Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/ATmCGjry6HuMLyeeKgAsL41u5lM.roa
File: ATmCGjry6HuMLyeeKgAsL41u5lM.roa (raw, json)
Hash identifier: 4Hcq0JI6lJ8x8uaG0Bn0tOPGYhOPJaSSkSWW7SimyNA=
Subject key identifier: 01:39:82:1A:3A:F2:E8:7B:8C:2F:27:9E:2A:00:2C:2F:8D:6E:E6:53
Certificate issuer: /CN=1224e5eff1abc0e6d8bf029e4f732e0ab71bc16a
Certificate serial: 0185A74C77BBD64DEB786CC286B77644D403
Authority key identifier: 12:24:E5:EF:F1:AB:C0:E6:D8:BF:02:9E:4F:73:2E:0A:B7:1B:C1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EiTl7_GrwObYvwKeT3MuCrcbwWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/ATmCGjry6HuMLyeeKgAsL41u5lM.roa
Signing time: Thu 12 Jan 2023 18:44:44 +0000
ROA not before: Thu 12 Jan 2023 18:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 26478
IP address blocks: 160.62.140.0/23 maxlen: 23
86.117.47.0/24 maxlen: 24
160.62.15.0/24 maxlen: 24
160.62.14.0/24 maxlen: 24
160.62.22.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a7:4c:77:bb:d6:4d:eb:78:6c:c2:86:b7:76:44:d4:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1224e5eff1abc0e6d8bf029e4f732e0ab71bc16a
Validity
Not Before: Jan 12 18:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0139821a3af2e87b8c2f279e2a002c2f8d6ee653
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:06:90:0f:63:df:fa:2d:19:ed:f9:f4:93:13:
19:21:12:d9:97:55:0c:8d:bf:ac:28:ed:e7:bf:40:
a3:e2:a4:b7:88:94:f7:15:b5:7e:16:54:01:67:6d:
a6:45:23:b3:53:8d:d4:d7:4c:d8:81:97:ef:32:9d:
0f:d7:69:41:cb:2d:2b:4f:14:0e:99:74:d4:9b:8f:
b7:d5:aa:d3:51:46:44:9f:98:65:8d:7e:be:ff:d9:
b0:6f:f5:79:1a:bc:80:8c:06:92:05:bc:68:a4:0c:
b7:05:49:f2:56:81:0d:13:91:22:14:ec:81:98:23:
db:ff:bd:53:ab:ae:b7:1b:44:81:19:72:c1:c2:25:
b1:fe:df:5f:e2:2b:14:62:8b:5e:c5:4c:c1:a1:b6:
d0:44:9b:59:7d:9a:1a:d4:75:45:59:63:be:b8:38:
36:8c:6d:8b:c4:7b:12:e3:2d:17:5d:e9:0e:4e:ca:
19:b5:06:9c:f3:d8:6e:72:e0:c2:c8:d6:f9:c0:7d:
b3:cb:e7:f1:9a:fa:f2:18:61:ac:94:b3:2a:eb:26:
f4:83:d4:62:79:6a:c1:23:9b:58:44:2b:90:cf:bf:
6f:c1:ff:ef:8a:be:28:f6:80:94:e2:d7:45:b8:29:
2c:f5:f6:05:26:2f:be:65:47:a9:0e:35:f2:17:d6:
8f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:39:82:1A:3A:F2:E8:7B:8C:2F:27:9E:2A:00:2C:2F:8D:6E:E6:53
X509v3 Authority Key Identifier:
keyid:12:24:E5:EF:F1:AB:C0:E6:D8:BF:02:9E:4F:73:2E:0A:B7:1B:C1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EiTl7_GrwObYvwKeT3MuCrcbwWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/ATmCGjry6HuMLyeeKgAsL41u5lM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/EiTl7_GrwObYvwKeT3MuCrcbwWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.117.47.0/24
160.62.14.0/23
