Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/099aeb-c713-42f8-91d6-38447855d669/1/A_8lpudFPqr9aPVx1gp9XX4zqCM.roa
File: A_8lpudFPqr9aPVx1gp9XX4zqCM.roa (raw, json)
Hash identifier: qabCQoNEMTJhm6FZjq1nfwPFxvwXz+HEleehLQjMllk=
Subject key identifier: 03:FF:25:A6:E7:45:3E:AA:FD:68:F5:71:D6:0A:7D:5D:7E:33:A8:23
Certificate issuer: /CN=64f47c98440f103825c8ea5074298b18cc113e20
Certificate serial: 01856EB9216C3905ABADE03B956F24E5A7CD
Authority key identifier: 64:F4:7C:98:44:0F:10:38:25:C8:EA:50:74:29:8B:18:CC:11:3E:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZPR8mEQPEDglyOpQdCmLGMwRPiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/099aeb-c713-42f8-91d6-38447855d669/1/A_8lpudFPqr9aPVx1gp9XX4zqCM.roa
Signing time: Sun 01 Jan 2023 19:05:04 +0000
ROA not before: Sun 01 Jan 2023 19:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201063
IP address blocks: 185.3.189.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b9:21:6c:39:05:ab:ad:e0:3b:95:6f:24:e5:a7:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64f47c98440f103825c8ea5074298b18cc113e20
Validity
Not Before: Jan 1 19:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03ff25a6e7453eaafd68f571d60a7d5d7e33a823
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b2:57:72:8d:e0:6c:cc:16:c4:4c:9c:a8:23:
0d:7b:ed:7b:87:8d:51:0b:7e:b9:f5:1e:97:42:58:
5b:56:7e:0b:7e:e8:4d:f6:4f:28:2e:b1:bb:32:ad:
b4:9b:2f:31:c8:ae:36:d0:73:a4:a1:60:c4:d1:64:
11:a4:92:83:e7:e8:da:6b:b7:a1:07:31:6c:30:35:
3f:91:76:10:cb:7a:e6:51:36:b4:14:25:da:a4:3c:
81:b2:4b:0b:e9:57:a3:bb:08:fc:5b:f6:80:e9:60:
5d:94:1d:0f:52:a2:d6:c9:c0:51:4e:e9:a3:70:de:
c6:4a:2e:65:e4:3e:ef:57:9c:b7:52:7e:ee:aa:94:
c6:64:d5:59:a8:9d:77:f0:0c:4d:04:09:5b:c9:8e:
e8:a8:85:b9:84:16:80:49:e0:6c:1a:14:9d:8c:f5:
5a:fd:9d:c8:9c:ea:8c:74:61:d2:ee:80:27:15:ca:
2f:9c:ca:b0:a4:dc:59:6c:cc:91:42:dd:c1:f1:82:
c2:d5:a4:d1:6b:b1:12:73:1f:16:16:09:dd:6d:da:
ca:58:fd:60:c1:b4:7e:3a:f6:fb:ee:61:9d:f7:bb:
7a:fe:47:a0:e3:4d:3c:b3:2b:aa:ae:35:5b:37:1c:
1a:79:18:94:a9:16:90:9c:67:5f:45:c5:81:72:48:
99:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:FF:25:A6:E7:45:3E:AA:FD:68:F5:71:D6:0A:7D:5D:7E:33:A8:23
X509v3 Authority Key Identifier:
keyid:64:F4:7C:98:44:0F:10:38:25:C8:EA:50:74:29:8B:18:CC:11:3E:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZPR8mEQPEDglyOpQdCmLGMwRPiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/099aeb-c713-42f8-91d6-38447855d669/1/A_8lpudFPqr9aPVx1gp9XX4zqCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/099aeb-c713-42f8-91d6-38447855d669/1/ZPR8mEQPEDglyOpQdCmLGMwRPiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.3.189.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:f8:d9:c3:01:17:57:68:36:89:f6:0d:bc:43:e3:f9:28:8d:
