Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/b674bb-0447-4d72-b302-6ec40a381819/1/aztfV5823WbfcA1KFgX3dYJgW18.roa
File: aztfV5823WbfcA1KFgX3dYJgW18.roa (raw, json)
Hash identifier: e6BYj9k/FU19COjUdiBwgSLatVqbwDeM8oFRrlMQivQ=
Subject key identifier: 6B:3B:5F:57:9F:36:DD:66:DF:70:0D:4A:16:05:F7:75:82:60:5B:5F
Certificate issuer: /CN=9e5d484eb6b4b5689a544cf0b13b7ef932457ef1
Certificate serial: 0185701EE70039C82A31A887B5D881AE675D
Authority key identifier: 9E:5D:48:4E:B6:B4:B5:68:9A:54:4C:F0:B1:3B:7E:F9:32:45:7E:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nl1ITra0tWiaVEzwsTt--TJFfvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/b674bb-0447-4d72-b302-6ec40a381819/1/aztfV5823WbfcA1KFgX3dYJgW18.roa
Signing time: Mon 02 Jan 2023 01:35:51 +0000
ROA not before: Mon 02 Jan 2023 01:35:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35236
IP address blocks: 185.205.136.0/22 maxlen: 24
185.205.137.0/24 maxlen: 24
2a0b:640::/30 maxlen: 30
2a0b:640:3::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:1e:e7:00:39:c8:2a:31:a8:87:b5:d8:81:ae:67:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e5d484eb6b4b5689a544cf0b13b7ef932457ef1
Validity
Not Before: Jan 2 01:35:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b3b5f579f36dd66df700d4a1605f77582605b5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:18:77:25:19:6d:ee:f7:9f:c3:7b:86:e4:06:
49:a5:0a:48:9c:8f:fa:60:49:3d:24:37:a9:a9:41:
ad:bd:5d:2c:92:50:6e:1a:16:d5:e4:01:73:6f:6e:
cd:de:79:59:06:bc:f8:07:ee:79:00:41:99:dc:14:
21:ac:4d:2c:8e:22:6a:1d:7e:e8:64:d5:49:c9:aa:
85:53:60:87:e3:07:79:aa:5c:c5:cf:63:2d:3e:47:
98:c8:0a:59:e3:bd:55:e8:3a:30:49:0c:c4:04:47:
75:b7:13:a4:28:c3:ee:37:73:8a:d6:c5:e3:c3:79:
c5:a9:ee:37:69:8f:a2:8c:d9:ef:a5:30:c2:ae:d4:
3f:93:fb:44:6e:c0:62:5f:5e:6f:c1:f3:4f:b3:82:
f9:34:5b:81:f9:54:28:c7:83:ef:15:71:ac:a0:ff:
bc:ac:b3:c2:c1:10:01:99:8d:9e:37:f8:71:0f:1a:
f9:a6:78:8d:db:d3:8d:a6:61:e7:c0:cd:11:69:41:
d5:eb:65:e5:5a:57:60:20:27:32:85:e5:dc:4c:14:
a4:0a:af:78:99:63:a2:ba:cb:91:52:45:92:fc:11:
bd:09:47:1f:b8:c0:cf:ea:d1:92:22:b3:8c:ad:80:
0c:8b:7d:d0:87:ca:7b:33:a5:16:13:d9:71:f4:3a:
f1:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:3B:5F:57:9F:36:DD:66:DF:70:0D:4A:16:05:F7:75:82:60:5B:5F
X509v3 Authority Key Identifier:
keyid:9E:5D:48:4E:B6:B4:B5:68:9A:54:4C:F0:B1:3B:7E:F9:32:45:7E:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nl1ITra0tWiaVEzwsTt--TJFfvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b674bb-0447-4d72-b302-6ec40a381819/1/aztfV5823WbfcA1KFgX3dYJgW18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b674bb-0447-4d72-b302-6ec40a381819/1/nl1ITra0tWiaVEzwsTt--TJFfvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.205.136.0/22
