Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/320797-b810-4f8e-8e7c-83c38b777478/1/bZl9Yw-z5RLY1f57t-o2RcvF5U8.roa
File: bZl9Yw-z5RLY1f57t-o2RcvF5U8.roa (raw, json)
Hash identifier: 33UwzqjBK41LZmIoEQiTj9RDJAkmmaG3LU20bOOu3r4=
Subject key identifier: 6D:99:7D:63:0F:B3:E5:12:D8:D5:FE:7B:B7:EA:36:45:CB:C5:E5:4F
Certificate issuer: /CN=8c34e2938dd68849bb406e9eb79c893e6c12c78a
Certificate serial: 01856E2FABCDBA401A5B4B174D52F767BF8C
Authority key identifier: 8C:34:E2:93:8D:D6:88:49:BB:40:6E:9E:B7:9C:89:3E:6C:12:C7:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jDTik43WiEm7QG6et5yJPmwSx4o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/320797-b810-4f8e-8e7c-83c38b777478/1/bZl9Yw-z5RLY1f57t-o2RcvF5U8.roa
Signing time: Sun 01 Jan 2023 16:34:56 +0000
ROA not before: Sun 01 Jan 2023 16:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29119
IP address blocks: 185.237.200.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:ab:cd:ba:40:1a:5b:4b:17:4d:52:f7:67:bf:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c34e2938dd68849bb406e9eb79c893e6c12c78a
Validity
Not Before: Jan 1 16:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d997d630fb3e512d8d5fe7bb7ea3645cbc5e54f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:72:35:a6:3d:76:9c:3f:2f:67:78:c3:28:c9:
81:bf:f2:d7:81:8e:9d:8e:e5:86:72:3c:ac:ce:59:
87:84:5c:3a:11:1f:ab:3d:59:04:21:14:5c:f7:1b:
8e:58:dd:4c:c8:71:a5:b3:d5:1f:b5:e8:04:a1:16:
a7:ce:e6:88:0e:08:54:b2:37:45:38:3e:f6:09:05:
3f:21:2f:22:6d:53:75:18:c5:05:52:f5:9c:03:d0:
94:98:44:d5:69:90:18:32:6f:f9:fd:45:d1:c6:1d:
24:58:ae:03:74:ac:6b:ba:23:f8:2c:51:6a:f2:ec:
ac:39:11:22:a2:fa:b9:cd:a4:a5:c8:6c:45:36:b5:
ae:17:42:3c:59:1f:84:ac:9c:f9:85:97:d9:3f:bf:
a1:5b:84:03:be:71:8d:ec:82:de:c4:49:51:70:46:
20:2c:1c:9a:8e:ce:9e:e2:da:d5:f3:36:8f:e7:60:
a0:03:b3:62:a6:18:c3:2c:8d:5b:a5:86:1e:0c:47:
3d:02:fe:2e:73:c1:ac:d9:e6:7d:82:2c:8b:45:4e:
54:61:0a:fd:99:9f:6a:9c:26:47:37:05:1d:47:ae:
2f:52:95:92:92:e5:69:b3:20:b0:16:19:fb:4d:9a:
ca:f1:1d:8e:c5:10:24:2e:88:44:15:42:83:b0:80:
bf:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:99:7D:63:0F:B3:E5:12:D8:D5:FE:7B:B7:EA:36:45:CB:C5:E5:4F
X509v3 Authority Key Identifier:
keyid:8C:34:E2:93:8D:D6:88:49:BB:40:6E:9E:B7:9C:89:3E:6C:12:C7:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jDTik43WiEm7QG6et5yJPmwSx4o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/320797-b810-4f8e-8e7c-83c38b777478/1/bZl9Yw-z5RLY1f57t-o2RcvF5U8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/320797-b810-4f8e-8e7c-83c38b777478/1/jDTik43WiEm7QG6et5yJPmwSx4o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.200.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:e2:c9:c3:60:d3:5e:3b:e4:2c:9b:e3:b5:8d:4a:66:f5:6c:
