Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/FHbIJRsXS8dTgz37QLK9P2DuoXw.roa
File: FHbIJRsXS8dTgz37QLK9P2DuoXw.roa (raw, json)
Hash identifier: uhTq/9u6sb0w/chwi/gPGUNmkayCWS36nQLBtONHN7Y=
Subject key identifier: 14:76:C8:25:1B:17:4B:C7:53:83:3D:FB:40:B2:BD:3F:60:EE:A1:7C
Certificate issuer: /CN=65179265803b7804d0fccf5962a8b163743e0d1e
Certificate serial: 018CC42535808CBDB0D5F1C924CF9390FBBF
Authority key identifier: 65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/FHbIJRsXS8dTgz37QLK9P2DuoXw.roa
Signing time: Mon 01 Jan 2024 08:30:22 +0000
ROA not before: Mon 01 Jan 2024 08:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199760
IP address blocks: 160.214.100.0/24 maxlen: 24
160.214.109.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Mar 2024 08:49:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:35:80:8c:bd:b0:d5:f1:c9:24:cf:93:90:fb:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65179265803b7804d0fccf5962a8b163743e0d1e
Validity
Not Before: Jan 1 08:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1476c8251b174bc753833dfb40b2bd3f60eea17c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:bc:c4:31:7f:d8:8d:19:77:22:cb:4e:e2:b4:
40:15:e3:b9:c7:27:59:5d:2e:d7:b2:43:89:1f:ad:
c2:60:06:ac:d2:6c:09:ce:da:81:8a:7f:12:cd:a5:
c6:ec:8b:c7:ea:e2:69:c1:13:48:83:51:79:c5:1d:
b1:3a:4f:74:28:a5:2d:45:cc:2d:33:3a:37:88:65:
3e:fb:ba:9f:2f:4d:0c:d6:21:73:8b:c5:51:0d:7e:
0b:88:f2:4a:7f:6f:bc:2a:b5:40:cc:29:0b:dc:f6:
a4:86:d6:1b:5e:c8:0a:e2:f3:89:c4:a7:a2:66:2e:
6c:8c:a5:52:fd:e1:17:4c:a1:e4:36:c4:8c:cd:b1:
32:73:6a:17:98:0d:21:6f:e0:d1:a8:d0:e1:1e:8c:
8d:3b:0d:84:e4:f3:09:df:52:be:40:a5:66:29:94:
6b:af:04:f2:ee:63:cd:e1:34:fb:43:57:48:d1:36:
74:42:2f:ac:90:5c:7d:49:f2:f1:78:25:67:a3:4d:
63:73:66:35:6a:dc:f6:35:68:3b:23:d7:8c:c5:00:
2a:09:e6:12:60:ab:ba:1b:b0:32:04:0e:ab:c1:2e:
8f:ed:82:8a:44:15:e7:7c:4e:4e:98:16:63:9d:95:
ab:34:2a:b6:30:f3:79:34:37:a2:56:91:b0:17:cb:
82:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:76:C8:25:1B:17:4B:C7:53:83:3D:FB:40:B2:BD:3F:60:EE:A1:7C
X509v3 Authority Key Identifier:
keyid:65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/FHbIJRsXS8dTgz37QLK9P2DuoXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.214.100.0/24
160.214.109.0/24
Signature Algorithm: sha256WithRSAEncryption
00:1c:04:38:c6:55:60:0d:48:b2:f8:90:2d:d0:29:f6:d4:80:
6b:e7:fc:97:fe:0b:17:a5:d2:13:5b:bb:6d:c8:43:dc:33:07:
12:3e:8d:ce:a9:5c:77:ed:7d:fd:e3:9b:70:45:29:25:a1:a9:
4c:4a:6d:0d:22:f7:d4:f7:d5:f5:49:a2:13:ab:44:88:52:62:
ac:f8:c0:7e:29:f6:8f:27:ce:25:84:5d:b9:36:3c:96:a7:58:
cd:b1:e1:10:b9:6e:92:61:b4:bc:41:82:13:34:35:a4:80:7e:
6f:79:e0:8b:0f:e3:61:7b:04:2a:09:64:bb:85:87:ac:47:47:
7a:87:60:9c:16:9c:88:c2:3c:9c:f1:4b:a3:bb:3a:41:29:a2:
48:fd:2e:17:6d:b8:91:8c:08:a3:f6:a9:f9:35:83:d2:28:be:
8a:09:83:2f:79:c0:6f:4d:ee:42:d4:67:da:fe:6c:ec:4d:e5:
ac:b2:72:b0:78:b2:d4:96:39:14:63:28:68:bb:69:cd:8b:e2:
72:c7:56:b0:bc:ad:00:8a:bf:6b:e6:09:fb:71:04:fa:7d:40:
27:6f:dd:07:3c:a0:3c:f1:95:19:c6:64:a8:95:d0:95:57:df:
e9:13:ac:61:0c:72:01:7d:40:d7:ac:6a:1a:23:8a:4d:b1:1c:
7f:4c:3f:3a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJTWAjL2w1fHJJM+TkPu/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MTc5MjY1ODAzYjc4MDRkMGZjY2Y1OTYyYThiMTYzNzQz
ZTBkMWUwHhcNMjQwMTAxMDgzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDc2YzgyNTFiMTc0YmM3NTM4MzNkZmI0MGIyYmQzZjYwZWVhMTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7zEMX/YjRl3IstO4rRAFeO5xydZ
XS7XskOJH63CYAas0mwJztqBin8SzaXG7IvH6uJpwRNIg1F5xR2xOk90KKUtRcwt
Mzo3iGU++7qfL00M1iFzi8VRDX4LiPJKf2+8KrVAzCkL3PakhtYbXsgK4vOJxKei
Zi5sjKVS/eEXTKHkNsSMzbEyc2oXmA0hb+DRqNDhHoyNOw2E5PMJ31K+QKVmKZRr
rwTy7mPN4TT7Q1dI0TZ0Qi+skFx9SfLxeCVno01jc2Y1atz2NWg7I9eMxQAqCeYS
YKu6G7AyBA6rwS6P7YKKRBXnfE5OmBZjnZWrNCq2MPN5NDeiVpGwF8uCMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBR2yCUbF0vHU4M9+0CyvT9g7qF8MB8GA1UdIwQY
MBaAFGUXkmWAO3gE0PzPWWKosWN0Pg0eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEt
ZjdiYjZkOWEzYmU4LzEvRkhiSUpSc1hTOGRUZ3ozN1FMSzlQMkR1b1h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEtZjdiYjZkOWEzYmU4
LzEvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAoNZkAwQA
oNZtMA0GCSqGSIb3DQEBCwUAA4IBAQAAHAQ4xlVgDUiy+JAt0Cn21IBr5/yX/gsX
pdITW7ttyEPcMwcSPo3OqVx37X3945twRSkloalMSm0NIvfU99X1SaITq0SIUmKs
+MB+KfaPJ84lhF25NjyWp1jNseEQuW6SYbS8QYITNDWkgH5veeCLD+NhewQqCWS7
hYesR0d6h2CcFpyIwjyc8UujuzpBKaJI/S4XbbiRjAij9qn5NYPSKL6KCYMvecBv
Te5C1Gfa/mzsTeWssnKweLLUljkUYyhou2nNi+Jyx1awvK0Air9r5gn7cQT6fUAn
b90HPKA88ZUZxmSoldCVV9/pE6xhDHIBfUDXrGoaI4pNsRx/TD86
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:33 2024 by rpki-client on console-ams.rpki-client.org