Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/1zj6ar4PTDGIbEziSqxtyCbQvbc.roa
File: 1zj6ar4PTDGIbEziSqxtyCbQvbc.roa (raw, json)
Hash identifier: 07k57ae7if5hZfMLiUKtfmED1XpxpYOT+Fswbotjn2g=
Subject key identifier: D7:38:FA:6A:BE:0F:4C:31:88:6C:4C:E2:4A:AC:6D:C8:26:D0:BD:B7
Certificate issuer: /CN=1224e5eff1abc0e6d8bf029e4f732e0ab71bc16a
Certificate serial: 01898B0C502F5A055EA50D8863ABDC288FD7
Authority key identifier: 12:24:E5:EF:F1:AB:C0:E6:D8:BF:02:9E:4F:73:2E:0A:B7:1B:C1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EiTl7_GrwObYvwKeT3MuCrcbwWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/1zj6ar4PTDGIbEziSqxtyCbQvbc.roa
Signing time: Tue 25 Jul 2023 03:16:27 +0000
ROA not before: Tue 25 Jul 2023 03:16:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25031
IP address blocks: 160.61.211.0/24 maxlen: 24
160.61.208.0/24 maxlen: 24
160.61.168.0/23 maxlen: 23
160.61.170.0/23 maxlen: 23
160.62.3.0/24 maxlen: 24
160.62.4.0/24 maxlen: 24
160.62.0.0/23 maxlen: 23
160.62.2.0/24 maxlen: 24
160.62.1.0/24 maxlen: 24
160.62.5.0/24 maxlen: 24
160.62.7.0/24 maxlen: 24
160.62.6.0/24 maxlen: 24
160.62.22.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8b:0c:50:2f:5a:05:5e:a5:0d:88:63:ab:dc:28:8f:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1224e5eff1abc0e6d8bf029e4f732e0ab71bc16a
Validity
Not Before: Jul 25 03:16:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d738fa6abe0f4c31886c4ce24aac6dc826d0bdb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:fa:8b:a4:fd:f4:f6:a7:fa:0a:de:0b:a7:5a:
47:6e:3b:32:3b:13:b3:b5:e8:6c:c1:e1:ce:36:19:
5e:20:8b:7e:5d:72:fc:d9:e1:77:30:5d:3f:a1:1b:
38:e5:c3:93:ff:82:cf:d8:4f:1b:41:af:7f:1a:25:
e7:e1:1c:db:09:92:aa:89:90:c4:d9:1f:cf:2a:3b:
76:12:c2:83:82:2c:98:c7:59:cc:c0:f9:10:96:f9:
cb:cf:54:75:5d:37:5c:3b:5d:17:cd:e3:dc:3f:ca:
4a:8c:eb:63:12:ee:4e:23:6b:d1:b9:00:e1:cd:3c:
2e:e6:40:0b:ca:e3:1d:7c:ca:3a:d8:4e:15:96:f6:
cf:07:a4:98:57:e3:38:eb:0d:c5:1a:9f:31:72:3a:
f2:44:26:6a:88:20:09:d5:9f:e0:d5:e2:66:aa:9a:
c1:8b:f8:74:52:8d:7f:3d:98:7f:e0:5c:3b:96:95:
4a:1d:85:2e:f4:18:d8:d0:f6:cb:2b:22:cc:40:b7:
18:c5:b5:29:30:e1:13:85:eb:d9:ba:62:7e:b6:40:
f6:f4:4b:1e:a5:0c:2b:a0:90:b1:6c:0a:83:03:d9:
86:d2:9f:c9:b0:dc:20:e5:5c:54:fa:ea:ea:a5:66:
32:f5:e2:dd:dd:96:de:f6:33:0e:70:2b:e4:1e:28:
12:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:38:FA:6A:BE:0F:4C:31:88:6C:4C:E2:4A:AC:6D:C8:26:D0:BD:B7
X509v3 Authority Key Identifier:
keyid:12:24:E5:EF:F1:AB:C0:E6:D8:BF:02:9E:4F:73:2E:0A:B7:1B:C1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EiTl7_GrwObYvwKeT3MuCrcbwWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/1zj6ar4PTDGIbEziSqxtyCbQvbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/EiTl7_GrwObYvwKeT3MuCrcbwWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.61.168.0/22
