Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/Z_F575UEDF04Jg1eeeC_8HoqxKk.roa
File: Z_F575UEDF04Jg1eeeC_8HoqxKk.roa (raw, json)
Hash identifier: CK59UBeYXcgcQi+nxBa0mqnvVBI/b85bxcPFcWgEEG4=
Subject key identifier: 67:F1:79:EF:95:04:0C:5D:38:26:0D:5E:79:E0:BF:F0:7A:2A:C4:A9
Certificate issuer: /CN=3400d9490983e7df32c7cf17ca1ead4f05f79646
Certificate serial: 0189F38B1E55959440F04A2C077340E7DC4C
Authority key identifier: 34:00:D9:49:09:83:E7:DF:32:C7:CF:17:CA:1E:AD:4F:05:F7:96:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/Z_F575UEDF04Jg1eeeC_8HoqxKk.roa
Signing time: Mon 14 Aug 2023 10:15:28 +0000
ROA not before: Mon 14 Aug 2023 10:15:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12843
IP address blocks: 185.30.156.0/22 maxlen: 22
2a04:4b00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:35:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f3:8b:1e:55:95:94:40:f0:4a:2c:07:73:40:e7:dc:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3400d9490983e7df32c7cf17ca1ead4f05f79646
Validity
Not Before: Aug 14 10:15:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67f179ef95040c5d38260d5e79e0bff07a2ac4a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:4b:a3:3f:56:af:d0:b9:42:6f:42:fa:50:04:
9f:e2:dc:86:c0:9d:98:e9:6e:8e:f3:af:c6:0a:d4:
e3:a3:e6:94:a4:5d:bc:a5:37:eb:d9:7c:8a:14:55:
9d:d5:f3:b4:6f:4d:92:48:b1:a3:ea:82:55:77:ec:
79:fa:63:9b:d4:48:bf:1d:82:c7:31:7a:eb:79:3e:
18:bb:83:64:9b:88:0f:1b:9a:a4:08:db:79:c4:6f:
4b:f5:49:77:b1:d0:4e:a5:f3:66:54:b2:78:0d:92:
c1:f6:46:6b:d3:7f:ea:06:53:a5:ae:28:65:e5:6c:
6e:3c:27:b4:8b:09:45:ce:86:f0:e7:fb:e7:92:45:
4c:31:8d:22:65:84:b2:98:47:14:27:d7:d3:7a:42:
cd:b1:bc:67:d0:11:4e:d6:d0:a9:f7:e9:b3:04:5c:
fa:ac:9c:8c:4c:f4:f2:c8:47:44:db:00:52:d9:3d:
5a:9b:98:01:4a:1e:2a:16:d1:b4:a0:30:4a:96:73:
17:be:30:96:32:60:0d:b5:f8:6b:52:a7:ed:f9:ba:
73:86:8f:21:64:6e:36:64:19:7e:b1:b8:1c:a4:32:
43:41:62:3c:30:8f:93:cd:91:9e:a9:27:8c:9a:ef:
82:06:69:04:06:00:46:d7:3c:4e:72:88:69:2c:7b:
dc:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:F1:79:EF:95:04:0C:5D:38:26:0D:5E:79:E0:BF:F0:7A:2A:C4:A9
X509v3 Authority Key Identifier:
keyid:34:00:D9:49:09:83:E7:DF:32:C7:CF:17:CA:1E:AD:4F:05:F7:96:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/Z_F575UEDF04Jg1eeeC_8HoqxKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.30.156.0/22
IPv6:
2a04:4b00::/29
Signature Algorithm: sha256WithRSAEncryption
