Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/594fa8-d315-4a38-a631-dec02488c37c/1/rYSnHTZe4PwUfpp2V44NjWiCWZI.roa
File: rYSnHTZe4PwUfpp2V44NjWiCWZI.roa (raw, json)
Hash identifier: i1nUNNnP+UcvhVFgUR1odVN9yh4rXSo/22rDZjN1LoE=
Subject key identifier: AD:84:A7:1D:36:5E:E0:FC:14:7E:9A:76:57:8E:0D:8D:68:82:59:92
Certificate issuer: /CN=65226ee5ea0406592df975c6f4c84f10f14d15cb
Certificate serial: 01891CA5BCD73D7795AF09B53657AC2DCE5E
Authority key identifier: 65:22:6E:E5:EA:04:06:59:2D:F9:75:C6:F4:C8:4F:10:F1:4D:15:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZSJu5eoEBlkt-XXG9MhPEPFNFcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/594fa8-d315-4a38-a631-dec02488c37c/1/rYSnHTZe4PwUfpp2V44NjWiCWZI.roa
Signing time: Mon 03 Jul 2023 16:46:11 +0000
ROA not before: Mon 03 Jul 2023 16:46:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201422
IP address blocks: 185.75.129.0/24 maxlen: 24
185.75.128.0/22 maxlen: 22
185.75.128.0/24 maxlen: 24
2a03:4d24::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1c:a5:bc:d7:3d:77:95:af:09:b5:36:57:ac:2d:ce:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65226ee5ea0406592df975c6f4c84f10f14d15cb
Validity
Not Before: Jul 3 16:46:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad84a71d365ee0fc147e9a76578e0d8d68825992
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d1:8d:a7:3d:da:4e:ac:44:c8:a7:ef:71:6f:
00:f2:65:97:6d:ed:50:43:aa:db:9b:68:a1:e3:bb:
48:6b:87:71:a6:d2:85:83:7a:05:0f:8d:11:ab:e3:
5c:74:41:07:46:d8:dd:9c:50:44:0a:fe:01:ed:b0:
a4:7a:77:48:75:94:b2:ba:17:b2:38:ce:97:b9:1d:
a5:b5:0a:14:96:0c:c4:92:29:3d:9e:54:20:62:4b:
10:2e:b8:c2:a4:81:a5:4a:11:77:41:0a:73:9b:86:
1b:68:1b:ad:e1:1a:c8:87:46:9d:e5:e7:29:f8:00:
90:1e:29:a2:ea:a2:7f:be:bf:70:1a:75:b3:5a:d2:
4a:07:2b:06:60:ae:57:d4:0d:64:d6:29:b5:55:66:
5c:e9:52:0b:63:6d:49:d9:a9:43:ff:f8:b3:06:74:
d2:f1:bd:8a:ee:7a:82:a6:1d:24:c3:d5:bd:85:7d:
3a:d1:41:a3:ba:a5:5f:73:46:d3:38:af:05:36:38:
b8:b9:7b:f3:03:bf:ce:e3:dc:20:40:11:46:28:41:
76:73:d9:26:42:76:9d:56:b4:e4:a0:46:5e:51:61:
db:fb:83:5b:87:83:06:c3:0e:dc:7d:7d:d6:5a:ad:
10:71:43:79:87:8c:d3:b4:61:5c:17:2a:63:36:ba:
e3:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:84:A7:1D:36:5E:E0:FC:14:7E:9A:76:57:8E:0D:8D:68:82:59:92
X509v3 Authority Key Identifier:
keyid:65:22:6E:E5:EA:04:06:59:2D:F9:75:C6:F4:C8:4F:10:F1:4D:15:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZSJu5eoEBlkt-XXG9MhPEPFNFcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/594fa8-d315-4a38-a631-dec02488c37c/1/rYSnHTZe4PwUfpp2V44NjWiCWZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/594fa8-d315-4a38-a631-dec02488c37c/1/ZSJu5eoEBlkt-XXG9MhPEPFNFcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.128.0/22
