Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/h1JhC3pj6L5H4u9v4rYKFNZZ_DM.roa
File: h1JhC3pj6L5H4u9v4rYKFNZZ_DM.roa (raw, json)
Hash identifier: F/V4CulY/M2rxE7v3eX5GIvTTpmAfWAXMllEF5O80h4=
Subject key identifier: 87:52:61:0B:7A:63:E8:BE:47:E2:EF:6F:E2:B6:0A:14:D6:59:FC:33
Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial: 018E4545C85FB59D457D4FC58BC174A41253
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/h1JhC3pj6L5H4u9v4rYKFNZZ_DM.roa
Signing time: Sat 16 Mar 2024 03:19:44 +0000
ROA not before: Sat 16 Mar 2024 03:19:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 185.126.158.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jul 2024 09:02:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:45:45:c8:5f:b5:9d:45:7d:4f:c5:8b:c1:74:a4:12:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Validity
Not Before: Mar 16 03:19:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8752610b7a63e8be47e2ef6fe2b60a14d659fc33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b1:b9:d7:ec:14:35:4d:b9:4a:cb:46:be:01:
00:9d:d6:de:bb:4c:ee:6f:78:25:4a:be:ff:2d:98:
59:97:91:86:45:35:e7:c9:70:94:e4:b5:2b:e3:33:
b2:8b:bd:07:6b:64:29:be:44:44:01:7a:fd:13:b7:
d0:cf:42:24:72:47:ab:da:ef:b4:7b:47:7e:30:b2:
71:df:8f:dd:ac:c0:da:4a:ec:a8:30:ad:06:c7:fc:
55:4d:47:3c:a0:89:15:9c:c6:32:7a:03:f4:a0:08:
aa:6d:29:81:9c:ef:8b:0a:50:a1:60:5b:5c:80:cb:
e1:ef:ea:b2:9c:b7:b4:12:a2:9a:8c:d0:bd:54:47:
ac:59:f5:1c:62:38:06:9f:81:22:df:d3:c7:61:d3:
a5:6b:e7:7f:4e:af:8d:45:cd:2c:51:d4:43:f7:56:
59:e2:68:44:a5:65:6a:8c:92:4f:58:28:0f:43:69:
17:a9:bc:8c:36:ce:19:7d:87:3a:20:45:6c:81:b1:
8a:bd:70:de:eb:02:d5:7d:08:79:a1:b9:c0:76:dc:
9b:9b:04:55:b8:bb:a5:c4:68:ec:ea:91:11:f6:20:
01:b5:7f:ab:d1:c4:12:de:91:49:c8:b3:3c:8d:2c:
c0:89:86:5a:d5:0b:34:a9:a4:a4:64:b1:86:7f:89:
45:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:52:61:0B:7A:63:E8:BE:47:E2:EF:6F:E2:B6:0A:14:D6:59:FC:33
X509v3 Authority Key Identifier:
keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/h1JhC3pj6L5H4u9v4rYKFNZZ_DM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.158.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:87:75:b2:fb:d9:2b:09:93:78:a0:83:18:8d:dc:74:5f:db:
71:d4:94:ff:4d:c5:b2:f3:b7:db:2d:d3:47:63:02:50:7e:39:
bb:98:1e:35:97:12:81:7c:f0:bc:23:35:35:5c:8a:08:da:ba:
c1:40:64:38:0d:8a:f7:12:26:1d:c7:8e:e4:e4:97:75:45:f3:
90:5a:8b:7f:28:fe:04:c3:9e:21:43:32:62:49:d5:5e:65:55:
36:01:5e:b8:b1:75:93:7b:6b:67:c9:a0:3b:dc:dd:9e:d2:d4:
7b:11:97:45:8b:72:fe:24:7c:eb:79:b7:cb:4a:72:cc:19:7b:
5e:36:58:d1:1a:70:2f:bb:0c:1b:9e:2c:5c:98:82:43:49:41:
b8:20:2e:bf:18:c4:61:a0:2d:fe:4b:cb:f0:0a:69:a2:99:4c:
19:1a:d3:2a:8e:0c:b7:3d:d1:b3:54:8c:4f:60:81:36:31:31:
8a:db:0d:3f:28:2d:da:b4:50:b0:bc:9f:65:3b:4b:f2:ce:25:
6e:4d:b5:70:04:cd:02:91:08:cf:74:35:ee:78:3b:b1:45:04:
06:c4:ad:8f:7c:9b:75:6a:4c:07:54:9e:07:11:78:95:55:cb:
16:7c:41:53:29:68:fa:58:2f:d1:78:33:1c:ae:5e:a2:05:19:
f3:d7:cf:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5FRchftZ1FfU/Fi8F0pBJTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjQwMzE2MDMxOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzUyNjEwYjdhNjNlOGJlNDdlMmVmNmZlMmI2MGExNGQ2NTlmYzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrG51+wUNU25SstGvgEAndbeu0zu
b3glSr7/LZhZl5GGRTXnyXCU5LUr4zOyi70Ha2QpvkREAXr9E7fQz0Ikcker2u+0
e0d+MLJx34/drMDaSuyoMK0Gx/xVTUc8oIkVnMYyegP0oAiqbSmBnO+LClChYFtc
gMvh7+qynLe0EqKajNC9VEesWfUcYjgGn4Ei39PHYdOla+d/Tq+NRc0sUdRD91ZZ
4mhEpWVqjJJPWCgPQ2kXqbyMNs4ZfYc6IEVsgbGKvXDe6wLVfQh5obnAdtybmwRV
uLulxGjs6pER9iABtX+r0cQS3pFJyLM8jSzAiYZa1Qs0qaSkZLGGf4lFSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIdSYQt6Y+i+R+Lvb+K2ChTWWfwzMB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvaDFKaEMzcGo2TDVINHU5djRyWUtGTlpaX0RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuX6eMA0G
CSqGSIb3DQEBCwUAA4IBAQA6h3Wy+9krCZN4oIMYjdx0X9tx1JT/TcWy87fbLdNH
YwJQfjm7mB41lxKBfPC8IzU1XIoI2rrBQGQ4DYr3EiYdx47k5Jd1RfOQWot/KP4E
w54hQzJiSdVeZVU2AV64sXWTe2tnyaA73N2e0tR7EZdFi3L+JHzrebfLSnLMGXte
NljRGnAvuwwbnixcmIJDSUG4IC6/GMRhoC3+S8vwCmmimUwZGtMqjgy3PdGzVIxP
YIE2MTGK2w0/KC3atFCwvJ9lO0vyziVuTbVwBM0CkQjPdDXueDuxRQQGxK2PfJt1
akwHVJ4HEXiVVcsWfEFTKWj6WC/ReDMcrl6iBRnz18/c
-----END CERTIFICATE-----
Generated at Tue Jul 16 12:52:53 2024 by rpki-client on console-ams.rpki-client.org