Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/157299-9d1c-4c5b-9a41-c25fdc4ca2f6/1/szAc2Z-yhZeM7jL-CND-p7KxJSM.roa
File: szAc2Z-yhZeM7jL-CND-p7KxJSM.roa (raw, json)
Hash identifier: AFVogDEmz6C+dLXjGd5kD1mJtRI0dGXA8AveWKfYCW4=
Subject key identifier: B3:30:1C:D9:9F:B2:85:97:8C:EE:32:FE:08:D0:FE:A7:B2:B1:25:23
Certificate issuer: /CN=1713129ef4fa454e0f0ac407e008e957a1b795a0
Certificate serial: 018570951DEAAE448C3D60928025832811B8
Authority key identifier: 17:13:12:9E:F4:FA:45:4E:0F:0A:C4:07:E0:08:E9:57:A1:B7:95:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FxMSnvT6RU4PCsQH4AjpV6G3laA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/157299-9d1c-4c5b-9a41-c25fdc4ca2f6/1/szAc2Z-yhZeM7jL-CND-p7KxJSM.roa
Signing time: Mon 02 Jan 2023 03:44:58 +0000
ROA not before: Mon 02 Jan 2023 03:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13058
IP address blocks: 185.240.52.0/22 maxlen: 24
2a0c:7280::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:1d:ea:ae:44:8c:3d:60:92:80:25:83:28:11:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1713129ef4fa454e0f0ac407e008e957a1b795a0
Validity
Not Before: Jan 2 03:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3301cd99fb285978cee32fe08d0fea7b2b12523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4f:b6:0e:3b:02:da:27:73:90:2d:21:59:0e:
ff:33:0f:6c:01:e8:04:1a:d5:43:f6:9f:c4:6b:da:
3d:c8:17:96:64:1c:84:c8:2a:a9:4f:d0:d0:b4:99:
8f:3f:0d:5c:d2:e3:75:51:16:f6:a8:c7:cd:aa:40:
be:7e:54:9a:72:b2:d8:f6:55:7f:68:92:ac:0f:d8:
54:b8:09:95:05:62:f9:ee:98:84:5e:6b:ce:77:c5:
20:49:bf:c3:cc:34:ba:59:97:46:b1:9e:99:58:23:
9d:0f:67:89:fa:c0:ff:7c:4d:58:74:44:f7:32:d2:
2e:5c:58:83:27:5d:78:e6:7d:9c:11:5b:f3:55:40:
e4:53:50:07:79:5f:f8:35:8d:de:46:37:dd:9c:78:
c1:f3:0c:e6:5e:68:e8:14:a1:bb:1f:af:3c:20:bd:
8a:c9:51:50:45:93:8b:6f:17:ec:ad:0b:c3:56:fa:
53:82:ca:d3:77:5a:de:15:20:ed:11:d9:22:6f:c1:
35:b1:71:f3:23:9d:f7:b1:d8:80:76:e4:0f:ed:a6:
cb:55:cb:36:18:ff:1f:be:41:26:3b:c3:17:7a:1b:
22:e1:1a:63:ff:f7:03:fd:d5:a4:26:49:c8:25:bb:
f3:6d:20:23:a1:0b:6b:33:b5:25:9a:0f:05:12:c9:
99:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:30:1C:D9:9F:B2:85:97:8C:EE:32:FE:08:D0:FE:A7:B2:B1:25:23
X509v3 Authority Key Identifier:
keyid:17:13:12:9E:F4:FA:45:4E:0F:0A:C4:07:E0:08:E9:57:A1:B7:95:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FxMSnvT6RU4PCsQH4AjpV6G3laA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/157299-9d1c-4c5b-9a41-c25fdc4ca2f6/1/szAc2Z-yhZeM7jL-CND-p7KxJSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/157299-9d1c-4c5b-9a41-c25fdc4ca2f6/1/FxMSnvT6RU4PCsQH4AjpV6G3laA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.52.0/22
