Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8dfa30-2a85-4b46-9533-4d5f7637efce/1/z94U8MTjoqDVX5wFuAdnN6HCX7A.roa
File: z94U8MTjoqDVX5wFuAdnN6HCX7A.roa (raw, json)
Hash identifier: Aq4b4ZPxEwloP5saMievtC7T6GFU+J92DKWIJJo1NVs=
Subject key identifier: CF:DE:14:F0:C4:E3:A2:A0:D5:5F:9C:05:B8:07:67:37:A1:C2:5F:B0
Certificate issuer: /CN=6041072ee1a1b1c068412dfb0355d2759932c5f5
Certificate serial: 0190C169CC4148EE05277EF0F7CD9AAE4C85
Authority key identifier: 60:41:07:2E:E1:A1:B1:C0:68:41:2D:FB:03:55:D2:75:99:32:C5:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YEEHLuGhscBoQS37A1XSdZkyxfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/8dfa30-2a85-4b46-9533-4d5f7637efce/1/z94U8MTjoqDVX5wFuAdnN6HCX7A.roa
Signing time: Wed 17 Jul 2024 15:57:34 +0000
ROA not before: Wed 17 Jul 2024 15:57:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29302
IP address blocks: 146.185.16.0/20 maxlen: 20
2a01:5a80::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c1:69:cc:41:48:ee:05:27:7e:f0:f7:cd:9a:ae:4c:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6041072ee1a1b1c068412dfb0355d2759932c5f5
Validity
Not Before: Jul 17 15:57:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cfde14f0c4e3a2a0d55f9c05b8076737a1c25fb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ba:2b:0a:93:f2:88:ec:be:c3:5e:8f:83:3f:
ac:3e:53:de:73:3c:31:64:9a:6f:47:5c:03:f2:c9:
46:9f:c7:00:48:c6:26:0e:26:01:1e:df:4a:bb:27:
cd:7f:0f:08:43:da:08:5c:0e:8e:b4:17:4e:70:5a:
2f:91:f3:6f:6f:ed:ab:50:73:9a:ce:a4:a7:4d:22:
23:90:f2:ea:2d:f1:10:7e:75:db:b9:63:41:f7:7b:
26:38:e5:2a:e9:a4:90:e0:07:7f:01:16:5c:59:4a:
f9:2f:2e:87:ea:fb:15:01:8b:0b:3b:94:22:83:bf:
ac:68:b0:c1:24:cd:e8:cf:14:05:8f:94:0e:3a:32:
8d:57:fc:f1:53:8b:6a:1b:0e:9b:13:5f:ad:84:00:
d8:4d:7d:74:77:83:88:d4:e1:c0:dd:c9:bd:9f:4f:
1d:59:aa:c8:a1:ce:ee:c9:51:cc:a6:e3:41:da:4d:
c2:8f:ec:f2:88:7b:29:a5:cf:de:04:bb:61:45:b6:
7b:d6:ea:75:7b:7d:fd:06:76:a1:99:f5:e4:61:ad:
fb:06:c5:64:e2:47:2d:c3:fd:dc:56:b2:09:ac:dc:
1e:53:9c:bb:51:2c:27:a3:b4:ff:f6:91:fc:b1:1f:
62:37:64:d8:44:8c:99:2d:e9:5d:7e:6c:2a:4a:68:
07:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:DE:14:F0:C4:E3:A2:A0:D5:5F:9C:05:B8:07:67:37:A1:C2:5F:B0
X509v3 Authority Key Identifier:
keyid:60:41:07:2E:E1:A1:B1:C0:68:41:2D:FB:03:55:D2:75:99:32:C5:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YEEHLuGhscBoQS37A1XSdZkyxfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8dfa30-2a85-4b46-9533-4d5f7637efce/1/z94U8MTjoqDVX5wFuAdnN6HCX7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8dfa30-2a85-4b46-9533-4d5f7637efce/1/YEEHLuGhscBoQS37A1XSdZkyxfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.185.16.0/20