160.61.208.0/24
160.61.211.0/24
160.62.0.0/21
160.62.22.0/24
Signature Algorithm: sha256WithRSAEncryption
62:d3:ae:b6:9c:35:04:8d:f6:28:c0:77:27:3d:13:35:f9:7d:
7a:be:c6:8c:a3:d0:88:2e:2d:90:a1:a4:b6:99:37:28:5b:bd:
6a:ff:79:fe:d9:23:55:f9:fb:e9:98:7b:d7:0f:fe:aa:c0:15:
4a:5c:cd:63:d4:77:b7:e0:53:e5:70:b5:93:b9:25:3b:54:9b:
2c:0c:ea:8c:b1:13:34:bc:9c:93:20:94:6f:5d:5e:e0:ec:21:
8c:0a:f4:f4:ad:d0:59:db:67:68:44:a3:36:f5:fb:54:69:0e:
27:71:64:3a:88:ef:8a:49:9c:51:1a:6f:15:39:2a:5d:9e:09:
66:9a:d7:1e:b3:4b:6c:6c:2f:62:88:ee:45:86:0e:fe:1a:e5:
3b:75:ac:c1:55:52:68:02:8d:4d:85:63:4a:f8:4c:33:c0:5d:
e4:90:8c:83:34:4e:6c:3f:3e:6e:27:4a:85:9d:2a:0b:b2:27:
b5:9e:83:0c:e1:bf:22:32:a2:c5:af:1f:85:8d:90:a2:9f:6e:
16:39:03:b1:9f:f1:7a:7a:92:89:43:5e:d0:80:cc:d4:f2:10:
2f:61:6a:0f:26:86:91:18:20:4d:30:6a:3e:d9:3c:86:03:ad:
12:1d:ec:3c:fa:6b:a3:da:8c:c8:69:a3:bc:fc:4d:5a:33:87:
8a:0a:e7:23
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYmLDFAvWgVepQ2IY6vcKI/XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMjRlNWVmZjFhYmMwZTZkOGJmMDI5ZTRmNzMyZTBhYjcx
YmMxNmEwHhcNMjMwNzI1MDMxNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzM4ZmE2YWJlMGY0YzMxODg2YzRjZTI0YWFjNmRjODI2ZDBiZGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vqLpP309qf6Ct4Lp1pHbjsyOxOz
tehsweHONhleIIt+XXL82eF3MF0/oRs45cOT/4LP2E8bQa9/GiXn4RzbCZKqiZDE
2R/PKjt2EsKDgiyYx1nMwPkQlvnLz1R1XTdcO10XzePcP8pKjOtjEu5OI2vRuQDh
zTwu5kALyuMdfMo62E4VlvbPB6SYV+M46w3FGp8xcjryRCZqiCAJ1Z/g1eJmqprB
i/h0Uo1/PZh/4Fw7lpVKHYUu9BjY0PbLKyLMQLcYxbUpMOEThevZumJ+tkD29Ese
pQwroJCxbAqDA9mG0p/JsNwg5VxU+urqpWYy9eLd3Zbe9jMOcCvkHigSpwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNc4+mq+D0wxiGxM4kqsbcgm0L23MB8GA1UdIwQY
MBaAFBIk5e/xq8Dm2L8Cnk9zLgq3G8FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWlUbDdfR3J3T2JZdndLZVQzTXVDcmNid1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8xMWJlMjMtM2JlNi00ODgxLWEzZDEt
NTM4NmIxZDk2M2JjLzEvMXpqNmFyNFBUREdJYkV6aVNxeHR5Q2JRdmJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8xMWJlMjMtM2JlNi00ODgxLWEzZDEtNTM4NmIxZDk2M2Jj
LzEvRWlUbDdfR3J3T2JZdndLZVQzTXVDcmNid1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCoD2oAwQA
oD3QAwQAoD3TAwQDoD4AAwQAoD4WMA0GCSqGSIb3DQEBCwUAA4IBAQBi0662nDUE
jfYowHcnPRM1+X16vsaMo9CILi2QoaS2mTcoW71q/3n+2SNV+fvpmHvXD/6qwBVK
XM1j1He34FPlcLWTuSU7VJssDOqMsRM0vJyTIJRvXV7g7CGMCvT0rdBZ22doRKM2
9ftUaQ4ncWQ6iO+KSZxRGm8VOSpdnglmmtces0tsbC9iiO5Fhg7+GuU7dazBVVJo
Ao1NhWNK+EwzwF3kkIyDNE5sPz5uJ0qFnSoLsie1noMM4b8iMqLFrx+FjZCin24W
OQOxn/F6epKJQ17QgMzU8hAvYWoPJoaRGCBNMGo+2TyGA60SHew8+muj2ozIaaO8
/E1aM4eKCucj
-----END CERTIFICATE-----
Generated at Wed Sep 13 18:47:34 2023 by rpki-client on console-fra.rpki-client.org