Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/zzOKlMHO8cpvsOocWM2BnYL5ju8.roa
File: zzOKlMHO8cpvsOocWM2BnYL5ju8.roa (raw, json)
Hash identifier: bVWoh/L99sWj1JaZcEfouO4uWWjvbDj0IoegaQGXxxg=
Subject key identifier: CF:33:8A:94:C1:CE:F1:CA:6F:B0:EA:1C:58:CD:81:9D:82:F9:8E:EF
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 01856D8AC5D8EF991876F89FE4B639C3A933
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/zzOKlMHO8cpvsOocWM2BnYL5ju8.roa
Signing time: Sun 01 Jan 2023 13:34:49 +0000
ROA not before: Sun 01 Jan 2023 13:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204004
IP address blocks: 185.107.16.0/24 maxlen: 24
185.107.17.0/24 maxlen: 24
185.107.19.0/24 maxlen: 24
185.107.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:c5:d8:ef:99:18:76:f8:9f:e4:b6:39:c3:a9:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Jan 1 13:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf338a94c1cef1ca6fb0ea1c58cd819d82f98eef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1f:d9:ff:7d:48:8e:7f:09:8a:fa:8f:39:7c:
13:e6:14:26:8f:ef:a2:af:b3:5b:39:1b:4b:c2:68:
a6:a1:b3:a5:fe:1d:a5:05:03:b4:57:04:22:1f:7d:
81:32:88:bd:55:6e:08:22:89:65:dc:0c:d9:fe:44:
48:d4:79:31:44:91:34:1a:63:a2:0f:b7:f3:d3:e8:
70:ac:9e:23:cc:d2:88:85:2a:6c:56:2f:3d:ec:db:
65:cf:30:03:b8:91:31:e9:65:ff:f3:b2:1a:31:b0:
57:8e:36:9b:eb:22:93:5b:b8:62:da:ec:18:db:56:
65:e4:9a:88:6f:e6:a3:88:91:8a:27:97:40:af:84:
bd:d1:1d:3c:2a:57:b4:dd:fa:fd:de:ad:06:84:a6:
cf:5e:ee:36:62:cd:16:46:c0:c9:72:04:e4:b5:77:
fe:6a:4a:d6:fa:26:da:ee:46:07:09:f1:95:74:04:
2a:02:c5:ee:48:b4:fb:a9:51:e0:d9:36:1c:83:48:
a3:2a:1e:35:29:2b:8a:c4:79:ec:d9:10:39:fe:a7:
7c:1c:12:b6:0e:29:3c:a8:43:59:5f:53:f4:bb:bf:
c5:5b:8c:05:ef:b2:69:72:99:cb:f4:e3:73:3c:c6:
a4:50:25:a8:01:e9:3e:05:8e:e1:c5:19:16:d0:d3:
44:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:33:8A:94:C1:CE:F1:CA:6F:B0:EA:1C:58:CD:81:9D:82:F9:8E:EF
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/zzOKlMHO8cpvsOocWM2BnYL5ju8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.16.0/22
Signature Algorithm: sha256WithRSAEncryption
22:50:df:02:9f:69:13:59:e6:b8:0a:36:69:ef:42:1f:d7:d8:
89:8a:81:42:8e:38:7f:17:53:31:2e:dd:d3:ba:da:ab:25:3c:
46:4b:8f:70:d1:44:c0:40:a5:b7:50:af:39:23:98:75:d6:2e:
de:ca:8d:e6:0d:88:5a:ee:04:43:21:97:d5:39:24:af:c0:e5:
23:3c:e7:35:af:08:3a:c3:1a:dd:cd:63:fd:b5:ba:f4:be:aa:
06:bd:75:f4:84:92:73:5f:b2:e3:f1:41:d5:d4:0b:09:d9:cc:
d2:91:a3:b3:a7:ad:3a:21:e7:65:b9:57:9e:3e:c2:c4:d2:07:
f1:d3:a6:bd:c0:92:f7:fc:a5:ef:91:22:fb:9e:57:f1:e9:1f:
a3:ba:3d:ea:d3:0f:bb:d4:25:79:c8:7c:af:93:36:59:e4:01:
de:79:5d:9c:c5:7d:e6:66:19:bd:0b:ba:43:72:62:b0:0b:9f:
99:16:44:7d:5f:9f:7d:73:d4:c5:45:28:38:02:9b:4a:5a:82:
54:f7:ec:76:20:19:ed:1f:cc:ab:88:a3:26:80:0a:df:bc:35:
e8:89:e0:20:09:c0:d6:f7:05:c0:07:6c:6b:3d:8f:88:83:b8:
fd:d2:45:ea:f4:cb:32:d8:77:1d:07:cc:f7:29:d7:5e:3a:7d:
59:da:38:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtisXY75kYdvif5LY5w6kzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjMwMTAxMTMzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjMzOGE5NGMxY2VmMWNhNmZiMGVhMWM1OGNkODE5ZDgyZjk4ZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnR/Z/31Ijn8JivqPOXwT5hQmj++i
r7NbORtLwmimobOl/h2lBQO0VwQiH32BMoi9VW4IIoll3AzZ/kRI1HkxRJE0GmOi
D7fz0+hwrJ4jzNKIhSpsVi897NtlzzADuJEx6WX/87IaMbBXjjab6yKTW7hi2uwY
21Zl5JqIb+ajiJGKJ5dAr4S90R08Kle03fr93q0GhKbPXu42Ys0WRsDJcgTktXf+
akrW+iba7kYHCfGVdAQqAsXuSLT7qVHg2TYcg0ijKh41KSuKxHns2RA5/qd8HBK2
Dik8qENZX1P0u7/FW4wF77JpcpnL9ONzPMakUCWoAek+BY7hxRkW0NNECQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM8zipTBzvHKb7DqHFjNgZ2C+Y7vMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvenpPS2xNSE84Y3B2c09vY1dNMkJuWUw1anU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWsQMA0G
CSqGSIb3DQEBCwUAA4IBAQAiUN8Cn2kTWea4CjZp70If19iJioFCjjh/F1MxLt3T
utqrJTxGS49w0UTAQKW3UK85I5h11i7eyo3mDYha7gRDIZfVOSSvwOUjPOc1rwg6
wxrdzWP9tbr0vqoGvXX0hJJzX7Lj8UHV1AsJ2czSkaOzp606IedluVeePsLE0gfx
06a9wJL3/KXvkSL7nlfx6R+juj3q0w+71CV5yHyvkzZZ5AHeeV2cxX3mZhm9C7pD
cmKwC5+ZFkR9X599c9TFRSg4AptKWoJU9+x2IBntH8yriKMmgArfvDXoieAgCcDW
9wXAB2xrPY+Ig7j90kXq9Msy2HcdB8z3KddeOn1Z2jiT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:55 2024 by rpki-client on console-ams.rpki-client.org