Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/1a18de-efbd-41b5-b336-79fbd385a550/1/kzatqfqT1OkNRi0DMP8dHnm7XDU.roa
File: kzatqfqT1OkNRi0DMP8dHnm7XDU.roa (raw, json)
Hash identifier: U5jTJ45fH10eCR3IZav7Al91K8BBv4y14bj8aWGhq/Q=
Subject key identifier: 93:36:AD:A9:FA:93:D4:E9:0D:46:2D:03:30:FF:1D:1E:79:BB:5C:35
Certificate issuer: /CN=7580d16569bb24a328e27b47f7d751659725defb
Certificate serial: 018CC56DE316E74454DB710D0DABA88BDFE7
Authority key identifier: 75:80:D1:65:69:BB:24:A3:28:E2:7B:47:F7:D7:51:65:97:25:DE:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dYDRZWm7JKMo4ntH99dRZZcl3vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/1a18de-efbd-41b5-b336-79fbd385a550/1/kzatqfqT1OkNRi0DMP8dHnm7XDU.roa
Signing time: Mon 01 Jan 2024 14:29:22 +0000
ROA not before: Mon 01 Jan 2024 14:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199629
IP address blocks: 185.10.144.0/22 maxlen: 24
2a03:3a40::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:e3:16:e7:44:54:db:71:0d:0d:ab:a8:8b:df:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7580d16569bb24a328e27b47f7d751659725defb
Validity
Not Before: Jan 1 14:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9336ada9fa93d4e90d462d0330ff1d1e79bb5c35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:6c:6f:c3:09:93:c4:8c:6e:10:75:4d:ea:75:
f4:2e:1c:24:92:2d:77:27:c0:be:4a:41:e2:52:f9:
a1:14:af:41:a4:c7:77:2b:45:7f:0e:7c:64:63:d5:
6e:f1:a6:be:a0:19:b6:a1:78:5d:73:b6:15:e7:6f:
26:d5:c5:a2:4e:ce:19:d6:3b:c6:26:d2:68:3a:d6:
39:ca:fb:b0:2d:13:96:e1:91:ae:f7:7b:d0:18:c6:
ae:c1:1e:4f:6f:ab:c1:3d:9d:98:41:d7:d9:09:06:
99:a8:43:80:a5:ed:8e:22:15:16:d8:bf:0e:3d:35:
34:ea:0c:58:1c:2a:b2:49:58:e0:16:65:34:b5:ce:
bf:77:2d:33:2b:4c:a8:da:19:04:ef:d7:b3:49:ab:
58:7d:c0:0b:9c:22:40:f7:73:20:1b:2c:77:60:22:
0a:3a:b5:8c:49:a9:5b:32:3d:bd:e2:b0:67:06:f7:
1c:6c:ad:04:eb:3c:1c:37:dc:2c:e1:31:79:e2:b7:
fa:9f:7c:4c:8a:55:be:d7:87:4b:c7:ae:23:cf:01:
db:3e:24:61:68:8c:94:69:58:ff:b0:08:42:92:7a:
3f:54:cb:4d:c8:1a:1d:95:72:eb:79:a8:05:76:a8:
ac:8a:47:61:fe:70:69:c1:f3:bc:24:1b:d4:c5:5a:
47:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:36:AD:A9:FA:93:D4:E9:0D:46:2D:03:30:FF:1D:1E:79:BB:5C:35
X509v3 Authority Key Identifier:
keyid:75:80:D1:65:69:BB:24:A3:28:E2:7B:47:F7:D7:51:65:97:25:DE:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dYDRZWm7JKMo4ntH99dRZZcl3vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/1a18de-efbd-41b5-b336-79fbd385a550/1/kzatqfqT1OkNRi0DMP8dHnm7XDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/1a18de-efbd-41b5-b336-79fbd385a550/1/dYDRZWm7JKMo4ntH99dRZZcl3vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.10.144.0/22