IPv6:
2a0c:7280::/29
Signature Algorithm: sha256WithRSAEncryption
93:65:73:ea:38:d4:c0:1e:be:f6:bf:29:57:ea:00:14:3c:22:
e5:f8:fa:7d:35:b7:f0:a2:19:88:7a:b3:7f:77:7c:fa:42:ac:
20:37:72:13:ab:3c:c5:4e:74:9f:f8:34:35:ee:df:a9:bb:8d:
42:cb:d2:16:ea:f9:1f:00:9d:0e:aa:ea:b0:18:ea:c2:3c:64:
7b:e5:05:97:21:05:6a:04:d0:00:4b:1d:79:ea:ca:8c:7d:9a:
e7:5d:7b:de:24:de:7d:c5:e5:98:17:5d:0e:b0:12:b8:bb:35:
c2:fc:e6:c6:6c:3b:0d:12:23:62:9e:01:f3:57:a6:14:70:4c:
47:54:6b:8b:ad:5f:23:5a:47:2c:c0:9c:2f:44:e5:52:5d:b6:
e9:6c:fa:85:ee:a1:0e:eb:eb:1b:26:8c:22:7d:7a:2f:99:8a:
b1:41:97:54:d8:ea:db:69:db:5a:e5:01:f1:1c:9c:82:da:ae:
86:12:40:f9:06:5d:27:aa:94:cc:d2:2c:9b:f6:94:d7:a6:2b:
25:d4:e0:e1:45:21:7a:7f:d5:ef:92:ed:df:31:73:2d:ca:df:
9f:27:f4:3a:0a:9d:fc:65:e0:36:8c:b4:06:a1:cb:db:2b:bb:
f5:d3:c9:ca:b3:ad:03:95:6a:0b:7e:89:98:22:14:ce:d7:58:
c7:b4:84:00
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwlR3qrkSMPWCSgCWDKBG4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MTMxMjllZjRmYTQ1NGUwZjBhYzQwN2UwMDhlOTU3YTFi
Nzk1YTAwHhcNMjMwMTAyMDM0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzMwMWNkOTlmYjI4NTk3OGNlZTMyZmUwOGQwZmVhN2IyYjEyNTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0+2DjsC2idzkC0hWQ7/Mw9sAegE
GtVD9p/Ea9o9yBeWZByEyCqpT9DQtJmPPw1c0uN1URb2qMfNqkC+flSacrLY9lV/
aJKsD9hUuAmVBWL57piEXmvOd8UgSb/DzDS6WZdGsZ6ZWCOdD2eJ+sD/fE1YdET3
MtIuXFiDJ1145n2cEVvzVUDkU1AHeV/4NY3eRjfdnHjB8wzmXmjoFKG7H688IL2K
yVFQRZOLbxfsrQvDVvpTgsrTd1reFSDtEdkib8E1sXHzI533sdiAduQP7abLVcs2
GP8fvkEmO8MXehsi4Rpj//cD/dWkJknIJbvzbSAjoQtrM7Ulmg8FEsmZEwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLMwHNmfsoWXjO4y/gjQ/qeysSUjMB8GA1UdIwQY
MBaAFBcTEp70+kVODwrEB+AI6Veht5WgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnhNU252VDZSVTRQQ3NRSDRBanBWNkczbGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8xNTcyOTktOWQxYy00YzViLTlhNDEt
YzI1ZmRjNGNhMmY2LzEvc3pBYzJaLXloWmVNN2pMLUNORC1wN0t4SlNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8xNTcyOTktOWQxYy00YzViLTlhNDEtYzI1ZmRjNGNhMmY2
LzEvRnhNU252VDZSVTRQQ3NRSDRBanBWNkczbGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufA0MA0E
AgACMAcDBQMqDHKAMA0GCSqGSIb3DQEBCwUAA4IBAQCTZXPqONTAHr72vylX6gAU
PCLl+Pp9NbfwohmIerN/d3z6QqwgN3ITqzzFTnSf+DQ17t+pu41Cy9IW6vkfAJ0O
quqwGOrCPGR75QWXIQVqBNAASx156sqMfZrnXXveJN59xeWYF10OsBK4uzXC/ObG
bDsNEiNingHzV6YUcExHVGuLrV8jWkcswJwvROVSXbbpbPqF7qEO6+sbJowifXov
mYqxQZdU2Orbadta5QHxHJyC2q6GEkD5Bl0nqpTM0iyb9pTXpisl1ODhRSF6f9Xv
ku3fMXMtyt+fJ/Q6Cp38ZeA2jLQGocvbK7v108nKs60DlWoLfomYIhTO11jHtIQA
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:12 2024 by rpki-client on console-ams.rpki-client.org