Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/b2397c-b36d-46a3-a240-1d9a19f1295b/1/EZZu9ZJF5IcQtn-YKppdps3r9_M.roa
File: EZZu9ZJF5IcQtn-YKppdps3r9_M.roa (raw, json)
Hash identifier: UAnKdLMHnPH4q35EaeN92rg+JdbPjFLIpCkJoBJsDo0=
Subject key identifier: 11:96:6E:F5:92:45:E4:87:10:B6:7F:98:2A:9A:5D:A6:CD:EB:F7:F3
Certificate issuer: /CN=83f5bd23bec5d0639833a9141985cc5753886e16
Certificate serial: 018573B199E7C1763A10123A825B2CA8B3CA
Authority key identifier: 83:F5:BD:23:BE:C5:D0:63:98:33:A9:14:19:85:CC:57:53:88:6E:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g_W9I77F0GOYM6kUGYXMV1OIbhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/b2397c-b36d-46a3-a240-1d9a19f1295b/1/EZZu9ZJF5IcQtn-YKppdps3r9_M.roa
Signing time: Mon 02 Jan 2023 18:14:56 +0000
ROA not before: Mon 02 Jan 2023 18:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12344
IP address blocks: 185.119.96.0/22 maxlen: 22
2a04:f310::/31 maxlen: 31
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:b1:99:e7:c1:76:3a:10:12:3a:82:5b:2c:a8:b3:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83f5bd23bec5d0639833a9141985cc5753886e16
Validity
Not Before: Jan 2 18:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=11966ef59245e48710b67f982a9a5da6cdebf7f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:9c:4a:64:70:b1:0f:55:dc:25:f6:01:b2:56:
69:45:52:86:9b:4a:aa:5b:f7:3b:06:4f:d7:a0:83:
66:03:21:a6:41:c7:08:5c:0e:5d:8f:81:95:5d:1d:
90:64:d3:dd:ec:dd:91:b2:4c:43:73:0c:cb:51:81:
6d:c9:e8:3b:75:bf:5d:77:fe:a6:f5:99:de:e1:9c:
53:be:71:4e:a0:83:c9:06:e3:4a:f9:c4:2b:24:50:
26:7b:e5:15:cb:f3:b8:00:57:3e:8a:e2:2b:c0:98:
04:da:7a:af:6a:2f:96:54:8f:a6:b0:85:57:3f:bb:
53:05:cb:fc:42:ad:b0:c8:d1:b3:54:2c:c8:c3:76:
69:4a:59:1b:af:ac:f1:86:68:4d:94:d5:6d:ee:c6:
73:0d:a4:eb:68:6e:c2:f9:07:ba:c2:89:ba:b0:2e:
98:29:d2:04:0e:69:0b:1f:7d:ed:fe:15:ea:df:ba:
d3:82:8a:eb:fe:e3:85:5d:59:32:45:f6:79:0a:8d:
7f:dc:22:d2:7c:2d:09:4b:ad:ef:0c:aa:ef:43:54:
3b:30:44:12:64:4d:78:4c:f3:c6:d0:87:5e:55:72:
b4:36:06:29:a8:27:1d:e6:5b:04:d9:a8:6f:8b:6a:
8e:d8:df:1c:c8:c9:90:4d:38:e0:4d:3b:5d:e5:e0:
57:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:96:6E:F5:92:45:E4:87:10:B6:7F:98:2A:9A:5D:A6:CD:EB:F7:F3
X509v3 Authority Key Identifier:
keyid:83:F5:BD:23:BE:C5:D0:63:98:33:A9:14:19:85:CC:57:53:88:6E:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g_W9I77F0GOYM6kUGYXMV1OIbhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/b2397c-b36d-46a3-a240-1d9a19f1295b/1/EZZu9ZJF5IcQtn-YKppdps3r9_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/b2397c-b36d-46a3-a240-1d9a19f1295b/1/g_W9I77F0GOYM6kUGYXMV1OIbhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.96.0/22
