Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/117fc9-7a62-4682-bfbc-2ca3aa71ec5f/1/twyhg9worYBlDPSBoIZIjvJ2puw.roa
File: twyhg9worYBlDPSBoIZIjvJ2puw.roa (raw, json)
Hash identifier: XnyGRaDdEw68LVPlh8JDsR4AXaRcEOs0bsg+njZCYzU=
Subject key identifier: B7:0C:A1:83:DC:28:AD:80:65:0C:F4:81:A0:86:48:8E:F2:76:A6:EC
Certificate issuer: /CN=489c263e818486cfd831c245ddfacca91fbd81c0
Certificate serial: 019371EE684D5A829E946AD71F975DAEA422
Authority key identifier: 48:9C:26:3E:81:84:86:CF:D8:31:C2:45:DD:FA:CC:A9:1F:BD:81:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SJwmPoGEhs_YMcJF3frMqR-9gcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/117fc9-7a62-4682-bfbc-2ca3aa71ec5f/1/twyhg9worYBlDPSBoIZIjvJ2puw.roa
Signing time: Thu 28 Nov 2024 08:41:09 +0000
ROA not before: Thu 28 Nov 2024 08:41:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202565
IP address blocks: 185.160.148.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:71:ee:68:4d:5a:82:9e:94:6a:d7:1f:97:5d:ae:a4:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=489c263e818486cfd831c245ddfacca91fbd81c0
Validity
Not Before: Nov 28 08:41:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b70ca183dc28ad80650cf481a086488ef276a6ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:32:6a:81:c8:23:a0:e7:b3:9b:22:d7:8b:f7:
f9:04:e9:ce:5d:49:5d:d3:2e:bf:c0:7b:f3:2a:fc:
e7:0a:16:f9:52:c0:90:b4:79:3b:ec:6e:1e:e4:c5:
ff:b9:71:00:b3:1b:61:7e:b2:f4:9b:82:17:79:21:
f9:82:41:3e:1f:2f:a7:d4:b2:4b:29:d6:c8:64:dc:
e2:e3:34:17:83:cf:24:a6:dd:a7:41:1e:70:87:92:
50:d8:33:5b:a4:3c:1f:60:ba:c2:f1:bc:cb:99:b5:
8f:17:27:00:c1:32:56:71:12:aa:3d:1e:ee:45:f4:
f4:13:7d:95:53:8a:d7:eb:63:30:2f:46:2f:36:ad:
0b:b1:a0:bb:44:2a:a2:da:db:aa:18:d2:fd:7e:b2:
a1:ac:29:0c:9c:d4:e4:62:c1:89:11:90:0b:e2:8f:
e0:d3:07:d1:cb:c1:8c:a1:84:8c:ab:e0:ad:4b:e8:
3b:dd:44:b2:33:cf:75:d1:e8:90:2f:c0:51:e4:55:
c0:84:4f:ac:b2:89:f8:c7:97:8d:b0:05:0e:bb:5c:
39:4a:a3:ec:d1:10:1c:5a:1e:c9:4a:3e:6e:ba:b9:
a7:d7:ef:b3:08:20:8b:02:af:84:d8:9e:ea:d2:af:
ff:e1:49:94:4a:42:27:05:35:51:7e:b6:ca:85:20:
c4:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:0C:A1:83:DC:28:AD:80:65:0C:F4:81:A0:86:48:8E:F2:76:A6:EC
X509v3 Authority Key Identifier:
keyid:48:9C:26:3E:81:84:86:CF:D8:31:C2:45:DD:FA:CC:A9:1F:BD:81:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SJwmPoGEhs_YMcJF3frMqR-9gcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/117fc9-7a62-4682-bfbc-2ca3aa71ec5f/1/twyhg9worYBlDPSBoIZIjvJ2puw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/117fc9-7a62-4682-bfbc-2ca3aa71ec5f/1/SJwmPoGEhs_YMcJF3frMqR-9gcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.148.0/22