e6:47:36:55:64:8a:5b:ce:2d:41:23:3e:8b:52:eb:f0:05:2a:
6c:1a:6b:0a:a9:9b:6e:4f:9f:82:23:90:0d:3b:d7:b0:a0:d8:
89:a8:ca:d1:e8:6e:ed:31:37:be:64:ec:a6:a7:af:86:72:90:
64:65:98:6c:f0:ba:4e:62:80:92:82:9a:f0:38:fa:6c:35:8a:
41:7d:aa:1e:1a:6a:a1:3f:0c:01:c9:11:f2:67:7d:fe:c2:fd:
8d:fa:c5:67:15:d4:2a:3c:39:7f:bc:6c:c1:dc:8b:13:13:bb:
e0:28:39:9f:6b:b3:66:eb:fb:0b:f3:b2:4f:09:ad:2c:f5:32:
46:6d:f5:6c:c5:1e:1f:cc:27:a0:f7:0d:27:5d:99:37:d9:05:
8c:f8:e8:8e:3f:47:cf:09:26:cc:ac:82:30:fd:2b:ab:cf:9e:
9e:41:c0:8b:94:8b:e3:27:a6:37:f8:a5:77:a5:0c:1b:82:48:
09:c6:72:66:49:ea:6e:27:f6:cc:d3:dd:95:2b:a3:99:e0:64:
48:a6:5e:88:84:96:47:e3:1d:dc:51:ec:5c:6f:f6:a4:f5:ff:
3a:44:a0:d9:2e:d2:56:9a:e1:df:49:26:96:44:2e:76:d9:76:
50:6a:18:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuuSFsOQWrreA7lW8k5afNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZjQ3Yzk4NDQwZjEwMzgyNWM4ZWE1MDc0Mjk4YjE4Y2Mx
MTNlMjAwHhcNMjMwMTAxMTkwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2ZmMjVhNmU3NDUzZWFhZmQ2OGY1NzFkNjBhN2Q1ZDdlMzNhODIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorJXco3gbMwWxEycqCMNe+17h41R
C3659R6XQlhbVn4LfuhN9k8oLrG7Mq20my8xyK420HOkoWDE0WQRpJKD5+jaa7eh
BzFsMDU/kXYQy3rmUTa0FCXapDyBsksL6Vejuwj8W/aA6WBdlB0PUqLWycBRTumj
cN7GSi5l5D7vV5y3Un7uqpTGZNVZqJ138AxNBAlbyY7oqIW5hBaASeBsGhSdjPVa
/Z3InOqMdGHS7oAnFcovnMqwpNxZbMyRQt3B8YLC1aTRa7EScx8WFgndbdrKWP1g
wbR+Ovb77mGd97t6/keg4008syuqrjVbNxwaeRiUqRaQnGdfRcWBckiZgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAP/JabnRT6q/Wj1cdYKfV1+M6gjMB8GA1UdIwQY
MBaAFGT0fJhEDxA4JcjqUHQpixjMET4gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlBSOG1FUVBFRGdseU9wUWRDbUxHTXdSUGlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTlhZWItYzcxMy00MmY4LTkxZDYt
Mzg0NDc4NTVkNjY5LzEvQV84bHB1ZEZQcXI5YVBWeDFncDlYWDR6cUNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTlhZWItYzcxMy00MmY4LTkxZDYtMzg0NDc4NTVkNjY5
LzEvWlBSOG1FUVBFRGdseU9wUWRDbUxHTXdSUGlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQO9MA0G
CSqGSIb3DQEBCwUAA4IBAQC9+NnDARdXaDaJ9g28Q+P5KI3mRzZVZIpbzi1BIz6L
UuvwBSpsGmsKqZtuT5+CI5ANO9ewoNiJqMrR6G7tMTe+ZOymp6+GcpBkZZhs8LpO
YoCSgprwOPpsNYpBfaoeGmqhPwwByRHyZ33+wv2N+sVnFdQqPDl/vGzB3IsTE7vg
KDmfa7Nm6/sL87JPCa0s9TJGbfVsxR4fzCeg9w0nXZk32QWM+OiOP0fPCSbMrIIw
/Surz56eQcCLlIvjJ6Y3+KV3pQwbgkgJxnJmSepuJ/bM092VK6OZ4GRIpl6IhJZH
4x3cUexcb/ak9f86RKDZLtJWmuHfSSaWRC522XZQahhJ
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:24 2024 by rpki-client on console-ams.rpki-client.org