Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9c7aff-d83e-4f51-9b96-5484c39b2d4e/1/GKGzO0HXTWxCE0s7AYE3U1r37K4.roa
File: GKGzO0HXTWxCE0s7AYE3U1r37K4.roa (raw, json)
Hash identifier: xlI1Wh19mAztDJLSfy2CpYs+cTyz/9CSmzoFuz1uOzU=
Subject key identifier: 18:A1:B3:3B:41:D7:4D:6C:42:13:4B:3B:01:81:37:53:5A:F7:EC:AE
Certificate issuer: /CN=21bfa77b3cd782933e5f255445d428adfbdca0e1
Certificate serial: 01856F5480AA60F1A25C8B16FDD5D4546203
Authority key identifier: 21:BF:A7:7B:3C:D7:82:93:3E:5F:25:54:45:D4:28:AD:FB:DC:A0:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ib-nezzXgpM-XyVURdQorfvcoOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9c7aff-d83e-4f51-9b96-5484c39b2d4e/1/GKGzO0HXTWxCE0s7AYE3U1r37K4.roa
Signing time: Sun 01 Jan 2023 21:54:46 +0000
ROA not before: Sun 01 Jan 2023 21:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13302
IP address blocks: 185.166.16.0/22 maxlen: 24
185.166.17.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:80:aa:60:f1:a2:5c:8b:16:fd:d5:d4:54:62:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bfa77b3cd782933e5f255445d428adfbdca0e1
Validity
Not Before: Jan 1 21:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=18a1b33b41d74d6c42134b3b018137535af7ecae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b3:5c:7c:69:bc:98:57:98:6f:63:4a:29:23:
2d:a9:12:84:be:d9:cd:a8:26:ae:37:4a:c0:01:43:
64:04:00:39:76:7a:5c:3d:b7:fd:15:8d:85:cb:59:
f1:1d:81:db:08:7c:85:93:9e:c4:05:de:04:b5:34:
e2:cb:1c:4e:11:8f:0c:3b:a0:e0:3c:c5:93:67:f6:
b8:93:e0:64:d4:2e:15:13:92:ee:cf:d5:c8:91:76:
86:56:33:01:83:4e:41:cc:4c:7c:4b:96:f2:d8:36:
36:34:fa:ee:cf:22:e9:84:19:e9:62:ab:6d:68:db:
a4:e1:35:38:c2:6d:8c:0b:22:e2:cc:b9:d5:ff:e3:
69:88:46:31:c9:c8:b1:f6:a4:aa:8c:59:b0:ca:55:
18:47:d5:a1:66:d6:bb:11:89:f8:29:2c:1f:46:f3:
7e:32:c2:fa:b7:ca:80:96:04:ab:d6:6e:fa:d5:dd:
f3:89:7c:9a:b1:0f:28:3b:eb:c4:70:09:b4:a9:d1:
52:cd:6d:43:3a:94:07:74:c6:6d:e2:0c:d7:e4:4c:
c2:cf:03:97:5b:21:80:4c:f1:dc:05:d6:4c:49:0f:
e4:a0:1c:00:4a:d0:91:35:50:f2:13:62:9f:b9:b6:
a5:d9:8f:89:b9:ac:32:27:cb:3f:4e:9a:97:d8:ad:
67:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:A1:B3:3B:41:D7:4D:6C:42:13:4B:3B:01:81:37:53:5A:F7:EC:AE
X509v3 Authority Key Identifier:
keyid:21:BF:A7:7B:3C:D7:82:93:3E:5F:25:54:45:D4:28:AD:FB:DC:A0:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ib-nezzXgpM-XyVURdQorfvcoOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9c7aff-d83e-4f51-9b96-5484c39b2d4e/1/GKGzO0HXTWxCE0s7AYE3U1r37K4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9c7aff-d83e-4f51-9b96-5484c39b2d4e/1/Ib-nezzXgpM-XyVURdQorfvcoOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.16.0/22