IPv6:
2a0b:640::/30
Signature Algorithm: sha256WithRSAEncryption
8a:af:c3:33:7e:26:30:b1:23:7a:97:7a:eb:bc:bc:6c:0e:b0:
82:94:60:75:da:7f:d2:44:28:1c:b6:9e:19:ff:34:2d:ed:5f:
3b:8b:38:2a:11:fa:4d:12:be:0e:89:fd:a8:05:33:60:87:c1:
d3:5a:b3:ce:0f:59:f7:9f:35:0b:d6:a4:e2:b5:3c:02:ca:1a:
e7:a6:55:fa:a7:06:21:48:df:a6:70:60:1b:21:35:b0:10:ab:
ac:31:3b:b2:7a:53:7b:51:78:92:15:be:14:1c:a3:9e:98:c3:
19:36:c8:77:66:5e:81:3b:e2:b0:08:14:49:2e:c3:e1:fe:11:
02:1e:2f:a5:da:85:18:91:50:d7:e6:7a:25:0d:ba:9c:f7:be:
e7:90:43:c5:fe:d2:88:e0:f4:4f:cd:1a:70:ee:93:f7:1e:0f:
9b:81:5b:0d:f1:23:da:1a:dc:19:46:ee:3e:ee:3c:c9:f6:0b:
83:c4:6d:4d:5f:a2:d7:f5:d2:ef:b9:b4:d3:e4:fb:f6:73:d0:
8e:ea:71:0b:7a:5e:ff:0e:ec:85:f5:7b:a6:ec:cd:9f:1d:90:
2f:c3:f2:bf:26:16:04:cc:7c:78:3f:a3:18:0b:30:2a:f9:a3:
d7:47:bf:97:72:aa:36:41:a8:1e:cb:d4:21:02:ab:bd:0e:aa:
5f:e2:cf:d9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwHucAOcgqMaiHtdiBrmddMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNWQ0ODRlYjZiNGI1Njg5YTU0NGNmMGIxM2I3ZWY5MzI0
NTdlZjEwHhcNMjMwMTAyMDEzNTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjNiNWY1NzlmMzZkZDY2ZGY3MDBkNGExNjA1Zjc3NTgyNjA1YjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRh3JRlt7vefw3uG5AZJpQpInI/6
YEk9JDepqUGtvV0sklBuGhbV5AFzb27N3nlZBrz4B+55AEGZ3BQhrE0sjiJqHX7o
ZNVJyaqFU2CH4wd5qlzFz2MtPkeYyApZ471V6DowSQzEBEd1txOkKMPuN3OK1sXj
w3nFqe43aY+ijNnvpTDCrtQ/k/tEbsBiX15vwfNPs4L5NFuB+VQox4PvFXGsoP+8
rLPCwRABmY2eN/hxDxr5pniN29ONpmHnwM0RaUHV62XlWldgICcyheXcTBSkCq94
mWOiusuRUkWS/BG9CUcfuMDP6tGSIrOMrYAMi33Qh8p7M6UWE9lx9DrxdQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGs7X1efNt1m33ANShYF93WCYFtfMB8GA1UdIwQY
MBaAFJ5dSE62tLVomlRM8LE7fvkyRX7xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmwxSVRyYTB0V2lhVkV6d3NUdC0tVEpGZnZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9iNjc0YmItMDQ0Ny00ZDcyLWIzMDIt
NmVjNDBhMzgxODE5LzEvYXp0ZlY1ODIzV2JmY0ExS0ZnWDNkWUpnVzE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9iNjc0YmItMDQ0Ny00ZDcyLWIzMDItNmVjNDBhMzgxODE5
LzEvbmwxSVRyYTB0V2lhVkV6d3NUdC0tVEpGZnZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuc2IMA0E
AgACMAcDBQIqCwZAMA0GCSqGSIb3DQEBCwUAA4IBAQCKr8MzfiYwsSN6l3rrvLxs
DrCClGB12n/SRCgctp4Z/zQt7V87izgqEfpNEr4Oif2oBTNgh8HTWrPOD1n3nzUL
1qTitTwCyhrnplX6pwYhSN+mcGAbITWwEKusMTuyelN7UXiSFb4UHKOemMMZNsh3
Zl6BO+KwCBRJLsPh/hECHi+l2oUYkVDX5nolDbqc977nkEPF/tKI4PRPzRpw7pP3
Hg+bgVsN8SPaGtwZRu4+7jzJ9guDxG1NX6LX9dLvubTT5Pv2c9CO6nELel7/DuyF
9Xum7M2fHZAvw/K/JhYEzHx4P6MYCzAq+aPXR7+Xcqo2Qagey9QhAqu9Dqpf4s/Z
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:38:32 2024 by rpki-client on console-fra.rpki-client.org