Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/zI16j-2Vbs5pGI1908N9zxKpq6M.roa
File: zI16j-2Vbs5pGI1908N9zxKpq6M.roa (raw, json)
Hash identifier: M+Ml7ASNMVnIQIgPaWdAr4yZ7HzJUT/+/1kQq5bQl14=
Subject key identifier: CC:8D:7A:8F:ED:95:6E:CE:69:18:8D:7D:D3:C3:7D:CF:12:A9:AB:A3
Certificate issuer: /CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Certificate serial: 0192BEB3081AEBEDB28128B42AE01CF143CA
Authority key identifier: B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/zI16j-2Vbs5pGI1908N9zxKpq6M.roa
Signing time: Thu 24 Oct 2024 13:24:16 +0000
ROA not before: Thu 24 Oct 2024 13:24:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.129.16.0/24 maxlen: 24
185.129.17.0/24 maxlen: 24
185.231.108.0/24 maxlen: 24
185.231.109.0/24 maxlen: 24
185.231.110.0/24 maxlen: 24
185.231.111.0/24 maxlen: 24
2a0f:aac0::/48 maxlen: 48
2a0f:aac0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 24 Oct 2024 13:34:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:be:b3:08:1a:eb:ed:b2:81:28:b4:2a:e0:1c:f1:43:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Validity
Not Before: Oct 24 13:24:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc8d7a8fed956ece69188d7dd3c37dcf12a9aba3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fe:3e:77:47:fa:36:4a:b1:45:2e:ab:dd:15:
44:fa:14:cb:40:86:0e:fe:4b:a5:b9:63:77:fe:9d:
18:dc:6c:97:90:41:97:ec:1d:c8:78:23:eb:fc:e4:
7d:d2:b5:7b:e2:86:e3:b1:f0:e8:8a:56:53:2a:d8:
b8:5f:93:02:20:7e:29:cc:44:68:19:29:30:68:e5:
cd:ee:f1:5b:a7:58:4b:5c:47:5d:86:c1:27:4f:a1:
4c:db:d8:10:77:7a:ad:ae:83:f1:5d:45:08:4f:1b:
03:48:c2:21:c4:75:9e:97:b8:63:0b:d3:dc:b5:9d:
e2:a6:5f:54:95:ca:ec:0c:a9:2b:6a:f0:c1:cf:a9:
cb:b3:40:a2:9e:ce:49:4d:98:e3:f4:1b:58:a2:bf:
be:55:af:8c:a5:96:a7:79:a5:c2:ac:ad:c6:83:db:
2e:18:8e:1b:55:fd:55:d8:ef:86:05:c7:d8:b0:d0:
9c:6f:9f:b1:51:7e:23:f9:9b:d1:76:f0:4c:3d:48:
af:b4:a1:1f:ad:6d:79:2e:e4:6e:00:3e:a6:0e:34:
ac:24:74:63:cb:29:b7:a1:22:25:18:53:b5:ec:94:
cf:9a:63:0d:1f:d6:3d:0d:a9:d6:d4:a0:fe:08:81:
bf:ce:98:88:b1:66:f3:1e:c5:50:b6:9c:30:ca:85:
17:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:8D:7A:8F:ED:95:6E:CE:69:18:8D:7D:D3:C3:7D:CF:12:A9:AB:A3
X509v3 Authority Key Identifier:
keyid:B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/zI16j-2Vbs5pGI1908N9zxKpq6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/tKIIXH3jtZgha4n7Dysdkw3mbBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.16.0/23
185.231.108.0/22
