Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/icL1jBMb0YTIi4qZUYE0ndzBONc.roa
File: icL1jBMb0YTIi4qZUYE0ndzBONc.roa (raw, json)
Hash identifier: CvEob+lZPTWvqJTCF9ig274K5EEsL06Pc851YKCcKyE=
Subject key identifier: 89:C2:F5:8C:13:1B:D1:84:C8:8B:8A:99:51:81:34:9D:DC:C1:38:D7
Certificate issuer: /CN=1224e5eff1abc0e6d8bf029e4f732e0ab71bc16a
Certificate serial: 01856C0A67622171645203003E38DC2BF0B6
Authority key identifier: 12:24:E5:EF:F1:AB:C0:E6:D8:BF:02:9E:4F:73:2E:0A:B7:1B:C1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EiTl7_GrwObYvwKeT3MuCrcbwWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/icL1jBMb0YTIi4qZUYE0ndzBONc.roa
Signing time: Sun 01 Jan 2023 06:34:59 +0000
ROA not before: Sun 01 Jan 2023 06:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25031
IP address blocks: 160.61.208.0/24 maxlen: 24
160.62.3.0/24 maxlen: 24
160.62.4.0/24 maxlen: 24
160.62.0.0/23 maxlen: 23
160.62.2.0/24 maxlen: 24
160.62.1.0/24 maxlen: 24
160.62.5.0/24 maxlen: 24
160.62.7.0/24 maxlen: 24
160.62.6.0/24 maxlen: 24
160.61.168.0/23 maxlen: 23
160.61.170.0/23 maxlen: 23
160.62.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Jul 2023 03:16:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:67:62:21:71:64:52:03:00:3e:38:dc:2b:f0:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1224e5eff1abc0e6d8bf029e4f732e0ab71bc16a
Validity
Not Before: Jan 1 06:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89c2f58c131bd184c88b8a995181349ddcc138d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ed:4b:dd:c8:50:1b:7c:7f:13:e9:23:0c:d7:
5b:6c:06:7d:48:a6:11:a0:80:d1:89:43:2e:11:c6:
70:4d:82:41:ba:5d:3b:94:7d:11:9a:c9:71:81:34:
68:2d:bd:4a:8b:24:69:b3:1f:f1:c8:2c:c8:e2:59:
71:be:72:8e:76:77:c2:65:6a:c2:e9:5d:22:24:c0:
57:0a:b5:c0:09:69:6f:f5:32:ba:cf:95:06:b3:85:
41:c5:57:ec:a2:d6:fe:f3:2b:89:3f:02:94:84:d0:
a0:69:1d:38:5a:d6:cd:e4:2c:c5:ee:a2:21:c2:c4:
5a:af:52:eb:84:67:62:a4:fc:82:bf:9f:2e:e3:66:
56:08:4c:2c:e3:b3:2f:55:a1:cc:ee:cf:a7:3b:45:
7f:17:92:07:a9:c2:97:9c:85:37:2b:ee:25:a3:7c:
f4:c2:3c:cd:6d:24:16:91:82:9f:56:39:b0:9f:29:
3f:9c:5d:5e:b6:0c:a8:ed:49:dd:e1:7b:19:d2:f6:
92:4c:58:ff:66:67:e6:e9:4a:74:e1:8b:fd:c3:f6:
50:aa:04:ed:e8:12:8e:2e:da:f2:b5:54:96:e9:fc:
8c:38:70:6d:22:10:06:b1:e8:a8:f1:f4:1a:64:c3:
56:34:b1:65:c9:98:90:c9:72:16:c9:66:67:34:cd:
6b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:C2:F5:8C:13:1B:D1:84:C8:8B:8A:99:51:81:34:9D:DC:C1:38:D7
X509v3 Authority Key Identifier:
keyid:12:24:E5:EF:F1:AB:C0:E6:D8:BF:02:9E:4F:73:2E:0A:B7:1B:C1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EiTl7_GrwObYvwKeT3MuCrcbwWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/icL1jBMb0YTIi4qZUYE0ndzBONc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/EiTl7_GrwObYvwKeT3MuCrcbwWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.61.168.0/22
