Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/Mzo4wOqTcaLwGqUbc_J_SXMh6io.roa
File: Mzo4wOqTcaLwGqUbc_J_SXMh6io.roa (raw, json)
Hash identifier: r9jEXu4AgQ7yu+OaFQljsl2aRITou5wiHBzOHLD83WM=
Subject key identifier: 33:3A:38:C0:EA:93:71:A2:F0:1A:A5:1B:73:F2:7F:49:73:21:EA:2A
Certificate issuer: /CN=a09cd8c71a6e33282c045d8f88c3b378acf41bd9
Certificate serial: 018570B983B1173D455489405BA9513A281D
Authority key identifier: A0:9C:D8:C7:1A:6E:33:28:2C:04:5D:8F:88:C3:B3:78:AC:F4:1B:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oJzYxxpuMygsBF2PiMOzeKz0G9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/Mzo4wOqTcaLwGqUbc_J_SXMh6io.roa
Signing time: Mon 02 Jan 2023 04:24:44 +0000
ROA not before: Mon 02 Jan 2023 04:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21419
IP address blocks: 185.4.3.0/24 maxlen: 24
185.4.1.0/24 maxlen: 24
185.4.2.0/24 maxlen: 24
178.21.167.0/29 maxlen: 29
178.21.164.0/24 maxlen: 24
178.21.160.0/21 maxlen: 21
178.21.163.0/24 maxlen: 24
178.21.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Jan 2023 16:03:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b9:83:b1:17:3d:45:54:89:40:5b:a9:51:3a:28:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a09cd8c71a6e33282c045d8f88c3b378acf41bd9
Validity
Not Before: Jan 2 04:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=333a38c0ea9371a2f01aa51b73f27f497321ea2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e5:be:ad:2c:23:69:b0:66:a8:d3:18:a8:72:
fa:21:32:de:b5:58:f2:f8:28:75:87:a0:e2:74:3b:
48:57:4d:14:5a:87:82:75:c4:7d:61:3f:4f:2a:bf:
20:73:77:2a:e4:a0:d2:da:21:17:84:ed:99:8f:dc:
cd:98:55:84:a8:6c:5f:fa:1f:b1:3a:20:f8:f0:48:
3a:8b:bb:a2:9a:4c:05:ba:84:bc:63:53:cb:a9:48:
8c:92:dc:ac:ac:a1:74:82:6e:ce:37:99:c9:f8:04:
fc:5f:9d:c0:95:4a:06:5c:82:94:ae:0d:87:22:4d:
07:2b:23:77:8c:1c:90:ca:d1:47:be:59:e2:96:08:
74:8b:cf:04:ac:b8:31:a7:fe:f9:84:f6:d0:21:73:
c2:e7:0e:cb:22:7f:f5:92:63:0d:32:97:41:85:97:
63:0d:0c:40:3d:0d:f9:b4:34:98:62:89:fc:c5:49:
0c:6a:f7:f7:2c:75:f0:a8:67:44:23:95:47:75:73:
08:97:cd:a2:cf:96:2c:0a:ca:58:e7:f4:fd:36:4a:
9c:9e:98:b2:c1:0c:89:30:3b:12:06:6c:af:20:55:
ad:b7:f9:a1:3f:6f:c4:c8:47:8f:cf:f8:62:02:ce:
c1:00:0d:ed:98:45:e1:46:f3:29:00:a4:58:8c:84:
3c:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:3A:38:C0:EA:93:71:A2:F0:1A:A5:1B:73:F2:7F:49:73:21:EA:2A
X509v3 Authority Key Identifier:
keyid:A0:9C:D8:C7:1A:6E:33:28:2C:04:5D:8F:88:C3:B3:78:AC:F4:1B:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oJzYxxpuMygsBF2PiMOzeKz0G9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/Mzo4wOqTcaLwGqUbc_J_SXMh6io.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/oJzYxxpuMygsBF2PiMOzeKz0G9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.21.160.0/21