160.62.22.0/24
160.62.140.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:e4:50:20:50:22:51:ba:87:ab:09:13:b9:00:e3:cb:1e:a6:
4b:49:1b:f9:69:c1:f3:1d:bb:f7:62:af:aa:d7:6f:e4:14:47:
ea:12:1b:fe:e1:1e:1b:20:6b:79:44:15:a4:60:1a:76:8f:82:
84:16:48:f4:4b:e4:fa:de:97:c7:02:3e:2b:20:df:43:7e:b2:
63:c5:3a:7c:33:37:e4:3c:8c:72:1f:4f:64:71:18:ca:b9:81:
82:7d:21:ef:31:3f:cb:70:37:9f:0b:d3:03:f8:e6:a8:b8:de:
f7:4d:90:43:8b:bd:a2:43:db:97:1e:6c:bc:b8:13:39:d6:5f:
7d:7f:54:3d:6c:8a:90:34:dc:bf:51:e3:f5:07:51:0a:e6:04:
31:07:48:c8:48:d0:4f:9f:8d:e4:3a:74:7d:32:94:3f:76:b4:
f4:b0:62:55:8f:60:09:3f:c1:1f:f0:cb:13:b8:8f:3a:d1:96:
89:b9:3d:6f:7d:f9:40:55:49:3f:35:ca:c1:50:a7:4f:bb:f9:
bc:77:da:e3:82:cf:b6:55:b1:d7:34:9a:9f:bd:9f:3a:34:c8:
07:e2:b2:7d:49:21:9a:fd:9b:09:43:38:52:57:bd:f0:5f:1b:
e0:a9:33:20:44:02:39:c2:25:d9:9c:2e:6c:48:37:05:0f:82:
d9:35:d9:dc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYWnTHe71k3reGzChrd2RNQDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMjRlNWVmZjFhYmMwZTZkOGJmMDI5ZTRmNzMyZTBhYjcx
YmMxNmEwHhcNMjMwMTEyMTg0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTM5ODIxYTNhZjJlODdiOGMyZjI3OWUyYTAwMmMyZjhkNmVlNjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogaQD2Pf+i0Z7fn0kxMZIRLZl1UM
jb+sKO3nv0Cj4qS3iJT3FbV+FlQBZ22mRSOzU43U10zYgZfvMp0P12lByy0rTxQO
mXTUm4+31arTUUZEn5hljX6+/9mwb/V5GryAjAaSBbxopAy3BUnyVoENE5EiFOyB
mCPb/71Tq663G0SBGXLBwiWx/t9f4isUYotexUzBobbQRJtZfZoa1HVFWWO+uDg2
jG2LxHsS4y0XXekOTsoZtQac89hucuDCyNb5wH2zy+fxmvryGGGslLMq6yb0g9Ri
eWrBI5tYRCuQz79vwf/vir4o9oCU4tdFuCks9fYFJi++ZUepDjXyF9aPwwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAE5gho68uh7jC8nnioALC+NbuZTMB8GA1UdIwQY
MBaAFBIk5e/xq8Dm2L8Cnk9zLgq3G8FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWlUbDdfR3J3T2JZdndLZVQzTXVDcmNid1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8xMWJlMjMtM2JlNi00ODgxLWEzZDEt
NTM4NmIxZDk2M2JjLzEvQVRtQ0dqcnk2SHVNTHllZUtnQXNMNDF1NWxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8xMWJlMjMtM2JlNi00ODgxLWEzZDEtNTM4NmIxZDk2M2Jj
LzEvRWlUbDdfR3J3T2JZdndLZVQzTXVDcmNid1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVnUvAwQB
oD4OAwQAoD4WAwQBoD6MMA0GCSqGSIb3DQEBCwUAA4IBAQBO5FAgUCJRuoerCRO5
AOPLHqZLSRv5acHzHbv3Yq+q12/kFEfqEhv+4R4bIGt5RBWkYBp2j4KEFkj0S+T6
3pfHAj4rIN9DfrJjxTp8MzfkPIxyH09kcRjKuYGCfSHvMT/LcDefC9MD+OaouN73
TZBDi72iQ9uXHmy8uBM51l99f1Q9bIqQNNy/UeP1B1EK5gQxB0jISNBPn43kOnR9
MpQ/drT0sGJVj2AJP8Ef8MsTuI860ZaJuT1vfflAVUk/NcrBUKdPu/m8d9rjgs+2
VbHXNJqfvZ86NMgH4rJ9SSGa/ZsJQzhSV73wXxvgqTMgRAI5wiXZnC5sSDcFD4LZ
Ndnc
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:25 2024 by rpki-client on console-ams.rpki-client.org