Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/b3c215-d866-42d0-a6c3-20677d80e838/1/sECzSdjXMgbRxbTSUt3yPgDfJCw.roa
File: sECzSdjXMgbRxbTSUt3yPgDfJCw.roa (raw, json)
Hash identifier: aY8w9A+GyCfHDtRMIj+ESVkrs0xeJ2HwZgzb0HTo7ag=
Subject key identifier: B0:40:B3:49:D8:D7:32:06:D1:C5:B4:D2:52:DD:F2:3E:00:DF:24:2C
Certificate issuer: /CN=cca750fcc76d0dd75d7381e36d1bde4edddc3e51
Certificate serial: 018B86BF25A94208595B750164C120C02795
Authority key identifier: CC:A7:50:FC:C7:6D:0D:D7:5D:73:81:E3:6D:1B:DE:4E:DD:DC:3E:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zKdQ_MdtDdddc4HjbRveTt3cPlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/b3c215-d866-42d0-a6c3-20677d80e838/1/sECzSdjXMgbRxbTSUt3yPgDfJCw.roa
Signing time: Tue 31 Oct 2023 17:19:15 +0000
ROA not before: Tue 31 Oct 2023 17:19:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57793
IP address blocks: 185.75.120.0/22 maxlen: 24
2a05:5240::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:34:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:86:bf:25:a9:42:08:59:5b:75:01:64:c1:20:c0:27:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cca750fcc76d0dd75d7381e36d1bde4edddc3e51
Validity
Not Before: Oct 31 17:19:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b040b349d8d73206d1c5b4d252ddf23e00df242c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ba:d7:1c:41:0d:d3:c1:a4:27:36:29:dc:be:
f2:3f:ef:2f:d0:b9:2d:79:44:05:85:7f:a7:72:41:
ac:46:c3:15:35:aa:54:79:42:7b:b2:58:9c:cf:0a:
b3:28:b1:41:0c:f2:eb:72:c6:f8:da:66:df:20:a3:
68:b9:c4:4b:dc:8b:d9:7f:23:d5:7a:c5:1a:3e:fc:
69:e4:d7:78:a0:ce:40:46:b4:5a:31:af:48:88:b6:
a5:17:10:7f:a5:d9:a6:88:ad:59:82:7b:ed:b3:0f:
89:5c:7d:a3:e5:bd:6c:0a:20:b2:e4:fd:d0:c7:a6:
16:7e:a8:9f:a3:ff:e9:c0:e7:5d:52:2d:cf:48:d5:
40:5b:dd:e3:38:8e:76:7d:75:74:b7:5a:8e:4c:7e:
ec:3d:70:4c:4c:fc:69:3b:c0:77:02:46:e5:53:ca:
75:f9:51:29:18:97:39:c1:06:04:b1:a5:65:84:57:
e7:60:24:46:0b:4e:a8:37:da:c4:96:08:b3:d2:60:
8a:74:c6:ad:0a:52:cc:e3:fc:71:ce:44:dd:27:55:
34:c9:9d:47:f6:0f:a8:5f:f6:57:d3:f8:3b:b6:56:
80:65:1c:4f:a2:e1:25:73:3c:7b:6d:0b:9d:86:fe:
44:13:cf:d6:33:2f:fa:96:2b:44:6f:06:9a:4d:cf:
a5:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:40:B3:49:D8:D7:32:06:D1:C5:B4:D2:52:DD:F2:3E:00:DF:24:2C
X509v3 Authority Key Identifier:
keyid:CC:A7:50:FC:C7:6D:0D:D7:5D:73:81:E3:6D:1B:DE:4E:DD:DC:3E:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zKdQ_MdtDdddc4HjbRveTt3cPlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/b3c215-d866-42d0-a6c3-20677d80e838/1/sECzSdjXMgbRxbTSUt3yPgDfJCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/b3c215-d866-42d0-a6c3-20677d80e838/1/zKdQ_MdtDdddc4HjbRveTt3cPlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.120.0/22
