Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/b3c215-d866-42d0-a6c3-20677d80e838/1/Zn8eDcVU9pvwYzID3eDHhsh_1qo.roa
File: Zn8eDcVU9pvwYzID3eDHhsh_1qo.roa (raw, json)
Hash identifier: RTpEL5FTmjl0GtPJLs089VZmwtDGx2SuAxJq//KuzM0=
Subject key identifier: 66:7F:1E:0D:C5:54:F6:9B:F0:63:32:03:DD:E0:C7:86:C8:7F:D6:AA
Certificate issuer: /CN=cca750fcc76d0dd75d7381e36d1bde4edddc3e51
Certificate serial: 01856F9DF7C7B9DCA7BBCFC8EE58537BA4A3
Authority key identifier: CC:A7:50:FC:C7:6D:0D:D7:5D:73:81:E3:6D:1B:DE:4E:DD:DC:3E:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zKdQ_MdtDdddc4HjbRveTt3cPlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/b3c215-d866-42d0-a6c3-20677d80e838/1/Zn8eDcVU9pvwYzID3eDHhsh_1qo.roa
Signing time: Sun 01 Jan 2023 23:15:01 +0000
ROA not before: Sun 01 Jan 2023 23:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198722
IP address blocks: 185.75.123.0/24 maxlen: 24
185.75.120.0/24 maxlen: 24
185.75.121.0/24 maxlen: 24
185.75.120.0/22 maxlen: 22
185.75.122.0/24 maxlen: 24
2a05:5240::/32 maxlen: 32
2a05:5242::/32 maxlen: 32
2a05:5243::/32 maxlen: 32
2a05:5240::/29 maxlen: 29
2a05:5241::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:34:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:f7:c7:b9:dc:a7:bb:cf:c8:ee:58:53:7b:a4:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cca750fcc76d0dd75d7381e36d1bde4edddc3e51
Validity
Not Before: Jan 1 23:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=667f1e0dc554f69bf0633203dde0c786c87fd6aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:75:71:5e:6b:51:63:4c:e8:90:0c:9f:38:b8:
e5:04:77:b5:7b:e7:e7:8b:5f:8f:50:94:d6:99:e8:
9d:fe:76:c2:67:3d:d9:3c:52:6b:f4:ca:56:0a:0e:
df:03:aa:97:a3:63:0a:d7:00:26:90:a2:03:27:ad:
6c:a1:fc:26:8a:86:3c:72:3f:80:19:48:ae:3c:e7:
b1:f2:2b:49:de:35:9f:bc:23:21:7c:e5:92:56:e1:
9c:51:13:d9:d2:5a:9e:43:f0:d5:81:49:43:22:a6:
cf:d1:a0:e4:05:40:d6:e5:cc:e2:33:66:de:09:94:
90:ae:03:05:19:98:df:cc:22:d2:78:93:10:46:e9:
7a:31:0e:d9:6a:64:98:2d:40:fc:01:4a:c1:f4:97:
dc:ad:28:22:d4:75:82:d5:24:1e:85:a9:ec:15:c7:
a7:bc:dd:96:24:54:1d:10:5f:13:ca:fe:b2:f3:2b:
9b:31:de:77:e8:23:88:78:dd:73:c3:3a:33:ab:38:
dd:7c:24:8f:7f:ee:81:a8:74:8e:f5:d4:03:df:b9:
14:f7:8e:66:0a:ca:28:93:8f:f7:e0:ab:e2:a7:7d:
39:f6:62:67:20:92:2f:8e:ad:ad:5f:da:45:1e:c7:
16:f9:13:12:ae:58:52:f6:61:eb:5a:86:d5:cb:fa:
d5:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:7F:1E:0D:C5:54:F6:9B:F0:63:32:03:DD:E0:C7:86:C8:7F:D6:AA
X509v3 Authority Key Identifier:
keyid:CC:A7:50:FC:C7:6D:0D:D7:5D:73:81:E3:6D:1B:DE:4E:DD:DC:3E:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zKdQ_MdtDdddc4HjbRveTt3cPlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/b3c215-d866-42d0-a6c3-20677d80e838/1/Zn8eDcVU9pvwYzID3eDHhsh_1qo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/b3c215-d866-42d0-a6c3-20677d80e838/1/zKdQ_MdtDdddc4HjbRveTt3cPlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.120.0/22
