Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/22QG6yUx4sSzVOxov4axWYPlwi0.roa
File: 22QG6yUx4sSzVOxov4axWYPlwi0.roa (raw, json)
Hash identifier: /laC4HOfuV4icJUkRwhm45fi2AlJuzm7S+h7t232htk=
Subject key identifier: DB:64:06:EB:25:31:E2:C4:B3:54:EC:68:BF:86:B1:59:83:E5:C2:2D
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018CC42574CE390B6CCA33E3D550E17C9D2F
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/22QG6yUx4sSzVOxov4axWYPlwi0.roa
Signing time: Mon 01 Jan 2024 08:30:38 +0000
ROA not before: Mon 01 Jan 2024 08:30:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212685
IP address blocks: 85.202.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 14:13:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:74:ce:39:0b:6c:ca:33:e3:d5:50:e1:7c:9d:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 08:30:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db6406eb2531e2c4b354ec68bf86b15983e5c22d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:84:e8:e0:39:f1:8a:2b:b0:b2:8f:88:35:0e:
30:f1:3a:c6:81:6d:a6:a0:54:23:7e:c7:85:99:b9:
a5:6d:f4:1c:61:57:23:3c:81:5b:37:c2:d8:10:7c:
dd:06:6b:83:b3:79:72:00:9f:e2:da:c1:54:12:70:
e8:c2:e2:18:a0:69:0b:95:73:95:18:fd:ff:01:71:
11:c2:6c:db:09:f2:70:54:68:d9:73:49:8a:41:09:
bc:df:e9:ab:0b:a4:b5:a6:1a:c4:90:0f:6f:11:44:
a4:76:57:68:71:02:d2:87:ba:db:3d:8a:03:f8:a5:
3d:92:32:44:b2:cf:a2:5b:89:8b:07:25:93:d7:9c:
f7:33:19:96:10:86:2a:f8:4a:c3:9a:51:c3:e8:ec:
db:3e:27:37:e8:de:d8:c0:f4:e1:30:29:65:38:ce:
44:0d:4b:dd:af:ce:fd:ae:1f:50:e4:3e:0b:67:b5:
c4:08:a6:7a:9f:7f:37:fa:38:03:b4:4e:77:b5:a7:
29:65:f9:0a:7f:56:a1:f5:d6:0b:97:16:28:1d:04:
68:1e:06:7b:f0:be:ce:26:7c:9f:1b:ab:76:2e:88:
a6:8a:58:da:a2:2e:d0:6f:f6:46:a3:ee:c6:b2:6b:
b2:d7:7b:fd:ea:b0:78:98:7f:27:cd:13:40:ba:55:
b9:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:64:06:EB:25:31:E2:C4:B3:54:EC:68:BF:86:B1:59:83:E5:C2:2D
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/22QG6yUx4sSzVOxov4axWYPlwi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.163.0/24
Signature Algorithm: sha256WithRSAEncryption
59:97:31:d5:4e:9d:7a:1d:87:ce:89:92:65:40:4b:f8:c2:1f:
9c:e1:e8:61:bc:9d:af:24:bb:51:fe:83:9a:67:bf:c6:1f:69:
52:9f:89:48:62:a7:ea:df:27:d5:19:16:e9:16:4d:25:bd:57:
24:e6:11:5e:85:de:6b:ea:f7:87:0d:df:c1:f9:da:81:65:db:
a2:c0:87:ea:74:c1:d7:d1:ef:3b:cc:a6:99:82:76:f8:1c:c0:
0a:db:e5:88:f6:74:0e:d1:26:dd:45:e6:98:39:7d:6e:82:18:
a2:e8:8d:dd:06:b7:c3:2e:f8:f8:aa:e6:c8:69:ed:75:58:0c:
a7:88:3f:4e:75:5a:31:ca:46:08:28:52:60:cb:bc:6b:29:05:
9a:0e:26:b3:84:36:78:a4:9d:3f:8a:ae:4e:c9:75:94:3a:4d:
65:e7:2c:4f:a0:8d:8c:00:ad:b2:11:9b:fb:a3:fd:df:80:d7:
be:7c:24:7a:3c:6e:31:f2:97:2a:68:36:9f:3d:1a:fc:f2:1b:
92:04:0b:d9:04:c9:03:14:07:36:42:22:96:77:b8:73:f4:9b:
3a:f2:63:56:c1:62:57:74:46:56:63:b6:57:86:eb:7e:94:a5:
50:06:e2:32:85:87:64:a2:f2:27:8f:e1:78:68:c7:5d:5c:42:
6f:d7:f0:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJXTOOQtsyjPj1VDhfJ0vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwMTAxMDgzMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjY0MDZlYjI1MzFlMmM0YjM1NGVjNjhiZjg2YjE1OTgzZTVjMjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04To4Dnxiiuwso+INQ4w8TrGgW2m
oFQjfseFmbmlbfQcYVcjPIFbN8LYEHzdBmuDs3lyAJ/i2sFUEnDowuIYoGkLlXOV
GP3/AXERwmzbCfJwVGjZc0mKQQm83+mrC6S1phrEkA9vEUSkdldocQLSh7rbPYoD
+KU9kjJEss+iW4mLByWT15z3MxmWEIYq+ErDmlHD6OzbPic36N7YwPThMCllOM5E
DUvdr879rh9Q5D4LZ7XECKZ6n383+jgDtE53tacpZfkKf1ah9dYLlxYoHQRoHgZ7
8L7OJnyfG6t2Loimiljaoi7Qb/ZGo+7Gsmuy13v96rB4mH8nzRNAulW57wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNtkBuslMeLEs1TsaL+GsVmD5cItMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvMjJRRzZ5VXg0c1N6Vk94b3Y0YXhXWVBsd2kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcqjMA0G
CSqGSIb3DQEBCwUAA4IBAQBZlzHVTp16HYfOiZJlQEv4wh+c4ehhvJ2vJLtR/oOa
Z7/GH2lSn4lIYqfq3yfVGRbpFk0lvVck5hFehd5r6veHDd/B+dqBZduiwIfqdMHX
0e87zKaZgnb4HMAK2+WI9nQO0SbdReaYOX1ughii6I3dBrfDLvj4qubIae11WAyn
iD9OdVoxykYIKFJgy7xrKQWaDiazhDZ4pJ0/iq5OyXWUOk1l5yxPoI2MAK2yEZv7
o/3fgNe+fCR6PG4x8pcqaDafPRr88huSBAvZBMkDFAc2QiKWd7hz9Js68mNWwWJX
dEZWY7ZXhut+lKVQBuIyhYdkovInj+F4aMddXEJv1/AJ
-----END CERTIFICATE-----
Generated at Thu Feb 1 19:21:01 2024 by rpki-client on console-ams.rpki-client.org