IPv6:
2a05:5240::/29
Signature Algorithm: sha256WithRSAEncryption
73:5d:7f:bf:06:85:b8:6b:29:36:ac:40:99:2b:f6:2e:60:41:
6f:7b:32:57:3e:6b:75:06:69:a4:da:b5:b3:92:4a:0e:cd:3f:
da:3e:f6:d0:b4:6a:28:e4:8a:19:1f:66:94:07:32:84:af:85:
bb:2e:b9:16:ed:b5:a4:a6:b6:65:7a:d9:60:70:6e:2d:06:f8:
a9:08:84:39:23:7c:52:c1:05:00:89:b8:6a:d8:0e:1c:59:35:
27:a2:e9:66:52:89:f7:22:18:3a:fc:17:5d:e8:f0:4e:50:5c:
2a:f1:51:fe:1a:8e:8a:d0:fb:c8:7b:7b:65:7a:8e:e5:72:92:
e7:29:1a:d1:56:1f:91:aa:2c:46:04:6b:fb:22:42:54:82:a8:
2e:42:1c:a3:12:06:32:37:fd:23:f3:5e:89:3b:b4:39:69:a9:
1a:eb:4a:c4:34:4f:f5:61:d1:ae:e8:12:e5:6f:2c:e4:71:bc:
c1:b4:03:9c:52:58:1e:5b:b1:a0:0d:ac:0a:b6:04:54:df:06:
63:8f:fb:46:58:7a:9d:14:0a:bf:e0:b2:f7:30:bc:20:0f:e1:
0b:6b:e1:d8:15:5f:5f:c6:a5:c0:eb:d3:78:92:2c:cc:0b:dc:
3b:7c:2b:59:b6:28:b0:6e:3f:f9:d1:62:2a:37:19:3e:ec:05:
af:72:59:57
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYuGvyWpQghZW3UBZMEgwCeVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjYTc1MGZjYzc2ZDBkZDc1ZDczODFlMzZkMWJkZTRlZGRk
YzNlNTEwHhcNMjMxMDMxMTcxOTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDQwYjM0OWQ4ZDczMjA2ZDFjNWI0ZDI1MmRkZjIzZTAwZGYyNDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbrXHEEN08GkJzYp3L7yP+8v0Lkt
eUQFhX+nckGsRsMVNapUeUJ7sliczwqzKLFBDPLrcsb42mbfIKNoucRL3IvZfyPV
esUaPvxp5Nd4oM5ARrRaMa9IiLalFxB/pdmmiK1Zgnvtsw+JXH2j5b1sCiCy5P3Q
x6YWfqifo//pwOddUi3PSNVAW93jOI52fXV0t1qOTH7sPXBMTPxpO8B3AkblU8p1
+VEpGJc5wQYEsaVlhFfnYCRGC06oN9rElgiz0mCKdMatClLM4/xxzkTdJ1U0yZ1H
9g+oX/ZX0/g7tlaAZRxPouElczx7bQudhv5EE8/WMy/6litEbwaaTc+lhwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLBAs0nY1zIG0cW00lLd8j4A3yQsMB8GA1UdIwQY
MBaAFMynUPzHbQ3XXXOB420b3k7d3D5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvektkUV9NZHREZGRkYzRIamJSdmVUdDNjUGxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9iM2MyMTUtZDg2Ni00MmQwLWE2YzMt
MjA2NzdkODBlODM4LzEvc0VDelNkalhNZ2JSeGJUU1V0M3lQZ0RmSkN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9iM2MyMTUtZDg2Ni00MmQwLWE2YzMtMjA2NzdkODBlODM4
LzEvektkUV9NZHREZGRkYzRIamJSdmVUdDNjUGxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUt4MA0E
AgACMAcDBQMqBVJAMA0GCSqGSIb3DQEBCwUAA4IBAQBzXX+/BoW4ayk2rECZK/Yu
YEFvezJXPmt1Bmmk2rWzkkoOzT/aPvbQtGoo5IoZH2aUBzKEr4W7LrkW7bWkprZl
etlgcG4tBvipCIQ5I3xSwQUAibhq2A4cWTUnoulmUon3Ihg6/Bdd6PBOUFwq8VH+
Go6K0PvIe3tleo7lcpLnKRrRVh+RqixGBGv7IkJUgqguQhyjEgYyN/0j816JO7Q5
aaka60rENE/1YdGu6BLlbyzkcbzBtAOcUlgeW7GgDawKtgRU3wZjj/tGWHqdFAq/
4LL3MLwgD+ELa+HYFV9fxqXA69N4kizMC9w7fCtZtiiwbj/50WIqNxk+7AWvcllX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:54 2024 by rpki-client on console-fra.rpki-client.org