Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/atiZjH5vYFznriYxOXdHoLYh6mk.roa
File: atiZjH5vYFznriYxOXdHoLYh6mk.roa (raw, json)
Hash identifier: yBYiFlLAdcbXyZkC+D97VryaAIex/ZLZZDRTY3tPUfM=
Subject key identifier: 6A:D8:99:8C:7E:6F:60:5C:E7:AE:26:31:39:77:47:A0:B6:21:EA:69
Certificate issuer: /CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f
Certificate serial: 01857231112EA6B299A73A2B7F79A311B35E
Authority key identifier: D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/atiZjH5vYFznriYxOXdHoLYh6mk.roa
Signing time: Mon 02 Jan 2023 11:14:56 +0000
ROA not before: Mon 02 Jan 2023 11:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198426
IP address blocks: 185.149.208.0/22 maxlen: 22
192.175.40.0/22 maxlen: 22
2a0d:a0c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 06 Jun 2023 06:52:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:31:11:2e:a6:b2:99:a7:3a:2b:7f:79:a3:11:b3:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f
Validity
Not Before: Jan 2 11:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ad8998c7e6f605ce7ae2631397747a0b621ea69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c1:d8:cc:f9:76:36:d2:c5:b8:ce:a5:a1:90:
a3:aa:df:4a:1e:7b:64:d6:31:ef:09:fe:20:72:d2:
a6:7d:90:af:24:12:cb:85:58:23:56:ee:41:70:1c:
0c:bd:0f:44:d0:ea:16:7c:fb:19:02:a1:a2:41:2f:
80:73:b8:78:f0:1b:c0:4b:46:82:a7:cb:dc:e3:8f:
98:1f:f6:2c:bc:f8:87:75:75:52:e5:55:99:47:d6:
ee:13:4b:e5:68:bf:96:9e:77:ff:1c:b4:f2:bc:0d:
05:2d:87:80:db:43:50:ef:93:23:a2:e6:b3:02:38:
14:5d:3a:64:5c:96:66:18:3b:01:4f:a0:da:b1:44:
2e:bf:9f:cf:12:e1:b0:06:77:74:96:94:07:3c:e6:
4d:ac:ca:55:f8:cb:d7:c4:de:1f:b4:d1:88:65:3f:
ca:46:6e:07:28:bb:ee:6b:b5:1a:bf:f4:56:54:82:
3c:60:d7:7c:61:bd:df:1a:22:8c:96:0b:db:a1:e3:
a5:87:65:e5:83:c6:e4:37:a3:af:37:e2:2d:bd:67:
af:83:97:05:5d:c4:c4:eb:30:75:a6:ae:7e:a0:e9:
39:15:7f:3f:77:11:f9:73:a8:00:ca:83:52:4d:61:
08:e6:76:0b:2b:84:64:14:dd:a8:97:5c:0f:f9:f8:
b7:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:D8:99:8C:7E:6F:60:5C:E7:AE:26:31:39:77:47:A0:B6:21:EA:69
X509v3 Authority Key Identifier:
keyid:D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/atiZjH5vYFznriYxOXdHoLYh6mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.208.0/22
192.175.40.0/22
IPv6:
2a0d:a0c0::/48
Signature Algorithm: sha256WithRSAEncryption
0b:72:8d:ef:0f:a3:20:b1:0f:ba:df:69:6a:d6:1a:cf:97:fe:
b3:34:57:7d:3c:3e:b3:f4:dd:f8:e4:14:dc:9f:93:bd:5b:c9:
cd:0d:3c:01:51:8c:cf:12:34:b1:62:02:4f:f1:4e:c3:db:f1:
42:df:6f:ef:60:eb:aa:a6:32:89:ae:9b:30:14:ea:af:8d:ad:
c2:a6:de:69:4a:03:a2:2e:30:3b:ec:69:24:b7:07:13:b0:3a:
e6:dc:71:65:8a:30:be:d9:f2:9f:26:23:d3:80:5f:6e:9f:89:
4d:aa:b9:c6:c1:86:df:63:ea:1f:06:df:cb:f7:fe:1f:ca:43:
8a:73:52:3b:4b:41:7d:42:a0:ee:70:4e:dd:70:49:1e:51:2e:
e4:52:4a:e8:db:ef:b6:f5:48:79:07:04:b6:ad:04:c0:f7:f4:
38:19:26:21:08:4f:b4:6c:c7:65:48:18:50:96:be:f1:f6:16:
f1:93:d0:45:59:98:9d:12:60:22:40:dd:ed:96:94:39:77:bd:
7e:75:d2:d5:f2:3b:3b:54:ae:82:bf:d3:9d:9e:fe:8a:7d:c3:
d8:0b:2f:05:22:f2:78:81:e9:38:e2:a0:52:11:bc:2b:53:6a:
37:9c:e6:c3:b6:91:6a:62:24:e0:8e:77:45:6e:b1:f3:66:d5:
a2:d8:96:28
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVyMREuprKZpzorf3mjEbNeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNDA3OWJiNzA3MGVkMGVlZWEzYTFhNDY3Yzc5NDYyYmNj
NTQ1NWYwHhcNMjMwMTAyMTExNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWQ4OTk4YzdlNmY2MDVjZTdhZTI2MzEzOTc3NDdhMGI2MjFlYTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8HYzPl2NtLFuM6loZCjqt9KHntk
1jHvCf4gctKmfZCvJBLLhVgjVu5BcBwMvQ9E0OoWfPsZAqGiQS+Ac7h48BvAS0aC
p8vc44+YH/YsvPiHdXVS5VWZR9buE0vlaL+Wnnf/HLTyvA0FLYeA20NQ75Mjouaz
AjgUXTpkXJZmGDsBT6DasUQuv5/PEuGwBnd0lpQHPOZNrMpV+MvXxN4ftNGIZT/K
Rm4HKLvua7Uav/RWVII8YNd8Yb3fGiKMlgvboeOlh2Xlg8bkN6OvN+ItvWevg5cF
XcTE6zB1pq5+oOk5FX8/dxH5c6gAyoNSTWEI5nYLK4RkFN2ol1wP+fi3owIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGrYmYx+b2Bc564mMTl3R6C2IeppMB8GA1UdIwQY
MBaAFNBAebtwcO0O7qOhpGfHlGK8xUVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTkt
NjIwOThkMWVjMWU2LzEvYXRpWmpINXZZRnpucmlZeE9YZEhvTFloNm1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTktNjIwOThkMWVjMWU2
LzEvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCuZXQAwQC
wK8oMA8EAgACMAkDBwAqDaDAAAAwDQYJKoZIhvcNAQELBQADggEBAAtyje8PoyCx
D7rfaWrWGs+X/rM0V308PrP03fjkFNyfk71byc0NPAFRjM8SNLFiAk/xTsPb8ULf
b+9g66qmMomumzAU6q+NrcKm3mlKA6IuMDvsaSS3BxOwOubccWWKML7Z8p8mI9OA
X26fiU2qucbBht9j6h8G38v3/h/KQ4pzUjtLQX1CoO5wTt1wSR5RLuRSSujb77b1
SHkHBLatBMD39DgZJiEIT7Rsx2VIGFCWvvH2FvGT0EVZmJ0SYCJA3e2WlDl3vX51
0tXyOztUroK/052e/op9w9gLLwUi8niB6TjioFIRvCtTajec5sO2kWpiJOCOd0Vu
sfNm1aLYlig=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:18 2024 by rpki-client on console-ams.rpki-client.org