Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/2a420d-9d0e-4ea8-95bc-f53d9e36e95a/1/RdMAtmZCFqEHPwY-1Hk_iDOY62I.roa
File: RdMAtmZCFqEHPwY-1Hk_iDOY62I.roa (raw, json)
Hash identifier: Cm+D1y/luRWyAanXQdZVEgHJzlIVpFUxcjShU6xUJNc=
Subject key identifier: 45:D3:00:B6:66:42:16:A1:07:3F:06:3E:D4:79:3F:88:33:98:EB:62
Certificate issuer: /CN=b714595c50c351921b0de9a57540a15e5c1c618a
Certificate serial: 018571B0D3092E7ABDAE3DEFE82E3D5D953C
Authority key identifier: B7:14:59:5C:50:C3:51:92:1B:0D:E9:A5:75:40:A1:5E:5C:1C:61:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/txRZXFDDUZIbDemldUChXlwcYYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/2a420d-9d0e-4ea8-95bc-f53d9e36e95a/1/RdMAtmZCFqEHPwY-1Hk_iDOY62I.roa
Signing time: Mon 02 Jan 2023 08:54:51 +0000
ROA not before: Mon 02 Jan 2023 08:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47753
IP address blocks: 185.138.167.0/24 maxlen: 24
2a11:c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:d3:09:2e:7a:bd:ae:3d:ef:e8:2e:3d:5d:95:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b714595c50c351921b0de9a57540a15e5c1c618a
Validity
Not Before: Jan 2 08:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45d300b6664216a1073f063ed4793f883398eb62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:dd:c2:37:80:e9:b1:fe:25:25:f7:6b:ce:ab:
f0:5a:90:21:21:37:c5:b4:bb:9c:77:02:e8:f8:4a:
a4:36:c0:38:81:71:23:06:3e:4e:2b:d5:5e:ca:3f:
ed:c0:21:f2:a8:d2:45:42:1e:69:5e:ae:b5:64:b9:
0d:b4:05:44:b7:66:94:0c:ab:04:a7:ba:ca:c4:68:
92:21:63:a2:b0:ac:ac:bf:b7:3a:36:5a:a3:dd:33:
7a:9b:d0:10:e1:3a:8e:64:b1:fc:cc:3f:aa:d6:62:
ac:04:a7:7c:22:05:f1:68:eb:92:a5:66:a4:14:20:
5d:38:0d:4a:98:42:db:12:6f:73:71:aa:aa:5b:f1:
6c:f7:c3:25:06:54:06:45:52:bc:d4:db:17:fe:d3:
a1:84:56:c1:22:69:75:89:e6:a1:a9:0f:a4:bd:3f:
8c:2c:68:17:9d:a0:40:c0:60:4b:03:0a:b5:e0:ca:
ca:f9:29:e6:88:9b:bd:0a:38:d5:10:f5:e7:e7:67:
c3:e5:04:ca:a3:6d:35:0a:09:18:33:83:eb:04:08:
92:ef:77:29:39:01:6b:fd:2f:92:9a:b7:2f:ed:c8:
8a:47:92:9d:44:97:2e:e2:17:86:29:96:06:c0:a1:
2f:25:d1:09:56:f8:37:93:02:7e:35:ef:6d:e7:14:
61:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:D3:00:B6:66:42:16:A1:07:3F:06:3E:D4:79:3F:88:33:98:EB:62
X509v3 Authority Key Identifier:
keyid:B7:14:59:5C:50:C3:51:92:1B:0D:E9:A5:75:40:A1:5E:5C:1C:61:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/txRZXFDDUZIbDemldUChXlwcYYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/2a420d-9d0e-4ea8-95bc-f53d9e36e95a/1/RdMAtmZCFqEHPwY-1Hk_iDOY62I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/2a420d-9d0e-4ea8-95bc-f53d9e36e95a/1/txRZXFDDUZIbDemldUChXlwcYYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.167.0/24
