Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/e954b9-8738-4496-89ad-78a126bf0adc/1/z7izxf9MHsF3JODCpRE5z2FaX2k.roa
File: z7izxf9MHsF3JODCpRE5z2FaX2k.roa (raw, json)
Hash identifier: GXIcaFgsGLpW60EeXHWkXL94XEfrw1skCPSO9eUHhy0=
Subject key identifier: CF:B8:B3:C5:FF:4C:1E:C1:77:24:E0:C2:A5:11:39:CF:61:5A:5F:69
Certificate issuer: /CN=8a552a86e31b69e5d5320ede81d34bb128a45cee
Certificate serial: 018572B43B2C9FD6614EA4F94DE94CCEAB1D
Authority key identifier: 8A:55:2A:86:E3:1B:69:E5:D5:32:0E:DE:81:D3:4B:B1:28:A4:5C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ilUqhuMbaeXVMg7egdNLsSikXO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/e954b9-8738-4496-89ad-78a126bf0adc/1/z7izxf9MHsF3JODCpRE5z2FaX2k.roa
Signing time: Mon 02 Jan 2023 13:38:12 +0000
ROA not before: Mon 02 Jan 2023 13:38:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60950
IP address blocks: 185.100.130.0/24 maxlen: 24
185.100.129.0/24 maxlen: 24
185.100.131.0/24 maxlen: 24
185.100.128.0/24 maxlen: 24
185.23.24.0/24 maxlen: 24
185.23.26.0/24 maxlen: 24
185.23.25.0/24 maxlen: 24
185.23.27.0/24 maxlen: 24
2a00:6960::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 22 Jun 2023 08:19:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:3b:2c:9f:d6:61:4e:a4:f9:4d:e9:4c:ce:ab:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a552a86e31b69e5d5320ede81d34bb128a45cee
Validity
Not Before: Jan 2 13:38:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cfb8b3c5ff4c1ec17724e0c2a51139cf615a5f69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:17:03:7e:3a:a2:dc:01:39:c5:20:10:80:bd:
12:aa:7d:b7:d8:38:91:5e:69:4e:db:5f:b1:47:ae:
7d:ce:bf:c2:ce:45:19:7b:70:d7:f1:18:28:fb:00:
e9:0a:1f:38:d2:6d:38:3f:45:df:8b:2d:1c:25:0a:
7e:e4:58:9b:72:f6:71:bd:d8:c8:5c:3e:a6:0b:59:
65:a6:82:d1:1c:03:45:2d:dd:db:f8:09:31:2e:d2:
67:c0:00:08:78:57:6a:44:c8:62:87:17:a0:4a:5b:
de:0a:cd:ca:cf:27:7a:7a:86:79:db:1f:df:7c:54:
77:e1:ed:b5:0c:b5:57:3b:aa:de:13:cd:d9:47:05:
54:09:98:f0:ce:3f:48:1b:11:6c:f0:53:0a:58:94:
59:01:3e:3c:e5:f9:cb:31:fa:d9:ef:5d:54:df:83:
00:e3:88:0e:ca:3b:36:ce:fa:df:41:b3:91:c6:17:
69:bc:91:ac:46:d8:dd:cf:4a:a8:a1:23:60:30:7c:
7a:0d:af:d4:8a:e9:8a:f5:4c:30:22:a7:54:14:db:
c1:04:27:55:3e:36:02:08:b4:b3:ff:e5:ec:ea:2f:
41:e4:92:e0:e6:b1:45:92:af:88:25:87:2c:1f:0c:
fa:07:16:5b:30:a5:6e:84:05:cc:7b:eb:61:49:82:
ce:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:B8:B3:C5:FF:4C:1E:C1:77:24:E0:C2:A5:11:39:CF:61:5A:5F:69
X509v3 Authority Key Identifier:
keyid:8A:55:2A:86:E3:1B:69:E5:D5:32:0E:DE:81:D3:4B:B1:28:A4:5C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ilUqhuMbaeXVMg7egdNLsSikXO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/e954b9-8738-4496-89ad-78a126bf0adc/1/z7izxf9MHsF3JODCpRE5z2FaX2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/e954b9-8738-4496-89ad-78a126bf0adc/1/ilUqhuMbaeXVMg7egdNLsSikXO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.24.0/22