IPv6:
2a01:5a80::/32
Signature Algorithm: sha256WithRSAEncryption
a5:47:9e:d7:d1:c0:11:ac:03:f2:4c:e8:c7:90:1a:4c:d2:ae:
d2:cf:c9:38:72:80:6c:ee:6e:3c:bd:84:6a:ef:82:50:55:3d:
72:a5:2d:1d:24:9b:54:45:95:91:35:7c:25:08:56:e6:3f:f7:
da:a3:c8:e0:79:b8:53:52:ac:41:f4:1d:86:b6:82:e6:17:9f:
ad:6e:58:5d:06:15:53:c1:ca:23:c2:14:01:69:2e:1c:a5:0b:
f0:7b:63:a1:73:f1:b2:6c:21:56:1a:ec:05:96:18:74:37:bb:
3a:6a:40:d2:8f:e4:6d:9b:76:9d:15:3a:9b:47:88:02:ef:1d:
e4:1f:ac:38:e4:b9:20:24:f9:00:f2:e7:f3:5f:38:f9:f4:3c:
e7:0f:8d:63:42:ae:fe:e4:82:87:37:09:8b:22:46:27:60:df:
4a:ca:e9:49:8d:4e:ca:73:d9:65:51:0a:2e:17:53:f6:e9:a0:
fb:34:04:ab:17:f5:3d:a1:47:a5:67:25:52:30:b5:ae:f5:c1:
e0:51:53:b7:82:b2:2e:01:50:35:d1:30:27:95:8b:7a:35:a0:
e5:a9:74:e2:94:c4:0b:3a:fd:74:9d:88:36:bf:53:fe:e4:d1:
8c:7c:ff:9d:b9:5d:db:34:78:05:1e:48:ce:e1:22:db:fa:f7:
fd:cb:85:8c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZDBacxBSO4FJ37w982arkyFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNDEwNzJlZTFhMWIxYzA2ODQxMmRmYjAzNTVkMjc1OTkz
MmM1ZjUwHhcNMjQwNzE3MTU1NzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmRlMTRmMGM0ZTNhMmEwZDU1ZjljMDViODA3NjczN2ExYzI1ZmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLorCpPyiOy+w16Pgz+sPlPeczwx
ZJpvR1wD8slGn8cASMYmDiYBHt9KuyfNfw8IQ9oIXA6OtBdOcFovkfNvb+2rUHOa
zqSnTSIjkPLqLfEQfnXbuWNB93smOOUq6aSQ4Ad/ARZcWUr5Ly6H6vsVAYsLO5Qi
g7+saLDBJM3ozxQFj5QOOjKNV/zxU4tqGw6bE1+thADYTX10d4OI1OHA3cm9n08d
WarIoc7uyVHMpuNB2k3Cj+zyiHsppc/eBLthRbZ71up1e339BnahmfXkYa37BsVk
4kctw/3cVrIJrNweU5y7USwno7T/9pH8sR9iN2TYRIyZLeldfmwqSmgHDQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM/eFPDE46Kg1V+cBbgHZzehwl+wMB8GA1UdIwQY
MBaAFGBBBy7hobHAaEEt+wNV0nWZMsX1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUVFSEx1R2hzY0JvUVMzN0ExWFNkWmt5eGZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84ZGZhMzAtMmE4NS00YjQ2LTk1MzMt
NGQ1Zjc2MzdlZmNlLzEvejk0VThNVGpvcURWWDV3RnVBZG5ONkhDWDdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84ZGZhMzAtMmE4NS00YjQ2LTk1MzMtNGQ1Zjc2MzdlZmNl
LzEvWUVFSEx1R2hzY0JvUVMzN0ExWFNkWmt5eGZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEkrkQMA0E
AgACMAcDBQAqAVqAMA0GCSqGSIb3DQEBCwUAA4IBAQClR57X0cARrAPyTOjHkBpM
0q7Sz8k4coBs7m48vYRq74JQVT1ypS0dJJtURZWRNXwlCFbmP/fao8jgebhTUqxB
9B2GtoLmF5+tblhdBhVTwcojwhQBaS4cpQvwe2Ohc/GybCFWGuwFlhh0N7s6akDS
j+Rtm3adFTqbR4gC7x3kH6w45LkgJPkA8ufzXzj59DznD41jQq7+5IKHNwmLIkYn
YN9KyulJjU7Kc9llUQouF1P26aD7NASrF/U9oUelZyVSMLWu9cHgUVO3grIuAVA1
0TAnlYt6NaDlqXTilMQLOv10nYg2v1P+5NGMfP+duV3bNHgFHkjO4SLb+vf9y4WM
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:34:12 2025 by rpki-client