Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/f0aef3-263d-4f41-8853-18b7eb923a99/1/io3XnfcRkLGqMh7SzNEQ1wzxy1g.roa
File: io3XnfcRkLGqMh7SzNEQ1wzxy1g.roa (raw, json)
Hash identifier: 7i5EpnHg1E2s+9ofdQOfxEGgbtsK32CmCZg7QgF4lJw=
Subject key identifier: 8A:8D:D7:9D:F7:11:90:B1:AA:32:1E:D2:CC:D1:10:D7:0C:F1:CB:58
Certificate issuer: /CN=6e37a10a4a0273f41facf7440d59f39ad5eaf64b
Certificate serial: 0189F4E5300E301EE9780D1C66FE1A62A84A
Authority key identifier: 6E:37:A1:0A:4A:02:73:F4:1F:AC:F7:44:0D:59:F3:9A:D5:EA:F6:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bjehCkoCc_QfrPdEDVnzmtXq9ks.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/f0aef3-263d-4f41-8853-18b7eb923a99/1/io3XnfcRkLGqMh7SzNEQ1wzxy1g.roa
Signing time: Mon 14 Aug 2023 16:33:27 +0000
ROA not before: Mon 14 Aug 2023 16:33:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42184
IP address blocks: 185.157.151.0/24 maxlen: 24
2a0c:f387:f000::/36 maxlen: 36
Validation: Failed, certificate revoked on Tue 15 Aug 2023 13:38:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f4:e5:30:0e:30:1e:e9:78:0d:1c:66:fe:1a:62:a8:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e37a10a4a0273f41facf7440d59f39ad5eaf64b
Validity
Not Before: Aug 14 16:33:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a8dd79df71190b1aa321ed2ccd110d70cf1cb58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:59:a2:78:a3:89:f1:0a:ed:3e:e0:fa:22:e9:
a7:f0:3e:d2:68:11:46:a6:14:01:e3:c4:35:05:be:
14:db:62:06:2f:54:4d:90:11:ad:3c:f1:98:59:61:
a1:9c:8a:ce:99:10:16:47:36:be:72:50:44:b7:38:
fe:1f:6d:c9:17:aa:5c:6c:a5:29:23:87:a9:9d:f2:
d9:fc:ec:6c:9b:38:58:d4:76:d8:e6:47:4b:d6:8b:
bb:6c:ec:83:c5:90:f3:72:f0:4f:dd:1f:5b:c5:df:
cb:cd:9e:12:48:a9:3a:38:4f:79:72:ce:75:d7:df:
a5:04:2b:e6:7b:32:ce:03:14:36:ac:e0:72:65:6f:
42:30:0d:c5:26:ea:75:33:55:b9:19:5e:9b:4e:fb:
a9:2c:79:89:03:09:16:16:98:d1:1e:c7:97:4d:27:
97:44:4f:d2:2f:1e:07:a0:16:fc:ee:4d:7d:a8:99:
bc:7c:93:3a:4e:53:32:86:ec:a9:fe:75:47:74:c8:
b6:56:44:3e:f6:80:4e:a6:0b:72:07:c4:d8:e8:32:
6a:86:b7:69:76:4d:64:bb:f1:37:67:18:2a:b4:f3:
4e:2f:a0:1b:8e:a3:4a:89:20:6d:30:5a:19:df:df:
3b:08:b4:5e:14:8a:4c:fd:24:92:4a:3b:88:a5:29:
6a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:8D:D7:9D:F7:11:90:B1:AA:32:1E:D2:CC:D1:10:D7:0C:F1:CB:58
X509v3 Authority Key Identifier:
keyid:6E:37:A1:0A:4A:02:73:F4:1F:AC:F7:44:0D:59:F3:9A:D5:EA:F6:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bjehCkoCc_QfrPdEDVnzmtXq9ks.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f0aef3-263d-4f41-8853-18b7eb923a99/1/io3XnfcRkLGqMh7SzNEQ1wzxy1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f0aef3-263d-4f41-8853-18b7eb923a99/1/bjehCkoCc_QfrPdEDVnzmtXq9ks.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.151.0/24
