Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4TW1uGmAdCyPlSZLp1G9JuS3kjc.roa
File: 4TW1uGmAdCyPlSZLp1G9JuS3kjc.roa (raw, json)
Hash identifier: DWleeyOA+ZCsoB3/uCsnGi1eWfEIyzoFYicerNYUFAw=
Subject key identifier: E1:35:B5:B8:69:80:74:2C:8F:95:26:4B:A7:51:BD:26:E4:B7:92:37
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018AF49AACADE47C128EA685800B6E3701DF
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4TW1uGmAdCyPlSZLp1G9JuS3kjc.roa
Signing time: Tue 03 Oct 2023 08:14:51 +0000
ROA not before: Tue 03 Oct 2023 08:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22653
IP address blocks: 185.252.160.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f4:9a:ac:ad:e4:7c:12:8e:a6:85:80:0b:6e:37:01:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 3 08:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e135b5b86980742c8f95264ba751bd26e4b79237
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ac:06:ad:d1:0e:30:97:43:f7:7f:a9:d0:51:
36:4d:12:bf:2a:7b:fb:df:3a:13:b3:f1:a0:dd:2b:
4e:68:85:a0:1f:fe:ff:a1:40:e7:bf:40:76:f4:8f:
e3:02:2b:7a:5c:ac:72:4f:28:10:b9:dd:77:81:ad:
eb:18:f9:4f:b8:38:c5:6d:31:c8:4a:10:9c:d4:22:
38:cd:17:d1:66:63:c4:05:f2:8d:61:14:aa:58:10:
38:05:f0:f7:e6:25:a2:49:b7:0a:ec:7c:eb:70:23:
13:73:93:d3:1d:ee:2a:ce:ed:21:c3:58:ee:d4:ff:
a7:9f:d9:5d:47:c6:b8:d4:6c:1e:f8:45:a3:c8:fc:
d2:3a:4f:6e:d9:05:18:cd:af:64:3a:a9:01:ce:be:
cc:43:3b:99:00:e3:ef:0c:bd:d9:d8:a7:99:10:82:
15:ae:1b:2a:55:9b:ce:ee:b1:9e:fb:68:67:00:2b:
ec:b1:a6:f6:53:53:1f:c8:9b:b4:d4:ca:36:06:05:
69:06:37:56:a8:a3:1e:3f:8d:3a:82:27:a8:43:12:
7f:6d:a3:98:6e:2c:78:b1:19:29:ba:75:14:97:c5:
42:6a:0e:61:6d:e3:d7:ab:20:76:89:cc:96:a1:aa:
47:ca:46:6b:bf:b0:ab:a3:39:b8:08:1a:66:b1:23:
ad:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:35:B5:B8:69:80:74:2C:8F:95:26:4B:A7:51:BD:26:E4:B7:92:37
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4TW1uGmAdCyPlSZLp1G9JuS3kjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.160.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:37:e9:70:21:17:cd:52:83:df:d8:ce:c4:5c:57:65:24:d1:
69:2b:5a:23:6e:1f:f7:26:25:cb:0c:aa:7d:6f:b5:73:f6:57:
23:a0:ab:6f:d9:e4:b7:60:8b:23:6d:43:92:15:e2:f6:0c:6a:
d6:c3:4b:ea:45:2a:c4:e2:f3:b0:69:d1:11:92:cf:00:ed:7d:
e0:f5:dc:a2:8d:43:8f:9b:5f:a2:a0:c5:6f:7b:a7:44:8d:90:
4e:61:87:85:36:53:a3:65:24:25:6d:fb:17:b8:bf:ab:5c:1f:
76:7f:65:4e:e5:c5:f7:c4:42:4d:c9:01:d6:aa:9b:6a:ef:52:
4e:cb:47:a7:7a:f4:3c:40:3d:17:87:4a:51:aa:95:c4:1a:ce:
05:82:30:2f:fe:db:60:44:16:bb:79:11:3b:77:c5:47:46:73:
32:f6:b7:5a:bd:66:55:c6:a6:d3:52:27:52:e1:b9:62:e9:e5:
be:ac:da:87:36:cd:97:e3:02:cd:28:20:e5:02:2e:00:44:67:
ab:ee:7c:83:3a:5a:f0:11:45:d7:ba:4d:71:34:30:ab:04:c9:
c0:78:32:33:61:cf:bb:fe:fc:29:d9:1c:dc:27:4f:d5:96:4a:
63:be:be:87:77:a4:8c:d8:d4:09:9c:14:8f:29:bf:06:f7:59:
cd:03:dc:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr0mqyt5HwSjqaFgAtuNwHfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMDAzMDgxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTM1YjViODY5ODA3NDJjOGY5NTI2NGJhNzUxYmQyNmU0Yjc5MjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKwGrdEOMJdD93+p0FE2TRK/Knv7
3zoTs/Gg3StOaIWgH/7/oUDnv0B29I/jAit6XKxyTygQud13ga3rGPlPuDjFbTHI
ShCc1CI4zRfRZmPEBfKNYRSqWBA4BfD35iWiSbcK7HzrcCMTc5PTHe4qzu0hw1ju
1P+nn9ldR8a41Gwe+EWjyPzSOk9u2QUYza9kOqkBzr7MQzuZAOPvDL3Z2KeZEIIV
rhsqVZvO7rGe+2hnACvssab2U1MfyJu01Mo2BgVpBjdWqKMeP406gieoQxJ/baOY
bix4sRkpunUUl8VCag5hbePXqyB2icyWoapHykZrv7Crozm4CBpmsSOtJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOE1tbhpgHQsj5UmS6dRvSbkt5I3MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNFRXMXVHbUFkQ3lQbFNaTHAxRzlKdVMza2pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufygMA0G
CSqGSIb3DQEBCwUAA4IBAQBrN+lwIRfNUoPf2M7EXFdlJNFpK1ojbh/3JiXLDKp9
b7Vz9lcjoKtv2eS3YIsjbUOSFeL2DGrWw0vqRSrE4vOwadERks8A7X3g9dyijUOP
m1+ioMVve6dEjZBOYYeFNlOjZSQlbfsXuL+rXB92f2VO5cX3xEJNyQHWqptq71JO
y0enevQ8QD0Xh0pRqpXEGs4FgjAv/ttgRBa7eRE7d8VHRnMy9rdavWZVxqbTUidS
4bli6eW+rNqHNs2X4wLNKCDlAi4ARGer7nyDOlrwEUXXuk1xNDCrBMnAeDIzYc+7
/vwp2RzcJ0/Vlkpjvr6Hd6SM2NQJnBSPKb8G91nNA9xB
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:09 2024 by rpki-client on console-ams.rpki-client.org