Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/aa1797-4373-4a2f-a074-c73cbe70abb9/1/sz5yusoGDU_fBh_1fOD7CVMVfb4.roa
File: sz5yusoGDU_fBh_1fOD7CVMVfb4.roa (raw, json)
Hash identifier: e8vHUy+Yq0602S+V4sqOSpJ3oP4b5QaZLzhuM1a7UgE=
Subject key identifier: B3:3E:72:BA:CA:06:0D:4F:DF:06:1F:F5:7C:E0:FB:09:53:15:7D:BE
Certificate issuer: /CN=4aab65873cb2782f13c378f5543c691443d16f79
Certificate serial: 01856FF955553D9C0FDBAED730861BB14A6C
Authority key identifier: 4A:AB:65:87:3C:B2:78:2F:13:C3:78:F5:54:3C:69:14:43:D1:6F:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SqtlhzyyeC8Tw3j1VDxpFEPRb3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/aa1797-4373-4a2f-a074-c73cbe70abb9/1/sz5yusoGDU_fBh_1fOD7CVMVfb4.roa
Signing time: Mon 02 Jan 2023 00:54:49 +0000
ROA not before: Mon 02 Jan 2023 00:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29119
IP address blocks: 185.201.4.0/24 maxlen: 24
185.201.5.0/24 maxlen: 24
185.201.7.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:55:55:3d:9c:0f:db:ae:d7:30:86:1b:b1:4a:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4aab65873cb2782f13c378f5543c691443d16f79
Validity
Not Before: Jan 2 00:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b33e72baca060d4fdf061ff57ce0fb0953157dbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:04:b1:aa:66:68:57:aa:ab:2d:5a:f0:3a:d5:
9f:42:97:c9:68:24:03:c3:40:ae:ea:dc:2e:f9:41:
90:26:94:93:fd:89:b9:85:c3:bb:c3:71:74:9a:93:
82:0b:73:ce:1b:11:37:b3:2e:f1:f7:13:11:7c:22:
b0:09:8b:55:01:d2:0b:bc:01:6c:a1:e9:c1:29:9b:
34:60:32:7e:ec:7b:de:aa:eb:b2:71:c4:07:4e:43:
68:1b:0f:af:8a:f9:e8:b0:26:35:4f:4f:36:4f:08:
30:c7:45:02:fa:a1:82:3b:09:31:57:bb:c7:7c:2a:
76:8c:19:54:3f:2b:10:58:b0:b8:1c:1d:8d:88:13:
26:30:5a:fd:9c:1a:e8:05:dd:44:e9:bc:d9:be:2d:
c2:7d:d0:9a:a7:a7:98:33:40:1d:32:12:aa:7e:85:
af:a7:89:77:5f:de:6d:ca:5e:1c:39:a4:f4:23:52:
f5:c3:3b:46:60:ad:7a:b0:fc:c2:f2:1c:a6:b4:e0:
e9:e0:14:95:0a:af:7b:db:d2:ba:48:86:27:59:40:
4e:41:43:0b:b8:fe:85:11:a9:74:45:16:22:b7:66:
33:6a:aa:e1:d8:0c:ff:16:23:c4:a6:d6:b5:ab:e7:
58:93:cb:bf:45:db:00:71:28:71:f7:e1:77:f7:7d:
df:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:3E:72:BA:CA:06:0D:4F:DF:06:1F:F5:7C:E0:FB:09:53:15:7D:BE
X509v3 Authority Key Identifier:
keyid:4A:AB:65:87:3C:B2:78:2F:13:C3:78:F5:54:3C:69:14:43:D1:6F:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SqtlhzyyeC8Tw3j1VDxpFEPRb3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/aa1797-4373-4a2f-a074-c73cbe70abb9/1/sz5yusoGDU_fBh_1fOD7CVMVfb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/aa1797-4373-4a2f-a074-c73cbe70abb9/1/SqtlhzyyeC8Tw3j1VDxpFEPRb3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.4.0/23
