Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ThtPCYozdXdQ5E1EsuequTVAXZY.roa
File: ThtPCYozdXdQ5E1EsuequTVAXZY.roa (raw, json)
Hash identifier: mgXQiTsnCaYGhCFD53HKPevoEaFNIlRRd1IfCfGFLlw=
Subject key identifier: 4E:1B:4F:09:8A:33:75:77:50:E4:4D:44:B2:E7:AA:B9:35:40:5D:96
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01856D82178CDC0D4A1FD196CA04B455AD00
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ThtPCYozdXdQ5E1EsuequTVAXZY.roa
Signing time: Sun 01 Jan 2023 13:25:20 +0000
ROA not before: Sun 01 Jan 2023 13:25:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399587
IP address blocks: 193.8.186.0/24 maxlen: 24
193.8.184.0/24 maxlen: 24
193.8.185.0/24 maxlen: 24
185.207.14.0/23 maxlen: 24
193.8.187.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:82:17:8c:dc:0d:4a:1f:d1:96:ca:04:b4:55:ad:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 13:25:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e1b4f098a33757750e44d44b2e7aab935405d96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:21:10:f0:b6:12:cc:59:b2:a4:5f:87:b7:3a:
24:e1:38:86:fd:ab:81:1f:dc:64:ab:bb:71:de:ab:
03:cf:ec:e1:7e:9f:ec:1c:cb:ec:f3:8a:a8:90:fa:
99:80:94:b2:b5:3b:dc:07:4d:39:08:30:d3:00:00:
9b:c6:58:7f:b1:6b:f5:67:1d:d6:45:5e:75:c5:8d:
e2:eb:06:26:f1:ba:ca:8c:a9:99:f8:8c:4b:1d:86:
fd:c0:22:4c:bb:f6:b9:74:53:19:99:57:d2:25:52:
34:76:cd:1b:29:b8:6b:e3:26:d0:77:f0:57:be:3d:
ca:db:a8:f3:41:b7:b1:5f:e4:63:75:b8:70:cc:f8:
4d:e0:30:d9:65:62:44:36:39:f5:30:8e:98:10:c8:
52:91:dd:44:88:5e:ba:28:3b:31:ff:aa:c6:f6:f3:
80:ad:c2:4f:66:31:d6:b9:97:07:77:d1:6b:cf:3a:
ce:84:36:11:3c:e0:fa:41:6c:81:7d:43:87:85:a5:
30:5a:36:4a:bb:b7:22:76:81:44:5c:62:92:29:04:
98:99:a5:69:07:27:d2:09:ff:1d:33:10:80:32:e6:
57:95:fb:cd:c0:18:1b:52:15:d5:2d:06:a4:d8:49:
1d:0c:83:49:6c:bb:c4:1f:83:18:2f:14:4d:80:32:
af:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:1B:4F:09:8A:33:75:77:50:E4:4D:44:B2:E7:AA:B9:35:40:5D:96
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ThtPCYozdXdQ5E1EsuequTVAXZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.207.14.0/23
193.8.184.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:a9:ee:7c:55:94:31:e3:29:69:9e:ed:de:a7:ad:97:8e:c1:
8a:e9:ec:8a:17:80:ff:79:47:c1:48:d6:fa:dc:d4:81:f9:ad:
c3:6c:5f:29:50:be:34:d6:ec:d6:cc:0f:f7:62:11:7e:c1:b5:
02:33:10:12:bd:55:cc:67:2e:de:cc:d7:c2:ec:9a:81:19:5b:
1a:d9:52:09:5a:bd:8e:e6:89:43:b7:b9:71:1c:cc:2f:09:bb:
dc:d6:e5:f8:0f:c9:93:b4:a9:91:83:d4:de:e2:a3:0f:1c:e2:
fd:41:2f:e2:6e:23:46:9f:95:2c:20:5f:3e:74:b8:da:b3:2d:
7d:ea:e0:37:12:65:c3:d2:40:b7:41:8d:52:27:77:a1:06:a6:
fa:c7:3a:4a:e0:11:51:12:2c:64:21:18:00:7b:82:b2:ef:f1:
8b:44:3f:8a:cd:56:d5:3c:99:b8:b2:cc:79:7a:6e:4f:d8:64:
37:23:10:1b:c9:1c:e8:17:7d:e9:08:b1:08:2e:06:88:e1:8f:
2b:5a:71:b6:34:45:13:80:ca:bb:af:93:e0:a7:15:4e:dc:09:
dc:b1:76:71:b1:ab:8d:34:85:5e:e6:54:4c:d0:8d:ae:10:dc:
5c:8c:fd:29:29:1a:84:6d:ac:74:b5:fa:fa:ac:58:50:2d:98:
f3:b7:e9:43
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtgheM3A1KH9GWygS0Va0AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTFiNGYwOThhMzM3NTc3NTBlNDRkNDRiMmU3YWFiOTM1NDA1ZDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyEQ8LYSzFmypF+Htzok4TiG/auB
H9xkq7tx3qsDz+zhfp/sHMvs84qokPqZgJSytTvcB005CDDTAACbxlh/sWv1Zx3W
RV51xY3i6wYm8brKjKmZ+IxLHYb9wCJMu/a5dFMZmVfSJVI0ds0bKbhr4ybQd/BX
vj3K26jzQbexX+RjdbhwzPhN4DDZZWJENjn1MI6YEMhSkd1EiF66KDsx/6rG9vOA
rcJPZjHWuZcHd9FrzzrOhDYRPOD6QWyBfUOHhaUwWjZKu7cidoFEXGKSKQSYmaVp
ByfSCf8dMxCAMuZXlfvNwBgbUhXVLQak2EkdDINJbLvEH4MYLxRNgDKvgwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE4bTwmKM3V3UORNRLLnqrk1QF2WMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVGh0UENZb3pkWGRRNUUxRXN1ZXF1VFZBWFpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuc8OAwQC
wQi4MA0GCSqGSIb3DQEBCwUAA4IBAQAvqe58VZQx4ylpnu3ep62XjsGK6eyKF4D/
eUfBSNb63NSB+a3DbF8pUL401uzWzA/3YhF+wbUCMxASvVXMZy7ezNfC7JqBGVsa
2VIJWr2O5olDt7lxHMwvCbvc1uX4D8mTtKmRg9Te4qMPHOL9QS/ibiNGn5UsIF8+
dLjasy196uA3EmXD0kC3QY1SJ3ehBqb6xzpK4BFREixkIRgAe4Ky7/GLRD+KzVbV
PJm4ssx5em5P2GQ3IxAbyRzoF33pCLEILgaI4Y8rWnG2NEUTgMq7r5PgpxVO3Anc
sXZxsauNNIVe5lRM0I2uENxcjP0pKRqEbax0tfr6rFhQLZjzt+lD
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:37 2023 by rpki-client on console-ams.rpki-client.org