Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/ZTR8xWBIppaMQ8FAEmJw7jlzh48.roa
File: ZTR8xWBIppaMQ8FAEmJw7jlzh48.roa (raw, json)
Hash identifier: y3DXXn813hfbXaj8P2NTvyxCAz9Pv3y0wjxnKRejpIY=
Subject key identifier: 65:34:7C:C5:60:48:A6:96:8C:43:C1:40:12:62:70:EE:39:73:87:8F
Certificate issuer: /CN=971c78b305fb49cbd4005d4427c1f62c6a455a68
Certificate serial: 0185720C74A02C6121FC2A5E3EFBD062A5C7
Authority key identifier: 97:1C:78:B3:05:FB:49:CB:D4:00:5D:44:27:C1:F6:2C:6A:45:5A:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lxx4swX7ScvUAF1EJ8H2LGpFWmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/ZTR8xWBIppaMQ8FAEmJw7jlzh48.roa
Signing time: Mon 02 Jan 2023 10:34:56 +0000
ROA not before: Mon 02 Jan 2023 10:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206610
IP address blocks: 85.208.4.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:74:a0:2c:61:21:fc:2a:5e:3e:fb:d0:62:a5:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=971c78b305fb49cbd4005d4427c1f62c6a455a68
Validity
Not Before: Jan 2 10:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65347cc56048a6968c43c140126270ee3973878f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ad:78:e4:ab:b2:80:c1:29:7d:0e:bc:fd:0f:
b3:dd:ac:93:d6:6e:2b:53:1a:89:6b:fc:c0:1c:11:
d2:d4:ce:43:be:c5:9d:ad:91:db:ad:fc:9d:0f:36:
5d:b0:d4:0f:96:91:82:07:13:b0:60:70:b0:1c:fe:
b1:58:13:ae:71:cc:1e:18:4f:b4:f6:86:dc:39:0d:
8a:98:16:96:2b:2d:7f:d6:1c:f4:1a:52:20:96:f3:
90:84:7a:f0:08:be:99:eb:fb:91:36:a5:30:a2:18:
32:3a:3a:b4:c8:14:04:83:f6:e9:60:db:55:c5:1a:
32:8a:d7:3c:bc:ff:32:13:5e:40:79:ff:de:4d:ec:
fa:8b:64:16:d0:95:92:db:50:c8:8f:95:61:9e:d1:
73:52:5a:e5:b9:ff:61:b4:5e:72:34:f8:07:92:28:
d5:c2:f6:41:d5:0a:03:b2:24:16:a6:3e:63:c5:92:
7d:4a:9f:99:5a:63:63:2e:7b:46:35:92:cd:a0:76:
6a:a0:6e:8c:40:f6:e1:50:5b:5e:7a:24:c2:88:ed:
f9:ea:2c:46:c6:44:06:b2:d1:5c:08:c0:56:b1:3d:
57:bc:9b:39:cb:10:91:3a:bf:ac:e3:52:69:f5:35:
51:18:fb:a5:7e:1d:8d:29:6a:de:79:87:75:c3:36:
7d:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:34:7C:C5:60:48:A6:96:8C:43:C1:40:12:62:70:EE:39:73:87:8F
X509v3 Authority Key Identifier:
keyid:97:1C:78:B3:05:FB:49:CB:D4:00:5D:44:27:C1:F6:2C:6A:45:5A:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lxx4swX7ScvUAF1EJ8H2LGpFWmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/ZTR8xWBIppaMQ8FAEmJw7jlzh48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/lxx4swX7ScvUAF1EJ8H2LGpFWmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.4.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:46:c1:93:ad:f8:aa:e1:ae:3d:e1:98:35:f7:ca:e3:7d:dd:
75:e2:81:0f:7c:f5:a3:e5:d9:f1:58:54:a4:6f:19:c6:ca:6c:
09:0d:89:b5:53:93:13:7d:75:d1:19:47:24:86:f4:82:d8:75:
58:89:b0:3b:20:45:4a:7b:d5:6a:f2:ca:c2:6f:3b:29:e7:56:
24:ce:dd:0f:2c:66:b5:59:51:0f:25:6f:92:fe:64:09:42:a8:
3c:16:dd:78:a0:ef:d5:5e:03:a2:7d:3d:fc:05:02:76:56:38:
79:bd:77:8a:f1:f3:f7:b9:b6:61:30:8e:02:8c:61:2e:22:f9:
19:2a:c8:50:5e:4a:50:75:76:58:62:ba:55:ed:ef:ea:71:93:
02:18:25:a6:4b:8a:8b:12:05:b1:e3:0f:75:64:16:c8:24:1a:
ae:5a:8b:e2:a8:e5:f9:10:5a:54:26:50:df:c5:8b:22:b9:0f:
f2:d0:c0:ae:46:94:97:54:ea:b9:d9:ad:34:62:1a:77:7a:a1:
02:30:1b:6d:e4:55:92:f8:46:f0:5b:44:89:74:c1:38:82:cf:
2b:0f:23:f9:55:66:f0:25:ad:1c:29:54:9f:84:b9:71:88:21:
eb:c8:e9:63:16:f1:77:84:4c:46:cc:28:a1:ee:92:75:91:68:
eb:39:0c:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyDHSgLGEh/CpePvvQYqXHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MWM3OGIzMDVmYjQ5Y2JkNDAwNWQ0NDI3YzFmNjJjNmE0
NTVhNjgwHhcNMjMwMTAyMTAzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTM0N2NjNTYwNDhhNjk2OGM0M2MxNDAxMjYyNzBlZTM5NzM4NzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgq145KuygMEpfQ68/Q+z3ayT1m4r
UxqJa/zAHBHS1M5DvsWdrZHbrfydDzZdsNQPlpGCBxOwYHCwHP6xWBOuccweGE+0
9obcOQ2KmBaWKy1/1hz0GlIglvOQhHrwCL6Z6/uRNqUwohgyOjq0yBQEg/bpYNtV
xRoyitc8vP8yE15Aef/eTez6i2QW0JWS21DIj5VhntFzUlrluf9htF5yNPgHkijV
wvZB1QoDsiQWpj5jxZJ9Sp+ZWmNjLntGNZLNoHZqoG6MQPbhUFteeiTCiO356ixG
xkQGstFcCMBWsT1XvJs5yxCROr+s41Jp9TVRGPulfh2NKWreeYd1wzZ9oQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGU0fMVgSKaWjEPBQBJicO45c4ePMB8GA1UdIwQY
MBaAFJcceLMF+0nL1ABdRCfB9ixqRVpoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHh4NHN3WDdTY3ZVQUYxRUo4SDJMR3BGV21nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9kZjNhMTUtMmU0OS00ZDhlLTg1NWEt
MWMyNzU4NjUxZWZhLzEvWlRSOHhXQklwcGFNUThGQUVtSnc3amx6aDQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9kZjNhMTUtMmU0OS00ZDhlLTg1NWEtMWMyNzU4NjUxZWZh
LzEvbHh4NHN3WDdTY3ZVQUYxRUo4SDJMR3BGV21nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVdAEMA0G
CSqGSIb3DQEBCwUAA4IBAQB+RsGTrfiq4a494Zg198rjfd114oEPfPWj5dnxWFSk
bxnGymwJDYm1U5MTfXXRGUckhvSC2HVYibA7IEVKe9Vq8srCbzsp51Ykzt0PLGa1
WVEPJW+S/mQJQqg8Ft14oO/VXgOifT38BQJ2Vjh5vXeK8fP3ubZhMI4CjGEuIvkZ
KshQXkpQdXZYYrpV7e/qcZMCGCWmS4qLEgWx4w91ZBbIJBquWoviqOX5EFpUJlDf
xYsiuQ/y0MCuRpSXVOq52a00Yhp3eqECMBtt5FWS+EbwW0SJdME4gs8rDyP5VWbw
Ja0cKVSfhLlxiCHryOljFvF3hExGzCih7pJ1kWjrOQzu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:44 2024 by rpki-client on console-ams.rpki-client.org