Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/d70262-f87c-4126-af85-a31853e6997a/1/7UWEfbw2NQznnumnbMDlhf-oozM.roa
File: 7UWEfbw2NQznnumnbMDlhf-oozM.roa (raw, json)
Hash identifier: LYITszs7VEgNEeTOpgQkeAU6QbM0AfsUbwXeLghUnrQ=
Subject key identifier: ED:45:84:7D:BC:36:35:0C:E7:9E:E9:A7:6C:C0:E5:85:FF:A8:A3:33
Certificate issuer: /CN=23aee94d0fff6c6c752a6942ffa962ae37c7e6b6
Certificate serial: 01856F1DBDC79BE28BA3ABA93BB9E74AC640
Authority key identifier: 23:AE:E9:4D:0F:FF:6C:6C:75:2A:69:42:FF:A9:62:AE:37:C7:E6:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I67pTQ__bGx1KmlC_6lirjfH5rY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/d70262-f87c-4126-af85-a31853e6997a/1/7UWEfbw2NQznnumnbMDlhf-oozM.roa
Signing time: Sun 01 Jan 2023 20:54:58 +0000
ROA not before: Sun 01 Jan 2023 20:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31037
IP address blocks: 185.101.16.0/24 maxlen: 24
185.101.16.0/22 maxlen: 22
185.101.17.0/24 maxlen: 24
185.101.19.0/24 maxlen: 24
185.101.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:bd:c7:9b:e2:8b:a3:ab:a9:3b:b9:e7:4a:c6:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23aee94d0fff6c6c752a6942ffa962ae37c7e6b6
Validity
Not Before: Jan 1 20:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed45847dbc36350ce79ee9a76cc0e585ffa8a333
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:32:c1:f0:7a:c1:08:30:e4:49:45:13:68:aa:
14:5b:8e:98:28:9a:64:11:b3:90:e2:15:e1:cb:a0:
19:c2:d5:08:37:15:87:ed:2d:fb:44:2f:b3:86:2c:
5d:61:74:1d:4a:8d:c2:ff:e1:31:35:10:c6:ec:f9:
9d:26:fa:f3:05:e8:af:68:9d:d6:d3:35:42:fe:81:
0f:53:de:94:69:b3:17:15:12:ea:54:80:02:cb:f5:
bc:c6:d0:8d:c6:84:52:fb:48:9a:3f:a7:1d:66:8d:
6d:40:2d:e8:3f:27:c6:c0:e5:bf:ea:2e:c4:82:0c:
87:bd:5c:79:a8:19:91:44:d1:21:ef:34:76:03:ff:
63:66:d7:3b:8f:29:94:5f:d9:2d:11:83:64:6e:3a:
4d:b3:cc:13:8e:2f:90:bb:b2:ce:f9:6f:14:78:e4:
ea:19:b7:77:35:27:50:44:c5:fc:45:b4:ac:06:ec:
1d:8b:f7:50:90:ff:32:cf:22:30:61:77:1d:70:03:
9f:b9:04:6f:14:c0:0c:c9:17:0a:b3:e4:6d:0a:22:
0a:ba:de:4c:bf:70:9f:22:27:0e:e0:10:a3:e8:db:
8a:46:08:50:3a:61:38:f5:42:d6:08:e4:bc:13:b0:
07:7c:a0:a9:59:ec:e8:f6:d8:b5:9b:51:72:32:8f:
1f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:45:84:7D:BC:36:35:0C:E7:9E:E9:A7:6C:C0:E5:85:FF:A8:A3:33
X509v3 Authority Key Identifier:
keyid:23:AE:E9:4D:0F:FF:6C:6C:75:2A:69:42:FF:A9:62:AE:37:C7:E6:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I67pTQ__bGx1KmlC_6lirjfH5rY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d70262-f87c-4126-af85-a31853e6997a/1/7UWEfbw2NQznnumnbMDlhf-oozM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d70262-f87c-4126-af85-a31853e6997a/1/I67pTQ__bGx1KmlC_6lirjfH5rY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.16.0/22