185.4.1.0-185.4.3.255
Signature Algorithm: sha256WithRSAEncryption
9f:4b:f6:ae:07:90:50:31:32:ad:77:8b:f6:ec:e5:c2:a4:47:
ae:2a:ee:ff:b2:8b:78:04:24:66:2a:57:36:85:ec:88:4d:4a:
c1:3d:06:25:c4:ec:05:e7:5f:9a:43:ee:f0:df:64:fd:c2:63:
3e:1f:e9:97:43:bb:98:84:f0:24:1f:ec:79:3d:3c:bb:6e:bb:
3f:6f:d4:fb:ae:08:ac:2f:b7:e4:39:3d:aa:a8:9b:a1:d0:52:
bb:23:b7:dd:e7:f0:32:60:f0:5c:a7:e8:a4:fb:ea:d2:8a:60:
b9:50:86:8b:5a:85:54:20:41:1d:9d:49:27:7e:92:6a:4b:9c:
4c:65:77:4d:96:46:be:a9:43:84:9d:17:26:ed:86:47:46:ca:
20:0c:ba:e3:79:59:0c:ea:5f:87:73:38:46:11:12:b2:e9:67:
1e:5f:4a:ef:09:98:10:49:fb:f2:56:2f:3d:be:7f:d2:2b:62:
3b:a1:1b:f4:0c:58:7f:c1:84:7c:c4:d0:60:7c:e0:2d:69:97:
10:9a:64:ec:17:17:3c:59:ef:90:86:63:18:1c:94:58:07:01:
85:d3:b2:32:18:45:81:d2:31:e7:fb:8b:85:d7:e9:ea:c0:58:
f6:89:4a:4a:40:e6:ad:20:a1:d0:e5:a2:61:c3:95:02:98:13:
fd:6a:f4:fd
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVwuYOxFz1FVIlAW6lROigdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwOWNkOGM3MWE2ZTMzMjgyYzA0NWQ4Zjg4YzNiMzc4YWNm
NDFiZDkwHhcNMjMwMTAyMDQyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzNhMzhjMGVhOTM3MWEyZjAxYWE1MWI3M2YyN2Y0OTczMjFlYTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0eW+rSwjabBmqNMYqHL6ITLetVjy
+Ch1h6DidDtIV00UWoeCdcR9YT9PKr8gc3cq5KDS2iEXhO2Zj9zNmFWEqGxf+h+x
OiD48Eg6i7uimkwFuoS8Y1PLqUiMktysrKF0gm7ON5nJ+AT8X53AlUoGXIKUrg2H
Ik0HKyN3jByQytFHvlnilgh0i88ErLgxp/75hPbQIXPC5w7LIn/1kmMNMpdBhZdj
DQxAPQ35tDSYYon8xUkMavf3LHXwqGdEI5VHdXMIl82iz5YsCspY5/T9Nkqcnpiy
wQyJMDsSBmyvIFWtt/mhP2/EyEePz/hiAs7BAA3tmEXhRvMpAKRYjIQ8iwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDM6OMDqk3Gi8BqlG3Pyf0lzIeoqMB8GA1UdIwQY
MBaAFKCc2McabjMoLARdj4jDs3is9BvZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0p6WXh4cHVNeWdzQkYyUGlNT3plS3owRzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wZDYzNzUtNDc2NS00ZTBlLTkzNjMt
NmU4ZTA3ZDY2YzliLzEvTXpvNHdPcVRjYUx3R3FVYmNfSl9TWE1oNmlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wZDYzNzUtNDc2NS00ZTBlLTkzNjMtNmU4ZTA3ZDY2Yzli
LzEvb0p6WXh4cHVNeWdzQkYyUGlNT3plS3owRzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDshWgMAwD
BAC5BAEDBAK5BAAwDQYJKoZIhvcNAQELBQADggEBAJ9L9q4HkFAxMq13i/bs5cKk
R64q7v+yi3gEJGYqVzaF7IhNSsE9BiXE7AXnX5pD7vDfZP3CYz4f6ZdDu5iE8CQf
7Hk9PLtuuz9v1PuuCKwvt+Q5Paqom6HQUrsjt93n8DJg8Fyn6KT76tKKYLlQhota
hVQgQR2dSSd+kmpLnExld02WRr6pQ4SdFybthkdGyiAMuuN5WQzqX4dzOEYRErLp
Zx5fSu8JmBBJ+/JWLz2+f9IrYjuhG/QMWH/BhHzE0GB84C1plxCaZOwXFzxZ75CG
YxgclFgHAYXTsjIYRYHSMef7i4XX6erAWPaJSkpA5q0godDlomHDlQKYE/1q9P0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:55 2024 by rpki-client on console-fra.rpki-client.org