Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/ce7ce8-a60d-4f56-bb0e-d5d37aa9b604/1/pCQYcj78qjSNZ6tcJPUHmNUdn1M.roa
File: pCQYcj78qjSNZ6tcJPUHmNUdn1M.roa (raw, json)
Hash identifier: OaRiLdkL7noS8/yo9MSsMnj1gz2XoxqDjYBGINOTDQE=
Subject key identifier: A4:24:18:72:3E:FC:AA:34:8D:67:AB:5C:24:F5:07:98:D5:1D:9F:53
Certificate issuer: /CN=31e0f99bcdccd7ffe72bd35c344bcd032ff74f73
Certificate serial: 0189168676714B081A760DA9179577846755
Authority key identifier: 31:E0:F9:9B:CD:CC:D7:FF:E7:2B:D3:5C:34:4B:CD:03:2F:F7:4F:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MeD5m83M1__nK9NcNEvNAy_3T3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/ce7ce8-a60d-4f56-bb0e-d5d37aa9b604/1/pCQYcj78qjSNZ6tcJPUHmNUdn1M.roa
Signing time: Sun 02 Jul 2023 12:14:18 +0000
ROA not before: Sun 02 Jul 2023 12:14:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211466
IP address blocks: 185.153.163.0/24 maxlen: 24
185.153.160.0/24 maxlen: 24
185.153.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:16:86:76:71:4b:08:1a:76:0d:a9:17:95:77:84:67:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31e0f99bcdccd7ffe72bd35c344bcd032ff74f73
Validity
Not Before: Jul 2 12:14:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a42418723efcaa348d67ab5c24f50798d51d9f53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a2:c0:cd:87:e2:da:14:32:41:98:df:70:cd:
23:a0:eb:9f:91:81:70:a0:53:be:75:4f:3a:2d:ba:
c0:40:35:28:2a:83:24:92:38:cf:7e:f0:e9:26:05:
e7:76:30:f8:d7:a7:a2:71:98:aa:4e:c6:32:d9:bc:
4d:3a:c9:23:85:29:0a:c8:b0:db:75:13:e0:a1:7f:
b3:36:c5:64:46:68:e7:1b:55:c2:64:dd:f9:7b:21:
59:2e:16:be:bb:c7:25:eb:99:3e:b9:a7:a2:01:f0:
d4:58:d2:23:6f:1b:4a:68:39:8b:12:d1:12:86:76:
92:00:bd:73:33:a7:c3:03:84:00:5c:80:5f:c9:61:
91:e4:d4:bd:37:5f:f3:de:b8:2f:ca:55:0a:bb:c9:
91:c8:c1:63:04:79:6e:ce:59:1f:7d:8a:b4:4f:c6:
db:b2:34:bd:09:3f:ba:37:8b:56:7d:6f:39:8b:e8:
a9:3c:12:8f:95:d9:9b:c4:97:a3:4c:66:03:53:8d:
3f:a1:6b:12:f4:6c:ba:f8:05:10:04:22:5d:ca:8b:
8a:a7:6b:8d:f0:09:83:81:aa:60:34:2c:32:41:8a:
78:f0:fd:77:27:1b:d2:06:8f:f1:f9:40:4a:c0:86:
e0:a9:21:5a:b7:4a:21:5c:57:78:f7:dd:c4:a6:12:
20:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:24:18:72:3E:FC:AA:34:8D:67:AB:5C:24:F5:07:98:D5:1D:9F:53
X509v3 Authority Key Identifier:
keyid:31:E0:F9:9B:CD:CC:D7:FF:E7:2B:D3:5C:34:4B:CD:03:2F:F7:4F:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MeD5m83M1__nK9NcNEvNAy_3T3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/ce7ce8-a60d-4f56-bb0e-d5d37aa9b604/1/pCQYcj78qjSNZ6tcJPUHmNUdn1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/ce7ce8-a60d-4f56-bb0e-d5d37aa9b604/1/MeD5m83M1__nK9NcNEvNAy_3T3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.160.0/23
