Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/a63fd8-9b36-496d-b6e2-b20ebe595475/1/1-1psYMagWUWDK6OnYXahh0vlaE.roa
File: 1-1psYMagWUWDK6OnYXahh0vlaE.roa (raw, json)
Hash identifier: aozNvX1R3xHS7fd+i2wR6A6uN1sboH6Ex2wIS95z2UY=
Subject key identifier: D7:ED:69:B1:83:1A:81:65:16:0C:AE:8E:9D:85:DA:86:1D:2F:95:A1
Certificate issuer: /CN=ad3b529c9dc9526f099bf16ac89dcc8adfe18240
Certificate serial: 01856F4B785AB6C0B442B05D118BBE7C7557
Authority key identifier: AD:3B:52:9C:9D:C9:52:6F:09:9B:F1:6A:C8:9D:CC:8A:DF:E1:82:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rTtSnJ3JUm8Jm_FqyJ3Mit_hgkA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/a63fd8-9b36-496d-b6e2-b20ebe595475/1/1-1psYMagWUWDK6OnYXahh0vlaE.roa
Signing time: Sun 01 Jan 2023 21:44:54 +0000
ROA not before: Sun 01 Jan 2023 21:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48501
IP address blocks: 185.161.141.0/24 maxlen: 24
185.161.140.0/22 maxlen: 22
185.161.140.0/24 maxlen: 24
185.161.142.0/24 maxlen: 24
2a07:c500::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:78:5a:b6:c0:b4:42:b0:5d:11:8b:be:7c:75:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad3b529c9dc9526f099bf16ac89dcc8adfe18240
Validity
Not Before: Jan 1 21:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7ed69b1831a8165160cae8e9d85da861d2f95a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b1:ce:c3:0a:a5:bf:9e:ec:91:01:29:76:c4:
d7:2c:84:d8:f5:0f:63:96:c5:1f:47:5e:61:e6:95:
b8:b5:99:9b:55:bb:5f:d3:92:e4:1f:e6:86:ae:8f:
31:e9:79:c8:dc:64:0a:10:3e:93:b1:9c:81:0c:3a:
8b:ef:5e:c4:07:1c:97:3c:04:1e:68:b3:53:41:66:
b0:07:b0:c9:e2:fd:69:ab:89:9a:cb:43:a1:39:5a:
e7:ad:e2:83:5b:bf:43:00:48:8c:9c:a7:34:32:b5:
e2:e5:5b:8d:ca:fb:ea:de:09:2b:0a:6b:9d:7e:77:
c0:b8:b3:24:89:17:8d:9f:24:ec:ff:b7:ad:49:ff:
a6:eb:b1:53:f0:1a:9b:09:04:44:55:62:ea:79:a5:
97:cb:39:44:09:55:e6:b3:9f:9b:95:fc:b9:0c:46:
59:5d:6b:10:00:77:4f:51:03:08:10:28:28:e6:23:
f7:9e:7b:e2:32:85:fe:5e:6b:99:3c:6c:00:58:e9:
54:9a:f8:f1:79:16:a4:63:41:0d:14:f5:64:57:6b:
bb:62:8f:67:e4:fc:38:12:a9:46:3d:bb:3a:d8:f6:
b0:9d:37:28:84:2d:e3:10:cb:79:c0:9f:a2:19:de:
02:4a:8e:34:63:7c:51:09:e4:b6:47:5c:b8:af:22:
39:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:ED:69:B1:83:1A:81:65:16:0C:AE:8E:9D:85:DA:86:1D:2F:95:A1
X509v3 Authority Key Identifier:
keyid:AD:3B:52:9C:9D:C9:52:6F:09:9B:F1:6A:C8:9D:CC:8A:DF:E1:82:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rTtSnJ3JUm8Jm_FqyJ3Mit_hgkA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/a63fd8-9b36-496d-b6e2-b20ebe595475/1/1-1psYMagWUWDK6OnYXahh0vlaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/a63fd8-9b36-496d-b6e2-b20ebe595475/1/rTtSnJ3JUm8Jm_FqyJ3Mit_hgkA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.140.0/22
