Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/0sjsZfu3e7LmeJ3jE_x2s42oBtQ.roa
File: 0sjsZfu3e7LmeJ3jE_x2s42oBtQ.roa (raw, json)
Hash identifier: KKZjiju6nAH/C+Uk7nBV9N9JwcSv97NAt+0g1VU5SWA=
Subject key identifier: D2:C8:EC:65:FB:B7:7B:B2:E6:78:9D:E3:13:FC:76:B3:8D:A8:06:D4
Certificate issuer: /CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Certificate serial: 018570CBF44CF955411EAEE4A1702480A405
Authority key identifier: CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/0sjsZfu3e7LmeJ3jE_x2s42oBtQ.roa
Signing time: Mon 02 Jan 2023 04:44:52 +0000
ROA not before: Mon 02 Jan 2023 04:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202657
IP address blocks: 185.158.64.0/22 maxlen: 32
2a07:aa80::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:f4:4c:f9:55:41:1e:ae:e4:a1:70:24:80:a4:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Validity
Not Before: Jan 2 04:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2c8ec65fbb77bb2e6789de313fc76b38da806d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:de:64:3a:f7:74:fe:f2:7b:6e:85:7d:a7:35:
37:87:65:2b:35:13:f5:b1:9c:30:3f:4c:c4:3e:b4:
0a:41:67:af:82:20:1a:c7:55:fe:e1:0e:0f:5c:66:
91:0f:1d:32:48:68:79:86:f1:92:fa:fb:db:86:30:
f0:0b:18:4a:d7:1d:c4:d2:8a:43:d7:45:30:52:ca:
48:c6:7e:ed:2c:46:52:9e:70:3c:94:82:25:98:0d:
92:b3:99:f1:04:f7:b8:0a:af:d5:eb:ab:5b:2b:c2:
75:69:17:da:97:0c:7c:20:45:8d:f9:e2:1d:f2:a1:
0a:86:bf:66:50:ce:ae:c2:0c:b5:77:4d:c5:3d:eb:
60:80:3e:3f:6f:f0:86:db:77:cf:12:49:cc:1b:1f:
ff:e8:3c:7e:a2:ae:be:d6:86:41:7e:e8:81:bc:fa:
89:cc:c7:ce:1a:44:11:2d:99:d1:e3:98:4a:7c:c1:
72:a5:e0:8e:8c:dd:22:84:26:27:a2:16:9e:44:07:
e9:32:ab:2d:9b:f3:6a:e2:9d:84:12:37:68:cd:bd:
ef:79:fa:00:23:69:c6:41:c7:77:fd:20:5a:02:1b:
b3:0e:d5:42:6b:0b:3d:44:53:22:ce:55:b0:d7:bb:
0b:cb:f1:a2:25:2c:db:54:0c:a5:f0:f1:90:a2:82:
28:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:C8:EC:65:FB:B7:7B:B2:E6:78:9D:E3:13:FC:76:B3:8D:A8:06:D4
X509v3 Authority Key Identifier:
keyid:CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/0sjsZfu3e7LmeJ3jE_x2s42oBtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.158.64.0/22
IPv6:
2a07:aa80::/29
Signature Algorithm: sha256WithRSAEncryption
06:63:e6:70:7b:76:66:64:87:85:c5:0e:a3:b0:c9:5c:b2:81:
88:85:d1:b3:e1:96:17:b0:d0:1c:f1:77:bc:74:15:11:7d:bf:
a4:91:99:cb:50:3d:9e:e0:4b:6d:9f:01:c0:b5:9d:e8:8f:50:
ce:90:58:75:8c:88:53:59:00:ea:25:75:bb:c1:e1:d5:d3:32:
33:f8:1a:fb:9e:dc:f7:8e:2e:8a:56:01:c5:75:a8:18:c5:f7:
01:72:19:17:ca:74:62:5f:c0:ae:65:06:5c:11:05:14:5c:52:
66:d8:16:c3:df:95:a2:f7:a0:9e:8d:1e:6a:b8:99:8b:59:04:
88:fb:6c:34:ed:2d:e7:46:40:e3:12:53:c5:63:05:a8:ec:d5:
d9:93:2a:01:9f:3d:45:ba:21:29:6a:31:6d:b9:74:a4:1c:6b:
07:10:99:ba:06:c5:97:04:3e:de:a6:83:f7:a3:b7:78:1f:4d:
aa:00:f7:89:e6:af:bb:6a:82:5b:c6:bd:85:15:76:9e:ac:ef:
e5:62:63:7c:20:54:01:ac:d5:04:28:af:cb:16:cb:b2:58:36:
32:6b:59:15:23:18:f1:54:66:f7:5a:57:b5:9c:bf:be:98:da:
29:1d:fa:87:7a:87:12:c3:2f:80:0a:62:28:90:12:4f:c4:f4:
6f:e4:d1:0b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwy/RM+VVBHq7koXAkgKQFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlOGQ5MmFjZTA4MDExYzRkMGFlYzhmMjI4NjU3MTViZDkx
YTAxMjIwHhcNMjMwMTAyMDQ0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmM4ZWM2NWZiYjc3YmIyZTY3ODlkZTMxM2ZjNzZiMzhkYTgwNmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhd5kOvd0/vJ7boV9pzU3h2UrNRP1
sZwwP0zEPrQKQWevgiAax1X+4Q4PXGaRDx0ySGh5hvGS+vvbhjDwCxhK1x3E0opD
10UwUspIxn7tLEZSnnA8lIIlmA2Ss5nxBPe4Cq/V66tbK8J1aRfalwx8IEWN+eId
8qEKhr9mUM6uwgy1d03FPetggD4/b/CG23fPEknMGx//6Dx+oq6+1oZBfuiBvPqJ
zMfOGkQRLZnR45hKfMFypeCOjN0ihCYnohaeRAfpMqstm/Nq4p2EEjdozb3vefoA
I2nGQcd3/SBaAhuzDtVCaws9RFMizlWw17sLy/GiJSzbVAyl8PGQooIoewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNLI7GX7t3uy5nid4xP8drONqAbUMB8GA1UdIwQY
MBaAFM6NkqzggBHE0K7I8ihlcVvZGgEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMt
NTQ1NDQ5ZTQ5ZjczLzEvMHNqc1pmdTNlN0xtZUozakVfeDJzNDJvQnRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMtNTQ1NDQ5ZTQ5Zjcz
LzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZ5AMA0E
AgACMAcDBQMqB6qAMA0GCSqGSIb3DQEBCwUAA4IBAQAGY+Zwe3ZmZIeFxQ6jsMlc
soGIhdGz4ZYXsNAc8Xe8dBURfb+kkZnLUD2e4EttnwHAtZ3oj1DOkFh1jIhTWQDq
JXW7weHV0zIz+Br7ntz3ji6KVgHFdagYxfcBchkXynRiX8CuZQZcEQUUXFJm2BbD
35Wi96CejR5quJmLWQSI+2w07S3nRkDjElPFYwWo7NXZkyoBnz1FuiEpajFtuXSk
HGsHEJm6BsWXBD7epoP3o7d4H02qAPeJ5q+7aoJbxr2FFXaerO/lYmN8IFQBrNUE
KK/LFsuyWDYya1kVIxjxVGb3Wle1nL++mNopHfqHeocSwy+ACmIokBJPxPRv5NEL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:42 2024 by rpki-client on console-ams.rpki-client.org