Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/dZK_1_f1aAxw4nIO1T-SLgDLIVc.roa
File: dZK_1_f1aAxw4nIO1T-SLgDLIVc.roa (raw, json)
Hash identifier: uiy94lGTJX/ltkv0Odbt3KwF5FFFiM2bzv+WMLMj9ME=
Subject key identifier: 75:92:BF:D7:F7:F5:68:0C:70:E2:72:0E:D5:3F:92:2E:00:CB:21:57
Certificate issuer: /CN=d9fc0bec60d0bace1889677bd9bb90190cc4fd22
Certificate serial: 0188CD7D58D0124C2C3140F0687658D5915D
Authority key identifier: D9:FC:0B:EC:60:D0:BA:CE:18:89:67:7B:D9:BB:90:19:0C:C4:FD:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/dZK_1_f1aAxw4nIO1T-SLgDLIVc.roa
Signing time: Sun 18 Jun 2023 07:52:03 +0000
ROA not before: Sun 18 Jun 2023 07:52:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25091
IP address blocks: 46.20.240.0/20 maxlen: 24
185.60.52.0/22 maxlen: 24
85.8.128.0/24 maxlen: 24
5.144.32.0/21 maxlen: 24
212.102.126.0/24 maxlen: 24
2a02:2528::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 21 Nov 2023 14:50:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:cd:7d:58:d0:12:4c:2c:31:40:f0:68:76:58:d5:91:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9fc0bec60d0bace1889677bd9bb90190cc4fd22
Validity
Not Before: Jun 18 07:52:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7592bfd7f7f5680c70e2720ed53f922e00cb2157
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:5f:0e:99:a2:bd:c1:86:8a:10:c8:97:0c:a3:
4e:3b:c6:8d:70:af:4c:9a:63:fd:25:61:ee:15:50:
f8:6d:3a:73:a5:fe:55:b4:15:99:2c:ed:61:bd:3d:
96:41:7f:8d:b8:7d:15:84:1d:78:ec:aa:1d:4c:2f:
b0:c1:d8:03:ab:cd:f3:26:a1:7a:3a:bf:f8:22:22:
53:47:d1:54:64:2a:81:20:22:36:a4:a3:17:25:67:
da:6d:65:80:af:9f:78:a4:06:b8:53:06:30:68:ab:
54:c3:1b:5e:92:17:ed:c3:aa:ff:e0:3a:90:5b:8d:
3d:d5:3a:4d:23:9a:e8:dd:00:4c:e5:39:55:a6:24:
74:b9:fd:02:6a:84:dc:9b:d2:9e:cd:65:92:56:33:
d8:94:7c:b7:9a:73:69:d3:96:a8:5f:b8:4b:46:9e:
b6:20:ae:98:63:97:7e:2c:63:db:af:2c:0c:95:6b:
03:dc:6d:9a:f5:40:23:bb:cb:16:31:96:ee:dc:8f:
7c:62:24:64:9e:15:6c:37:f5:05:ff:ac:97:a8:8d:
02:05:84:d8:e4:6d:e4:8c:cd:9c:b6:0d:71:0a:be:
21:d2:e7:5e:65:0f:ec:99:a5:e8:05:8e:4c:3a:df:
79:c7:a1:e3:44:f8:67:d9:29:9a:0e:a9:be:22:8e:
25:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:92:BF:D7:F7:F5:68:0C:70:E2:72:0E:D5:3F:92:2E:00:CB:21:57
X509v3 Authority Key Identifier:
keyid:D9:FC:0B:EC:60:D0:BA:CE:18:89:67:7B:D9:BB:90:19:0C:C4:FD:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/dZK_1_f1aAxw4nIO1T-SLgDLIVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/2fwL7GDQus4YiWd72buQGQzE_SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.32.0/21
46.20.240.0/20
85.8.128.0/24
185.60.52.0/22
212.102.126.0/24
IPv6:
2a02:2528::/29
