Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/fa73f8-33e0-4032-84ec-a96ef6f6435c/1/RHZ_6Nc0dkQ2CNCekJDSw9txU6M.roa
File: RHZ_6Nc0dkQ2CNCekJDSw9txU6M.roa (raw, json)
Hash identifier: 3QcXJqlkjNWoSIuocxcWh9Kk6sTFeHN3rhtWhcDYlL8=
Subject key identifier: 44:76:7F:E8:D7:34:76:44:36:08:D0:9E:90:90:D2:C3:DB:71:53:A3
Certificate issuer: /CN=d04265fb11c2a220bc350718673e0704d1edadde
Certificate serial: 01860902514DF550527EE8EF30DD19CAB62E
Authority key identifier: D0:42:65:FB:11:C2:A2:20:BC:35:07:18:67:3E:07:04:D1:ED:AD:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0EJl-xHCoiC8NQcYZz4HBNHtrd4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/fa73f8-33e0-4032-84ec-a96ef6f6435c/1/RHZ_6Nc0dkQ2CNCekJDSw9txU6M.roa
Signing time: Tue 31 Jan 2023 18:06:32 +0000
ROA not before: Tue 31 Jan 2023 18:06:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48678
IP address blocks: 149.3.171.0/24 maxlen: 24
134.255.199.0/24 maxlen: 24
2a0c:6d40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 27 May 2023 02:13:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:09:02:51:4d:f5:50:52:7e:e8:ef:30:dd:19:ca:b6:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d04265fb11c2a220bc350718673e0704d1edadde
Validity
Not Before: Jan 31 18:06:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44767fe8d73476443608d09e9090d2c3db7153a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:1e:af:26:92:67:c5:f8:06:06:04:23:af:fb:
67:9e:60:44:fb:c8:ad:76:2c:ed:bb:1e:4c:25:ca:
41:aa:0a:b2:c6:51:88:96:f0:ae:da:35:60:41:6c:
02:11:8c:22:c8:7f:0c:40:09:d1:a7:46:24:08:96:
86:64:77:4e:7e:68:d6:a2:8b:59:bb:00:d0:0b:5f:
6d:28:f2:d9:d3:62:ff:de:64:74:32:a9:6d:f4:90:
fb:67:e9:f0:a2:b1:ba:ce:ad:49:07:a5:30:a0:07:
aa:fd:1a:db:f2:3b:3d:fd:1a:74:dd:7d:67:3b:8a:
c4:1d:6b:0c:44:02:08:de:f6:e8:de:5c:63:b8:96:
74:0c:1a:5e:4e:a8:49:71:a6:90:34:73:c2:2c:9c:
4f:88:cc:81:54:df:8c:dc:70:3f:2b:71:ac:06:f6:
31:71:a1:c6:18:5a:2f:da:55:c7:81:1f:ac:b7:b1:
5b:16:f3:02:c9:7b:22:64:58:87:45:06:8b:41:d6:
da:ba:72:1d:4a:79:72:5b:2f:1e:71:af:d9:3e:62:
d1:0c:d9:23:ba:8e:96:95:d7:12:5e:ac:7f:60:f0:
60:64:ee:58:c7:16:c2:e8:9c:d5:8f:bb:a0:cd:b9:
2c:2a:f4:7e:1c:33:10:9a:32:5f:78:33:8a:8d:c6:
92:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:76:7F:E8:D7:34:76:44:36:08:D0:9E:90:90:D2:C3:DB:71:53:A3
X509v3 Authority Key Identifier:
keyid:D0:42:65:FB:11:C2:A2:20:BC:35:07:18:67:3E:07:04:D1:ED:AD:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0EJl-xHCoiC8NQcYZz4HBNHtrd4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/fa73f8-33e0-4032-84ec-a96ef6f6435c/1/RHZ_6Nc0dkQ2CNCekJDSw9txU6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/fa73f8-33e0-4032-84ec-a96ef6f6435c/1/0EJl-xHCoiC8NQcYZz4HBNHtrd4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.255.199.0/24