185.100.128.0/22
IPv6:
2a00:6960::/32
Signature Algorithm: sha256WithRSAEncryption
85:d0:bf:08:c1:2f:7c:ae:31:05:dd:9b:e3:2c:f9:40:51:dc:
8d:e3:a0:45:4a:83:d9:af:85:ce:a3:de:e1:19:58:b5:44:bc:
9f:1b:fc:8f:18:48:1c:43:6c:f7:20:63:24:b4:ae:64:66:ed:
df:fe:60:11:9c:2e:c5:ea:1d:a3:6b:a1:2b:1b:b9:6d:a2:dc:
4b:b7:01:a0:f9:70:f8:e4:b5:ee:96:e7:1b:ae:e1:f2:1b:c9:
39:31:80:fe:13:f0:50:f3:68:c3:d0:04:b2:d8:a1:20:5d:e8:
4e:5f:69:29:88:2f:42:50:98:c4:53:98:da:1f:0c:7d:ea:5c:
b9:bb:0c:d7:e5:47:a5:6b:79:54:32:b3:75:e8:fe:6d:26:77:
7f:9b:41:a3:45:a0:df:a3:6f:0f:21:1d:fa:c5:79:96:b4:06:
f2:f7:5f:4d:39:64:71:fc:59:78:98:b6:66:1d:8d:37:8c:fe:
f4:b3:1b:ce:f2:b4:35:0e:fa:c9:6c:8f:55:ae:41:ec:ce:0d:
0b:29:66:12:5d:08:41:ff:78:6a:a4:0f:fa:2e:05:42:72:a9:
a2:85:5d:f2:1f:7c:0a:a3:ba:36:21:c6:17:02:7d:74:e8:f7:
86:7e:37:e0:17:32:45:40:be:a3:d7:bc:30:fe:0d:b2:6c:e2:
4b:f7:42:1d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVytDssn9ZhTqT5TelMzqsdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNTUyYTg2ZTMxYjY5ZTVkNTMyMGVkZTgxZDM0YmIxMjhh
NDVjZWUwHhcNMjMwMTAyMTMzODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmI4YjNjNWZmNGMxZWMxNzcyNGUwYzJhNTExMzljZjYxNWE1ZjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRcDfjqi3AE5xSAQgL0Sqn232DiR
XmlO21+xR659zr/CzkUZe3DX8Rgo+wDpCh840m04P0Xfiy0cJQp+5FibcvZxvdjI
XD6mC1llpoLRHANFLd3b+AkxLtJnwAAIeFdqRMhihxegSlveCs3Kzyd6eoZ52x/f
fFR34e21DLVXO6reE83ZRwVUCZjwzj9IGxFs8FMKWJRZAT485fnLMfrZ711U34MA
44gOyjs2zvrfQbORxhdpvJGsRtjdz0qooSNgMHx6Da/UiumK9UwwIqdUFNvBBCdV
PjYCCLSz/+Xs6i9B5JLg5rFFkq+IJYcsHwz6BxZbMKVuhAXMe+thSYLOlwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM+4s8X/TB7BdyTgwqUROc9hWl9pMB8GA1UdIwQY
MBaAFIpVKobjG2nl1TIO3oHTS7EopFzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWxVcWh1TWJhZVhWTWc3ZWdkTkxzU2lrWE80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lOTU0YjktODczOC00NDk2LTg5YWQt
NzhhMTI2YmYwYWRjLzEvejdpenhmOU1Ic0YzSk9EQ3BSRTV6MkZhWDJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lOTU0YjktODczOC00NDk2LTg5YWQtNzhhMTI2YmYwYWRj
LzEvaWxVcWh1TWJhZVhWTWc3ZWdkTkxzU2lrWE80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuRcYAwQC
uWSAMA0EAgACMAcDBQAqAGlgMA0GCSqGSIb3DQEBCwUAA4IBAQCF0L8IwS98rjEF
3ZvjLPlAUdyN46BFSoPZr4XOo97hGVi1RLyfG/yPGEgcQ2z3IGMktK5kZu3f/mAR
nC7F6h2ja6ErG7ltotxLtwGg+XD45LXulucbruHyG8k5MYD+E/BQ82jD0ASy2KEg
XehOX2kpiC9CUJjEU5jaHwx96ly5uwzX5Uela3lUMrN16P5tJnd/m0GjRaDfo28P
IR36xXmWtAby919NOWRx/Fl4mLZmHY03jP70sxvO8rQ1DvrJbI9VrkHszg0LKWYS
XQhB/3hqpA/6LgVCcqmihV3yH3wKo7o2IcYXAn106PeGfjfgFzJFQL6j17ww/g2y
bOJL90Id
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:42 2024 by rpki-client on console-ams.rpki-client.org