Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/1d5b0b-4b05-402c-8265-efcfba9907dc/1/Z3cCRpe5fINIIBiGKMzDNg7nlE8.roa
File: Z3cCRpe5fINIIBiGKMzDNg7nlE8.roa (raw, json)
Hash identifier: XdaUIixqHNMKhaq7sfcbd42MwThU4nGrN3pBP4h+joI=
Subject key identifier: 67:77:02:46:97:B9:7C:83:48:20:18:86:28:CC:C3:36:0E:E7:94:4F
Certificate issuer: /CN=39f7c7498fd9c9f28680495162b9eb76ad47c603
Certificate serial: 0185707966334308023134BEE7083191EEDE
Authority key identifier: 39:F7:C7:49:8F:D9:C9:F2:86:80:49:51:62:B9:EB:76:AD:47:C6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OffHSY_ZyfKGgElRYrnrdq1HxgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/1d5b0b-4b05-402c-8265-efcfba9907dc/1/Z3cCRpe5fINIIBiGKMzDNg7nlE8.roa
Signing time: Mon 02 Jan 2023 03:14:42 +0000
ROA not before: Mon 02 Jan 2023 03:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12337
IP address blocks: 185.250.111.0/24 maxlen: 24
185.250.109.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 Feb 2023 08:27:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:66:33:43:08:02:31:34:be:e7:08:31:91:ee:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f7c7498fd9c9f28680495162b9eb76ad47c603
Validity
Not Before: Jan 2 03:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6777024697b97c834820188628ccc3360ee7944f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:83:89:42:4a:f9:a1:fc:59:e6:d5:30:de:ec:
2e:8d:59:7c:bd:f8:7a:de:b3:ec:a6:68:c2:90:f0:
2f:08:50:fb:d9:96:9c:1e:fe:58:2c:d7:d7:25:7a:
b7:5e:2e:54:35:24:6f:a4:08:c3:31:70:23:94:76:
1d:e9:34:89:cd:8d:d7:37:d3:03:66:11:0d:73:29:
d8:4b:cd:1c:15:10:65:2a:6d:a3:7f:c3:9a:e7:4b:
07:b1:d0:23:50:18:f5:7b:98:09:4c:28:90:5e:c6:
49:ff:98:44:d9:1e:3a:29:26:23:6d:42:f8:d0:ef:
8b:af:d9:d5:9f:c1:74:e7:21:94:65:51:18:9a:7f:
92:e7:81:ad:d3:41:d1:72:06:8a:53:6a:ae:74:2e:
6a:ff:75:a6:c6:60:5a:1b:98:d0:bc:2a:ef:3e:16:
23:c8:c8:0a:f3:06:b4:18:cd:92:ce:06:bd:49:90:
7a:15:81:6c:d3:6a:c3:b4:98:09:3e:7b:25:f4:4e:
2c:63:0d:97:f7:da:34:bc:43:e9:c8:ee:12:4d:51:
ef:e8:f9:0d:1a:87:f4:3d:fb:a0:52:0c:ff:20:2f:
5a:ec:7c:94:f7:90:a9:22:c7:96:f4:76:ee:44:c1:
8b:e0:6d:08:e8:55:91:ac:40:92:e7:37:d1:c0:54:
81:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:77:02:46:97:B9:7C:83:48:20:18:86:28:CC:C3:36:0E:E7:94:4F
X509v3 Authority Key Identifier:
keyid:39:F7:C7:49:8F:D9:C9:F2:86:80:49:51:62:B9:EB:76:AD:47:C6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OffHSY_ZyfKGgElRYrnrdq1HxgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/1d5b0b-4b05-402c-8265-efcfba9907dc/1/Z3cCRpe5fINIIBiGKMzDNg7nlE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/1d5b0b-4b05-402c-8265-efcfba9907dc/1/OffHSY_ZyfKGgElRYrnrdq1HxgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.109.0/24