185.153.163.0/24
Signature Algorithm: sha256WithRSAEncryption
35:97:34:f7:3a:93:4e:7a:11:4e:83:a9:3f:b9:81:d8:45:44:
45:15:28:c2:63:36:68:92:e4:27:41:0e:4a:c3:02:22:f6:d8:
f4:01:c8:a0:a8:5c:b4:7e:33:9f:f0:bf:d1:8b:f0:e1:00:40:
ee:9c:0d:fa:89:8a:b4:ab:b2:c0:51:8d:89:c5:4e:7f:46:c7:
92:41:5c:bf:09:85:e1:00:83:2c:37:bf:33:1f:ff:22:a0:ba:
ab:17:20:c9:21:cf:c1:3f:ba:c2:f9:fd:7a:fb:9e:b1:1c:4c:
fb:4f:68:95:ef:36:67:40:1f:13:42:22:92:e7:ce:88:ad:6c:
cc:7d:f9:02:b8:68:a1:54:4f:66:89:63:cd:d0:21:58:4e:fd:
6f:92:cc:e5:95:ce:bf:bc:41:9c:bd:5c:8b:0e:11:f9:9f:a9:
9e:ac:4a:de:79:c0:b4:58:28:de:93:14:48:bb:4c:72:db:80:
c6:68:7e:89:9c:fa:44:bb:c9:1a:83:c2:a1:08:18:31:30:cc:
c0:de:fe:35:b1:83:08:60:14:11:5f:dd:7e:66:2e:77:1a:c2:
0c:b6:a6:e6:e8:98:0c:26:2a:39:36:e1:b4:07:8a:04:96:9e:
2f:b9:fa:f5:db:a7:81:10:2b:2c:fa:d9:91:4d:13:fb:98:7c:
b2:c9:59:e9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYkWhnZxSwgadg2pF5V3hGdVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZTBmOTliY2RjY2Q3ZmZlNzJiZDM1YzM0NGJjZDAzMmZm
NzRmNzMwHhcNMjMwNzAyMTIxNDE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDI0MTg3MjNlZmNhYTM0OGQ2N2FiNWMyNGY1MDc5OGQ1MWQ5ZjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaLAzYfi2hQyQZjfcM0joOufkYFw
oFO+dU86LbrAQDUoKoMkkjjPfvDpJgXndjD416eicZiqTsYy2bxNOskjhSkKyLDb
dRPgoX+zNsVkRmjnG1XCZN35eyFZLha+u8cl65k+uaeiAfDUWNIjbxtKaDmLEtES
hnaSAL1zM6fDA4QAXIBfyWGR5NS9N1/z3rgvylUKu8mRyMFjBHluzlkffYq0T8bb
sjS9CT+6N4tWfW85i+ipPBKPldmbxJejTGYDU40/oWsS9Gy6+AUQBCJdyouKp2uN
8AmDgapgNCwyQYp48P13JxvSBo/x+UBKwIbgqSFat0ohXFd4993EphIgtQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKQkGHI+/Ko0jWerXCT1B5jVHZ9TMB8GA1UdIwQY
MBaAFDHg+ZvNzNf/5yvTXDRLzQMv909zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWVENW04M00xX19uSzlOY05Fdk5BeV8zVDNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9jZTdjZTgtYTYwZC00ZjU2LWJiMGUt
ZDVkMzdhYTliNjA0LzEvcENRWWNqNzhxalNOWjZ0Y0pQVUhtTlVkbjFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9jZTdjZTgtYTYwZC00ZjU2LWJiMGUtZDVkMzdhYTliNjA0
LzEvTWVENW04M00xX19uSzlOY05Fdk5BeV8zVDNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuZmgAwQA
uZmjMA0GCSqGSIb3DQEBCwUAA4IBAQA1lzT3OpNOehFOg6k/uYHYRURFFSjCYzZo
kuQnQQ5KwwIi9tj0AcigqFy0fjOf8L/Ri/DhAEDunA36iYq0q7LAUY2JxU5/RseS
QVy/CYXhAIMsN78zH/8ioLqrFyDJIc/BP7rC+f16+56xHEz7T2iV7zZnQB8TQiKS
586IrWzMffkCuGihVE9miWPN0CFYTv1vkszllc6/vEGcvVyLDhH5n6merEreecC0
WCjekxRIu0xy24DGaH6JnPpEu8kag8KhCBgxMMzA3v41sYMIYBQRX91+Zi53GsIM
tqbm6JgMJio5NuG0B4oElp4vufr126eBECss+tmRTRP7mHyyyVnp
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:32 2024 by rpki-client on console-ams.rpki-client.org