IPv6:
2a11:c0::/29
Signature Algorithm: sha256WithRSAEncryption
75:89:69:6c:d5:df:0c:22:21:55:0e:34:11:54:28:75:a9:6b:
d6:5f:47:c6:24:1b:6c:00:1a:e5:1f:6b:40:5f:69:5c:d8:49:
90:8f:56:fd:72:9c:f3:bb:c8:1f:de:12:0f:64:1a:ce:21:1b:
ec:ed:9d:d2:ba:b3:e6:f5:a5:41:0c:0e:2f:52:d6:27:a9:2c:
ad:1c:7a:e7:1c:4d:c7:51:23:40:f2:97:cf:25:3e:e7:7c:42:
54:0e:3b:79:0c:ac:8e:f3:52:ca:1a:d3:8f:df:39:1e:ae:0b:
62:54:06:a9:d8:c5:ea:2b:eb:36:49:00:b4:88:12:33:3c:40:
ec:9a:df:8a:c5:f8:3f:eb:4d:65:26:f5:ec:ce:cf:bd:10:3d:
48:ce:71:cd:51:32:72:7c:7a:3a:16:b0:6b:14:6b:df:09:ef:
76:1b:ba:37:cb:0e:38:b0:25:37:6d:c0:27:ab:dc:23:94:d5:
2d:2e:3b:0a:99:be:4f:fa:09:f0:68:60:e0:23:06:28:31:c1:
fe:1a:5f:51:f2:ce:ff:a1:e5:79:c7:44:08:10:95:4f:97:a3:
b0:07:97:fe:56:60:e8:2c:c1:bf:2a:30:94:f2:f9:0d:e2:0d:
25:47:b9:47:67:e9:78:03:0e:36:51:b0:c7:a2:3b:de:7b:66:
82:97:2b:69
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxsNMJLnq9rj3v6C49XZU8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3MTQ1OTVjNTBjMzUxOTIxYjBkZTlhNTc1NDBhMTVlNWMx
YzYxOGEwHhcNMjMwMTAyMDg1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWQzMDBiNjY2NDIxNmExMDczZjA2M2VkNDc5M2Y4ODMzOThlYjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAit3CN4Dpsf4lJfdrzqvwWpAhITfF
tLucdwLo+EqkNsA4gXEjBj5OK9Veyj/twCHyqNJFQh5pXq61ZLkNtAVEt2aUDKsE
p7rKxGiSIWOisKysv7c6Nlqj3TN6m9AQ4TqOZLH8zD+q1mKsBKd8IgXxaOuSpWak
FCBdOA1KmELbEm9zcaqqW/Fs98MlBlQGRVK81NsX/tOhhFbBIml1ieahqQ+kvT+M
LGgXnaBAwGBLAwq14MrK+SnmiJu9CjjVEPXn52fD5QTKo201CgkYM4PrBAiS73cp
OQFr/S+Smrcv7ciKR5KdRJcu4heGKZYGwKEvJdEJVvg3kwJ+Ne9t5xRhPwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEXTALZmQhahBz8GPtR5P4gzmOtiMB8GA1UdIwQY
MBaAFLcUWVxQw1GSGw3ppXVAoV5cHGGKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHhSWlhGRERVWkliRGVtbGRVQ2hYbHdjWVlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8yYTQyMGQtOWQwZS00ZWE4LTk1YmMt
ZjUzZDllMzZlOTVhLzEvUmRNQXRtWkNGcUVIUHdZLTFIa19pRE9ZNjJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8yYTQyMGQtOWQwZS00ZWE4LTk1YmMtZjUzZDllMzZlOTVh
LzEvdHhSWlhGRERVWkliRGVtbGRVQ2hYbHdjWVlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuYqnMA0E
AgACMAcDBQMqEQDAMA0GCSqGSIb3DQEBCwUAA4IBAQB1iWls1d8MIiFVDjQRVCh1
qWvWX0fGJBtsABrlH2tAX2lc2EmQj1b9cpzzu8gf3hIPZBrOIRvs7Z3SurPm9aVB
DA4vUtYnqSytHHrnHE3HUSNA8pfPJT7nfEJUDjt5DKyO81LKGtOP3zkergtiVAap
2MXqK+s2SQC0iBIzPEDsmt+Kxfg/601lJvXszs+9ED1IznHNUTJyfHo6FrBrFGvf
Ce92G7o3yw44sCU3bcAnq9wjlNUtLjsKmb5P+gnwaGDgIwYoMcH+Gl9R8s7/oeV5
x0QIEJVPl6OwB5f+VmDoLMG/KjCU8vkN4g0lR7lHZ+l4Aw42UbDHojvee2aClytp
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:15 2024 by rpki-client on console-ams.rpki-client.org