IPv6:
2a03:4d24::/32
Signature Algorithm: sha256WithRSAEncryption
58:4e:01:96:b6:d9:c3:cc:56:07:74:73:6d:df:fa:e7:30:40:
ea:6a:2a:ad:44:59:58:71:cc:1c:fc:85:70:8b:24:a2:99:1e:
92:ce:5f:1b:50:07:8f:a0:2a:1f:9a:ff:b3:ed:99:3d:57:29:
98:8b:7e:dd:e6:1e:30:19:bb:28:eb:0e:b2:b7:9b:88:09:18:
ba:bd:13:be:e8:41:3e:51:83:47:7a:35:89:67:fd:19:b4:00:
3d:5e:1f:51:05:82:58:75:4e:cc:00:77:0b:97:da:0e:7e:60:
6c:96:55:e7:78:69:29:e8:ee:ea:54:50:1f:f8:00:b7:fe:e2:
c1:96:fe:d0:86:b5:c1:a7:b7:f5:2d:03:21:ae:50:e8:c3:90:
f8:b8:5d:6b:8a:a7:e6:b1:b8:73:e5:2a:66:94:e6:84:a6:5d:
1a:67:fc:49:d3:91:5c:82:f3:14:8f:ea:c1:3a:85:ef:35:dc:
c8:1e:24:47:ab:b5:d1:75:de:a6:9a:11:33:40:87:24:d7:8a:
88:f6:59:c3:b8:24:34:9a:ba:a0:f6:1a:ae:2c:5e:4f:1e:c6:
97:3d:ee:74:7f:df:d3:b6:fd:81:ad:72:cc:d7:52:bc:38:04:
9b:1a:2e:6c:6b:47:e6:19:12:73:87:3e:fc:ad:43:de:d5:9f:
ad:a1:68:1c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYkcpbzXPXeVrwm1NlesLc5eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MjI2ZWU1ZWEwNDA2NTkyZGY5NzVjNmY0Yzg0ZjEwZjE0
ZDE1Y2IwHhcNMjMwNzAzMTY0NjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDg0YTcxZDM2NWVlMGZjMTQ3ZTlhNzY1NzhlMGQ4ZDY4ODI1OTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9GNpz3aTqxEyKfvcW8A8mWXbe1Q
Q6rbm2ih47tIa4dxptKFg3oFD40Rq+NcdEEHRtjdnFBECv4B7bCkendIdZSyuhey
OM6XuR2ltQoUlgzEkik9nlQgYksQLrjCpIGlShF3QQpzm4YbaBut4RrIh0ad5ecp
+ACQHimi6qJ/vr9wGnWzWtJKBysGYK5X1A1k1im1VWZc6VILY21J2alD//izBnTS
8b2K7nqCph0kw9W9hX060UGjuqVfc0bTOK8FNji4uXvzA7/O49wgQBFGKEF2c9km
QnadVrTkoEZeUWHb+4Nbh4MGww7cfX3WWq0QcUN5h4zTtGFcFypjNrrjcQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK2Epx02XuD8FH6adleODY1oglmSMB8GA1UdIwQY
MBaAFGUibuXqBAZZLfl1xvTITxDxTRXLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlNKdTVlb0VCbGt0LVhYRzlNaFBFUEZORmNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi81OTRmYTgtZDMxNS00YTM4LWE2MzEt
ZGVjMDI0ODhjMzdjLzEvcllTbkhUWmU0UHdVZnBwMlY0NE5qV2lDV1pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi81OTRmYTgtZDMxNS00YTM4LWE2MzEtZGVjMDI0ODhjMzdj
LzEvWlNKdTVlb0VCbGt0LVhYRzlNaFBFUEZORmNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUuAMA0E
AgACMAcDBQAqA00kMA0GCSqGSIb3DQEBCwUAA4IBAQBYTgGWttnDzFYHdHNt3/rn
MEDqaiqtRFlYccwc/IVwiySimR6Szl8bUAePoCofmv+z7Zk9VymYi37d5h4wGbso
6w6yt5uICRi6vRO+6EE+UYNHejWJZ/0ZtAA9Xh9RBYJYdU7MAHcLl9oOfmBsllXn
eGkp6O7qVFAf+AC3/uLBlv7QhrXBp7f1LQMhrlDow5D4uF1riqfmsbhz5SpmlOaE
pl0aZ/xJ05FcgvMUj+rBOoXvNdzIHiRHq7XRdd6mmhEzQIck14qI9lnDuCQ0mrqg
9hquLF5PHsaXPe50f9/Ttv2BrXLM11K8OASbGi5sa0fmGRJzhz78rUPe1Z+toWgc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:43 2024 by rpki-client on console-ams.rpki-client.org