Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/zctskKD3oWVldUaTYF05PhmCLM8.roa
File: zctskKD3oWVldUaTYF05PhmCLM8.roa (raw, json)
Hash identifier: H12xjmTF1QTvesv3lVCdT4x683xjQpqH4q2+mu3KZLY=
Subject key identifier: CD:CB:6C:90:A0:F7:A1:65:65:75:46:93:60:5D:39:3E:19:82:2C:CF
Certificate issuer: /CN=02b610cd43bafced91480fabfdcaae82049fbf71
Certificate serial: 01856C1CAFFA9F87537C5CF2C0F1899C9A80
Authority key identifier: 02:B6:10:CD:43:BA:FC:ED:91:48:0F:AB:FD:CA:AE:82:04:9F:BF:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ArYQzUO6_O2RSA-r_cquggSfv3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/zctskKD3oWVldUaTYF05PhmCLM8.roa
Signing time: Sun 01 Jan 2023 06:54:57 +0000
ROA not before: Sun 01 Jan 2023 06:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200449
IP address blocks: 185.65.148.0/22 maxlen: 32
178.248.232.0/21 maxlen: 32
185.94.108.0/22 maxlen: 32
2a03:70c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 29 May 2023 11:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:af:fa:9f:87:53:7c:5c:f2:c0:f1:89:9c:9a:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02b610cd43bafced91480fabfdcaae82049fbf71
Validity
Not Before: Jan 1 06:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cdcb6c90a0f7a16565754693605d393e19822ccf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:10:88:11:fc:31:c3:ef:69:a9:d7:39:86:47:
38:e9:01:35:a2:f0:3b:a3:71:c6:44:f3:c6:37:b2:
0e:e7:59:4c:33:61:c9:f5:d7:dc:94:10:54:a1:b4:
ae:94:9a:6d:46:6c:92:f3:88:39:44:b6:ba:0e:1b:
e4:ab:a5:4a:da:c2:83:20:7b:4a:bb:73:04:f6:f4:
98:39:65:24:c0:f2:89:38:e9:b4:f4:9b:33:8f:8b:
45:8e:4a:61:03:32:16:83:c9:60:fb:07:ae:f2:5c:
33:b7:05:5d:ef:14:06:37:90:03:17:2d:93:f9:6e:
a4:9f:a1:1e:69:ef:7f:50:d4:7c:fd:8f:e0:34:fe:
97:d6:12:82:54:c7:4a:ef:4b:a8:4f:8b:fc:64:d4:
57:c9:bc:e2:f3:06:d0:ca:49:fe:ea:f9:17:02:cb:
74:a1:17:39:9e:61:ce:85:61:b8:1a:a2:67:b7:71:
50:79:79:16:22:4b:a4:e5:83:be:c2:b4:9b:f5:70:
d4:0b:18:b2:10:fa:e1:3a:d6:1a:51:a3:6d:0b:3d:
bd:21:98:47:4a:86:1a:14:e2:cd:3a:a8:9e:d6:93:
4a:67:9f:3e:cf:78:89:ec:bb:3c:26:1e:a3:3c:bd:
6b:0c:19:42:78:a7:0a:0e:3c:45:36:62:09:fd:ec:
47:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:CB:6C:90:A0:F7:A1:65:65:75:46:93:60:5D:39:3E:19:82:2C:CF
X509v3 Authority Key Identifier:
keyid:02:B6:10:CD:43:BA:FC:ED:91:48:0F:AB:FD:CA:AE:82:04:9F:BF:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArYQzUO6_O2RSA-r_cquggSfv3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/zctskKD3oWVldUaTYF05PhmCLM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/ArYQzUO6_O2RSA-r_cquggSfv3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.248.232.0/21
185.65.148.0/22