IPv6:
2a05:5240::/29
Signature Algorithm: sha256WithRSAEncryption
66:5b:6d:6b:50:99:95:50:42:ee:83:1a:89:ae:3c:3e:4a:bd:
4d:7a:9a:d6:c2:05:a6:67:92:41:b0:d0:d5:b8:d2:e2:92:f0:
a4:28:16:c6:b6:e9:2d:14:be:71:37:95:52:65:b6:85:92:32:
7d:2a:68:47:d6:d5:b2:1f:4a:6e:84:1a:43:37:ad:e4:6b:a0:
b5:57:93:b1:91:4e:38:bc:ee:a3:61:70:a1:02:52:3c:77:b1:
75:40:69:fd:35:db:2b:96:af:2b:ac:04:69:c8:49:40:55:ba:
ed:04:a9:2d:98:45:88:c6:01:10:8b:9f:b0:62:b2:d4:d1:d4:
32:f2:ae:89:58:d4:78:cb:6a:dd:1c:4e:2a:cb:d7:a9:36:5f:
71:37:26:81:93:0e:c2:85:15:9c:49:8a:35:12:67:29:fd:e6:
d7:40:08:60:e6:81:67:5f:59:cb:40:02:b4:28:67:ad:a2:1b:
82:9d:5c:77:92:04:e6:66:48:82:3a:b3:c6:e8:66:fb:1e:7b:
00:bb:37:ff:2b:06:67:00:81:ca:05:66:30:b3:68:85:50:e2:
be:97:2e:74:ed:39:b2:e9:8f:f9:82:16:4d:86:48:07:89:c1:
87:8c:8c:df:54:b8:ea:85:cd:3a:50:e9:fa:c3:9e:29:dc:b1:
73:fc:0d:97
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvnffHudynu8/I7lhTe6SjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjYTc1MGZjYzc2ZDBkZDc1ZDczODFlMzZkMWJkZTRlZGRk
YzNlNTEwHhcNMjMwMTAxMjMxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjdmMWUwZGM1NTRmNjliZjA2MzMyMDNkZGUwYzc4NmM4N2ZkNmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnVxXmtRY0zokAyfOLjlBHe1e+fn
i1+PUJTWmeid/nbCZz3ZPFJr9MpWCg7fA6qXo2MK1wAmkKIDJ61sofwmioY8cj+A
GUiuPOex8itJ3jWfvCMhfOWSVuGcURPZ0lqeQ/DVgUlDIqbP0aDkBUDW5cziM2be
CZSQrgMFGZjfzCLSeJMQRul6MQ7ZamSYLUD8AUrB9JfcrSgi1HWC1SQehansFcen
vN2WJFQdEF8Tyv6y8yubMd536COIeN1zwzozqzjdfCSPf+6BqHSO9dQD37kU945m
Csook4/34Kvip3059mJnIJIvjq2tX9pFHscW+RMSrlhS9mHrWobVy/rVpQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGZ/Hg3FVPab8GMyA93gx4bIf9aqMB8GA1UdIwQY
MBaAFMynUPzHbQ3XXXOB420b3k7d3D5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvektkUV9NZHREZGRkYzRIamJSdmVUdDNjUGxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9iM2MyMTUtZDg2Ni00MmQwLWE2YzMt
MjA2NzdkODBlODM4LzEvWm44ZURjVlU5cHZ3WXpJRDNlREhoc2hfMXFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9iM2MyMTUtZDg2Ni00MmQwLWE2YzMtMjA2NzdkODBlODM4
LzEvektkUV9NZHREZGRkYzRIamJSdmVUdDNjUGxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUt4MA0E
AgACMAcDBQMqBVJAMA0GCSqGSIb3DQEBCwUAA4IBAQBmW21rUJmVUELugxqJrjw+
Sr1NeprWwgWmZ5JBsNDVuNLikvCkKBbGtuktFL5xN5VSZbaFkjJ9KmhH1tWyH0pu
hBpDN63ka6C1V5OxkU44vO6jYXChAlI8d7F1QGn9Ndsrlq8rrARpyElAVbrtBKkt
mEWIxgEQi5+wYrLU0dQy8q6JWNR4y2rdHE4qy9epNl9xNyaBkw7ChRWcSYo1Emcp
/ebXQAhg5oFnX1nLQAK0KGetohuCnVx3kgTmZkiCOrPG6Gb7HnsAuzf/KwZnAIHK
BWYws2iFUOK+ly507Tmy6Y/5ghZNhkgHicGHjIzfVLjqhc06UOn6w54p3LFz/A2X
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:54 2024 by rpki-client on console-fra.rpki-client.org