IPv6:
2a04:f310::/31
Signature Algorithm: sha256WithRSAEncryption
28:f0:c0:85:1e:89:e3:46:c8:f1:6e:f4:12:6b:70:85:43:fc:
f3:c0:04:65:84:cb:f0:e8:18:f9:3d:5f:c9:a0:93:75:29:89:
93:e4:bc:83:f1:23:37:6a:a4:10:74:5d:1d:50:ac:25:62:16:
8e:db:e1:fc:f6:bf:e9:28:ac:49:b2:64:5f:e5:e9:90:12:10:
42:84:28:4d:31:6d:35:f5:92:41:c2:56:4e:96:9d:44:4b:99:
b1:c4:2e:cd:bb:75:c2:89:74:0d:22:ed:27:5d:dc:1e:91:b2:
63:48:0a:fa:93:51:76:0f:bf:e3:43:31:dd:b6:70:18:63:20:
7d:cf:ab:1f:95:d4:db:80:83:76:85:17:0c:a3:22:3e:22:c0:
f4:b4:d3:cd:fb:7d:8f:94:6c:4d:09:f8:78:0e:5f:64:3a:9a:
cc:13:5d:d6:97:1f:f8:85:2a:59:17:4f:e5:bb:d4:b5:e7:1e:
d7:46:7a:00:b0:ed:81:da:10:35:de:55:41:67:5d:72:76:ca:
73:13:4c:a3:6c:94:e8:93:01:4c:95:49:fc:70:2d:54:a0:55:
79:61:e0:22:e9:bf:18:b8:f0:ad:cd:6d:28:5f:26:d9:ae:bb:
31:5c:69:d7:27:0e:dd:fd:c6:ce:1d:2f:a5:cb:c0:59:03:f1:
5f:02:ec:ea
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVzsZnnwXY6EBI6glssqLPKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZjViZDIzYmVjNWQwNjM5ODMzYTkxNDE5ODVjYzU3NTM4
ODZlMTYwHhcNMjMwMTAyMTgxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTk2NmVmNTkyNDVlNDg3MTBiNjdmOTgyYTlhNWRhNmNkZWJmN2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpxKZHCxD1XcJfYBslZpRVKGm0qq
W/c7Bk/XoINmAyGmQccIXA5dj4GVXR2QZNPd7N2RskxDcwzLUYFtyeg7db9dd/6m
9Zne4ZxTvnFOoIPJBuNK+cQrJFAme+UVy/O4AFc+iuIrwJgE2nqvai+WVI+msIVX
P7tTBcv8Qq2wyNGzVCzIw3ZpSlkbr6zxhmhNlNVt7sZzDaTraG7C+Qe6wom6sC6Y
KdIEDmkLH33t/hXq37rTgorr/uOFXVkyRfZ5Co1/3CLSfC0JS63vDKrvQ1Q7MEQS
ZE14TPPG0IdeVXK0NgYpqCcd5lsE2ahvi2qO2N8cyMmQTTjgTTtd5eBX6QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBGWbvWSReSHELZ/mCqaXabN6/fzMB8GA1UdIwQY
MBaAFIP1vSO+xdBjmDOpFBmFzFdTiG4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ19XOUk3N0YwR09ZTTZrVUdZWE1WMU9JYmhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9iMjM5N2MtYjM2ZC00NmEzLWEyNDAt
MWQ5YTE5ZjEyOTViLzEvRVpadTlaSkY1SWNRdG4tWUtwcGRwczNyOV9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9iMjM5N2MtYjM2ZC00NmEzLWEyNDAtMWQ5YTE5ZjEyOTVi
LzEvZ19XOUk3N0YwR09ZTTZrVUdZWE1WMU9JYmhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXdgMA0E
AgACMAcDBQEqBPMQMA0GCSqGSIb3DQEBCwUAA4IBAQAo8MCFHonjRsjxbvQSa3CF
Q/zzwARlhMvw6Bj5PV/JoJN1KYmT5LyD8SM3aqQQdF0dUKwlYhaO2+H89r/pKKxJ
smRf5emQEhBChChNMW019ZJBwlZOlp1ES5mxxC7Nu3XCiXQNIu0nXdwekbJjSAr6
k1F2D7/jQzHdtnAYYyB9z6sfldTbgIN2hRcMoyI+IsD0tNPN+32PlGxNCfh4Dl9k
OprME13Wlx/4hSpZF0/lu9S15x7XRnoAsO2B2hA13lVBZ11ydspzE0yjbJTokwFM
lUn8cC1UoFV5YeAi6b8YuPCtzW0oXybZrrsxXGnXJw7d/cbOHS+ly8BZA/FfAuzq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:32 2024 by rpki-client on console-fra.rpki-client.org