Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/6e4544-e65f-4bf0-94c8-3fc96594b4c5/1/DtZk_2NBUD6z9rXfUcp7qRdbJWI.roa
File: DtZk_2NBUD6z9rXfUcp7qRdbJWI.roa (raw, json)
Hash identifier: oaOnRQjOH92B7WyIi+/MyL17RlO+bB9jnEYaztQoJQ0=
Subject key identifier: 0E:D6:64:FF:63:41:50:3E:B3:F6:B5:DF:51:CA:7B:A9:17:5B:25:62
Certificate issuer: /CN=2b7ab6569de78d3c4a082fde6dd1d6a3f0d509c2
Certificate serial: 0185725590FF932BA487BAE5E8F7B482647A
Authority key identifier: 2B:7A:B6:56:9D:E7:8D:3C:4A:08:2F:DE:6D:D1:D6:A3:F0:D5:09:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K3q2Vp3njTxKCC_ebdHWo_DVCcI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/6e4544-e65f-4bf0-94c8-3fc96594b4c5/1/DtZk_2NBUD6z9rXfUcp7qRdbJWI.roa
Signing time: Mon 02 Jan 2023 11:54:48 +0000
ROA not before: Mon 02 Jan 2023 11:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201015
IP address blocks: 185.111.66.0/24 maxlen: 24
185.111.67.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:55:90:ff:93:2b:a4:87:ba:e5:e8:f7:b4:82:64:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b7ab6569de78d3c4a082fde6dd1d6a3f0d509c2
Validity
Not Before: Jan 2 11:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ed664ff6341503eb3f6b5df51ca7ba9175b2562
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d2:17:a0:7d:54:5c:3d:ca:81:a6:d1:77:3a:
9a:25:a2:1f:95:44:ab:87:bb:a5:fa:fd:f7:00:d6:
0b:a1:ea:7f:e4:53:60:0f:8d:d8:ae:13:28:cb:b1:
b0:cf:c6:30:84:60:02:27:2a:6e:bf:be:fa:e6:33:
e8:83:0b:08:2f:c1:3f:5b:60:bf:63:13:19:0b:fe:
87:c0:84:78:cc:a0:57:e5:a0:4d:77:96:6b:13:97:
da:63:33:98:56:30:19:d1:4d:83:a7:37:2b:0f:3b:
a8:0c:8e:c8:24:86:37:2d:bc:a8:bc:e4:bf:d3:c0:
4f:03:e6:f3:fd:31:7a:12:fa:e2:74:20:21:ec:0e:
7e:df:fc:c5:33:4d:c5:7a:5f:61:41:f7:3f:88:15:
7a:34:6f:9c:ac:e9:4f:66:cf:42:e9:f4:48:22:45:
b0:16:0c:5a:a6:d1:89:ae:38:7b:42:c6:93:7f:2e:
60:b7:5b:e7:f6:28:93:be:af:58:56:90:e6:95:2b:
4c:2c:f0:ff:cb:43:5e:10:8b:a5:13:c1:e4:cb:74:
5c:fe:66:0a:c2:19:c5:15:ce:d5:32:12:bb:c8:fe:
91:ad:3d:6f:a1:0c:1b:c2:93:22:b9:7c:01:49:f1:
ef:16:43:0c:78:c4:9f:6d:75:65:b3:67:f2:53:0b:
58:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:D6:64:FF:63:41:50:3E:B3:F6:B5:DF:51:CA:7B:A9:17:5B:25:62
X509v3 Authority Key Identifier:
keyid:2B:7A:B6:56:9D:E7:8D:3C:4A:08:2F:DE:6D:D1:D6:A3:F0:D5:09:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K3q2Vp3njTxKCC_ebdHWo_DVCcI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/6e4544-e65f-4bf0-94c8-3fc96594b4c5/1/DtZk_2NBUD6z9rXfUcp7qRdbJWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/6e4544-e65f-4bf0-94c8-3fc96594b4c5/1/K3q2Vp3njTxKCC_ebdHWo_DVCcI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.66.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:c9:5c:68:64:95:f3:86:e9:89:b5:94:7c:18:2e:eb:e9:da:
