Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/0227b7-54ca-4f56-be26-6cbe949532e4/1/zH1hFJntuBa7oa2qTCBlkcxT2zU.roa
File: zH1hFJntuBa7oa2qTCBlkcxT2zU.roa (raw, json)
Hash identifier: GRx+a5XZZHPFo6oMZf4flIoKL0Wf86UNBs12zCMoems=
Subject key identifier: CC:7D:61:14:99:ED:B8:16:BB:A1:AD:AA:4C:20:65:91:CC:53:DB:35
Certificate issuer: /CN=d7f7f16b05a1123151a677a47ac2d8d9061df390
Certificate serial: 018570D53310608180B221938FB200384FC1
Authority key identifier: D7:F7:F1:6B:05:A1:12:31:51:A6:77:A4:7A:C2:D8:D9:06:1D:F3:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1_fxawWhEjFRpnekesLY2QYd85A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/0227b7-54ca-4f56-be26-6cbe949532e4/1/zH1hFJntuBa7oa2qTCBlkcxT2zU.roa
Signing time: Mon 02 Jan 2023 04:54:58 +0000
ROA not before: Mon 02 Jan 2023 04:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13044
IP address blocks: 185.118.27.0/24 maxlen: 24
185.118.25.0/24 maxlen: 24
185.118.26.0/24 maxlen: 24
185.118.24.0/24 maxlen: 24
2a09:ec42::/48 maxlen: 48
2a09:ec42:2::/48 maxlen: 48
2a09:ec42:1::/48 maxlen: 48
2a09:ec42:3::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:33:10:60:81:80:b2:21:93:8f:b2:00:38:4f:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7f7f16b05a1123151a677a47ac2d8d9061df390
Validity
Not Before: Jan 2 04:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc7d611499edb816bba1adaa4c206591cc53db35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:26:76:90:f4:51:77:cd:cc:b9:fa:ce:d6:60:
78:76:0c:c7:3e:81:1f:6e:7e:e7:2b:ee:47:2d:38:
ab:8a:af:fe:74:f9:30:94:6a:b9:66:c1:9f:7f:6b:
19:a1:bb:cd:11:18:2d:fc:c6:98:47:35:b2:d3:bc:
31:2f:6a:47:5b:9b:3e:2e:59:fb:59:43:ed:6c:d1:
31:67:cc:35:6d:0c:aa:63:9a:ed:60:97:97:80:ab:
05:40:a4:f2:12:92:a6:1a:1a:e4:29:e2:f9:9d:a2:
d9:93:71:3a:1a:f4:f1:ec:06:7e:6d:ce:30:39:e5:
f2:4b:f2:90:e7:47:90:32:ac:4e:01:2f:71:13:8e:
19:4f:35:ff:42:40:06:95:51:20:cd:6b:dc:fa:99:
44:e6:7c:fc:dc:c1:eb:2b:27:bb:3d:2d:8d:86:58:
18:3f:08:fc:0f:8f:b8:f6:0f:ff:4b:cb:84:55:28:
9c:ec:0a:5f:6b:b3:a2:2f:a6:43:0b:f3:b4:ad:4b:
9e:f6:51:89:bf:c6:06:2a:9a:9f:62:5c:10:88:c3:
87:c6:94:e9:02:6c:00:02:df:94:65:d6:7f:05:3c:
d8:93:49:75:21:7d:b4:50:b6:00:98:f3:54:b0:b8:
8e:db:a7:de:9a:64:4e:8b:e3:9d:1d:44:cc:d4:36:
0e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:7D:61:14:99:ED:B8:16:BB:A1:AD:AA:4C:20:65:91:CC:53:DB:35
X509v3 Authority Key Identifier:
keyid:D7:F7:F1:6B:05:A1:12:31:51:A6:77:A4:7A:C2:D8:D9:06:1D:F3:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1_fxawWhEjFRpnekesLY2QYd85A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/0227b7-54ca-4f56-be26-6cbe949532e4/1/zH1hFJntuBa7oa2qTCBlkcxT2zU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/0227b7-54ca-4f56-be26-6cbe949532e4/1/1_fxawWhEjFRpnekesLY2QYd85A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.24.0/22