185.201.7.0/24
Signature Algorithm: sha256WithRSAEncryption
26:d7:cf:e9:48:ce:6a:9a:61:8a:63:64:36:c4:2b:be:2c:e0:
4c:ca:b9:68:a4:54:8c:f0:88:27:93:7c:e9:c1:51:90:cc:62:
a0:c8:bd:19:31:a2:23:da:d7:7a:2c:f6:45:54:4d:6c:09:c3:
22:55:f2:b3:9a:51:59:c5:3e:0e:ba:3c:40:6c:2c:a8:f2:11:
4f:19:46:60:24:db:f3:68:7d:6d:30:cc:49:7c:12:d9:7d:66:
b2:1b:69:bd:d8:80:0c:d9:42:26:29:64:e1:ff:33:93:9a:fa:
be:ab:20:b6:b0:55:77:86:da:06:5c:5a:77:d3:96:11:8d:17:
7d:eb:57:54:f1:7a:3c:34:d9:5e:7f:2b:9c:d1:78:97:8c:f3:
ea:37:24:91:f5:d1:5f:8e:c9:6a:57:2f:e4:7f:7b:8a:51:83:
13:da:f7:86:0d:8e:e4:b4:f2:0f:93:3b:a4:63:be:9b:eb:5b:
b8:1e:dd:e4:c3:f0:16:81:f1:d2:c1:2f:a4:ac:55:5d:fe:6f:
3a:c2:1f:d0:6c:10:46:5d:5f:7b:eb:11:20:e2:76:26:77:39:
c7:ac:79:79:19:da:05:b6:c0:0b:f3:2f:3e:6c:72:0c:ea:da:
49:dd:6c:a4:5e:95:1b:b2:6d:47:5c:31:45:07:82:e8:36:27:
80:cf:3e:b5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVv+VVVPZwP267XMIYbsUpsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhYWI2NTg3M2NiMjc4MmYxM2MzNzhmNTU0M2M2OTE0NDNk
MTZmNzkwHhcNMjMwMTAyMDA1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzNlNzJiYWNhMDYwZDRmZGYwNjFmZjU3Y2UwZmIwOTUzMTU3ZGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4QSxqmZoV6qrLVrwOtWfQpfJaCQD
w0Cu6twu+UGQJpST/Ym5hcO7w3F0mpOCC3POGxE3sy7x9xMRfCKwCYtVAdILvAFs
oenBKZs0YDJ+7HvequuyccQHTkNoGw+vivnosCY1T082Twgwx0UC+qGCOwkxV7vH
fCp2jBlUPysQWLC4HB2NiBMmMFr9nBroBd1E6bzZvi3CfdCap6eYM0AdMhKqfoWv
p4l3X95tyl4cOaT0I1L1wztGYK16sPzC8hymtODp4BSVCq9729K6SIYnWUBOQUML
uP6FEal0RRYit2Yzaqrh2Az/FiPEpta1q+dYk8u/RdsAcShx9+F3933fVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLM+crrKBg1P3wYf9Xzg+wlTFX2+MB8GA1UdIwQY
MBaAFEqrZYc8sngvE8N49VQ8aRRD0W95MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3F0bGh6eXllQzhUdzNqMVZEeHBGRVBSYjNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9hYTE3OTctNDM3My00YTJmLWEwNzQt
YzczY2JlNzBhYmI5LzEvc3o1eXVzb0dEVV9mQmhfMWZPRDdDVk1WZmI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9hYTE3OTctNDM3My00YTJmLWEwNzQtYzczY2JlNzBhYmI5
LzEvU3F0bGh6eXllQzhUdzNqMVZEeHBGRVBSYjNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuckEAwQA
uckHMA0GCSqGSIb3DQEBCwUAA4IBAQAm18/pSM5qmmGKY2Q2xCu+LOBMyrlopFSM
8Ignk3zpwVGQzGKgyL0ZMaIj2td6LPZFVE1sCcMiVfKzmlFZxT4OujxAbCyo8hFP
GUZgJNvzaH1tMMxJfBLZfWayG2m92IAM2UImKWTh/zOTmvq+qyC2sFV3htoGXFp3
05YRjRd961dU8Xo8NNlefyuc0XiXjPPqNySR9dFfjslqVy/kf3uKUYMT2veGDY7k
tPIPkzukY76b61u4Ht3kw/AWgfHSwS+krFVd/m86wh/QbBBGXV976xEg4nYmdznH
rHl5GdoFtsAL8y8+bHIM6tpJ3WykXpUbsm1HXDFFB4LoNieAzz61
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:46 2024 by rpki-client on console-fra.rpki-client.org