9f:28:b5:e1:19:1d:91:90:ce:f8:38:9e:6e:23:e0:f6:69:63:
06:4e:24:e1:69:bc:09:a5:43:d5:59:27:34:96:ce:e2:05:ae:
36:31:5b:39:11:75:b9:63:34:67:c7:a6:50:eb:03:86:df:9e:
bf:28:b6:3e:23:e6:ea:05:4b:22:5e:f7:0c:ec:70:0d:b2:a5:
e2:8d:12:8b:ae:2d:bd:c1:c0:2c:7c:f8:34:e4:af:d0:22:fa:
bb:1c:34:7a:01:7d:a7:ae:31:4b:41:c0:e3:84:b6:ca:62:8a:
eb:ab:99:a6:de:68:0a:88:1c:82:16:b1:62:ed:bf:8a:6d:f3:
83:af:1e:ea:41:c5:29:95:2b:7c:be:97:21:10:db:e8:ed:07:
f2:12:06:ec:76:39:22:95:80:bb:3d:04:0d:e5:de:73:00:1f:
53:f6:d0:fc:0a:5e:a9:f9:b8:1c:82:ef:08:dc:88:04:84:4c:
56:c0:e0:c9:2e:4d:0d:16:6f:44:82:0f:ed:93:07:e1:c2:5a:
1c:61:91:1f:35:df:ce:ce:45:6e:8d:ae:58:10:a8:a4:30:05:
ab:3d:8d:34:64:da:a3:80:33:02:85:69:28:c9:a8:22:d6:ad:
1c:5b:c8:a6:88:b1:5a:3c:7d:22:67:86:82:2b:a2:c1:2a:c3:
36:04:2b:50
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYnzix5VlZRA8EosB3NA59xMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDBkOTQ5MDk4M2U3ZGYzMmM3Y2YxN2NhMWVhZDRmMDVm
Nzk2NDYwHhcNMjMwODE0MTAxNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2YxNzllZjk1MDQwYzVkMzgyNjBkNWU3OWUwYmZmMDdhMmFjNGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0ujP1av0LlCb0L6UASf4tyGwJ2Y
6W6O86/GCtTjo+aUpF28pTfr2XyKFFWd1fO0b02SSLGj6oJVd+x5+mOb1Ei/HYLH
MXrreT4Yu4Nkm4gPG5qkCNt5xG9L9Ul3sdBOpfNmVLJ4DZLB9kZr03/qBlOlrihl
5WxuPCe0iwlFzobw5/vnkkVMMY0iZYSymEcUJ9fTekLNsbxn0BFO1tCp9+mzBFz6
rJyMTPTyyEdE2wBS2T1am5gBSh4qFtG0oDBKlnMXvjCWMmANtfhrUqft+bpzho8h
ZG42ZBl+sbgcpDJDQWI8MI+TzZGeqSeMmu+CBmkEBgBG1zxOcohpLHvcswIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGfxee+VBAxdOCYNXnngv/B6KsSpMB8GA1UdIwQY
MBaAFDQA2UkJg+ffMsfPF8oerU8F95ZGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mZWZjMTItMmZjMi00MzBkLTk2MDYt
ZjQ5NDZmMDNmNTQyLzEvWl9GNTc1VUVERjA0SmcxZWVlQ184SG9xeEtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9mZWZjMTItMmZjMi00MzBkLTk2MDYtZjQ5NDZmMDNmNTQy
LzEvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuR6cMA0E
AgACMAcDBQMqBEsAMA0GCSqGSIb3DQEBCwUAA4IBAQCfKLXhGR2RkM74OJ5uI+D2
aWMGTiThabwJpUPVWSc0ls7iBa42MVs5EXW5YzRnx6ZQ6wOG356/KLY+I+bqBUsi
XvcM7HANsqXijRKLri29wcAsfPg05K/QIvq7HDR6AX2nrjFLQcDjhLbKYorrq5mm
3mgKiByCFrFi7b+KbfODrx7qQcUplSt8vpchENvo7QfyEgbsdjkilYC7PQQN5d5z
AB9T9tD8Cl6p+bgcgu8I3IgEhExWwODJLk0NFm9Egg/tkwfhwlocYZEfNd/OzkVu
ja5YEKikMAWrPY00ZNqjgDMChWkoyagi1q0cW8imiLFaPH0iZ4aCK6LBKsM2BCtQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:57 2024 by rpki-client on console-ams.rpki-client.org