Signature Algorithm: sha256WithRSAEncryption
89:1f:61:6d:e0:b9:13:d7:20:f8:f5:94:ed:27:72:f8:ac:df:
c9:f9:6f:1f:4a:3a:7a:f0:7a:14:19:6e:a8:3d:40:d7:b1:3c:
ba:0f:19:0f:4b:70:b8:9a:e7:57:4d:18:73:41:01:44:0d:e5:
ce:0f:49:6d:f1:14:4c:63:93:53:c8:13:d0:fa:0a:fe:83:10:
94:ce:eb:7b:53:90:04:1d:2e:4c:7c:b4:9f:70:e7:3a:57:e7:
97:aa:0d:09:17:2a:c7:9a:78:f7:5f:21:be:19:df:46:8e:df:
68:e2:f5:02:35:93:10:69:80:24:9d:58:5f:a5:3d:5b:14:ac:
46:1e:e5:c7:42:46:13:4d:4b:d3:6c:af:62:7c:de:e8:30:2a:
3f:45:8b:39:92:48:57:a6:2d:fe:5e:63:e8:74:c5:42:1d:a0:
3a:7d:a1:a6:6d:a4:77:82:7d:ba:e1:84:91:54:1a:10:d6:48:
a7:1d:18:36:b9:65:a0:25:ae:2f:ff:40:d1:c6:aa:1c:48:33:
20:96:af:23:0d:d4:26:71:f0:17:28:e8:f0:00:61:37:a2:ba:
53:92:c5:fc:5d:3b:e1:5d:b8:e9:9d:06:c6:e8:d8:8a:90:4b:
78:53:8c:96:c7:51:40:0d:5c:96:2d:22:23:1b:85:8f:bd:b0:
98:6e:66:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNx7mhNWoKelGrXH5ddrqQiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4OWMyNjNlODE4NDg2Y2ZkODMxYzI0NWRkZmFjY2E5MWZi
ZDgxYzAwHhcNMjQxMTI4MDg0MTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzBjYTE4M2RjMjhhZDgwNjUwY2Y0ODFhMDg2NDg4ZWYyNzZhNmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjJqgcgjoOezmyLXi/f5BOnOXUld
0y6/wHvzKvznChb5UsCQtHk77G4e5MX/uXEAsxthfrL0m4IXeSH5gkE+Hy+n1LJL
KdbIZNzi4zQXg88kpt2nQR5wh5JQ2DNbpDwfYLrC8bzLmbWPFycAwTJWcRKqPR7u
RfT0E32VU4rX62MwL0YvNq0LsaC7RCqi2tuqGNL9frKhrCkMnNTkYsGJEZAL4o/g
0wfRy8GMoYSMq+CtS+g73USyM8910eiQL8BR5FXAhE+sson4x5eNsAUOu1w5SqPs
0RAcWh7JSj5uurmn1++zCCCLAq+E2J7q0q//4UmUSkInBTVRfrbKhSDEOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLcMoYPcKK2AZQz0gaCGSI7ydqbsMB8GA1UdIwQY
MBaAFEicJj6BhIbP2DHCRd36zKkfvYHAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0p3bVBvR0Voc19ZTWNKRjNmck1xUi05Z2NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi8xMTdmYzktN2E2Mi00NjgyLWJmYmMt
MmNhM2FhNzFlYzVmLzEvdHd5aGc5d29yWUJsRFBTQm9JWklqdkoycHV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi8xMTdmYzktN2E2Mi00NjgyLWJmYmMtMmNhM2FhNzFlYzVm
LzEvU0p3bVBvR0Voc19ZTWNKRjNmck1xUi05Z2NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaCUMA0G
CSqGSIb3DQEBCwUAA4IBAQCJH2Ft4LkT1yD49ZTtJ3L4rN/J+W8fSjp68HoUGW6o
PUDXsTy6DxkPS3C4mudXTRhzQQFEDeXOD0lt8RRMY5NTyBPQ+gr+gxCUzut7U5AE
HS5MfLSfcOc6V+eXqg0JFyrHmnj3XyG+Gd9Gjt9o4vUCNZMQaYAknVhfpT1bFKxG
HuXHQkYTTUvTbK9ifN7oMCo/RYs5kkhXpi3+XmPodMVCHaA6faGmbaR3gn264YSR
VBoQ1kinHRg2uWWgJa4v/0DRxqocSDMglq8jDdQmcfAXKOjwAGE3orpTksX8XTvh
XbjpnQbG6NiKkEt4U4yWx1FADVyWLSIjG4WPvbCYbmbO
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:56:05 2025 by rpki-client