Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/bS4TiePs9OsSZcErVTYqUGUwkiY.roa
File: bS4TiePs9OsSZcErVTYqUGUwkiY.roa (raw, json)
Hash identifier: 8f2AwvEDCV+yP+LhKJzrJSfKL6zJpHoHcXQHbVvALVU=
Subject key identifier: 6D:2E:13:89:E3:EC:F4:EB:12:65:C1:2B:55:36:2A:50:65:30:92:26
Certificate issuer: /CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Certificate serial: 01856FCB89DC94F2F2F78E7DC194289FF4CF
Authority key identifier: A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/bS4TiePs9OsSZcErVTYqUGUwkiY.roa
Signing time: Mon 02 Jan 2023 00:04:48 +0000
ROA not before: Mon 02 Jan 2023 00:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201453
IP address blocks: 185.160.231.0/24 maxlen: 24
185.160.230.0/24 maxlen: 24
185.160.229.0/24 maxlen: 24
185.160.228.0/24 maxlen: 24
185.160.228.0/22 maxlen: 22
185.232.132.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 21 Jul 2023 08:14:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:89:dc:94:f2:f2:f7:8e:7d:c1:94:28:9f:f4:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Validity
Not Before: Jan 2 00:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d2e1389e3ecf4eb1265c12b55362a5065309226
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:25:31:a1:ea:c8:82:70:fe:72:7f:16:2a:59:
f0:34:5d:95:d0:bf:db:11:b6:7e:ec:02:f4:f8:54:
f1:fe:3d:64:78:c1:0a:53:a9:9c:a4:79:ed:81:f3:
f5:92:71:75:5c:0c:5f:fa:f2:c8:99:37:2d:e8:03:
02:e6:9b:0d:fc:52:f6:85:a9:12:85:c5:18:38:60:
e9:4e:3b:b9:28:a1:90:82:69:25:32:ee:3a:0f:ee:
20:90:64:dd:ce:e1:ab:13:0d:50:c9:c8:6a:3c:b5:
15:9e:6c:36:f4:40:fa:02:60:73:56:e1:31:b4:e6:
cb:ce:b9:4b:a4:30:17:27:52:8f:40:2e:e9:a0:0c:
13:15:d7:5e:dc:64:6f:96:52:a1:36:b5:a7:e1:43:
59:e8:30:fc:da:6a:90:86:9e:6e:26:df:35:44:c2:
8f:fa:e8:f8:b1:13:ea:1e:aa:77:69:43:0d:91:f8:
c0:4d:28:d7:05:c8:a6:22:a8:3a:62:91:f5:82:78:
2c:a5:09:59:56:93:7b:73:4f:40:7c:7a:7e:b6:0a:
62:9c:70:62:92:3b:7d:ae:54:31:22:97:3b:9a:08:
60:4f:a3:fa:b0:fb:d8:7d:76:66:26:9d:94:b4:4d:
3d:ac:cf:30:b9:21:29:0c:b4:b8:88:d8:0d:c1:21:
61:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:2E:13:89:E3:EC:F4:EB:12:65:C1:2B:55:36:2A:50:65:30:92:26
X509v3 Authority Key Identifier:
keyid:A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/bS4TiePs9OsSZcErVTYqUGUwkiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.228.0/22
185.232.132.0/22
Signature Algorithm: sha256WithRSAEncryption
64:99:41:a2:b8:25:61:17:e2:32:fe:42:41:f3:a3:bc:09:24:
59:05:38:cc:67:69:30:1f:73:0c:38:50:26:b6:2a:13:83:7e:
95:91:87:41:ac:c8:6e:07:b6:6f:11:e5:bc:56:c2:5a:b9:cd:
5f:71:10:0a:92:49:88:f8:8a:4b:85:cb:e7:7d:8f:9a:7a:f8:
a1:61:af:34:f1:4a:50:04:80:6e:25:22:27:83:80:4e:46:30:
d8:13:b2:fe:7b:7c:d0:f0:a5:4d:b9:fc:14:33:a0:4d:38:a0:
df:bc:39:9d:fd:44:9c:11:42:ed:3e:06:46:b4:3d:ab:26:2c:
c5:05:54:a3:ed:86:1d:99:99:27:3b:24:c3:20:2d:95:70:17:
5f:c6:a4:9f:7e:36:34:58:c7:4b:8c:d2:c1:0b:25:7f:ba:22:
5f:e1:80:34:16:a3:2e:23:60:fd:a6:80:7b:0b:3c:d3:2f:56:
15:59:2b:62:05:e7:a4:51:32:3b:35:fd:29:be:30:bc:49:5e:
13:d3:8e:05:6f:fb:8c:28:c9:dd:30:a7:83:3c:ee:e2:d5:84:
c8:51:ba:94:16:7b:51:a0:5f:52:aa:5b:ad:8e:71:16:11:c9:
88:69:23:dc:56:0f:8e:2c:77:86:a4:b3:b7:dd:3b:05:e4:a3:
20:5f:f5:69
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvy4nclPLy9459wZQon/TPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NDkyMDRjYTRmMGViNGU1NmUwOGUwOTlmZTM3ODVjZTA2
ZmZlYWEwHhcNMjMwMTAyMDAwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDJlMTM4OWUzZWNmNGViMTI2NWMxMmI1NTM2MmE1MDY1MzA5MjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1yUxoerIgnD+cn8WKlnwNF2V0L/b
EbZ+7AL0+FTx/j1keMEKU6mcpHntgfP1knF1XAxf+vLImTct6AMC5psN/FL2hakS
hcUYOGDpTju5KKGQgmklMu46D+4gkGTdzuGrEw1QychqPLUVnmw29ED6AmBzVuEx
tObLzrlLpDAXJ1KPQC7poAwTFdde3GRvllKhNrWn4UNZ6DD82mqQhp5uJt81RMKP
+uj4sRPqHqp3aUMNkfjATSjXBcimIqg6YpH1gngspQlZVpN7c09AfHp+tgpinHBi
kjt9rlQxIpc7mghgT6P6sPvYfXZmJp2UtE09rM8wuSEpDLS4iNgNwSFhUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG0uE4nj7PTrEmXBK1U2KlBlMJImMB8GA1UdIwQY
MBaAFKhJIEyk8OtOVuCOCZ/jeFzgb/6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYt
OWNjYmIwODQyOGZhLzEvYlM0VGllUHM5T3NTWmNFclZUWXFVR1V3a2lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYtOWNjYmIwODQyOGZh
LzEvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuaDkAwQC
ueiEMA0GCSqGSIb3DQEBCwUAA4IBAQBkmUGiuCVhF+Iy/kJB86O8CSRZBTjMZ2kw
H3MMOFAmtioTg36VkYdBrMhuB7ZvEeW8VsJauc1fcRAKkkmI+IpLhcvnfY+aevih
Ya808UpQBIBuJSIng4BORjDYE7L+e3zQ8KVNufwUM6BNOKDfvDmd/UScEULtPgZG
tD2rJizFBVSj7YYdmZknOyTDIC2VcBdfxqSffjY0WMdLjNLBCyV/uiJf4YA0FqMu
I2D9poB7CzzTL1YVWStiBeekUTI7Nf0pvjC8SV4T044Fb/uMKMndMKeDPO7i1YTI
UbqUFntRoF9SqlutjnEWEcmIaSPcVg+OLHeGpLO33TsF5KMgX/Vp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:02 2024 by rpki-client on console-fra.rpki-client.org