160.61.208.0/24
160.62.0.0/21
160.62.22.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:5f:6f:ea:e6:c8:4b:45:d9:ec:00:b4:21:05:80:95:e4:94:
0a:22:aa:53:bd:62:6e:e0:61:c4:1b:52:9d:6f:4b:da:fb:9c:
78:99:40:0c:95:1b:fd:43:34:3a:0f:6f:2b:e7:55:54:24:6a:
f2:a3:17:2e:ac:3e:25:0a:50:bb:ed:20:61:04:cc:04:6a:24:
ca:79:4a:30:89:53:6b:30:c3:71:21:9a:a0:d6:50:1a:45:b5:
2a:b4:5a:80:d7:df:ac:27:e4:8d:21:1d:51:1b:60:13:3e:4c:
a5:5a:41:89:6d:5f:71:40:69:2b:3a:31:f3:6e:12:e0:4f:1d:
ed:79:16:bc:02:c4:8e:c8:37:08:55:cf:e3:ef:aa:f7:c5:a1:
b5:01:5f:8a:b7:8f:ad:c2:4a:f9:0c:a4:9f:5e:d2:ee:3e:28:
c4:6d:fb:1e:be:ea:68:8e:97:26:b1:c9:85:e6:2d:11:59:64:
95:7d:3d:40:3e:52:3e:fd:55:37:0f:80:73:0f:c6:6d:b3:31:
83:c1:bf:44:e4:18:df:1c:c9:26:e8:2e:82:12:31:ae:82:14:
7e:aa:83:e3:62:a8:4e:55:52:e6:f3:5f:31:0c:2c:9d:a2:b7:
5f:55:f3:48:76:05:77:58:3d:90:db:d3:73:52:e4:68:7f:3e:
12:37:71:48
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsCmdiIXFkUgMAPjjcK/C2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMjRlNWVmZjFhYmMwZTZkOGJmMDI5ZTRmNzMyZTBhYjcx
YmMxNmEwHhcNMjMwMTAxMDYzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWMyZjU4YzEzMWJkMTg0Yzg4YjhhOTk1MTgxMzQ5ZGRjYzEzOGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmO1L3chQG3x/E+kjDNdbbAZ9SKYR
oIDRiUMuEcZwTYJBul07lH0RmslxgTRoLb1KiyRpsx/xyCzI4llxvnKOdnfCZWrC
6V0iJMBXCrXACWlv9TK6z5UGs4VBxVfsotb+8yuJPwKUhNCgaR04WtbN5CzF7qIh
wsRar1LrhGdipPyCv58u42ZWCEws47MvVaHM7s+nO0V/F5IHqcKXnIU3K+4lo3z0
wjzNbSQWkYKfVjmwnyk/nF1etgyo7Und4XsZ0vaSTFj/Zmfm6Up04Yv9w/ZQqgTt
6BKOLtrytVSW6fyMOHBtIhAGseio8fQaZMNWNLFlyZiQyXIWyWZnNM1ruwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFInC9YwTG9GEyIuKmVGBNJ3cwTjXMB8GA1UdIwQY
MBaAFBIk5e/xq8Dm2L8Cnk9zLgq3G8FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWlUbDdfR3J3T2JZdndLZVQzTXVDcmNid1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8xMWJlMjMtM2JlNi00ODgxLWEzZDEt
NTM4NmIxZDk2M2JjLzEvaWNMMWpCTWIwWVRJaTRxWlVZRTBuZHpCT05jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8xMWJlMjMtM2JlNi00ODgxLWEzZDEtNTM4NmIxZDk2M2Jj
LzEvRWlUbDdfR3J3T2JZdndLZVQzTXVDcmNid1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCoD2oAwQA
oD3QAwQDoD4AAwQAoD4WMA0GCSqGSIb3DQEBCwUAA4IBAQC1X2/q5shLRdnsALQh
BYCV5JQKIqpTvWJu4GHEG1Kdb0va+5x4mUAMlRv9QzQ6D28r51VUJGryoxcurD4l
ClC77SBhBMwEaiTKeUowiVNrMMNxIZqg1lAaRbUqtFqA19+sJ+SNIR1RG2ATPkyl
WkGJbV9xQGkrOjHzbhLgTx3teRa8AsSOyDcIVc/j76r3xaG1AV+Kt4+twkr5DKSf
XtLuPijEbfsevupojpcmscmF5i0RWWSVfT1APlI+/VU3D4BzD8ZtszGDwb9E5Bjf
HMkm6C6CEjGughR+qoPjYqhOVVLm818xDCydordfVfNIdgV3WD2Q29NzUuRofz4S
N3FI
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:14 2024 by rpki-client on console-ams.rpki-client.org