Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/60f623-ed79-4030-8980-8901b052b86b/1/bZmgJ3zYHJmRUtsk-e1ADJ_nVNw.roa
File: bZmgJ3zYHJmRUtsk-e1ADJ_nVNw.roa (raw, json)
Hash identifier: JW4fqCqPsi7dt+TK3F9FmKge3lkOO+SPrI5tehj+Zl4=
Subject key identifier: 6D:99:A0:27:7C:D8:1C:99:91:52:DB:24:F9:ED:40:0C:9F:E7:54:DC
Certificate issuer: /CN=1a1d2154b9324efb39ca38ba1931ba5dfb59e8fd
Certificate serial: 01856CA5CF92E57078E834CDDB74325F047A
Authority key identifier: 1A:1D:21:54:B9:32:4E:FB:39:CA:38:BA:19:31:BA:5D:FB:59:E8:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gh0hVLkyTvs5yji6GTG6XftZ6P0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/60f623-ed79-4030-8980-8901b052b86b/1/bZmgJ3zYHJmRUtsk-e1ADJ_nVNw.roa
Signing time: Sun 01 Jan 2023 09:24:43 +0000
ROA not before: Sun 01 Jan 2023 09:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46652
IP address blocks: 141.0.171.0/24 maxlen: 24
141.0.172.0/22 maxlen: 22
141.0.168.0/24 maxlen: 24
141.0.174.0/24 maxlen: 24
185.88.180.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:a5:cf:92:e5:70:78:e8:34:cd:db:74:32:5f:04:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a1d2154b9324efb39ca38ba1931ba5dfb59e8fd
Validity
Not Before: Jan 1 09:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d99a0277cd81c999152db24f9ed400c9fe754dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:2d:77:1c:28:99:50:d6:24:ae:fc:29:d1:7e:
3c:d2:c7:b2:64:d6:46:31:d7:7c:08:f1:8f:53:aa:
a2:a8:0e:9b:c7:10:9e:c2:a6:b3:0e:ee:da:03:e2:
8e:c7:92:2a:6c:51:29:ee:00:3d:80:b3:52:1e:48:
96:b2:87:38:c3:2b:d3:45:13:f1:8b:f5:46:23:36:
00:dd:d6:6f:58:4a:ab:27:e7:85:1b:39:d5:8f:24:
24:56:fe:61:c4:ed:45:9f:ab:44:6a:6c:16:9a:35:
b3:c0:f3:4d:b7:2c:7f:dc:78:5e:cb:1c:af:1e:32:
79:4f:63:81:35:4f:27:ec:34:f1:ea:3f:7f:58:9d:
d0:27:f8:5d:a2:24:59:69:17:cb:82:b6:76:cc:cf:
d9:b2:ba:4f:33:ad:d3:1a:bd:1b:8e:9d:33:e0:01:
2c:f4:5c:ce:7c:90:8e:fe:cb:51:66:0e:a6:2a:34:
77:c5:d2:9f:7a:2a:c7:b0:af:71:8f:07:d4:66:3d:
89:58:50:0c:d1:4f:3b:51:0d:11:82:1b:a5:b2:ea:
e5:f2:70:61:ef:b2:11:fd:43:d4:6f:8f:80:9e:9d:
6e:fe:0e:9f:2d:fa:0d:1b:b0:fb:ff:0d:36:bf:b4:
4e:13:e7:d5:37:d5:cd:d8:56:0a:81:c1:1a:ca:d8:
90:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:99:A0:27:7C:D8:1C:99:91:52:DB:24:F9:ED:40:0C:9F:E7:54:DC
X509v3 Authority Key Identifier:
keyid:1A:1D:21:54:B9:32:4E:FB:39:CA:38:BA:19:31:BA:5D:FB:59:E8:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gh0hVLkyTvs5yji6GTG6XftZ6P0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/60f623-ed79-4030-8980-8901b052b86b/1/bZmgJ3zYHJmRUtsk-e1ADJ_nVNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/60f623-ed79-4030-8980-8901b052b86b/1/Gh0hVLkyTvs5yji6GTG6XftZ6P0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.0.168.0/24
