Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/1ct-ioCDL0pxbWDfzGfJFru3Iaw.roa
File: 1ct-ioCDL0pxbWDfzGfJFru3Iaw.roa (raw, json)
Hash identifier: GV2Vl1E6dqbZnQPD0o2vSEx+E6W5w1SkKpLeCrBvhH4=
Subject key identifier: D5:CB:7E:8A:80:83:2F:4A:71:6D:60:DF:CC:67:C9:16:BB:B7:21:AC
Certificate issuer: /CN=1e234242957bb1be129681721f9c2cd08df07baa
Certificate serial: 018570FBAE5E05B43CAE9B38A379C338FC18
Authority key identifier: 1E:23:42:42:95:7B:B1:BE:12:96:81:72:1F:9C:2C:D0:8D:F0:7B:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HiNCQpV7sb4SloFyH5ws0I3we6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/1ct-ioCDL0pxbWDfzGfJFru3Iaw.roa
Signing time: Mon 02 Jan 2023 05:37:00 +0000
ROA not before: Mon 02 Jan 2023 05:37:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60232
IP address blocks: 185.40.72.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Jan 2023 23:25:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:ae:5e:05:b4:3c:ae:9b:38:a3:79:c3:38:fc:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e234242957bb1be129681721f9c2cd08df07baa
Validity
Not Before: Jan 2 05:37:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5cb7e8a80832f4a716d60dfcc67c916bbb721ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d9:1f:7a:40:f1:64:a4:cf:1d:af:a8:50:d1:
1d:d3:dc:65:ce:b7:89:4c:c7:76:ab:8d:6b:35:de:
d9:27:b0:7a:3e:d2:b2:a6:b9:15:e4:c7:2e:e0:e7:
1f:51:1b:1d:fb:13:a3:26:f8:7d:c9:34:49:12:19:
46:6e:a0:52:46:75:6f:bb:8f:87:d7:6e:18:a7:aa:
08:c4:46:a4:e4:8a:40:53:2d:05:93:61:06:05:09:
0d:ca:cb:39:c5:49:18:d4:c9:8e:66:48:a3:7d:0a:
d3:a7:08:47:14:04:ed:d7:ad:c0:ca:0e:f2:02:e9:
ea:8b:5f:fc:e9:43:cb:5b:a9:60:43:26:f7:1c:94:
49:7f:0a:2b:fd:ae:df:64:37:0b:5d:9f:36:e9:da:
72:01:7e:02:c5:f8:b7:55:13:ee:4c:90:b5:1f:6f:
75:04:34:1c:85:ae:74:9b:a4:51:90:48:4a:1d:f1:
cb:2c:5c:6b:6e:20:67:9d:90:f2:51:bd:ec:81:f5:
a1:ab:76:e1:4f:5f:68:b8:54:c7:ac:cc:51:d3:ab:
81:e6:e8:2f:13:d3:ef:7b:c0:26:df:ef:43:7c:dd:
fd:b9:48:65:3d:76:5e:ff:a2:5e:9e:03:37:9a:33:
b3:88:2c:32:3b:b9:6e:58:3b:13:d1:39:41:74:e9:
8f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:CB:7E:8A:80:83:2F:4A:71:6D:60:DF:CC:67:C9:16:BB:B7:21:AC
X509v3 Authority Key Identifier:
keyid:1E:23:42:42:95:7B:B1:BE:12:96:81:72:1F:9C:2C:D0:8D:F0:7B:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HiNCQpV7sb4SloFyH5ws0I3we6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/1ct-ioCDL0pxbWDfzGfJFru3Iaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/HiNCQpV7sb4SloFyH5ws0I3we6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.72.0/22