Signature Algorithm: sha256WithRSAEncryption
73:f8:6a:61:b2:b7:3b:87:bb:ac:1f:a5:ab:28:ce:0a:8d:03:
b7:ff:31:13:14:b8:57:a0:44:e8:74:10:44:b5:99:ff:63:77:
61:0c:0b:80:01:32:05:02:5a:49:56:9e:af:bc:20:b8:20:10:
aa:e5:01:c4:6c:92:23:74:7a:99:16:23:aa:e1:a6:71:e4:cf:
78:12:aa:2e:30:1b:58:51:13:4b:cf:96:ba:ac:70:af:c7:50:
21:89:2c:28:50:f5:40:cd:d7:2e:84:f5:0f:6c:3e:c4:29:6a:
d7:f1:84:a8:92:ed:a0:ae:3c:09:24:0e:40:eb:e6:20:57:79:
7d:03:d9:a5:a2:98:6d:24:c2:4c:e4:61:db:3d:97:94:5f:84:
ce:e7:ad:cf:ea:41:6a:7b:a7:a9:16:56:93:d4:3c:a7:c6:38:
ec:1b:45:10:cb:5d:a8:e6:19:73:0e:1e:66:96:a4:b5:b7:cd:
fa:5c:3e:7c:88:6b:18:61:f4:d5:bb:69:90:9e:c7:0f:f7:60:
d6:d3:47:dc:21:e6:8d:e0:3e:5e:af:f9:63:d1:fa:d2:70:ca:
76:1e:b0:0d:f0:e1:47:b1:66:a0:dc:80:c0:cb:f4:c1:ef:75:
47:8e:ed:69:08:c1:9d:a0:25:f5:2c:36:98:e6:0f:27:be:aa:
6f:8e:20:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvVICqYPGiXIsW/dXUVGIDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmZhNzdiM2NkNzgyOTMzZTVmMjU1NDQ1ZDQyOGFkZmJk
Y2EwZTEwHhcNMjMwMTAxMjE1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGExYjMzYjQxZDc0ZDZjNDIxMzRiM2IwMTgxMzc1MzVhZjdlY2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrNcfGm8mFeYb2NKKSMtqRKEvtnN
qCauN0rAAUNkBAA5dnpcPbf9FY2Fy1nxHYHbCHyFk57EBd4EtTTiyxxOEY8MO6Dg
PMWTZ/a4k+Bk1C4VE5Luz9XIkXaGVjMBg05BzEx8S5by2DY2NPruzyLphBnpYqtt
aNuk4TU4wm2MCyLizLnV/+NpiEYxycix9qSqjFmwylUYR9WhZta7EYn4KSwfRvN+
MsL6t8qAlgSr1m761d3ziXyasQ8oO+vEcAm0qdFSzW1DOpQHdMZt4gzX5EzCzwOX
WyGATPHcBdZMSQ/koBwAStCRNVDyE2Kfubal2Y+JuawyJ8s/TpqX2K1nywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBihsztB101sQhNLOwGBN1Na9+yuMB8GA1UdIwQY
MBaAFCG/p3s814KTPl8lVEXUKK373KDhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWItbmV6elhncE0tWHlWVVJkUW9yZnZjb09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85YzdhZmYtZDgzZS00ZjUxLTliOTYt
NTQ4NGMzOWIyZDRlLzEvR0tHek8wSFhUV3hDRTBzN0FZRTNVMXIzN0s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85YzdhZmYtZDgzZS00ZjUxLTliOTYtNTQ4NGMzOWIyZDRl
LzEvSWItbmV6elhncE0tWHlWVVJkUW9yZnZjb09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaYQMA0G
CSqGSIb3DQEBCwUAA4IBAQBz+Gphsrc7h7usH6WrKM4KjQO3/zETFLhXoETodBBE
tZn/Y3dhDAuAATIFAlpJVp6vvCC4IBCq5QHEbJIjdHqZFiOq4aZx5M94EqouMBtY
URNLz5a6rHCvx1AhiSwoUPVAzdcuhPUPbD7EKWrX8YSoku2grjwJJA5A6+YgV3l9
A9mlophtJMJM5GHbPZeUX4TO563P6kFqe6epFlaT1DynxjjsG0UQy12o5hlzDh5m
lqS1t836XD58iGsYYfTVu2mQnscP92DW00fcIeaN4D5er/lj0frScMp2HrAN8OFH
sWag3IDAy/TB73VHju1pCMGdoCX1LDaY5g8nvqpvjiDf
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:30 2024 by rpki-client on console-fra.rpki-client.org