IPv6:
2a0c:f387:f000::/36
Signature Algorithm: sha256WithRSAEncryption
66:32:90:6f:bf:af:98:cb:eb:56:b1:83:62:77:3a:34:62:fa:
9c:00:ec:a6:70:b9:c9:5e:ce:ec:ec:37:d3:19:52:2e:d6:3f:
7e:bb:23:ed:a4:b8:4e:46:ec:c7:4e:68:62:2a:3e:9a:95:b6:
2d:d2:2e:aa:8f:cf:42:90:22:c5:fb:05:6a:26:1b:8a:fc:1e:
25:61:87:dd:90:93:d7:57:1c:00:63:04:18:65:17:65:ee:80:
17:00:90:4f:06:ac:ac:9d:a4:27:33:ab:c9:df:34:56:fa:a8:
28:3b:be:47:91:01:38:82:9f:9b:77:4f:80:f7:a4:3d:23:8c:
6b:a9:76:4b:2d:52:25:e0:ef:9f:f7:cd:50:8a:30:6f:43:6d:
bc:00:57:83:e6:00:24:72:25:88:8d:a6:bf:e9:35:50:02:c4:
d8:25:0d:3f:b3:6c:57:64:c9:a8:69:8c:2a:0d:ef:9f:1b:51:
3b:ea:e8:77:5b:cf:a4:86:ee:f5:ea:30:b3:3b:77:b9:56:92:
fc:b2:67:9f:56:c5:07:46:f6:37:44:b2:70:75:c1:0c:24:ca:
21:5e:7d:da:23:08:84:1f:8c:41:73:58:f2:ec:c5:97:f7:83:
7b:f8:5f:a0:d2:35:f6:4e:6a:ba:35:e1:51:75:a5:75:74:46:
bf:74:65:f5
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYn05TAOMB7peA0cZv4aYqhKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlMzdhMTBhNGEwMjczZjQxZmFjZjc0NDBkNTlmMzlhZDVl
YWY2NGIwHhcNMjMwODE0MTYzMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YThkZDc5ZGY3MTE5MGIxYWEzMjFlZDJjY2QxMTBkNzBjZjFjYjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVmieKOJ8QrtPuD6Iumn8D7SaBFG
phQB48Q1Bb4U22IGL1RNkBGtPPGYWWGhnIrOmRAWRza+clBEtzj+H23JF6pcbKUp
I4epnfLZ/OxsmzhY1HbY5kdL1ou7bOyDxZDzcvBP3R9bxd/LzZ4SSKk6OE95cs51
19+lBCvmezLOAxQ2rOByZW9CMA3FJup1M1W5GV6bTvupLHmJAwkWFpjRHseXTSeX
RE/SLx4HoBb87k19qJm8fJM6TlMyhuyp/nVHdMi2VkQ+9oBOpgtyB8TY6DJqhrdp
dk1ku/E3ZxgqtPNOL6AbjqNKiSBtMFoZ3987CLReFIpM/SSSSjuIpSlq0QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFIqN1533EZCxqjIe0szRENcM8ctYMB8GA1UdIwQY
MBaAFG43oQpKAnP0H6z3RA1Z85rV6vZLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmplaENrb0NjX1FmclBkRURWbnptdFhxOWtzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mMGFlZjMtMjYzZC00ZjQxLTg4NTMt
MThiN2ViOTIzYTk5LzEvaW8zWG5mY1JrTEdxTWg3U3pORVExd3p4eTFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mMGFlZjMtMjYzZC00ZjQxLTg4NTMtMThiN2ViOTIzYTk5
LzEvYmplaENrb0NjX1FmclBkRURWbnptdFhxOWtzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAuZ2XMA4E
AgACMAgDBgQqDPOH8DANBgkqhkiG9w0BAQsFAAOCAQEAZjKQb7+vmMvrVrGDYnc6
NGL6nADspnC5yV7O7Ow30xlSLtY/frsj7aS4Tkbsx05oYio+mpW2LdIuqo/PQpAi
xfsFaiYbivweJWGH3ZCT11ccAGMEGGUXZe6AFwCQTwasrJ2kJzOryd80VvqoKDu+
R5EBOIKfm3dPgPekPSOMa6l2Sy1SJeDvn/fNUIowb0NtvABXg+YAJHIliI2mv+k1
UALE2CUNP7NsV2TJqGmMKg3vnxtRO+rod1vPpIbu9eowszt3uVaS/LJnn1bFB0b2
N0SycHXBDCTKIV592iMIhB+MQXNY8uzFl/eDe/hfoNI19k5qujXhUXWldXRGv3Rl
9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:36 2024 by rpki-client on console-ams.rpki-client.org