Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/zlcRjQi8npo4uME1x_creU7-J8w.roa
File: zlcRjQi8npo4uME1x_creU7-J8w.roa (raw, json)
Hash identifier: RMN1vCxElrYXIbjKJiH2QSx6MniMGOupsuxXcqSDGVk=
Subject key identifier: CE:57:11:8D:08:BC:9E:9A:38:B8:C1:35:C7:F7:2B:79:4E:FE:27:CC
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 01856ED4C90C34A6E8AD34F82649E1454CC3
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/zlcRjQi8npo4uME1x_creU7-J8w.roa
Signing time: Sun 01 Jan 2023 19:35:16 +0000
ROA not before: Sun 01 Jan 2023 19:35:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50129
IP address blocks: 185.241.122.0/24 maxlen: 24
185.241.123.0/24 maxlen: 24
194.31.104.0/22 maxlen: 22
185.225.244.0/24 maxlen: 24
185.225.245.0/24 maxlen: 24
185.225.246.0/24 maxlen: 24
185.225.244.0/22 maxlen: 22
31.15.0.0/22 maxlen: 22
185.225.247.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:c9:0c:34:a6:e8:ad:34:f8:26:49:e1:45:4c:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 1 19:35:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce57118d08bc9e9a38b8c135c7f72b794efe27cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1e:93:0e:cd:ee:2f:1c:67:ff:ee:80:7c:7e:
8e:d4:38:2a:a5:57:11:fa:9b:64:4f:8c:45:04:9c:
03:04:36:84:01:91:07:a5:e3:02:32:c9:aa:a7:64:
89:c4:b8:a7:bb:22:5f:ce:76:8a:fa:1e:68:d7:24:
45:22:f3:1d:53:3e:16:51:e4:f1:09:bd:20:6b:ad:
5e:30:ad:24:51:17:9c:b3:90:e3:62:dc:bc:ab:6f:
30:4c:11:87:a7:dc:42:06:87:9f:20:3b:42:51:45:
c6:20:f5:ac:e3:25:e4:95:7e:fc:f7:92:b7:93:94:
db:e3:76:1c:59:59:e6:d8:b8:a4:f4:63:7f:a3:63:
41:33:f8:89:b4:c6:e7:05:64:69:da:54:e8:41:e5:
52:15:26:0d:5d:4d:85:a1:ba:69:6f:ba:7d:f7:25:
6b:2a:87:ea:6f:3b:5c:d3:1e:10:db:bd:e4:24:d5:
9f:9e:13:40:73:57:5c:d5:ee:b7:dd:c9:c1:8f:4b:
f4:d9:2b:18:29:be:88:37:9d:72:f1:c4:15:20:f1:
d2:e5:bb:4f:27:1f:4a:a0:f4:6c:c0:c9:b6:b3:e3:
18:51:cb:58:ea:1c:d0:98:e4:b6:6a:f2:9b:02:dc:
56:c3:61:13:f0:81:cb:11:54:ab:57:2b:10:08:04:
12:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:57:11:8D:08:BC:9E:9A:38:B8:C1:35:C7:F7:2B:79:4E:FE:27:CC
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/zlcRjQi8npo4uME1x_creU7-J8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.0.0/22
185.225.244.0/22
185.241.122.0/23
194.31.104.0/22
Signature Algorithm: sha256WithRSAEncryption
c1:85:92:ca:3f:5c:b3:dd:08:8a:d1:ae:0f:a4:77:17:b9:fc:
90:ad:a7:f6:fb:63:7b:b9:1d:38:34:9f:25:d9:73:fc:bb:c1:
d9:c6:73:ea:91:3d:f5:a8:03:f7:d7:4b:e6:63:be:8b:1c:57:
be:4b:fe:ee:b3:f1:f5:44:73:d8:a9:77:e8:85:cf:58:76:ee:
28:7a:2b:54:95:2f:c3:04:0b:49:d1:be:07:4c:b3:ce:4f:d8:
10:78:68:52:57:33:71:31:a3:b2:ab:90:a4:f7:36:93:82:a3:
d9:9d:ed:b1:ea:1b:1a:52:ae:2a:6e:49:ff:62:9f:0f:48:a4:
2b:c7:86:06:b1:6d:8d:25:9a:fb:62:e0:e5:32:35:1f:6a:4a:
f1:7c:e6:ea:1c:34:91:c4:50:cf:8b:6c:cb:e8:7b:6b:ed:9b:
73:93:63:79:45:b3:ac:9e:d5:01:97:c6:f8:59:31:11:b1:63:
40:30:ca:c6:c1:e2:4b:d7:eb:bb:26:36:e4:51:2b:13:75:36:
2a:16:b2:3d:76:2e:31:24:de:9b:31:ea:76:0b:65:3d:5c:a0:
6c:4d:3d:75:eb:5b:d4:d1:c1:99:bc:34:f5:e7:42:df:19:42:
9e:8f:fb:4b:09:99:53:96:c0:93:25:fe:34:fa:17:7a:d1:98:
26:71:09:65
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVu1MkMNKborTT4JknhRUzDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwMTAxMTkzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTU3MTE4ZDA4YmM5ZTlhMzhiOGMxMzVjN2Y3MmI3OTRlZmUyN2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArh6TDs3uLxxn/+6AfH6O1DgqpVcR
+ptkT4xFBJwDBDaEAZEHpeMCMsmqp2SJxLinuyJfznaK+h5o1yRFIvMdUz4WUeTx
Cb0ga61eMK0kURecs5DjYty8q28wTBGHp9xCBoefIDtCUUXGIPWs4yXklX7895K3
k5Tb43YcWVnm2Lik9GN/o2NBM/iJtMbnBWRp2lToQeVSFSYNXU2Fobppb7p99yVr
Kofqbztc0x4Q273kJNWfnhNAc1dc1e633cnBj0v02SsYKb6IN51y8cQVIPHS5btP
Jx9KoPRswMm2s+MYUctY6hzQmOS2avKbAtxWw2ET8IHLEVSrVysQCAQSjwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM5XEY0IvJ6aOLjBNcf3K3lO/ifMMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvemxjUmpRaThucG80dU1FMXhfY3JlVTctSjh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCHw8AAwQC
ueH0AwQBufF6AwQCwh9oMA0GCSqGSIb3DQEBCwUAA4IBAQDBhZLKP1yz3QiK0a4P
pHcXufyQraf2+2N7uR04NJ8l2XP8u8HZxnPqkT31qAP310vmY76LHFe+S/7us/H1
RHPYqXfohc9Ydu4oeitUlS/DBAtJ0b4HTLPOT9gQeGhSVzNxMaOyq5Ck9zaTgqPZ
ne2x6hsaUq4qbkn/Yp8PSKQrx4YGsW2NJZr7YuDlMjUfakrxfObqHDSRxFDPi2zL
6Htr7Ztzk2N5RbOsntUBl8b4WTERsWNAMMrGweJL1+u7JjbkUSsTdTYqFrI9di4x
JN6bMep2C2U9XKBsTT1161vU0cGZvDT150LfGUKej/tLCZlTlsCTJf40+hd60Zgm
cQll
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:09 2024 by rpki-client on console-ams.rpki-client.org