Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6cbb0e-f455-4573-a9f9-38d6716b2005/1/jz_yI-FJdJn-fsua9U54WefKmJU.roa
File: jz_yI-FJdJn-fsua9U54WefKmJU.roa (raw, json)
Hash identifier: KG+jp2xYNoMrbHjoEc4tbvmnnJRRntBLZRVdkXrq9YM=
Subject key identifier: 8F:3F:F2:23:E1:49:74:99:FE:7E:CB:9A:F5:4E:78:59:E7:CA:98:95
Certificate issuer: /CN=421e49e1c755fde038bd1875c7f397a568646014
Certificate serial: 0188D90F46A4B2B593162C50CC9587C6B2B5
Authority key identifier: 42:1E:49:E1:C7:55:FD:E0:38:BD:18:75:C7:F3:97:A5:68:64:60:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qh5J4cdV_eA4vRh1x_OXpWhkYBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6cbb0e-f455-4573-a9f9-38d6716b2005/1/jz_yI-FJdJn-fsua9U54WefKmJU.roa
Signing time: Tue 20 Jun 2023 13:47:16 +0000
ROA not before: Tue 20 Jun 2023 13:47:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209985
IP address blocks: 185.170.66.0/24 maxlen: 24
2a0b:fbc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d9:0f:46:a4:b2:b5:93:16:2c:50:cc:95:87:c6:b2:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=421e49e1c755fde038bd1875c7f397a568646014
Validity
Not Before: Jun 20 13:47:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f3ff223e1497499fe7ecb9af54e7859e7ca9895
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:8b:8f:24:3e:be:91:47:81:d1:2f:0d:f4:a0:
28:c6:f5:ea:5a:01:29:8a:7c:c6:e4:4f:af:39:f8:
e8:b9:42:69:62:39:59:36:d1:a0:bb:56:a3:35:0f:
ff:6b:9a:09:4a:0b:33:ba:8c:ec:71:de:0a:31:b6:
2a:82:6b:5a:e8:ee:8e:94:01:40:8c:6c:e4:e9:30:
81:76:96:eb:f7:1c:07:a6:a2:c9:22:92:92:f2:a2:
fa:7e:52:60:6a:02:56:57:24:11:ce:e0:0c:d9:ff:
d9:3c:40:dc:d6:fe:2a:09:03:5e:a4:f8:53:42:c5:
5f:29:d1:e2:e2:bb:85:11:3c:7e:bf:3d:40:34:16:
67:f3:94:79:42:f6:ac:04:cb:91:a9:1a:43:46:a1:
02:6d:46:3e:2d:35:9c:57:6b:17:e6:0f:0e:2e:51:
f0:e7:de:1a:78:dd:9d:b0:fa:aa:5c:e5:74:11:bf:
88:48:45:b6:c1:8c:d8:9b:7b:8a:46:43:ed:86:9c:
97:68:3e:3e:3b:f6:49:e5:d6:50:a7:25:b8:e0:60:
3d:3c:a3:3c:11:06:f4:a2:85:f9:6c:84:10:30:bf:
b4:53:11:e6:82:cb:94:a2:f5:aa:d6:30:f5:e6:1b:
35:ca:e1:94:0f:76:04:97:53:37:0e:94:1e:a6:9b:
54:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:3F:F2:23:E1:49:74:99:FE:7E:CB:9A:F5:4E:78:59:E7:CA:98:95
X509v3 Authority Key Identifier:
keyid:42:1E:49:E1:C7:55:FD:E0:38:BD:18:75:C7:F3:97:A5:68:64:60:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qh5J4cdV_eA4vRh1x_OXpWhkYBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6cbb0e-f455-4573-a9f9-38d6716b2005/1/jz_yI-FJdJn-fsua9U54WefKmJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6cbb0e-f455-4573-a9f9-38d6716b2005/1/Qh5J4cdV_eA4vRh1x_OXpWhkYBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.66.0/24