185.250.111.0/24
Signature Algorithm: sha256WithRSAEncryption
89:a8:c3:9d:1b:55:73:80:5a:00:0b:92:2c:71:7c:e7:a2:0f:
9c:2b:7a:62:dd:d5:ae:81:25:61:58:99:fc:68:34:da:47:f3:
73:b7:0e:9b:e0:65:b1:56:ad:be:74:84:24:d3:bb:57:e5:fa:
18:06:ed:47:4c:10:16:ca:ae:63:75:8d:23:09:51:36:79:52:
7b:ef:6b:c6:01:6d:38:c9:0a:c1:fc:62:a8:fc:29:c3:cc:21:
b6:66:f4:02:42:a8:be:d7:a7:af:a6:4a:7b:64:f1:6d:53:ea:
50:c6:f9:66:8d:cb:2c:e1:ee:81:c9:e4:1f:bd:8e:d5:c0:ad:
a8:0c:9c:7f:4f:19:88:b0:cf:a1:1e:f3:fc:97:4c:6d:66:4e:
fc:20:c5:64:8f:ed:d4:0b:2e:59:c5:a0:9f:06:62:7c:ea:57:
45:72:be:68:1c:6f:93:4f:16:1c:21:17:28:0c:47:08:1c:de:
61:1c:5b:9f:b9:58:a8:ac:af:08:76:0e:bf:61:23:90:33:fe:
0b:39:34:53:e2:ee:0e:38:8b:26:5f:46:ed:f9:ab:4f:69:9b:
bf:8a:59:df:43:cd:ae:b3:56:29:b8:1f:fd:d2:48:55:93:ec:
d3:24:38:b5:26:f1:2f:ea:09:ce:5f:0e:cd:89:1e:0e:7d:8a:
f0:34:b0:b3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVweWYzQwgCMTS+5wgxke7eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ZjdjNzQ5OGZkOWM5ZjI4NjgwNDk1MTYyYjllYjc2YWQ0
N2M2MDMwHhcNMjMwMTAyMDMxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Nzc3MDI0Njk3Yjk3YzgzNDgyMDE4ODYyOGNjYzMzNjBlZTc5NDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4OJQkr5ofxZ5tUw3uwujVl8vfh6
3rPspmjCkPAvCFD72ZacHv5YLNfXJXq3Xi5UNSRvpAjDMXAjlHYd6TSJzY3XN9MD
ZhENcynYS80cFRBlKm2jf8Oa50sHsdAjUBj1e5gJTCiQXsZJ/5hE2R46KSYjbUL4
0O+Lr9nVn8F05yGUZVEYmn+S54Gt00HRcgaKU2qudC5q/3WmxmBaG5jQvCrvPhYj
yMgK8wa0GM2Szga9SZB6FYFs02rDtJgJPnsl9E4sYw2X99o0vEPpyO4STVHv6PkN
Gof0PfugUgz/IC9a7HyU95CpIseW9HbuRMGL4G0I6FWRrECS5zfRwFSBxwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGd3AkaXuXyDSCAYhijMwzYO55RPMB8GA1UdIwQY
MBaAFDn3x0mP2cnyhoBJUWK563atR8YDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2ZmSFNZX1p5ZktHZ0VsUllybnJkcTFIeGdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8xZDViMGItNGIwNS00MDJjLTgyNjUt
ZWZjZmJhOTkwN2RjLzEvWjNjQ1JwZTVmSU5JSUJpR0tNekROZzdubEU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8xZDViMGItNGIwNS00MDJjLTgyNjUtZWZjZmJhOTkwN2Rj
LzEvT2ZmSFNZX1p5ZktHZ0VsUllybnJkcTFIeGdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAufptAwQA
ufpvMA0GCSqGSIb3DQEBCwUAA4IBAQCJqMOdG1VzgFoAC5IscXznog+cK3pi3dWu
gSVhWJn8aDTaR/Nztw6b4GWxVq2+dIQk07tX5foYBu1HTBAWyq5jdY0jCVE2eVJ7
72vGAW04yQrB/GKo/CnDzCG2ZvQCQqi+16evpkp7ZPFtU+pQxvlmjcss4e6ByeQf
vY7VwK2oDJx/TxmIsM+hHvP8l0xtZk78IMVkj+3UCy5ZxaCfBmJ86ldFcr5oHG+T
TxYcIRcoDEcIHN5hHFufuViorK8Idg6/YSOQM/4LOTRT4u4OOIsmX0bt+atPaZu/
ilnfQ82us1YpuB/90khVk+zTJDi1JvEv6gnOXw7NiR4OfYrwNLCz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:54 2024 by rpki-client on console-fra.rpki-client.org