Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/33339f-6d98-4b5f-ab60-1c94cb7dfeb3/1/ZhCNDTsGnQh94fIzmdhm2oVWb5E.roa
File: ZhCNDTsGnQh94fIzmdhm2oVWb5E.roa (raw, json)
Hash identifier: MGgzXfjTb3p/Aket6H2FoE34w6gg82Er+6FwZrNrYwY=
Subject key identifier: 66:10:8D:0D:3B:06:9D:08:7D:E1:F2:33:99:D8:66:DA:85:56:6F:91
Certificate issuer: /CN=8e8b1071131763aadab1f294e37cd50adac0939c
Certificate serial: 01856C784CE9801C1AF03CCA20639331C04F
Authority key identifier: 8E:8B:10:71:13:17:63:AA:DA:B1:F2:94:E3:7C:D5:0A:DA:C0:93:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/josQcRMXY6rasfKU43zVCtrAk5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/33339f-6d98-4b5f-ab60-1c94cb7dfeb3/1/ZhCNDTsGnQh94fIzmdhm2oVWb5E.roa
Signing time: Sun 01 Jan 2023 08:35:01 +0000
ROA not before: Sun 01 Jan 2023 08:35:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20249
IP address blocks: 185.55.132.0/22 maxlen: 22
185.55.132.0/23 maxlen: 23
185.55.134.0/23 maxlen: 23
185.55.134.0/24 maxlen: 24
185.55.135.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:4c:e9:80:1c:1a:f0:3c:ca:20:63:93:31:c0:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e8b1071131763aadab1f294e37cd50adac0939c
Validity
Not Before: Jan 1 08:35:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66108d0d3b069d087de1f23399d866da85566f91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8b:01:cf:b0:9c:a8:f9:f2:d7:da:43:ce:d0:
43:e6:80:49:82:2a:9f:3a:d5:26:b9:79:35:e5:b3:
6b:0f:b4:8f:a4:fa:f9:16:e7:18:7f:22:8f:85:eb:
c7:fb:03:be:c7:38:53:a8:bd:07:52:f1:73:df:32:
54:4f:9d:5c:3d:71:08:df:bb:a0:b9:3a:0d:4b:82:
ab:10:c8:fc:cc:07:4e:e6:ce:26:29:34:a5:35:d1:
97:2f:66:d8:86:44:e3:99:d1:61:a2:57:7e:a5:83:
8d:e6:99:6d:c1:a2:7b:22:6f:d7:d2:da:76:0f:a2:
af:6c:d2:09:6b:27:a6:6d:46:74:0a:86:14:e3:d1:
a3:c8:5a:20:4a:32:d9:e8:07:de:e6:74:79:52:db:
8f:d4:25:5d:63:07:29:20:fd:ec:f0:c2:f1:ca:11:
e5:bc:86:1b:02:13:4d:ec:1a:78:7c:60:ed:71:12:
0d:ad:ee:77:05:a4:fc:08:86:0b:35:20:60:87:5a:
0d:7c:1a:ef:74:ec:29:58:db:f2:65:96:b3:43:c6:
06:7d:78:d3:a1:ee:ac:fc:05:db:d4:ad:60:35:1b:
3f:cb:3b:b5:ca:a8:03:16:67:54:f3:f4:1d:60:e1:
8e:d6:bc:af:c6:7b:fa:55:a8:42:16:21:18:c4:ce:
57:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:10:8D:0D:3B:06:9D:08:7D:E1:F2:33:99:D8:66:DA:85:56:6F:91
X509v3 Authority Key Identifier:
keyid:8E:8B:10:71:13:17:63:AA:DA:B1:F2:94:E3:7C:D5:0A:DA:C0:93:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/josQcRMXY6rasfKU43zVCtrAk5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/33339f-6d98-4b5f-ab60-1c94cb7dfeb3/1/ZhCNDTsGnQh94fIzmdhm2oVWb5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/33339f-6d98-4b5f-ab60-1c94cb7dfeb3/1/josQcRMXY6rasfKU43zVCtrAk5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.55.132.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:6e:33:f8:ab:e5:92:36:57:af:8a:46:c0:86:a5:09:81:2b:
