:fe:ea:a5:ee:04:e8:2b:72:c5:bf:
94:3c:1b:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbf35/tKtVLUgnfiAN1VqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNTgxZmY4OTU0YTg5NzhiMzRkODQ5MTAxNTQ2Y2NlNjFj
NGFmYTMwHhcNMjQwMTAxMTQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmM5YjI0YTdjNzY1MmI1ODBhNWU5OGZjNDQzZGE5ZWQxNzI2MGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApa6qyrPxr8B9fCjJU/HWBuYHxIXs
ePPmNLoJa/TlvXwcPQY7jfoIuKq7j0A0E9BykWelzN3nWpuZSOktTDAMGas8CJIN
llbOfzmZQF33XOm8G7oZZNNNsiRw+52o1AA1vD65QGAkqBewbmu++91HTW2SVuSz
BpLGUPAZJ56GND1HOucpC7w8WKn26TiEMeO1ObmISykbYls9XUhpG5GlqYml7B6h
jvN3rCij59uJ0QFls3vPKuh4sFItO0xdex6m9ehXiuy9nn3M01WlDAf73CAZdOA9
qfrvA0g7pdxFevSDbEYY2+UK+vfn57mab3MZUIlwOsBRKyvPvmdseJdD6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGbJskp8dlK1gKXpj8RD2p7RcmC9MB8GA1UdIwQY
MBaAFJ1YH/iVSol4s02EkQFUbM5hxK+jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblZnZi1KVktpWGl6VFlTUkFWUnN6bUhFcjZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yYjNmMmYtMTRhZS00NjRiLTliN2Mt
Nzk4MGEyZTIzMDA3LzEvWnNteVNueDJVcldBcGVtUHhFUGFudEZ5WUwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yYjNmMmYtMTRhZS00NjRiLTliN2MtNzk4MGEyZTIzMDA3
LzEvblZnZi1KVktpWGl6VFlTUkFWUnN6bUhFcjZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXhMMA0G
CSqGSIb3DQEBCwUAA4IBAQA+VQgOIOCFmjKeAy+f7Z6+m6lzsESeajKQH1mDHBAC
3dDESZAffj6Dqi1F7LPw96GOViMZfQJ8mO2tDIBYvkQK9s7Xd0FYNpi3+VkbWZVN
FvA5uWiQTRYiBVJzMZquaMDoxuvg8C5rnJ/VEr9ZEEAGvScdYFmEGfqKzTM/nSeO
QUxZcLP4aLYkjaeMl2W3eWWuW5V8wH1TtxVECSVQlZ+W3CgsKlWs8vNMrjGcfoJQ
pbfnk5q57z9C23pSqMC9PSJbg0fZUC7CZZFZ8Pvbn+wgZtTn3goW5oTJBfprDVCr
P7FhL/rZWLJF5Ia3PQ3znQ5wkv7qpe4E6Ctyxb+UPBvx
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:15:37 2024 by rpki-client on console-fra.rpki-client.org