Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lyKITgwWG-hlyiZHPEXPKlulEJA.roa
File: lyKITgwWG-hlyiZHPEXPKlulEJA.roa (raw, json)
Hash identifier: IFT0r0TO2TQvT1OPXdaBlqAEvUlgr0mc3m2T2r4t3Rk=
Subject key identifier: 97:22:88:4E:0C:16:1B:E8:65:CA:26:47:3C:45:CF:2A:5B:A5:10:90
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCDD4BEF1D15AB826774DEAD3FBEC2
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lyKITgwWG-hlyiZHPEXPKlulEJA.roa
Signing time: Tue 02 Jan 2024 06:29:26 +0000
ROA not before: Tue 02 Jan 2024 06:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35913
IP address blocks: 185.252.162.0/24 maxlen: 24
185.252.161.0/24 maxlen: 24
185.252.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 09:42:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:dd:4b:ef:1d:15:ab:82:67:74:de:ad:3f:be:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9722884e0c161be865ca26473c45cf2a5ba51090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:6d:6d:90:e7:c1:77:0c:d0:88:ee:b5:99:ed:
be:ff:fd:0b:6b:7a:3a:e7:ec:43:09:b7:68:27:7f:
53:4a:8e:47:45:6e:01:0c:25:5c:8b:76:ef:13:84:
46:84:46:28:02:0f:14:18:42:a5:82:34:12:af:ac:
bf:87:10:90:0a:fa:b4:bc:09:b6:94:1c:88:98:5d:
89:74:9d:3c:2f:e9:5c:97:20:f4:8e:eb:74:cd:9b:
8b:6d:c3:21:0c:d1:5b:98:67:f8:0f:53:04:b9:c1:
9c:0b:ed:eb:d4:63:eb:98:0f:c8:a7:80:37:d1:28:
9c:a5:e2:4b:c2:f5:c6:d3:26:63:18:78:2f:34:02:
03:51:9e:77:da:c2:66:32:43:fe:c4:a8:22:d7:6b:
46:4b:73:7d:41:3c:ba:b2:fe:d3:6a:3e:3f:bb:f5:
04:f4:5e:c8:01:aa:7c:3d:f7:80:28:e5:03:1d:cf:
98:53:8d:3c:57:d5:d4:dd:92:04:3d:3a:29:af:60:
56:de:5e:a2:41:87:59:d1:8d:83:d2:c0:b4:38:7c:
4a:37:91:77:ea:7f:00:0f:9b:e1:7f:0f:48:33:cd:
9b:30:44:27:fc:24:70:9e:2d:9e:0d:b0:13:52:1d:
41:64:9e:c6:d6:5a:4e:0e:3e:63:b0:14:de:8a:a3:
2a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:22:88:4E:0C:16:1B:E8:65:CA:26:47:3C:45:CF:2A:5B:A5:10:90
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lyKITgwWG-hlyiZHPEXPKlulEJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.161.0-185.252.163.255
Signature Algorithm: sha256WithRSAEncryption
4c:a7:1f:dd:d5:16:e8:6f:47:83:0a:b7:8d:9c:87:67:be:c6:
03:d0:bd:32:8b:15:7c:c8:ee:b6:e1:38:a6:ee:84:ee:c2:1e:
dd:df:83:11:05:c5:36:90:80:9e:80:05:7f:8e:27:c5:76:93:
66:c5:4b:0c:96:f8:ad:e5:f7:44:ec:70:a0:ac:71:54:c3:99:
76:7a:bf:85:8a:68:21:67:44:64:a9:4b:a5:13:b5:20:11:a6:
ac:92:d9:47:f8:b8:86:e3:bd:ce:bd:67:d5:90:ed:a4:5c:fe:
00:5a:37:62:55:13:82:64:47:0e:07:6b:c3:0c:d3:ab:c7:07:
37:98:b3:90:23:7f:c4:fd:88:a9:66:12:b8:e0:b2:b9:39:05:
51:23:04:38:fd:73:ec:af:32:46:47:00:45:de:c6:3a:ed:85:
3b:dc:88:f7:81:28:a3:37:ec:28:e0:54:67:fd:e6:34:be:5f:
30:f9:f4:b3:66:07:9d:1b:6f:2f:90:5a:09:5a:02:f4:bf:3d:
a4:ea:c4:fd:68:d5:2a:f0:b3:3b:7c:89:a5:53:8b:2a:67:ec:
3d:48:da:c3:c0:8e:1c:74:bb:42:28:d2:da:07:fc:09:1c:a4:
21:83:bc:78:a6:b4:b5:64:98:15:e6:11:53:66:20:6b:23:b0:
c5:45:2d:be
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzI3N1L7x0Vq4JndN6tP77CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzIyODg0ZTBjMTYxYmU4NjVjYTI2NDczYzQ1Y2YyYTViYTUxMDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiG1tkOfBdwzQiO61me2+//0La3o6
5+xDCbdoJ39TSo5HRW4BDCVci3bvE4RGhEYoAg8UGEKlgjQSr6y/hxCQCvq0vAm2
lByImF2JdJ08L+lclyD0jut0zZuLbcMhDNFbmGf4D1MEucGcC+3r1GPrmA/Ip4A3
0SicpeJLwvXG0yZjGHgvNAIDUZ532sJmMkP+xKgi12tGS3N9QTy6sv7Taj4/u/UE
9F7IAap8PfeAKOUDHc+YU408V9XU3ZIEPTopr2BW3l6iQYdZ0Y2D0sC0OHxKN5F3
6n8AD5vhfw9IM82bMEQn/CRwni2eDbATUh1BZJ7G1lpODj5jsBTeiqMqGQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJciiE4MFhvoZcomRzxFzypbpRCQMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbHlLSVRnd1dHLWhseWlaSFBFWFBLbHVsRUpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5/KED
BAK5/KAwDQYJKoZIhvcNAQELBQADggEBAEynH93VFuhvR4MKt42ch2e+xgPQvTKL
FXzI7rbhOKbuhO7CHt3fgxEFxTaQgJ6ABX+OJ8V2k2bFSwyW+K3l90TscKCscVTD
mXZ6v4WKaCFnRGSpS6UTtSARpqyS2Uf4uIbjvc69Z9WQ7aRc/gBaN2JVE4JkRw4H
a8MM06vHBzeYs5Ajf8T9iKlmErjgsrk5BVEjBDj9c+yvMkZHAEXexjrthTvciPeB
KKM37CjgVGf95jS+XzD59LNmB50bby+QWglaAvS/PaTqxP1o1Srwszt8iaVTiypn
7D1I2sPAjhx0u0Io0toH/AkcpCGDvHimtLVkmBXmEVNmIGsjsMVFLb4=
-----END CERTIFICATE-----
Generated at Mon Jan 22 12:18:55 2024 by rpki-client on console-fra.rpki-client.org