185.94.108.0/22
IPv6:
2a03:70c0::/32
Signature Algorithm: sha256WithRSAEncryption
71:d0:f3:5d:20:d8:05:05:db:99:8f:62:a8:c3:f3:4b:95:dc:
cd:35:e2:1f:68:78:66:0c:ea:d2:c4:b7:64:16:2a:4f:df:28:
51:63:8f:80:69:1b:31:54:2a:71:74:8d:86:c2:bc:94:5e:93:
f8:70:0b:e6:b0:b0:90:25:59:5d:52:cc:06:ac:a6:b0:d9:d3:
fc:28:74:17:b6:b1:d7:97:4d:f1:12:0d:3b:31:c1:f0:91:84:
f7:22:6f:78:d0:bb:1f:e7:99:08:c2:91:eb:06:15:84:c7:38:
c6:ed:2c:be:e1:bf:06:9b:4d:e6:67:1b:27:85:e2:63:5b:74:
f8:a5:dc:e3:a4:8a:72:7e:0c:bd:13:61:85:88:f2:84:db:f1:
4d:17:a3:f0:fe:5c:7c:09:67:cb:ec:8c:cc:40:e4:ec:02:db:
13:00:f8:8c:2d:ab:a8:b8:f7:88:05:46:44:79:26:73:ad:9c:
c5:87:eb:38:50:35:b2:28:f7:a6:25:cc:7e:96:d9:0b:85:06:
93:e8:fc:f6:92:9c:96:3d:8b:23:10:d5:73:cc:0c:89:21:75:
6f:ec:8c:cc:0f:e0:b0:f6:32:5d:c2:9f:c3:e4:93:8d:cf:5f:
25:d3:54:34:d8:0c:2b:05:84:20:77:3b:3b:b5:81:10:03:04:
e9:3c:72:ba
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVsHK/6n4dTfFzywPGJnJqAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYjYxMGNkNDNiYWZjZWQ5MTQ4MGZhYmZkY2FhZTgyMDQ5
ZmJmNzEwHhcNMjMwMTAxMDY1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGNiNmM5MGEwZjdhMTY1NjU3NTQ2OTM2MDVkMzkzZTE5ODIyY2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxCIEfwxw+9pqdc5hkc46QE1ovA7
o3HGRPPGN7IO51lMM2HJ9dfclBBUobSulJptRmyS84g5RLa6Dhvkq6VK2sKDIHtK
u3ME9vSYOWUkwPKJOOm09Jszj4tFjkphAzIWg8lg+weu8lwztwVd7xQGN5ADFy2T
+W6kn6Eeae9/UNR8/Y/gNP6X1hKCVMdK70uoT4v8ZNRXybzi8wbQykn+6vkXAst0
oRc5nmHOhWG4GqJnt3FQeXkWIkuk5YO+wrSb9XDUCxiyEPrhOtYaUaNtCz29IZhH
SoYaFOLNOqie1pNKZ58+z3iJ7Ls8Jh6jPL1rDBlCeKcKDjxFNmIJ/exHSwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFM3LbJCg96FlZXVGk2BdOT4ZgizPMB8GA1UdIwQY
MBaAFAK2EM1DuvztkUgPq/3KroIEn79xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJZUXpVTzZfTzJSU0Etcl9jcXVnZ1NmdjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9lM2RlY2MtM2VmNy00Y2IyLTgxZDEt
OTAxM2NhOTk2YjE2LzEvemN0c2tLRDNvV1ZsZFVhVFlGMDVQaG1DTE04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9lM2RlY2MtM2VmNy00Y2IyLTgxZDEtOTAxM2NhOTk2YjE2
LzEvQXJZUXpVTzZfTzJSU0Etcl9jcXVnZ1NmdjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDsvjoAwQC
uUGUAwQCuV5sMA0EAgACMAcDBQAqA3DAMA0GCSqGSIb3DQEBCwUAA4IBAQBx0PNd
INgFBduZj2Kow/NLldzNNeIfaHhmDOrSxLdkFipP3yhRY4+AaRsxVCpxdI2GwryU
XpP4cAvmsLCQJVldUswGrKaw2dP8KHQXtrHXl03xEg07McHwkYT3Im940Lsf55kI
wpHrBhWExzjG7Sy+4b8Gm03mZxsnheJjW3T4pdzjpIpyfgy9E2GFiPKE2/FNF6Pw
/lx8CWfL7IzMQOTsAtsTAPiMLauouPeIBUZEeSZzrZzFh+s4UDWyKPemJcx+ltkL
hQaT6Pz2kpyWPYsjENVzzAyJIXVv7IzMD+Cw9jJdwp/D5JONz18l01Q02AwrBYQg
dzs7tYEQAwTpPHK6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:29 2024 by rpki-client on console-ams.rpki-client.org