Signature Algorithm: sha256WithRSAEncryption
82:72:8f:29:ac:e8:52:68:a6:9b:f5:52:e5:62:d0:16:aa:9d:
da:cf:11:21:70:21:f3:7f:ee:cb:f2:1d:47:c4:d8:21:9a:07:
74:60:68:1b:b4:86:10:7e:3c:77:30:80:10:25:ae:d8:eb:86:
3b:8f:61:2a:c8:86:eb:05:cc:b7:fa:6e:e1:14:c9:93:e5:45:
5f:c6:00:3f:f2:16:75:a9:71:2e:66:77:ca:70:61:b7:ef:0d:
87:0f:ed:ac:6a:e2:4c:77:53:a3:e5:b7:ac:29:27:11:f4:64:
6e:70:44:28:17:bd:93:fa:e4:6f:65:df:6e:bd:73:e8:67:34:
f9:8e:8b:67:c1:44:17:44:7a:94:6e:b5:68:93:a6:b6:2c:15:
e8:0e:1e:73:8b:ed:be:8a:41:cc:e1:5d:cc:90:ef:ca:fb:56:
eb:93:a4:6f:38:f1:19:1f:de:8c:39:7a:27:f4:d7:fe:fa:81:
a6:ca:2b:65:fe:05:26:46:3a:f8:7b:6e:0f:97:0c:8b:c1:b7:
09:ae:69:56:33:dc:1a:e9:5c:eb:9a:02:11:b7:7b:86:e0:c3:
df:82:c1:be:cf:1f:8b:7a:9a:74:6c:bf:b5:7b:64:09:9a:ed:
52:2f:b3:5d:3b:91:62:62:df:87:49:c6:41:93:46:d3:92:ea:
29:85:a3:03
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYjNfVjQEkwsMUDwaHZY1ZFdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZmMwYmVjNjBkMGJhY2UxODg5Njc3YmQ5YmI5MDE5MGNj
NGZkMjIwHhcNMjMwNjE4MDc1MjAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTkyYmZkN2Y3ZjU2ODBjNzBlMjcyMGVkNTNmOTIyZTAwY2IyMTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA018OmaK9wYaKEMiXDKNOO8aNcK9M
mmP9JWHuFVD4bTpzpf5VtBWZLO1hvT2WQX+NuH0VhB147KodTC+wwdgDq83zJqF6
Or/4IiJTR9FUZCqBICI2pKMXJWfabWWAr594pAa4UwYwaKtUwxtekhftw6r/4DqQ
W4091TpNI5ro3QBM5TlVpiR0uf0CaoTcm9KezWWSVjPYlHy3mnNp05aoX7hLRp62
IK6YY5d+LGPbrywMlWsD3G2a9UAju8sWMZbu3I98YiRknhVsN/UF/6yXqI0CBYTY
5G3kjM2ctg1xCr4h0udeZQ/smaXoBY5MOt95x6HjRPhn2SmaDqm+Io4lOQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHWSv9f39WgMcOJyDtU/ki4AyyFXMB8GA1UdIwQY
MBaAFNn8C+xg0LrOGIlne9m7kBkMxP0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZ3TDdHRFF1czRZaVdkNzJidVFHUXpFX1NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9iMGQ2ZTYtMmVkNy00OTI4LWFkNjkt
MzQ2OTAzNGZhNDQxLzEvZFpLXzFfZjFhQXh3NG5JTzFULVNMZ0RMSVZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9iMGQ2ZTYtMmVkNy00OTI4LWFkNjktMzQ2OTAzNGZhNDQx
LzEvMmZ3TDdHRFF1czRZaVdkNzJidVFHUXpFX1NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBZAgAwQE
LhTwAwQAVQiAAwQCuTw0AwQA1GZ+MA0EAgACMAcDBQMqAiUoMA0GCSqGSIb3DQEB
CwUAA4IBAQCCco8prOhSaKab9VLlYtAWqp3azxEhcCHzf+7L8h1HxNghmgd0YGgb
tIYQfjx3MIAQJa7Y64Y7j2EqyIbrBcy3+m7hFMmT5UVfxgA/8hZ1qXEuZnfKcGG3
7w2HD+2sauJMd1Oj5besKScR9GRucEQoF72T+uRvZd9uvXPoZzT5jotnwUQXRHqU
brVok6a2LBXoDh5zi+2+ikHM4V3MkO/K+1brk6RvOPEZH96MOXon9Nf++oGmyitl
/gUmRjr4e24PlwyLwbcJrmlWM9wa6VzrmgIRt3uG4MPfgsG+zx+Lepp0bL+1e2QJ
mu1SL7NdO5FiYt+HScZBk0bTkuophaMD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:46 2024 by rpki-client on console-ams.rpki-client.org