Signature Algorithm: sha256WithRSAEncryption
83:9d:0e:12:ec:dc:ad:11:15:78:da:d8:ac:79:ce:ca:df:81:
76:e7:ff:21:ee:22:31:04:04:2c:31:07:c1:53:83:24:93:48:
d1:ea:6e:20:ca:62:db:41:24:51:f8:f5:fd:c2:f8:1b:38:b0:
3f:cf:ed:76:07:08:4e:d5:f0:c8:e1:8f:74:50:c8:da:5a:d8:
29:85:d0:8b:fc:4e:94:5d:ac:28:00:ac:35:93:b2:9e:10:72:
b2:6f:68:62:3c:1d:07:fa:f2:b4:d5:cb:a3:86:1d:21:77:87:
24:fd:09:5b:7d:6c:d7:7d:24:f6:56:ea:4b:37:d6:e2:a1:c8:
a3:02:d2:59:6a:3e:c5:f4:e5:e6:9a:01:c8:89:15:d6:02:01:
82:b3:80:b5:0b:59:31:0a:1f:67:0e:51:44:d2:b5:72:c2:cb:
42:bc:c0:e2:c2:7e:b4:11:64:27:7d:1e:09:4a:02:95:b8:06:
f6:27:c8:72:82:a1:4e:32:22:4a:41:59:56:e9:15:6f:7c:26:
1a:66:ab:25:93:35:a3:b0:ba:03:63:6a:73:a8:eb:37:24:07:
e3:ce:44:d7:91:dd:37:ca:a6:03:e1:dd:81:fe:53:87:72:0f:
1d:db:75:97:e2:3c:89:97:da:98:26:3c:58:4d:ed:0a:71:8f:
6e:b7:41:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw+65eBbQ8rps4o3nDOPwYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMjM0MjQyOTU3YmIxYmUxMjk2ODE3MjFmOWMyY2QwOGRm
MDdiYWEwHhcNMjMwMTAyMDUzNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWNiN2U4YTgwODMyZjRhNzE2ZDYwZGZjYzY3YzkxNmJiYjcyMWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidkfekDxZKTPHa+oUNEd09xlzreJ
TMd2q41rNd7ZJ7B6PtKyprkV5Mcu4OcfURsd+xOjJvh9yTRJEhlGbqBSRnVvu4+H
124Yp6oIxEak5IpAUy0Fk2EGBQkNyss5xUkY1MmOZkijfQrTpwhHFATt163Ayg7y
Aunqi1/86UPLW6lgQyb3HJRJfwor/a7fZDcLXZ826dpyAX4Cxfi3VRPuTJC1H291
BDQcha50m6RRkEhKHfHLLFxrbiBnnZDyUb3sgfWhq3bhT19ouFTHrMxR06uB5ugv
E9Pve8Am3+9DfN39uUhlPXZe/6JengM3mjOziCwyO7luWDsT0TlBdOmPSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNXLfoqAgy9KcW1g38xnyRa7tyGsMB8GA1UdIwQY
MBaAFB4jQkKVe7G+EpaBch+cLNCN8HuqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGlOQ1FwVjdzYjRTbG9GeUg1d3MwSTN3ZTZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iM2FlMzMtNmQ2Mi00MDkzLTkyZWMt
NTYzODUyNmZmNjQxLzEvMWN0LWlvQ0RMMHB4YldEZnpHZkpGcnUzSWF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9iM2FlMzMtNmQ2Mi00MDkzLTkyZWMtNTYzODUyNmZmNjQx
LzEvSGlOQ1FwVjdzYjRTbG9GeUg1d3MwSTN3ZTZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuShIMA0G
CSqGSIb3DQEBCwUAA4IBAQCDnQ4S7NytERV42tisec7K34F25/8h7iIxBAQsMQfB
U4Mkk0jR6m4gymLbQSRR+PX9wvgbOLA/z+12BwhO1fDI4Y90UMjaWtgphdCL/E6U
XawoAKw1k7KeEHKyb2hiPB0H+vK01cujhh0hd4ck/QlbfWzXfST2VupLN9biocij
AtJZaj7F9OXmmgHIiRXWAgGCs4C1C1kxCh9nDlFE0rVywstCvMDiwn60EWQnfR4J
SgKVuAb2J8hygqFOMiJKQVlW6RVvfCYaZqslkzWjsLoDY2pzqOs3JAfjzkTXkd03
yqYD4d2B/lOHcg8d23WX4jyJl9qYJjxYTe0KcY9ut0GU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:38 2024 by rpki-client on console-fra.rpki-client.org