141.0.171.0-141.0.175.255
185.88.180.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:80:51:0f:7d:af:2c:ec:f1:a2:51:6a:fd:6f:a4:4e:d8:76:
80:25:1e:3a:98:24:78:b2:6b:4d:6b:f3:0f:7b:39:41:ad:00:
a8:dd:b2:85:6e:95:f1:98:f9:a5:13:52:79:65:29:b1:af:e9:
59:1f:c6:10:68:49:2e:b4:b7:36:c3:ba:0a:16:d5:d3:03:0f:
31:b7:fd:1a:82:83:8e:f1:79:6c:6f:ae:97:04:74:b8:88:16:
d9:42:a6:14:45:59:8c:dd:d9:17:d6:a6:05:b1:f1:d7:e9:f9:
52:96:97:4b:87:e5:5f:ef:3a:64:e5:ae:62:33:c9:39:7c:61:
6c:58:16:28:84:98:d1:d8:1d:97:83:8e:cf:17:6b:d2:b9:06:
9d:bb:6c:53:88:c7:5b:41:64:8b:e1:49:42:81:09:d9:b2:8a:
0f:9f:49:68:50:8b:f7:cb:b8:3a:99:97:45:df:ad:61:43:bb:
d7:7f:18:8e:f6:fd:b8:df:e2:4e:c1:c0:cb:26:fb:bd:fd:0e:
62:22:69:b5:af:74:e7:12:7b:a0:ec:87:86:8a:a9:f3:a3:8c:
f4:40:ce:15:ab:4f:8b:2a:c4:33:03:db:97:92:91:49:95:2c:
df:89:34:e8:6a:d6:19:e8:46:6f:60:fe:54:63:04:ed:d4:09:
38:44:35:6a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVspc+S5XB46DTN23QyXwR6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMWQyMTU0YjkzMjRlZmIzOWNhMzhiYTE5MzFiYTVkZmI1
OWU4ZmQwHhcNMjMwMTAxMDkyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDk5YTAyNzdjZDgxYzk5OTE1MmRiMjRmOWVkNDAwYzlmZTc1NGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkS13HCiZUNYkrvwp0X480seyZNZG
Mdd8CPGPU6qiqA6bxxCewqazDu7aA+KOx5IqbFEp7gA9gLNSHkiWsoc4wyvTRRPx
i/VGIzYA3dZvWEqrJ+eFGznVjyQkVv5hxO1Fn6tEamwWmjWzwPNNtyx/3Hheyxyv
HjJ5T2OBNU8n7DTx6j9/WJ3QJ/hdoiRZaRfLgrZ2zM/ZsrpPM63TGr0bjp0z4AEs
9FzOfJCO/stRZg6mKjR3xdKfeirHsK9xjwfUZj2JWFAM0U87UQ0Rghulsurl8nBh
77IR/UPUb4+Anp1u/g6fLfoNG7D7/w02v7ROE+fVN9XN2FYKgcEaytiQEQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFG2ZoCd82ByZkVLbJPntQAyf51TcMB8GA1UdIwQY
MBaAFBodIVS5Mk77Oco4uhkxul37Wej9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2gwaFZMa3lUdnM1eWppNkdURzZYZnRaNlAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC82MGY2MjMtZWQ3OS00MDMwLTg5ODAt
ODkwMWIwNTJiODZiLzEvYlptZ0ozellISm1SVXRzay1lMUFESl9uVk53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC82MGY2MjMtZWQ3OS00MDMwLTg5ODAtODkwMWIwNTJiODZi
LzEvR2gwaFZMa3lUdnM1eWppNkdURzZYZnRaNlAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAjQCoMAwD
BACNAKsDBASNAKADBAK5WLQwDQYJKoZIhvcNAQELBQADggEBALeAUQ99ryzs8aJR
av1vpE7YdoAlHjqYJHiya01r8w97OUGtAKjdsoVulfGY+aUTUnllKbGv6VkfxhBo
SS60tzbDugoW1dMDDzG3/RqCg47xeWxvrpcEdLiIFtlCphRFWYzd2RfWpgWx8dfp
+VKWl0uH5V/vOmTlrmIzyTl8YWxYFiiEmNHYHZeDjs8Xa9K5Bp27bFOIx1tBZIvh
SUKBCdmyig+fSWhQi/fLuDqZl0XfrWFDu9d/GI72/bjf4k7BwMsm+739DmIiabWv
dOcSe6Dsh4aKqfOjjPRAzhWrT4sqxDMD25eSkUmVLN+JNOhq1hnoRm9g/lRjBO3U
CThENWo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:45 2024 by rpki-client on console-fra.rpki-client.org