149.3.171.0/24
IPv6:
2a0c:6d40::/29
Signature Algorithm: sha256WithRSAEncryption
90:f8:27:df:74:2d:bb:df:0d:63:67:2d:3e:31:8c:27:f3:37:
85:38:d4:f5:0e:03:e8:f7:ed:46:f5:39:7c:54:4c:3b:fe:5d:
70:52:d6:68:e2:7f:3d:e6:2a:0f:d8:4d:bb:07:20:5b:fb:fc:
c3:c0:c4:11:58:5b:45:19:9e:75:41:9d:0c:7a:7a:b3:8a:2e:
07:c0:01:8e:a5:b4:70:ef:4f:b8:11:9e:f3:8f:88:65:e9:ec:
97:81:c8:b1:bf:dd:ba:19:75:31:53:7c:13:66:b2:14:ed:f7:
81:04:8f:df:e6:14:05:11:33:5a:26:e7:8b:c2:ef:52:5e:5b:
83:6b:d0:40:9e:3a:f2:e6:e8:1f:cb:3c:98:06:4b:d0:30:3b:
61:fd:ec:f9:1d:c5:18:97:6e:8c:b3:57:cf:7b:72:0d:aa:09:
7b:e7:a6:78:e5:17:3f:20:98:52:a4:3a:3c:f2:17:e0:59:2d:
1d:05:a1:58:c7:44:7f:6f:3b:d1:32:48:35:09:fe:d8:1a:86:
c5:35:28:83:92:f3:20:76:77:96:2b:25:f5:ce:6c:2f:66:68:
70:2f:eb:fe:0d:61:88:47:30:27:28:58:22:96:75:eb:ab:66:
30:4a:f7:dd:71:40:9a:f1:45:f8:dd:f8:26:41:8f:de:ea:ac:
41:9d:3d:79
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYYJAlFN9VBSfujvMN0ZyrYuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNDI2NWZiMTFjMmEyMjBiYzM1MDcxODY3M2UwNzA0ZDFl
ZGFkZGUwHhcNMjMwMTMxMTgwNjMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDc2N2ZlOGQ3MzQ3NjQ0MzYwOGQwOWU5MDkwZDJjM2RiNzE1M2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgh6vJpJnxfgGBgQjr/tnnmBE+8it
diztux5MJcpBqgqyxlGIlvCu2jVgQWwCEYwiyH8MQAnRp0YkCJaGZHdOfmjWootZ
uwDQC19tKPLZ02L/3mR0Mqlt9JD7Z+nworG6zq1JB6UwoAeq/Rrb8js9/Rp03X1n
O4rEHWsMRAII3vbo3lxjuJZ0DBpeTqhJcaaQNHPCLJxPiMyBVN+M3HA/K3GsBvYx
caHGGFov2lXHgR+st7FbFvMCyXsiZFiHRQaLQdbaunIdSnlyWy8eca/ZPmLRDNkj
uo6WldcSXqx/YPBgZO5YxxbC6JzVj7ugzbksKvR+HDMQmjJfeDOKjcaSDwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFER2f+jXNHZENgjQnpCQ0sPbcVOjMB8GA1UdIwQY
MBaAFNBCZfsRwqIgvDUHGGc+BwTR7a3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEVKbC14SENvaUM4TlFjWVp6NEhCTkh0cmQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9mYTczZjgtMzNlMC00MDMyLTg0ZWMt
YTk2ZWY2ZjY0MzVjLzEvUkhaXzZOYzBka1EyQ05DZWtKRFN3OXR4VTZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9mYTczZjgtMzNlMC00MDMyLTg0ZWMtYTk2ZWY2ZjY0MzVj
LzEvMEVKbC14SENvaUM4TlFjWVp6NEhCTkh0cmQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAhv/HAwQA
lQOrMA0EAgACMAcDBQMqDG1AMA0GCSqGSIb3DQEBCwUAA4IBAQCQ+CffdC273w1j
Zy0+MYwn8zeFONT1DgPo9+1G9Tl8VEw7/l1wUtZo4n895ioP2E27ByBb+/zDwMQR
WFtFGZ51QZ0Menqzii4HwAGOpbRw70+4EZ7zj4hl6eyXgcixv926GXUxU3wTZrIU
7feBBI/f5hQFETNaJueLwu9SXluDa9BAnjry5ugfyzyYBkvQMDth/ez5HcUYl26M
s1fPe3INqgl756Z45Rc/IJhSpDo88hfgWS0dBaFYx0R/bzvRMkg1Cf7YGobFNSiD
kvMgdneWKyX1zmwvZmhwL+v+DWGIRzAnKFgilnXrq2YwSvfdcUCa8UX43fgmQY/e
6qxBnT15
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:32 2024 by rpki-client on console-ams.rpki-client.org