Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/zJRD4YY6hMUNUaekXBP0IWNiI_w.roa
File: zJRD4YY6hMUNUaekXBP0IWNiI_w.roa (raw, json)
Hash identifier: apvoIYZcrUuoJGMRrfH+8IDo7MSpUpPm4hFvI+e9Mwo=
Subject key identifier: CC:94:43:E1:86:3A:84:C5:0D:51:A7:A4:5C:13:F4:21:63:62:23:FC
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0188998D835DED610F32102B72E734E6F9BB
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/zJRD4YY6hMUNUaekXBP0IWNiI_w.roa
Signing time: Thu 08 Jun 2023 05:49:28 +0000
ROA not before: Thu 08 Jun 2023 05:49:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 171.22.147.0/24 maxlen: 24
185.235.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 01 Jul 2023 00:47:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:99:8d:83:5d:ed:61:0f:32:10:2b:72:e7:34:e6:f9:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jun 8 05:49:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc9443e1863a84c50d51a7a45c13f421636223fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6a:5e:c1:a4:87:5c:d8:39:7d:3b:75:2d:30:
9a:56:eb:7e:e8:a4:5d:70:e0:70:a0:3f:e0:a7:01:
e3:ba:33:2f:26:81:f4:b2:b0:c0:d2:a3:d5:17:a6:
80:41:f2:28:22:47:19:07:fd:9b:2d:a3:fc:44:26:
80:55:46:f6:a0:d2:4e:14:fa:80:f0:35:e6:0b:fe:
3e:ee:7c:23:1e:cd:21:88:6a:92:65:7d:10:45:27:
3e:b2:d7:64:2d:5e:26:6c:4e:21:29:7e:ec:98:64:
94:af:9d:f5:2a:9d:26:a7:34:93:b1:0c:7c:99:eb:
c3:2f:b2:7c:cd:b0:93:cd:78:7c:fa:a4:c2:91:36:
b9:17:78:f5:ea:ca:da:33:d6:c4:0f:0a:3b:f9:cd:
ac:b9:5f:ee:36:2c:54:a7:15:e5:92:b9:8b:86:db:
7f:82:53:2f:f5:4e:4c:c3:03:aa:50:3d:9e:25:35:
f4:28:c5:eb:ba:58:8d:fa:93:0e:37:b2:01:9a:3d:
bc:8a:0b:31:5b:74:57:2e:f9:5a:85:03:c6:77:24:
5d:0f:8b:aa:f5:22:23:65:36:cf:a2:6a:b8:8e:98:
91:06:53:3d:65:aa:a3:70:94:48:66:00:48:62:13:
a1:ee:d9:15:03:d5:17:ed:91:ac:c5:e4:61:03:f8:
dc:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:94:43:E1:86:3A:84:C5:0D:51:A7:A4:5C:13:F4:21:63:62:23:FC
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/zJRD4YY6hMUNUaekXBP0IWNiI_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.147.0/24
185.235.71.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:c3:ec:f7:ed:cc:98:89:b1:2c:b8:de:5a:3a:eb:db:1e:da:
32:51:2e:8d:ba:4c:dc:e9:12:ff:ba:0c:a7:e6:aa:6c:29:f4:
97:b5:c3:63:cc:09:db:54:4a:97:89:8d:52:dc:fc:b7:27:96:
8d:23:7e:7f:3d:ef:e6:55:17:f7:54:6f:b3:89:58:55:e8:5b:
71:f8:1f:1b:c7:ab:09:e8:12:78:11:28:98:05:d8:49:c8:a4:
c6:e4:82:72:9a:e4:64:43:68:94:98:e6:cd:b8:30:35:82:54:
2a:fc:50:d0:85:9c:e5:c2:7b:d6:d5:da:f8:2e:6d:f4:d8:40:
28:85:e5:f5:8c:fd:9d:58:2f:20:ac:d1:8b:0b:75:e7:b6:8e:
a3:be:99:17:4f:4c:50:3b:67:57:be:82:31:28:a3:71:b9:1b:
b0:e5:fc:d3:ed:30:27:af:1e:70:df:0c:58:60:b8:02:b8:c1:
bf:c7:de:1e:bf:ee:ac:02:bb:fa:05:b4:6a:76:5d:39:59:6d:
0f:91:ca:bb:07:2f:80:18:25:9c:13:b3:63:cb:ca:a4:16:6c:
66:06:c5:e3:3d:63:e6:57:00:d2:ce:93:f4:39:80:f7:b1:fb:
62:81:5a:dd:f6:fa:68:0a:d3:6d:25:e8:68:95:c0:69:05:df:
c2:e2:53:78
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiZjYNd7WEPMhArcuc05vm7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjMwNjA4MDU0OTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzk0NDNlMTg2M2E4NGM1MGQ1MWE3YTQ1YzEzZjQyMTYzNjIyM2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGpewaSHXNg5fTt1LTCaVut+6KRd
cOBwoD/gpwHjujMvJoH0srDA0qPVF6aAQfIoIkcZB/2bLaP8RCaAVUb2oNJOFPqA
8DXmC/4+7nwjHs0hiGqSZX0QRSc+stdkLV4mbE4hKX7smGSUr531Kp0mpzSTsQx8
mevDL7J8zbCTzXh8+qTCkTa5F3j16sraM9bEDwo7+c2suV/uNixUpxXlkrmLhtt/
glMv9U5MwwOqUD2eJTX0KMXruliN+pMON7IBmj28igsxW3RXLvlahQPGdyRdD4uq
9SIjZTbPomq4jpiRBlM9ZaqjcJRIZgBIYhOh7tkVA9UX7ZGsxeRhA/jcyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMyUQ+GGOoTFDVGnpFwT9CFjYiP8MB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvekpSRDRZWTZoTVVOVWFla1hCUDBJV05pSV93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAqxaTAwQA
uetHMA0GCSqGSIb3DQEBCwUAA4IBAQBqw+z37cyYibEsuN5aOuvbHtoyUS6Nukzc
6RL/ugyn5qpsKfSXtcNjzAnbVEqXiY1S3Py3J5aNI35/Pe/mVRf3VG+ziVhV6Ftx
+B8bx6sJ6BJ4ESiYBdhJyKTG5IJymuRkQ2iUmObNuDA1glQq/FDQhZzlwnvW1dr4
Lm302EAoheX1jP2dWC8grNGLC3Xnto6jvpkXT0xQO2dXvoIxKKNxuRuw5fzT7TAn
rx5w3wxYYLgCuMG/x94ev+6sArv6BbRqdl05WW0Pkcq7By+AGCWcE7Njy8qkFmxm
BsXjPWPmVwDSzpP0OYD3sftigVrd9vpoCtNtJeholcBpBd/C4lN4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:25 2024 by rpki-client on console-ams.rpki-client.org