Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/1277ec-156a-46c4-9f03-e25751b3ffd5/1/mzLXIW6nBxsjUkoddnizpi3yoYw.roa
File: mzLXIW6nBxsjUkoddnizpi3yoYw.roa (raw, json)
Hash identifier: Tp59qmjnW+qVjHDWn5RGGnxAiMYkgdpB8cqrx0U3NYo=
Subject key identifier: 9B:32:D7:21:6E:A7:07:1B:23:52:4A:1D:76:78:B3:A6:2D:F2:A1:8C
Certificate issuer: /CN=2cc25ff32918f0b49306259d483afb9e381a3915
Certificate serial: 01895E6654959CDBEAC33DF35FF37F015D8E
Authority key identifier: 2C:C2:5F:F3:29:18:F0:B4:93:06:25:9D:48:3A:FB:9E:38:1A:39:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LMJf8ykY8LSTBiWdSDr7njgaORU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/1277ec-156a-46c4-9f03-e25751b3ffd5/1/mzLXIW6nBxsjUkoddnizpi3yoYw.roa
Signing time: Sun 16 Jul 2023 11:11:51 +0000
ROA not before: Sun 16 Jul 2023 11:11:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51274
IP address blocks: 185.158.172.0/24 maxlen: 24
185.158.174.0/24 maxlen: 24
185.158.175.0/24 maxlen: 24
185.158.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:5e:66:54:95:9c:db:ea:c3:3d:f3:5f:f3:7f:01:5d:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cc25ff32918f0b49306259d483afb9e381a3915
Validity
Not Before: Jul 16 11:11:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b32d7216ea7071b23524a1d7678b3a62df2a18c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:3d:17:86:f7:99:1d:73:67:d2:c7:34:e1:3e:
d9:87:b8:2e:3a:7f:4c:ad:80:d3:df:d7:ff:6b:d8:
33:80:8d:57:9f:4a:d8:3b:a0:51:7c:cc:d2:bc:73:
87:3c:ef:02:ee:3b:5f:5d:ce:17:5e:be:b4:df:94:
30:e9:5a:0b:2b:f2:64:92:24:14:17:7c:4b:21:39:
5d:bb:20:5e:2d:8d:46:c8:8e:a0:8f:81:92:47:76:
a9:fb:93:a8:11:56:c7:b8:2b:ec:c6:df:22:cb:85:
4d:b7:70:c7:23:25:80:52:9d:83:17:0e:01:74:a3:
a8:df:70:fc:0f:5d:a6:d0:9a:ac:22:a7:7f:ff:92:
47:21:3e:cd:f4:7d:54:2e:e3:08:f4:56:a3:3f:6b:
5f:90:1f:88:ac:9e:a5:0d:45:d1:9d:2e:66:eb:23:
e6:a2:90:2a:d8:42:1c:5e:9a:f2:4f:8a:49:68:8c:
c2:e8:6b:87:bc:b9:6b:32:bf:30:fa:d2:d1:db:ac:
66:4c:ab:ae:67:70:cb:fc:1d:a1:b9:9a:ee:81:07:
53:59:15:34:58:77:69:58:b5:fd:f4:41:a3:70:a7:
67:bb:52:ee:08:6b:8c:29:33:f7:92:fd:78:c6:40:
51:60:29:21:e2:73:e9:0a:4b:fe:d0:83:6d:b0:68:
aa:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:32:D7:21:6E:A7:07:1B:23:52:4A:1D:76:78:B3:A6:2D:F2:A1:8C
X509v3 Authority Key Identifier:
keyid:2C:C2:5F:F3:29:18:F0:B4:93:06:25:9D:48:3A:FB:9E:38:1A:39:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LMJf8ykY8LSTBiWdSDr7njgaORU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1277ec-156a-46c4-9f03-e25751b3ffd5/1/mzLXIW6nBxsjUkoddnizpi3yoYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1277ec-156a-46c4-9f03-e25751b3ffd5/1/LMJf8ykY8LSTBiWdSDr7njgaORU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.158.172.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:e5:c9:bf:03:cc:5c:df:0f:3a:d3:15:7f:21:ab:1c:e3:9d:
2b:55:4b:43:cc:a4:10:65:ae:9d:c5:61:04:3c:01:06:60:b5:
d8:29:2a:c1:00:9c:2b:91:f5:bc:ba:e0:1d:42:ac:43:e6:97:
05:96:ea:2a:24:7c:ce:e7:ee:0a:8b:a8:f4:27:d6:75:b5:8a:
00:12:ea:6d:10:dd:16:fe:0b:67:0e:6a:9e:8a:c6:12:14:7b:
10:a5:27:e3:c2:be:a8:c5:ae:de:db:b0:63:67:11:23:8e:d5:
3f:d6:d8:1f:62:05:68:77:27:ae:3f:b6:b1:d5:4f:61:4d:ca:
81:9a:5f:4f:06:d7:18:54:34:9f:c4:6b:cd:ab:e1:f7:49:d6:
de:5d:5b:2b:3e:43:73:9c:e6:b0:f9:b9:1c:9d:7f:a3:12:2d:
fd:21:01:8b:40:43:f1:f9:09:b0:40:a3:e9:2c:5c:be:96:45:
33:3d:7e:a8:8e:1e:24:5e:f6:33:e6:33:83:60:eb:2b:af:d4:
03:cd:99:41:c9:c7:ff:ab:e7:c4:7b:50:cd:0d:03:9b:1c:e8:
9f:b7:96:7a:54:92:a5:e7:7f:2d:db:70:0e:2a:d0:e7:dd:0e:
03:b2:12:53:0c:4a:7d:f6:16:51:06:1c:c9:4f:77:5e:a5:99:
d1:f9:fc:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYleZlSVnNvqwz3zX/N/AV2OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYzI1ZmYzMjkxOGYwYjQ5MzA2MjU5ZDQ4M2FmYjllMzgx
YTM5MTUwHhcNMjMwNzE2MTExMTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjMyZDcyMTZlYTcwNzFiMjM1MjRhMWQ3Njc4YjNhNjJkZjJhMThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0j0XhveZHXNn0sc04T7Zh7guOn9M
rYDT39f/a9gzgI1Xn0rYO6BRfMzSvHOHPO8C7jtfXc4XXr6035Qw6VoLK/JkkiQU
F3xLITlduyBeLY1GyI6gj4GSR3ap+5OoEVbHuCvsxt8iy4VNt3DHIyWAUp2DFw4B
dKOo33D8D12m0JqsIqd//5JHIT7N9H1ULuMI9FajP2tfkB+IrJ6lDUXRnS5m6yPm
opAq2EIcXpryT4pJaIzC6GuHvLlrMr8w+tLR26xmTKuuZ3DL/B2huZrugQdTWRU0
WHdpWLX99EGjcKdnu1LuCGuMKTP3kv14xkBRYCkh4nPpCkv+0INtsGiqQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJsy1yFupwcbI1JKHXZ4s6Yt8qGMMB8GA1UdIwQY
MBaAFCzCX/MpGPC0kwYlnUg6+544GjkVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE1KZjh5a1k4TFNUQmlXZFNEcjduamdhT1JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8xMjc3ZWMtMTU2YS00NmM0LTlmMDMt
ZTI1NzUxYjNmZmQ1LzEvbXpMWElXNm5CeHNqVWtvZGRuaXpwaTN5b1l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8xMjc3ZWMtMTU2YS00NmM0LTlmMDMtZTI1NzUxYjNmZmQ1
LzEvTE1KZjh5a1k4TFNUQmlXZFNEcjduamdhT1JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZ6sMA0G
CSqGSIb3DQEBCwUAA4IBAQCl5cm/A8xc3w860xV/Iasc450rVUtDzKQQZa6dxWEE
PAEGYLXYKSrBAJwrkfW8uuAdQqxD5pcFluoqJHzO5+4Ki6j0J9Z1tYoAEuptEN0W
/gtnDmqeisYSFHsQpSfjwr6oxa7e27BjZxEjjtU/1tgfYgVodyeuP7ax1U9hTcqB
ml9PBtcYVDSfxGvNq+H3SdbeXVsrPkNznOaw+bkcnX+jEi39IQGLQEPx+QmwQKPp
LFy+lkUzPX6ojh4kXvYz5jODYOsrr9QDzZlBycf/q+fEe1DNDQObHOift5Z6VJKl
538t23AOKtDn3Q4DshJTDEp99hZRBhzJT3depZnR+fwg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:28 2024 by rpki-client on console-ams.rpki-client.org