IPv6:
2a03:3a40::/32
Signature Algorithm: sha256WithRSAEncryption
43:0e:d7:88:48:1e:e4:77:50:31:00:bc:54:e8:a6:64:bd:48:
37:23:89:43:f5:f3:89:77:37:80:2e:27:d8:10:af:c2:f7:05:
94:54:d1:c5:ce:10:a0:79:68:fa:d7:68:87:1e:e7:40:79:bc:
49:97:72:f2:5d:13:a7:e3:a9:8a:a8:c2:90:ad:04:4d:94:cb:
58:30:bd:d9:c7:4d:ac:f0:20:ab:c5:b8:52:42:3c:c9:d9:97:
9d:78:89:81:c5:fe:d7:5c:65:8b:f3:01:57:e9:7a:90:5f:c5:
29:e5:58:c6:d9:a6:d5:d6:ae:c5:93:a0:c1:28:72:fb:c9:2f:
96:92:e2:b3:02:43:a8:18:f3:e8:bd:52:3a:e5:01:71:8d:41:
39:ae:58:b5:ae:fc:bd:2f:28:b0:b3:0b:33:6d:c9:55:d1:ba:
59:82:53:76:af:39:d4:a9:3d:2c:74:ab:ba:0e:f3:68:33:17:
38:d9:46:d8:3d:bf:77:bc:e0:f3:1c:d2:66:8c:7a:d1:00:f0:
34:9a:41:7f:c0:56:ae:40:00:23:61:00:95:f5:82:55:b6:af:
23:0c:d2:33:63:d3:6e:d0:84:05:68:a4:82:07:29:c4:94:fa:
8c:ab:a2:08:63:19:8a:12:65:05:57:6a:d0:e3:4d:e3:83:ae:
d2:91:a0:2b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbeMW50RU23ENDauoi9/nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ODBkMTY1NjliYjI0YTMyOGUyN2I0N2Y3ZDc1MTY1OTcy
NWRlZmIwHhcNMjQwMTAxMTQyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzM2YWRhOWZhOTNkNGU5MGQ0NjJkMDMzMGZmMWQxZTc5YmI1YzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGxvwwmTxIxuEHVN6nX0Lhwkki13
J8C+SkHiUvmhFK9BpMd3K0V/DnxkY9Vu8aa+oBm2oXhdc7YV528m1cWiTs4Z1jvG
JtJoOtY5yvuwLROW4ZGu93vQGMauwR5Pb6vBPZ2YQdfZCQaZqEOApe2OIhUW2L8O
PTU06gxYHCqySVjgFmU0tc6/dy0zK0yo2hkE79ezSatYfcALnCJA93MgGyx3YCIK
OrWMSalbMj294rBnBvccbK0E6zwcN9ws4TF54rf6n3xMilW+14dLx64jzwHbPiRh
aIyUaVj/sAhCkno/VMtNyBodlXLreagFdqisikdh/nBpwfO8JBvUxVpHvQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJM2ran6k9TpDUYtAzD/HR55u1w1MB8GA1UdIwQY
MBaAFHWA0WVpuySjKOJ7R/fXUWWXJd77MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFlEUlpXbTdKS01vNG50SDk5ZFJaWmNsM3ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8xYTE4ZGUtZWZiZC00MWI1LWIzMzYt
NzlmYmQzODVhNTUwLzEva3phdHFmcVQxT2tOUmkwRE1QOGRIbm03WERVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8xYTE4ZGUtZWZiZC00MWI1LWIzMzYtNzlmYmQzODVhNTUw
LzEvZFlEUlpXbTdKS01vNG50SDk5ZFJaWmNsM3ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQqQMA0E
AgACMAcDBQAqAzpAMA0GCSqGSIb3DQEBCwUAA4IBAQBDDteISB7kd1AxALxU6KZk
vUg3I4lD9fOJdzeALifYEK/C9wWUVNHFzhCgeWj612iHHudAebxJl3LyXROn46mK
qMKQrQRNlMtYML3Zx02s8CCrxbhSQjzJ2ZedeImBxf7XXGWL8wFX6XqQX8Up5VjG
2abV1q7Fk6DBKHL7yS+WkuKzAkOoGPPovVI65QFxjUE5rli1rvy9LyiwswszbclV
0bpZglN2rznUqT0sdKu6DvNoMxc42UbYPb93vODzHNJmjHrRAPA0mkF/wFauQAAj
YQCV9YJVtq8jDNIzY9Nu0IQFaKSCBynElPqMq6IIYxmKEmUFV2rQ403jg67SkaAr
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:23 2025 by rpki-client