28:58:0f:ee:f3:34:55:1b:d7:dd:2b:57:a6:05:04:ca:65:11:
18:0c:09:2a:3f:fb:60:a5:47:12:5c:8c:45:b2:5d:87:43:ba:
15:a3:b4:69:ce:cf:64:01:af:fc:72:54:e8:d5:bf:3f:85:95:
90:a1:5d:5b:81:32:f2:b6:3b:97:f9:23:99:0f:bb:a6:80:8b:
1c:33:f5:0a:80:4d:d0:65:c3:62:bd:1e:b5:5a:35:7f:f2:eb:
c1:84:0c:4e:5b:0f:2a:c7:69:0d:3d:fe:8c:47:e7:3b:1c:9c:
8c:a3:cc:49:10:07:e1:bf:ea:0e:bc:1e:1d:e1:73:2b:e1:45:
6a:4b:f9:3c:84:95:8d:74:a0:66:67:7d:16:bd:de:92:c9:d1:
5a:55:09:76:1a:d4:e3:f6:80:bc:03:3f:09:1c:c4:68:14:11:
2b:ed:f5:23:28:41:fd:1c:9d:c7:d0:7d:86:1a:b3:3d:d5:c7:
c0:ba:db:57:f2:7c:96:a9:fc:de:7b:72:cb:c2:a0:7d:a5:d5:
4b:b8:53:f1:3e:b8:e1:e0:92:86:b1:73:ce:bb:86:34:9d:c0:
ec:32:2f:d0:5a:df:a7:bc:e4:f2:37:a3:8b:14:63:51:81:f2:
33:d5:25:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuL6vNukAaW0sXTVL3Z7+MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMzRlMjkzOGRkNjg4NDliYjQwNmU5ZWI3OWM4OTNlNmMx
MmM3OGEwHhcNMjMwMTAxMTYzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDk5N2Q2MzBmYjNlNTEyZDhkNWZlN2JiN2VhMzY0NWNiYzVlNTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnI1pj12nD8vZ3jDKMmBv/LXgY6d
juWGcjyszlmHhFw6ER+rPVkEIRRc9xuOWN1MyHGls9UftegEoRanzuaIDghUsjdF
OD72CQU/IS8ibVN1GMUFUvWcA9CUmETVaZAYMm/5/UXRxh0kWK4DdKxruiP4LFFq
8uysOREiovq5zaSlyGxFNrWuF0I8WR+ErJz5hZfZP7+hW4QDvnGN7ILexElRcEYg
LByajs6e4trV8zaP52CgA7NiphjDLI1bpYYeDEc9Av4uc8Gs2eZ9giyLRU5UYQr9
mZ9qnCZHNwUdR64vUpWSkuVpsyCwFhn7TZrK8R2OxRAkLohEFUKDsIC/2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG2ZfWMPs+US2NX+e7fqNkXLxeVPMB8GA1UdIwQY
MBaAFIw04pON1ohJu0BunreciT5sEseKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakRUaWs0M1dpRW03UUc2ZXQ1eUpQbXdTeDRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8zMjA3OTctYjgxMC00ZjhlLThlN2Mt
ODNjMzhiNzc3NDc4LzEvYlpsOVl3LXo1UkxZMWY1N3QtbzJSY3ZGNVU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8zMjA3OTctYjgxMC00ZjhlLThlN2MtODNjMzhiNzc3NDc4
LzEvakRUaWs0M1dpRW03UUc2ZXQ1eUpQbXdTeDRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCue3IMA0G
CSqGSIb3DQEBCwUAA4IBAQB64snDYNNeO+Qsm+O1jUpm9WwoWA/u8zRVG9fdK1em
BQTKZREYDAkqP/tgpUcSXIxFsl2HQ7oVo7Rpzs9kAa/8clTo1b8/hZWQoV1bgTLy
tjuX+SOZD7umgIscM/UKgE3QZcNivR61WjV/8uvBhAxOWw8qx2kNPf6MR+c7HJyM
o8xJEAfhv+oOvB4d4XMr4UVqS/k8hJWNdKBmZ30Wvd6SydFaVQl2GtTj9oC8Az8J
HMRoFBEr7fUjKEH9HJ3H0H2GGrM91cfAuttX8nyWqfzee3LLwqB9pdVLuFPxPrjh
4JKGsXPOu4Y0ncDsMi/QWt+nvOTyN6OLFGNRgfIz1SVR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:18 2024 by rpki-client on console-fra.rpki-client.org