Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/rZQxg_oF76ofIOhsVGp8RUHjEGs.roa
File: rZQxg_oF76ofIOhsVGp8RUHjEGs.roa (raw, json)
Hash identifier: nloXK6KROcI25phF6yyGX30LVRZnryvGC+Eee/O024s=
Subject key identifier: AD:94:31:83:FA:05:EF:AA:1F:20:E8:6C:54:6A:7C:45:41:E3:10:6B
Certificate issuer: /CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f
Certificate serial: 0188E82A664A35AF0110750DFBB84B6CD178
Authority key identifier: D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/rZQxg_oF76ofIOhsVGp8RUHjEGs.roa
Signing time: Fri 23 Jun 2023 12:11:12 +0000
ROA not before: Fri 23 Jun 2023 12:11:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198426
IP address blocks: 185.149.209.0/24 maxlen: 24
192.175.40.0/22 maxlen: 22
2a0d:a0c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e8:2a:66:4a:35:af:01:10:75:0d:fb:b8:4b:6c:d1:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f
Validity
Not Before: Jun 23 12:11:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad943183fa05efaa1f20e86c546a7c4541e3106b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:25:72:9d:76:c4:48:98:8c:d4:16:b1:49:d2:
b8:f4:85:fd:8f:71:a6:8d:7c:8f:52:e1:b0:0e:3c:
9a:7f:2a:76:4c:f0:b2:e1:56:38:54:17:09:42:b9:
7b:9e:34:61:07:0f:7b:34:37:be:b8:22:5c:33:04:
c6:b6:e6:71:ed:69:f8:37:17:9c:4b:99:d3:33:ed:
33:a0:9a:44:f0:8c:ba:79:c7:87:fe:af:d3:99:e5:
f8:ee:4c:ea:7d:aa:b3:f0:a6:ea:39:c7:4f:c3:63:
2a:a9:0b:ae:30:68:bd:3c:00:e0:25:d4:52:dc:ac:
5b:d1:4c:1c:99:5e:21:2b:14:e4:3a:bf:2e:de:14:
03:05:50:84:00:6c:0d:af:5e:7d:02:4c:72:ef:c8:
62:08:c7:b2:c1:17:ab:38:10:56:35:c4:70:f8:a9:
cd:ea:2e:4a:63:14:bf:47:86:5e:20:29:8d:4a:28:
4e:8e:00:17:83:dd:85:0d:db:d8:8f:01:8e:c5:e7:
c0:4c:8a:e3:1d:03:44:4b:f3:36:1b:84:80:9a:ec:
e4:9c:76:ca:d5:1c:a6:b4:8b:90:85:98:13:dc:9e:
e4:1c:0a:47:96:7c:ed:f7:a5:94:f3:7a:29:2f:d7:
2d:60:b7:2c:5b:25:54:3c:a1:d0:2a:12:f3:be:a7:
f7:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:94:31:83:FA:05:EF:AA:1F:20:E8:6C:54:6A:7C:45:41:E3:10:6B
X509v3 Authority Key Identifier:
keyid:D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/rZQxg_oF76ofIOhsVGp8RUHjEGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.209.0/24
192.175.40.0/22
IPv6:
2a0d:a0c0::/48
Signature Algorithm: sha256WithRSAEncryption
22:cd:7e:1e:b5:40:50:68:a7:94:f4:fa:99:7a:da:6d:a5:e5:
d3:1f:a4:4b:b8:c3:fc:6c:5a:ee:69:b9:1f:3b:84:fb:26:9a:
ba:33:29:55:6f:12:58:79:30:f7:36:e3:1f:81:be:a8:b2:d0:
16:b3:1b:f8:a1:53:0b:7b:ea:8e:00:89:aa:19:2c:db:e6:8c:
3a:79:be:d2:22:57:af:a7:02:2d:8e:cb:62:80:8d:25:ee:6f:
7a:32:4b:cc:da:4a:6c:7e:83:d3:dd:33:cc:8a:66:a4:9b:02:
26:c6:17:f9:39:d2:11:b1:f3:ed:1c:84:27:7f:0e:a0:21:ff:
3f:cc:d9:65:a7:e6:5c:75:7d:e4:99:f0:fd:75:8b:9c:e8:13:
4d:62:cb:e2:b2:ab:4f:3e:1c:49:8f:bd:3d:b3:0d:ac:79:1d:
f5:11:73:47:83:61:13:66:f9:54:39:f9:19:89:e4:f3:8b:8c:
d0:05:2f:07:3f:fd:c1:d8:fa:4e:eb:85:4d:35:5c:fd:e8:30:
03:b7:52:b5:bf:64:4c:62:a1:df:70:4c:a3:90:c6:49:cf:47:
4e:19:5d:d8:cb:e3:09:c0:c2:66:a5:91:a8:e2:16:36:48:a2:
29:c8:d9:ec:5c:c7:1c:7a:ea:b3:f8:bf:e4:7c:4a:eb:11:2c:
f7:d9:98:73
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYjoKmZKNa8BEHUN+7hLbNF4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNDA3OWJiNzA3MGVkMGVlZWEzYTFhNDY3Yzc5NDYyYmNj
NTQ1NWYwHhcNMjMwNjIzMTIxMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDk0MzE4M2ZhMDVlZmFhMWYyMGU4NmM1NDZhN2M0NTQxZTMxMDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyVynXbESJiM1BaxSdK49IX9j3Gm
jXyPUuGwDjyafyp2TPCy4VY4VBcJQrl7njRhBw97NDe+uCJcMwTGtuZx7Wn4Nxec
S5nTM+0zoJpE8Iy6eceH/q/TmeX47kzqfaqz8KbqOcdPw2MqqQuuMGi9PADgJdRS
3Kxb0UwcmV4hKxTkOr8u3hQDBVCEAGwNr159Akxy78hiCMeywRerOBBWNcRw+KnN
6i5KYxS/R4ZeICmNSihOjgAXg92FDdvYjwGOxefATIrjHQNES/M2G4SAmuzknHbK
1RymtIuQhZgT3J7kHApHlnzt96WU83opL9ctYLcsWyVUPKHQKhLzvqf32wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFK2UMYP6Be+qHyDobFRqfEVB4xBrMB8GA1UdIwQY
MBaAFNBAebtwcO0O7qOhpGfHlGK8xUVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTkt
NjIwOThkMWVjMWU2LzEvclpReGdfb0Y3Nm9mSU9oc1ZHcDhSVUhqRUdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTktNjIwOThkMWVjMWU2
LzEvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuZXRAwQC
wK8oMA8EAgACMAkDBwAqDaDAAAAwDQYJKoZIhvcNAQELBQADggEBACLNfh61QFBo
p5T0+pl62m2l5dMfpEu4w/xsWu5puR87hPsmmrozKVVvElh5MPc24x+Bvqiy0Baz
G/ihUwt76o4AiaoZLNvmjDp5vtIiV6+nAi2Oy2KAjSXub3oyS8zaSmx+g9PdM8yK
ZqSbAibGF/k50hGx8+0chCd/DqAh/z/M2WWn5lx1feSZ8P11i5zoE01iy+Kyq08+
HEmPvT2zDax5HfURc0eDYRNm+VQ5+RmJ5POLjNAFLwc//cHY+k7rhU01XP3oMAO3
UrW/ZExiod9wTKOQxknPR04ZXdjL4wnAwmalkajiFjZIoinI2excxxx66rP4v+R8
SusRLPfZmHM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:18 2024 by rpki-client on console-ams.rpki-client.org