80:f7:72:b4:14:c0:8d:f6:1f:66:b1:32:5b:61:1a:4a:e2:4f:
f9:d5:cc:fc:8e:38:cc:7c:a2:ff:10:f0:5d:a4:97:da:dc:d2:
db:90:da:58:22:5a:2a:5c:1f:74:61:d9:a2:86:61:fa:d1:24:
a4:b4:1d:1e:98:94:fc:ac:bd:10:f2:dc:1a:60:1d:83:73:89:
dd:6d:b4:b9:04:89:da:27:a6:27:54:9d:6a:03:9a:04:7f:93:
33:2e:c0:51:cc:e5:ac:ee:ef:34:c1:da:46:49:86:e9:37:b1:
94:08:e5:5e:6a:46:89:a6:dd:97:f3:90:6e:9a:c4:8a:71:4c:
3c:8e:7b:fe:db:76:4f:4e:52:da:5c:37:5f:25:b6:9c:9d:93:
6a:4b:67:06:98:0b:46:a0:62:b5:79:d1:6a:73:21:83:01:c5:
7d:10:5d:4b:3e:ea:5b:e6:6f:df:1b:ae:85:63:9b:45:b1:15:
c5:ae:42:2c:fb:dd:5f:1f:7c:cd:8a:21:f8:9e:ca:fa:1c:7f:
13:77:fe:2c:79:d7:24:c4:8a:1a:77:21:24:cc:92:1b:7f:f9:
06:94:09:21:61:d1:d6:42:c4:87:5e:d5:18:ad:09:1c:0b:82:
01:88:09:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyVZD/kyukh7rl6Pe0gmR6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiN2FiNjU2OWRlNzhkM2M0YTA4MmZkZTZkZDFkNmEzZjBk
NTA5YzIwHhcNMjMwMTAyMTE1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWQ2NjRmZjYzNDE1MDNlYjNmNmI1ZGY1MWNhN2JhOTE3NWIyNTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNIXoH1UXD3KgabRdzqaJaIflUSr
h7ul+v33ANYLoep/5FNgD43YrhMoy7Gwz8YwhGACJypuv7765jPogwsIL8E/W2C/
YxMZC/6HwIR4zKBX5aBNd5ZrE5faYzOYVjAZ0U2DpzcrDzuoDI7IJIY3LbyovOS/
08BPA+bz/TF6EvridCAh7A5+3/zFM03Fel9hQfc/iBV6NG+crOlPZs9C6fRIIkWw
FgxaptGJrjh7QsaTfy5gt1vn9iiTvq9YVpDmlStMLPD/y0NeEIulE8Hky3Rc/mYK
whnFFc7VMhK7yP6RrT1voQwbwpMiuXwBSfHvFkMMeMSfbXVls2fyUwtYqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA7WZP9jQVA+s/a131HKe6kXWyViMB8GA1UdIwQY
MBaAFCt6tlad5408Sggv3m3R1qPw1QnCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzNxMlZwM25qVHhLQ0NfZWJkSFdvX0RWQ2NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC82ZTQ1NDQtZTY1Zi00YmYwLTk0Yzgt
M2ZjOTY1OTRiNGM1LzEvRHRaa18yTkJVRDZ6OXJYZlVjcDdxUmRiSldJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC82ZTQ1NDQtZTY1Zi00YmYwLTk0YzgtM2ZjOTY1OTRiNGM1
LzEvSzNxMlZwM25qVHhLQ0NfZWJkSFdvX0RWQ2NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuW9CMA0G
CSqGSIb3DQEBCwUAA4IBAQBOyVxoZJXzhumJtZR8GC7r6dqA93K0FMCN9h9msTJb
YRpK4k/51cz8jjjMfKL/EPBdpJfa3NLbkNpYIloqXB90YdmihmH60SSktB0emJT8
rL0Q8twaYB2Dc4ndbbS5BInaJ6YnVJ1qA5oEf5MzLsBRzOWs7u80wdpGSYbpN7GU
COVeakaJpt2X85BumsSKcUw8jnv+23ZPTlLaXDdfJbacnZNqS2cGmAtGoGK1edFq
cyGDAcV9EF1LPupb5m/fG66FY5tFsRXFrkIs+91fH3zNiiH4nsr6HH8Td/4sedck
xIoadyEkzJIbf/kGlAkhYdHWQsSHXtUYrQkcC4IBiAmU
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:50 2024 by rpki-client on console-fra.rpki-client.org