IPv6:
2a0f:aac0::/47
Signature Algorithm: sha256WithRSAEncryption
d2:73:db:a0:32:3c:b3:e7:bb:ea:83:7a:44:f5:a7:61:c5:65:
d6:be:fd:8f:68:05:4b:7a:0d:a3:96:0a:df:f3:74:f8:8b:49:
19:12:b0:f4:b0:fb:47:a2:f2:71:c7:12:4e:af:0f:12:f4:f2:
b3:28:28:5e:45:f6:da:7a:e5:86:27:9b:02:05:0d:7b:d8:17:
95:18:61:35:56:f3:e0:71:c0:18:4b:b2:cd:d6:d0:24:08:81:
41:88:a2:ae:2c:bd:d4:c9:61:0b:c8:2b:b7:47:af:f8:4e:0e:
8f:77:0c:e7:a9:1c:ec:28:ba:b3:58:67:4c:ad:a9:3e:af:70:
f1:b4:e9:f3:6f:70:77:58:ea:a6:53:cd:ee:7c:fd:e0:03:69:
29:02:0d:80:ac:ee:1d:f4:2e:5b:ec:d4:28:a1:ae:f0:20:c4:
6b:18:50:87:e9:5e:68:fd:24:62:b8:5f:e3:93:4e:e1:92:08:
4c:e4:08:1b:f9:82:a7:8b:8b:99:6a:7c:74:77:80:fb:c1:38:
a6:11:da:4a:9d:b8:46:46:8a:cb:86:76:76:56:70:77:51:80:
7d:d3:42:82:57:06:d4:28:9f:9d:a8:75:7e:94:fc:51:4a:d2:
ef:49:16:cf:de:14:bf:9c:fb:6c:11:07:df:ca:d7:62:ec:28:
e5:a5:c9:bf
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZK+swga6+2ygSi0KuAc8UPKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTIwODVjN2RlM2I1OTgyMTZiODlmYjBmMmIxZDkzMGRl
NjZjMTkwHhcNMjQxMDI0MTMyNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzhkN2E4ZmVkOTU2ZWNlNjkxODhkN2RkM2MzN2RjZjEyYTlhYmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArv4+d0f6NkqxRS6r3RVE+hTLQIYO
/kuluWN3/p0Y3GyXkEGX7B3IeCPr/OR90rV74objsfDoilZTKti4X5MCIH4pzERo
GSkwaOXN7vFbp1hLXEddhsEnT6FM29gQd3qtroPxXUUITxsDSMIhxHWel7hjC9Pc
tZ3ipl9UlcrsDKkravDBz6nLs0Cins5JTZjj9BtYor++Va+MpZaneaXCrK3Gg9su
GI4bVf1V2O+GBcfYsNCcb5+xUX4j+ZvRdvBMPUivtKEfrW15LuRuAD6mDjSsJHRj
yym3oSIlGFO17JTPmmMNH9Y9DanW1KD+CIG/zpiIsWbzHsVQtpwwyoUXPQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMyNeo/tlW7OaRiNfdPDfc8SqaujMB8GA1UdIwQY
MBaAFLSiCFx947WYIWuJ+w8rHZMN5mwZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAt
MzExNzk4OTYwMWFkLzEvekkxNmotMlZiczVwR0kxOTA4Tjl6eEtwcTZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAtMzExNzk4OTYwMWFk
LzEvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBuYEQAwQC
uedsMA8EAgACMAkDBwEqD6rAAAAwDQYJKoZIhvcNAQELBQADggEBANJz26AyPLPn
u+qDekT1p2HFZda+/Y9oBUt6DaOWCt/zdPiLSRkSsPSw+0ei8nHHEk6vDxL08rMo
KF5F9tp65YYnmwIFDXvYF5UYYTVW8+BxwBhLss3W0CQIgUGIoq4svdTJYQvIK7dH
r/hODo93DOepHOwourNYZ0ytqT6vcPG06fNvcHdY6qZTze58/eADaSkCDYCs7h30
Llvs1CihrvAgxGsYUIfpXmj9JGK4X+OTTuGSCEzkCBv5gqeLi5lqfHR3gPvBOKYR
2kqduEZGisuGdnZWcHdRgH3TQoJXBtQon52odX6U/FFK0u9JFs/eFL+c+2wRB9/K
12LsKOWlyb8=
-----END CERTIFICATE-----
Generated at Thu Oct 24 19:18:19 2024 by rpki-client on console-ams.rpki-client.org