IPv6:
2a09:ec42::/46
Signature Algorithm: sha256WithRSAEncryption
01:ca:a1:a7:4f:45:78:21:d3:1e:1a:ea:8b:95:c9:61:bc:b0:
04:60:c9:2e:9b:b8:f7:fc:8c:d3:55:8e:91:56:ad:10:dc:d9:
fc:12:8b:fa:ef:7f:e2:12:b8:39:f8:e2:8e:6c:4f:6e:55:4f:
b2:9f:e9:8c:4f:8f:ad:0f:ec:33:3b:cf:bd:c0:87:89:1d:7e:
44:8f:3c:14:98:99:f4:7d:e7:7b:01:44:5f:54:41:33:89:21:
8a:89:fd:19:b9:2e:34:14:22:9f:eb:e9:64:eb:d5:7b:33:eb:
d8:68:5d:c3:86:d0:6c:22:66:1f:88:aa:36:45:a3:54:d1:df:
aa:c2:f7:fc:19:d0:ac:90:d6:02:be:b8:c4:36:0c:23:c0:c0:
cf:b5:54:81:70:38:80:50:a2:21:fb:71:c7:78:b0:b1:5b:ad:
fd:c8:71:fe:32:40:be:be:c5:b1:1f:c1:a7:de:fb:25:6a:cf:
2a:be:12:98:62:15:c5:56:bf:f0:80:f0:77:07:46:54:69:f4:
cd:40:0c:b2:59:80:6a:9b:ef:c5:46:60:1c:11:56:9b:34:ab:
33:04:3b:b3:b5:ea:56:90:15:54:1a:e4:83:0e:9f:c5:e3:4c:
46:47:71:36:cd:25:bd:b7:c9:76:7b:31:85:c7:5d:b5:57:96:
83:2b:44:d2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVw1TMQYIGAsiGTj7IAOE/BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3ZjdmMTZiMDVhMTEyMzE1MWE2NzdhNDdhYzJkOGQ5MDYx
ZGYzOTAwHhcNMjMwMTAyMDQ1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzdkNjExNDk5ZWRiODE2YmJhMWFkYWE0YzIwNjU5MWNjNTNkYjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCZ2kPRRd83MufrO1mB4dgzHPoEf
bn7nK+5HLTiriq/+dPkwlGq5ZsGff2sZobvNERgt/MaYRzWy07wxL2pHW5s+Lln7
WUPtbNExZ8w1bQyqY5rtYJeXgKsFQKTyEpKmGhrkKeL5naLZk3E6GvTx7AZ+bc4w
OeXyS/KQ50eQMqxOAS9xE44ZTzX/QkAGlVEgzWvc+plE5nz83MHrKye7PS2NhlgY
Pwj8D4+49g//S8uEVSic7Apfa7OiL6ZDC/O0rUue9lGJv8YGKpqfYlwQiMOHxpTp
AmwAAt+UZdZ/BTzYk0l1IX20ULYAmPNUsLiO26femmROi+OdHUTM1DYOjQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMx9YRSZ7bgWu6GtqkwgZZHMU9s1MB8GA1UdIwQY
MBaAFNf38WsFoRIxUaZ3pHrC2NkGHfOQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMV9meGF3V2hFakZScG5la2VzTFkyUVlkODVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8wMjI3YjctNTRjYS00ZjU2LWJlMjYt
NmNiZTk0OTUzMmU0LzEvekgxaEZKbnR1QmE3b2EycVRDQmxrY3hUMnpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8wMjI3YjctNTRjYS00ZjU2LWJlMjYtNmNiZTk0OTUzMmU0
LzEvMV9meGF3V2hFakZScG5la2VzTFkyUVlkODVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuXYYMA8E
AgACMAkDBwIqCexCAAAwDQYJKoZIhvcNAQELBQADggEBAAHKoadPRXgh0x4a6ouV
yWG8sARgyS6buPf8jNNVjpFWrRDc2fwSi/rvf+ISuDn44o5sT25VT7Kf6YxPj60P
7DM7z73Ah4kdfkSPPBSYmfR953sBRF9UQTOJIYqJ/Rm5LjQUIp/r6WTr1Xsz69ho
XcOG0GwiZh+IqjZFo1TR36rC9/wZ0KyQ1gK+uMQ2DCPAwM+1VIFwOIBQoiH7ccd4
sLFbrf3Icf4yQL6+xbEfwafe+yVqzyq+EphiFcVWv/CA8HcHRlRp9M1ADLJZgGqb
78VGYBwRVps0qzMEO7O16laQFVQa5IMOn8XjTEZHcTbNJb23yXZ7MYXHXbVXloMr
RNI=
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:13 2024 by rpki-client on console-ams.rpki-client.org