Signature Algorithm: sha256WithRSAEncryption
13:bb:54:7d:94:15:0a:d8:4f:7c:30:62:66:3c:dd:ed:a1:56:
b2:07:26:6f:44:79:37:83:9f:22:44:ab:7c:73:6b:13:cf:d4:
07:d3:31:9c:a0:85:a7:15:51:fd:67:c2:db:3f:b0:b7:bb:95:
74:5a:b7:fc:28:4c:dc:40:c7:2b:ed:3c:79:2a:f2:c6:d5:61:
1c:1e:79:f7:42:d3:27:bd:fd:56:33:a0:b1:69:d4:1a:37:ac:
73:bb:da:64:28:12:ed:70:d0:1d:27:73:f1:9c:52:8e:bf:c3:
94:b5:06:af:11:49:f6:d3:3d:71:54:2b:27:9a:d9:92:8b:58:
33:e1:d8:3e:4b:2c:c9:52:49:57:8d:e3:8d:1a:b6:a0:49:49:
24:de:0a:a7:f0:41:67:41:0a:91:60:31:dc:f6:81:4a:91:dd:
a6:e5:d8:40:d4:b2:00:cb:1c:12:2e:26:88:d7:b6:c2:1f:1d:
02:bc:57:df:68:84:7f:a0:25:e8:0f:5b:25:ab:2e:79:74:dd:
69:8d:0e:69:74:ce:ad:41:dd:48:1e:3c:43:28:74:ff:a5:1c:
c1:67:eb:fc:2c:cb:a0:63:0c:ea:0f:f1:5b:6f:53:1d:c5:9a:
b8:7a:46:f8:4f:da:4e:e9:a4:b4:f9:f6:97:f2:3c:6b:6d:98:
13:ac:69:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHb3Hm+KLo6upO7nnSsZAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYWVlOTRkMGZmZjZjNmM3NTJhNjk0MmZmYTk2MmFlMzdj
N2U2YjYwHhcNMjMwMTAxMjA1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDQ1ODQ3ZGJjMzYzNTBjZTc5ZWU5YTc2Y2MwZTU4NWZmYThhMzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDLB8HrBCDDkSUUTaKoUW46YKJpk
EbOQ4hXhy6AZwtUINxWH7S37RC+zhixdYXQdSo3C/+ExNRDG7PmdJvrzBeivaJ3W
0zVC/oEPU96UabMXFRLqVIACy/W8xtCNxoRS+0iaP6cdZo1tQC3oPyfGwOW/6i7E
ggyHvVx5qBmRRNEh7zR2A/9jZtc7jymUX9ktEYNkbjpNs8wTji+Qu7LO+W8UeOTq
Gbd3NSdQRMX8RbSsBuwdi/dQkP8yzyIwYXcdcAOfuQRvFMAMyRcKs+RtCiIKut5M
v3CfIicO4BCj6NuKRghQOmE49ULWCOS8E7AHfKCpWezo9ti1m1FyMo8fIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO1FhH28NjUM557pp2zA5YX/qKMzMB8GA1UdIwQY
MBaAFCOu6U0P/2xsdSppQv+pYq43x+a2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTY3cFRRX19iR3gxS21sQ182bGlyamZINXJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9kNzAyNjItZjg3Yy00MTI2LWFmODUt
YTMxODUzZTY5OTdhLzEvN1VXRWZidzJOUXpubnVtbmJNRGxoZi1vb3pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9kNzAyNjItZjg3Yy00MTI2LWFmODUtYTMxODUzZTY5OTdh
LzEvSTY3cFRRX19iR3gxS21sQ182bGlyamZINXJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWUQMA0G
CSqGSIb3DQEBCwUAA4IBAQATu1R9lBUK2E98MGJmPN3toVayByZvRHk3g58iRKt8
c2sTz9QH0zGcoIWnFVH9Z8LbP7C3u5V0Wrf8KEzcQMcr7Tx5KvLG1WEcHnn3QtMn
vf1WM6CxadQaN6xzu9pkKBLtcNAdJ3PxnFKOv8OUtQavEUn20z1xVCsnmtmSi1gz
4dg+SyzJUklXjeONGragSUkk3gqn8EFnQQqRYDHc9oFKkd2m5dhA1LIAyxwSLiaI
17bCHx0CvFffaIR/oCXoD1slqy55dN1pjQ5pdM6tQd1IHjxDKHT/pRzBZ+v8LMug
YwzqD/Fbb1MdxZq4ekb4T9pO6aS0+faX8jxrbZgTrGlS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:10 2024 by rpki-client on console-fra.rpki-client.org