Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/a9276f-e8c1-45d6-a42d-0c64debe9ec4/1/Z9XMtfokdcOkycoAPmH4wugGCE0.roa
File: Z9XMtfokdcOkycoAPmH4wugGCE0.roa (raw, json)
Hash identifier: dAZPw0LKeUIYGlHz3hWovhCPtKHhP96tSnajY9Ozr9s=
Subject key identifier: 67:D5:CC:B5:FA:24:75:C3:A4:C9:CA:00:3E:61:F8:C2:E8:06:08:4D
Certificate issuer: /CN=0502861f923c7ec1132b548f7abb861baca1f406
Certificate serial: 01857230EF7AE9C5CEEDFB8A8AC6EF44F5B9
Authority key identifier: 05:02:86:1F:92:3C:7E:C1:13:2B:54:8F:7A:BB:86:1B:AC:A1:F4:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BQKGH5I8fsETK1SPeruGG6yh9AY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/a9276f-e8c1-45d6-a42d-0c64debe9ec4/1/Z9XMtfokdcOkycoAPmH4wugGCE0.roa
Signing time: Mon 02 Jan 2023 11:14:47 +0000
ROA not before: Mon 02 Jan 2023 11:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12859
IP address blocks: 185.104.28.0/22 maxlen: 24
2a06:2ec0::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:30:ef:7a:e9:c5:ce:ed:fb:8a:8a:c6:ef:44:f5:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0502861f923c7ec1132b548f7abb861baca1f406
Validity
Not Before: Jan 2 11:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67d5ccb5fa2475c3a4c9ca003e61f8c2e806084d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:20:82:05:cf:36:43:8c:18:b8:3b:e3:52:01:
36:b8:2d:79:a5:5e:b8:f5:5c:c8:b0:e4:c6:b1:78:
a8:0b:ba:07:c2:ba:49:bf:a9:c0:a0:77:8a:a2:3d:
99:f2:bf:12:1b:65:a7:e4:e2:ce:37:88:5e:ec:49:
4c:a6:cd:b4:2a:fe:cf:f2:f5:f4:ee:87:8a:6a:37:
62:9f:d7:dc:51:c3:13:96:47:3a:20:e4:ea:61:4c:
77:64:cd:5d:23:7b:81:3d:1c:d3:58:1c:87:fb:e9:
fe:19:da:12:cb:81:58:40:04:76:e7:85:48:a9:3d:
34:74:45:af:0d:d0:8e:5b:1e:6f:3f:c4:c7:02:75:
20:ae:19:f8:0e:02:2f:65:4d:af:c0:cc:bf:6f:72:
88:9c:c1:91:3f:bd:85:63:99:a0:a4:b5:d8:b0:77:
3d:af:d6:42:5a:b0:b1:f7:3a:61:18:9f:18:21:03:
28:10:f3:21:27:08:35:21:41:b1:22:42:08:97:3e:
02:3f:38:3c:38:a5:c6:63:23:72:53:78:58:86:d7:
77:e1:3f:49:d0:a8:19:bc:19:85:5e:4e:39:9d:bb:
65:a3:67:05:ee:ba:54:2b:e0:1e:0b:65:3a:b0:a0:
5b:e2:fc:b1:30:ca:20:61:55:cc:f6:99:dc:d5:1b:
45:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:D5:CC:B5:FA:24:75:C3:A4:C9:CA:00:3E:61:F8:C2:E8:06:08:4D
X509v3 Authority Key Identifier:
keyid:05:02:86:1F:92:3C:7E:C1:13:2B:54:8F:7A:BB:86:1B:AC:A1:F4:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQKGH5I8fsETK1SPeruGG6yh9AY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a9276f-e8c1-45d6-a42d-0c64debe9ec4/1/Z9XMtfokdcOkycoAPmH4wugGCE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a9276f-e8c1-45d6-a42d-0c64debe9ec4/1/BQKGH5I8fsETK1SPeruGG6yh9AY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.28.0/22
