Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/84a5dd-5cf2-4857-bd93-3c711a15fa5c/1/iOtPZzESFieBd1LRUAr59Oa6k2s.roa
File: iOtPZzESFieBd1LRUAr59Oa6k2s.roa (raw, json)
Hash identifier: 66zHZZoJ9vum+cKE09NjOUO812IolP330DnrUu2i8xE=
Subject key identifier: 88:EB:4F:67:31:12:16:27:81:77:52:D1:50:0A:F9:F4:E6:BA:93:6B
Certificate issuer: /CN=b6d68436a76339f671441cfbd50ad401d3c00fff
Certificate serial: 0185720C64159A349CC646B46803D23CC837
Authority key identifier: B6:D6:84:36:A7:63:39:F6:71:44:1C:FB:D5:0A:D4:01:D3:C0:0F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ttaENqdjOfZxRBz71QrUAdPAD_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/84a5dd-5cf2-4857-bd93-3c711a15fa5c/1/iOtPZzESFieBd1LRUAr59Oa6k2s.roa
Signing time: Mon 02 Jan 2023 10:34:52 +0000
ROA not before: Mon 02 Jan 2023 10:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204411
IP address blocks: 185.235.160.0/24 maxlen: 24
185.235.160.0/22 maxlen: 22
185.235.163.0/24 maxlen: 24
185.235.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Sep 2023 11:45:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:64:15:9a:34:9c:c6:46:b4:68:03:d2:3c:c8:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6d68436a76339f671441cfbd50ad401d3c00fff
Validity
Not Before: Jan 2 10:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88eb4f6731121627817752d1500af9f4e6ba936b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:85:d8:54:47:6e:1d:10:13:8d:6e:fd:ea:d9:
4c:c9:6c:83:a7:32:02:c1:ef:64:2e:5a:01:83:75:
e7:f0:7e:92:1a:8f:6e:e8:b8:e7:53:96:0f:be:76:
cb:b5:22:15:31:f5:f0:68:71:ea:a1:6e:2a:43:2d:
65:08:a6:54:a9:19:98:c6:a5:be:a8:7c:41:a9:b9:
82:44:8f:e5:04:4e:89:39:4b:cc:c1:01:08:75:0d:
22:4f:1b:e7:3e:6c:68:58:4d:aa:06:2e:56:73:1e:
ad:00:e6:af:21:f9:52:74:91:4e:7a:d5:5f:f0:6d:
52:b9:df:5e:df:c1:b1:ac:ba:b6:78:32:eb:6c:eb:
3c:ed:91:4e:28:74:68:41:54:08:25:c4:8d:b7:48:
cc:ab:57:30:63:b4:bb:cf:65:43:9d:54:fd:07:8b:
1c:f4:f2:a3:9b:7b:8e:93:01:26:09:90:8f:f7:81:
0d:de:1d:3c:2f:28:cc:48:5e:46:01:56:89:a7:b3:
33:b1:18:6c:bb:b8:18:ca:69:8e:3b:95:3f:8d:24:
6f:46:3f:7c:a4:9f:ae:f1:c0:a7:9c:d5:b5:67:09:
4f:3d:4e:b4:70:00:5b:10:c0:d1:e9:16:20:00:fb:
4e:dc:02:29:49:e1:77:19:2b:3e:82:a8:df:ae:ec:
be:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:EB:4F:67:31:12:16:27:81:77:52:D1:50:0A:F9:F4:E6:BA:93:6B
X509v3 Authority Key Identifier:
keyid:B6:D6:84:36:A7:63:39:F6:71:44:1C:FB:D5:0A:D4:01:D3:C0:0F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ttaENqdjOfZxRBz71QrUAdPAD_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/84a5dd-5cf2-4857-bd93-3c711a15fa5c/1/iOtPZzESFieBd1LRUAr59Oa6k2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/84a5dd-5cf2-4857-bd93-3c711a15fa5c/1/ttaENqdjOfZxRBz71QrUAdPAD_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.160.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:b3:08:bb:cb:d3:95:73:58:21:b3:c1:76:0c:28:22:0e:bb:
b5:18:bb:d7:c6:c4:81:71:b3:99:2b:95:ef:8c:d3:e6:0a:ce:
81:27:60:17:b7:0b:63:a5:a8:e3:55:5a:25:7c:ba:13:f4:b7:
4a:0e:5b:db:4a:90:0b:43:58:46:c2:49:05:e3:3a:13:57:0e:
5b:e6:39:47:77:82:a8:59:40:a4:8a:95:b2:af:11:70:50:40:
c3:cc:7b:1d:17:0a:74:0c:f5:d7:e0:ff:7c:1e:c2:de:b7:7b:
bf:d4:5c:d9:d2:18:22:d8:50:25:c0:9b:e5:c5:7b:4c:96:fd:
13:7c:b0:3a:3c:ef:c0:96:c1:e0:a8:2e:3f:25:86:59:e3:c7:
bb:eb:59:cf:69:74:42:ad:9f:26:c5:50:d7:bf:85:e0:0e:80:
4e:fc:5c:1b:73:48:e3:5a:63:16:58:c9:4d:59:12:5a:97:c4:
b4:0e:c4:88:32:93:aa:be:fa:6a:75:a4:2d:c1:e5:c6:b4:96:
26:10:fc:0b:54:c4:05:e4:36:aa:64:ef:18:aa:9f:c4:7a:ed:
bd:d7:af:73:d3:65:94:d5:96:32:45:ba:06:cb:6b:da:1f:db:
79:1c:d1:e7:0f:ab:33:a4:cb:16:7c:58:ed:e0:26:82:65:91:
63:e0:4b:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyDGQVmjScxka0aAPSPMg3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZDY4NDM2YTc2MzM5ZjY3MTQ0MWNmYmQ1MGFkNDAxZDNj
MDBmZmYwHhcNMjMwMTAyMTAzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGViNGY2NzMxMTIxNjI3ODE3NzUyZDE1MDBhZjlmNGU2YmE5MzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYXYVEduHRATjW796tlMyWyDpzIC
we9kLloBg3Xn8H6SGo9u6LjnU5YPvnbLtSIVMfXwaHHqoW4qQy1lCKZUqRmYxqW+
qHxBqbmCRI/lBE6JOUvMwQEIdQ0iTxvnPmxoWE2qBi5Wcx6tAOavIflSdJFOetVf
8G1Sud9e38GxrLq2eDLrbOs87ZFOKHRoQVQIJcSNt0jMq1cwY7S7z2VDnVT9B4sc
9PKjm3uOkwEmCZCP94EN3h08LyjMSF5GAVaJp7MzsRhsu7gYymmOO5U/jSRvRj98
pJ+u8cCnnNW1ZwlPPU60cABbEMDR6RYgAPtO3AIpSeF3GSs+gqjfruy+8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIjrT2cxEhYngXdS0VAK+fTmupNrMB8GA1UdIwQY
MBaAFLbWhDanYzn2cUQc+9UK1AHTwA//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHRhRU5xZGpPZlp4UkJ6NzFRclVBZFBBRF84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84NGE1ZGQtNWNmMi00ODU3LWJkOTMt
M2M3MTFhMTVmYTVjLzEvaU90UFp6RVNGaWVCZDFMUlVBcjU5T2E2azJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84NGE1ZGQtNWNmMi00ODU3LWJkOTMtM2M3MTFhMTVmYTVj
LzEvdHRhRU5xZGpPZlp4UkJ6NzFRclVBZFBBRF84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueugMA0G
CSqGSIb3DQEBCwUAA4IBAQB+swi7y9OVc1ghs8F2DCgiDru1GLvXxsSBcbOZK5Xv
jNPmCs6BJ2AXtwtjpajjVVolfLoT9LdKDlvbSpALQ1hGwkkF4zoTVw5b5jlHd4Ko
WUCkipWyrxFwUEDDzHsdFwp0DPXX4P98HsLet3u/1FzZ0hgi2FAlwJvlxXtMlv0T
fLA6PO/AlsHgqC4/JYZZ48e761nPaXRCrZ8mxVDXv4XgDoBO/Fwbc0jjWmMWWMlN
WRJal8S0DsSIMpOqvvpqdaQtweXGtJYmEPwLVMQF5DaqZO8Yqp/Eeu29169z02WU
1ZYyRboGy2vaH9t5HNHnD6szpMsWfFjt4CaCZZFj4Ev7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:58 2024 by rpki-client on console-fra.rpki-client.org