3c:9c:95:a9:e3:be:1f:d8:a1:70:54:8c:3c:ec:ae:7e:d1:8a:
45:0d:64:e2:29:c1:11:53:6b:20:ef:12:0d:ce:93:a7:ec:b2:
39:a6:25:59:02:b8:94:6b:bb:b2:93:92:f4:3e:f7:56:c1:f8:
44:ed:01:f9:39:80:e5:a5:76:a9:87:05:30:3f:0f:f2:b3:82:
bc:f8:18:04:d5:bc:d9:14:bc:53:d3:ce:05:5f:cc:83:d1:01:
02:3b:bc:92:1e:aa:35:5d:c3:c1:04:99:f6:0c:79:7a:d1:eb:
d8:4f:b9:81:6e:22:d2:d4:dc:f2:ba:94:c0:b7:a7:df:72:1c:
5a:79:b9:24:13:27:94:7f:af:4a:05:2c:ae:da:52:ef:dd:bd:
1d:2f:a7:74:9a:c3:c1:20:f0:9c:9c:46:bd:5d:68:84:80:eb:
0e:31:6a:56:b0:26:0e:c2:af:f6:42:c9:ba:f1:f9:34:44:4f:
4c:82:88:f4:d3:73:74:82:f6:ed:dd:76:4b:da:a7:66:b3:39:
d5:83:47:41:d6:97:8a:4f:c8:a5:75:6a:91:c0:1c:65:c7:c5:
72:65:20:e6:51:66:c5:b0:14:a3:e0:12:37:7d:5f:34:43:7c:
28:99:b8:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVseEzpgBwa8DzKIGOTMcBPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlOGIxMDcxMTMxNzYzYWFkYWIxZjI5NGUzN2NkNTBhZGFj
MDkzOWMwHhcNMjMwMTAxMDgzNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjEwOGQwZDNiMDY5ZDA4N2RlMWYyMzM5OWQ4NjZkYTg1NTY2ZjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYsBz7CcqPny19pDztBD5oBJgiqf
OtUmuXk15bNrD7SPpPr5FucYfyKPhevH+wO+xzhTqL0HUvFz3zJUT51cPXEI37ug
uToNS4KrEMj8zAdO5s4mKTSlNdGXL2bYhkTjmdFhold+pYON5pltwaJ7Im/X0tp2
D6KvbNIJayembUZ0CoYU49GjyFogSjLZ6Afe5nR5UtuP1CVdYwcpIP3s8MLxyhHl
vIYbAhNN7Bp4fGDtcRINre53BaT8CIYLNSBgh1oNfBrvdOwpWNvyZZazQ8YGfXjT
oe6s/AXb1K1gNRs/yzu1yqgDFmdU8/QdYOGO1ryvxnv6VahCFiEYxM5XAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGYQjQ07Bp0IfeHyM5nYZtqFVm+RMB8GA1UdIwQY
MBaAFI6LEHETF2Oq2rHylON81QrawJOcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam9zUWNSTVhZNnJhc2ZLVTQzelZDdHJBazV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8zMzMzOWYtNmQ5OC00YjVmLWFiNjAt
MWM5NGNiN2RmZWIzLzEvWmhDTkRUc0duUWg5NGZJem1kaG0yb1ZXYjVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8zMzMzOWYtNmQ5OC00YjVmLWFiNjAtMWM5NGNiN2RmZWIz
LzEvam9zUWNSTVhZNnJhc2ZLVTQzelZDdHJBazV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTeEMA0G
CSqGSIb3DQEBCwUAA4IBAQBvbjP4q+WSNlevikbAhqUJgSs8nJWp474f2KFwVIw8
7K5+0YpFDWTiKcERU2sg7xINzpOn7LI5piVZAriUa7uyk5L0PvdWwfhE7QH5OYDl
pXaphwUwPw/ys4K8+BgE1bzZFLxT084FX8yD0QECO7ySHqo1XcPBBJn2DHl60evY
T7mBbiLS1NzyupTAt6ffchxaebkkEyeUf69KBSyu2lLv3b0dL6d0msPBIPCcnEa9
XWiEgOsOMWpWsCYOwq/2Qsm68fk0RE9Mgoj003N0gvbt3XZL2qdmsznVg0dB1peK
T8ildWqRwBxlx8VyZSDmUWbFsBSj4BI3fV80Q3wombg7
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:36 2024 by rpki-client on console-ams.rpki-client.org