IPv6:
2a06:2ec0::/29
Signature Algorithm: sha256WithRSAEncryption
14:98:e3:54:93:27:b7:b4:9c:1b:f1:0a:59:3d:73:5b:31:c1:
7c:be:4f:11:8b:56:30:3a:98:31:9b:85:46:f3:47:af:98:a8:
33:98:f8:37:b9:82:3c:6e:25:59:64:8e:12:c3:47:b1:47:19:
b4:19:69:70:e3:1e:51:70:c5:12:89:80:e9:ee:92:5d:e4:bc:
3e:7a:64:a8:1e:cd:42:02:cd:3d:87:f1:16:53:8c:63:71:60:
29:a3:11:e6:5a:92:13:82:e4:78:59:59:dc:e0:19:f9:c8:5e:
18:3b:7d:04:f1:88:b7:dc:86:5a:b1:9e:a0:22:2a:57:6c:42:
0f:88:70:30:e8:e0:52:f5:5c:c9:b0:2b:5e:ce:03:e7:a6:cc:
1d:30:31:35:6c:62:79:98:b2:02:87:28:26:a8:8d:e3:f9:22:
c2:5c:b2:87:91:c3:f7:b1:36:e0:10:f3:a0:0e:2f:bc:d1:65:
41:33:a3:e0:fb:ca:99:8e:f9:af:ca:9a:fd:2c:0c:61:f8:49:
7e:86:c7:67:ed:ee:ae:49:92:9a:c6:aa:7d:8a:4e:07:18:1b:
e6:c7:86:b7:35:43:1e:56:b8:b2:ed:3c:0b:eb:0a:62:74:c3:
2c:d7:43:1b:13:4a:ad:ee:91:98:1b:39:ae:9c:1a:62:de:20:
eb:a7:24:29
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyMO966cXO7fuKisbvRPW5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MDI4NjFmOTIzYzdlYzExMzJiNTQ4ZjdhYmI4NjFiYWNh
MWY0MDYwHhcNMjMwMTAyMTExNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2Q1Y2NiNWZhMjQ3NWMzYTRjOWNhMDAzZTYxZjhjMmU4MDYwODRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriCCBc82Q4wYuDvjUgE2uC15pV64
9VzIsOTGsXioC7oHwrpJv6nAoHeKoj2Z8r8SG2Wn5OLON4he7ElMps20Kv7P8vX0
7oeKajdin9fcUcMTlkc6IOTqYUx3ZM1dI3uBPRzTWByH++n+GdoSy4FYQAR254VI
qT00dEWvDdCOWx5vP8THAnUgrhn4DgIvZU2vwMy/b3KInMGRP72FY5mgpLXYsHc9
r9ZCWrCx9zphGJ8YIQMoEPMhJwg1IUGxIkIIlz4CPzg8OKXGYyNyU3hYhtd34T9J
0KgZvBmFXk45nbtlo2cF7rpUK+AeC2U6sKBb4vyxMMogYVXM9pnc1RtFJwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGfVzLX6JHXDpMnKAD5h+MLoBghNMB8GA1UdIwQY
MBaAFAUChh+SPH7BEytUj3q7hhusofQGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlFLR0g1SThmc0VUSzFTUGVydUdHNnloOUFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9hOTI3NmYtZThjMS00NWQ2LWE0MmQt
MGM2NGRlYmU5ZWM0LzEvWjlYTXRmb2tkY09reWNvQVBtSDR3dWdHQ0UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9hOTI3NmYtZThjMS00NWQ2LWE0MmQtMGM2NGRlYmU5ZWM0
LzEvQlFLR0g1SThmc0VUSzFTUGVydUdHNnloOUFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWgcMA0E
AgACMAcDBQMqBi7AMA0GCSqGSIb3DQEBCwUAA4IBAQAUmONUkye3tJwb8QpZPXNb
McF8vk8Ri1YwOpgxm4VG80evmKgzmPg3uYI8biVZZI4Sw0exRxm0GWlw4x5RcMUS
iYDp7pJd5Lw+emSoHs1CAs09h/EWU4xjcWApoxHmWpITguR4WVnc4Bn5yF4YO30E
8Yi33IZasZ6gIipXbEIPiHAw6OBS9VzJsCtezgPnpswdMDE1bGJ5mLIChygmqI3j
+SLCXLKHkcP3sTbgEPOgDi+80WVBM6Pg+8qZjvmvypr9LAxh+El+hsdn7e6uSZKa
xqp9ik4HGBvmx4a3NUMeVriy7TwL6wpidMMs10MbE0qt7pGYGzmunBpi3iDrpyQp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:22 2024 by rpki-client on console-ams.rpki-client.org