IPv6:
2a0b:fbc0::/32
Signature Algorithm: sha256WithRSAEncryption
83:13:11:f9:34:99:c0:47:ef:54:9e:bb:35:30:82:86:c1:e7:
aa:8b:35:bc:34:5d:5c:a6:73:0d:47:a1:e7:d7:a8:20:91:3e:
36:78:cb:76:88:0b:a6:d6:e3:c9:53:28:ae:f5:e4:04:f9:3a:
28:9e:2d:6d:9c:9f:1e:ad:74:f3:02:99:75:81:dd:8d:76:e4:
e6:ab:81:62:cf:6e:47:1b:ae:75:8f:36:33:15:77:21:cc:f1:
fc:1c:ea:18:57:fd:a1:80:9e:37:b0:bd:43:bd:ef:8c:0f:d1:
c5:bf:02:ac:de:a2:e4:bf:94:58:9d:46:d9:20:2f:65:18:25:
a9:dc:99:e3:10:a9:d2:d0:68:72:63:01:33:52:5b:ea:6f:b8:
53:9b:20:f8:5a:29:74:ee:b2:4b:e9:be:31:2b:ba:5b:4a:c6:
b8:75:dd:6a:f2:b1:c8:c0:4b:d5:1a:d7:47:e2:d7:fa:19:6f:
03:20:a4:03:bf:6b:d3:8e:d4:6c:b6:11:27:d6:03:0e:b9:30:
96:1b:f5:81:0b:11:92:7c:28:50:5d:2c:8f:78:e8:38:63:d2:
2b:d8:e8:20:8a:8d:70:27:51:b5:e1:f0:ee:1f:e9:af:c1:d8:
ab:64:19:73:04:6f:35:d9:13:70:8c:c4:fe:44:f4:cf:9a:7c:
64:cf:9c:2a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYjZD0aksrWTFixQzJWHxrK1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMWU0OWUxYzc1NWZkZTAzOGJkMTg3NWM3ZjM5N2E1Njg2
NDYwMTQwHhcNMjMwNjIwMTM0NzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjNmZjIyM2UxNDk3NDk5ZmU3ZWNiOWFmNTRlNzg1OWU3Y2E5ODk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYuPJD6+kUeB0S8N9KAoxvXqWgEp
inzG5E+vOfjouUJpYjlZNtGgu1ajNQ//a5oJSgszuozscd4KMbYqgmta6O6OlAFA
jGzk6TCBdpbr9xwHpqLJIpKS8qL6flJgagJWVyQRzuAM2f/ZPEDc1v4qCQNepPhT
QsVfKdHi4ruFETx+vz1ANBZn85R5QvasBMuRqRpDRqECbUY+LTWcV2sX5g8OLlHw
594aeN2dsPqqXOV0Eb+ISEW2wYzYm3uKRkPthpyXaD4+O/ZJ5dZQpyW44GA9PKM8
EQb0ooX5bIQQML+0UxHmgsuUovWq1jD15hs1yuGUD3YEl1M3DpQepptU3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI8/8iPhSXSZ/n7LmvVOeFnnypiVMB8GA1UdIwQY
MBaAFEIeSeHHVf3gOL0Ydcfzl6VoZGAUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWg1SjRjZFZfZUE0dlJoMXhfT1hwV2hrWUJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82Y2JiMGUtZjQ1NS00NTczLWE5Zjkt
MzhkNjcxNmIyMDA1LzEvanpfeUktRkpkSm4tZnN1YTlVNTRXZWZLbUpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82Y2JiMGUtZjQ1NS00NTczLWE5ZjktMzhkNjcxNmIyMDA1
LzEvUWg1SjRjZFZfZUE0dlJoMXhfT1hwV2hrWUJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuapCMA0E
AgACMAcDBQAqC/vAMA0GCSqGSIb3DQEBCwUAA4IBAQCDExH5NJnAR+9Unrs1MIKG
weeqizW8NF1cpnMNR6Hn16ggkT42eMt2iAum1uPJUyiu9eQE+Tooni1tnJ8erXTz
Apl1gd2NduTmq4Fiz25HG651jzYzFXchzPH8HOoYV/2hgJ43sL1Dve+MD9HFvwKs
3qLkv5RYnUbZIC9lGCWp3JnjEKnS0GhyYwEzUlvqb7hTmyD4Wil07rJL6b4xK7pb
Ssa4dd1q8rHIwEvVGtdH4tf6GW8DIKQDv2vTjtRsthEn1gMOuTCWG/WBCxGSfChQ
XSyPeOg4Y9Ir2Oggio1wJ1G14fDuH+mvwdirZBlzBG812RNwjMT+RPTPmnxkz5wq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:04 2024 by rpki-client on console-fra.rpki-client.org