IPv6:
2a07:c500::/29
Signature Algorithm: sha256WithRSAEncryption
42:1f:ec:93:14:ba:56:2b:93:76:db:1d:a4:d9:91:b4:e2:3c:
76:06:18:e3:d0:bb:8d:1b:8e:61:20:ab:9e:10:f1:2b:fd:4e:
58:98:ca:84:fb:b1:5b:3c:06:02:34:40:ed:eb:53:23:bd:48:
57:b3:0e:c2:72:f3:5d:e4:b8:0a:e8:79:cf:7c:13:91:c4:cd:
57:e6:d6:d8:d2:c1:86:73:72:c1:70:c0:d3:8f:8a:c8:34:c4:
80:ed:c0:a1:ba:e7:2e:8a:28:40:1a:56:7a:8f:00:0f:2d:54:
ae:c1:c0:9a:a6:8d:e8:64:6e:94:d7:a7:f5:66:f6:69:aa:52:
12:47:70:58:1d:c3:e8:73:b9:01:ce:8f:99:6c:b2:4e:d4:54:
32:60:ed:fa:64:b1:7b:8d:a6:33:36:51:aa:97:64:fd:53:4f:
63:a3:de:f2:76:ee:72:64:4c:e2:59:02:46:98:3d:25:6a:c4:
03:3f:89:58:42:f6:b3:7e:91:ad:58:2e:6f:09:21:62:70:5a:
ba:09:ab:67:ba:41:66:ce:86:93:ad:2f:e1:c5:b9:a9:54:3e:
7b:dd:da:a9:b5:fd:80:1d:4a:71:dd:40:54:5e:5a:af:da:c1:
ca:b7:f9:93:f4:62:b4:25:8a:6d:0d:f7:7f:9f:56:5c:bf:f7:
04:a7:ef:e3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvS3hatsC0QrBdEYu+fHVXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkM2I1MjljOWRjOTUyNmYwOTliZjE2YWM4OWRjYzhhZGZl
MTgyNDAwHhcNMjMwMTAxMjE0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2VkNjliMTgzMWE4MTY1MTYwY2FlOGU5ZDg1ZGE4NjFkMmY5NWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLHOwwqlv57skQEpdsTXLITY9Q9j
lsUfR15h5pW4tZmbVbtf05LkH+aGro8x6XnI3GQKED6TsZyBDDqL717EBxyXPAQe
aLNTQWawB7DJ4v1pq4may0OhOVrnreKDW79DAEiMnKc0MrXi5VuNyvvq3gkrCmud
fnfAuLMkiReNnyTs/7etSf+m67FT8BqbCQREVWLqeaWXyzlECVXms5+blfy5DEZZ
XWsQAHdPUQMIECgo5iP3nnviMoX+XmuZPGwAWOlUmvjxeRakY0ENFPVkV2u7Yo9n
5Pw4EqlGPbs62PawnTcohC3jEMt5wJ+iGd4CSo40Y3xRCeS2R1y4ryI52QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNftabGDGoFlFgyujp2F2oYdL5WhMB8GA1UdIwQY
MBaAFK07UpydyVJvCZvxasidzIrf4YJAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclR0U25KM0pVbThKbV9GcXlKM01pdF9oZ2tBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hNjNmZDgtOWIzNi00OTZkLWI2ZTIt
YjIwZWJlNTk1NDc1LzEvMS0xcHNZTWFnV1VXREs2T25ZWGFoaDB2bGFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9hNjNmZDgtOWIzNi00OTZkLWI2ZTItYjIwZWJlNTk1NDc1
LzEvclR0U25KM0pVbThKbV9GcXlKM01pdF9oZ2tBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaGMMA0E
AgACMAcDBQMqB8UAMA0GCSqGSIb3DQEBCwUAA4IBAQBCH+yTFLpWK5N22x2k2ZG0
4jx2Bhjj0LuNG45hIKueEPEr/U5YmMqE+7FbPAYCNEDt61MjvUhXsw7CcvNd5LgK
6HnPfBORxM1X5tbY0sGGc3LBcMDTj4rINMSA7cChuucuiihAGlZ6jwAPLVSuwcCa
po3oZG6U16f1ZvZpqlISR3BYHcPoc7kBzo+ZbLJO1FQyYO36ZLF7jaYzNlGql2T9
U09jo97ydu5yZEziWQJGmD0lasQDP4lYQvazfpGtWC5vCSFicFq6CatnukFmzoaT
rS/hxbmpVD573dqptf2AHUpx3UBUXlqv2sHKt/mT9GK0JYptDfd/n1Zcv/cEp+/j
-----END CERTIFICATE-----
Generated at Fri Dec 29 16:10:48 2023 by rpki-client on console-fra.rpki-client.org