Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/4ONHvc7UP9zJ9_S1szhcQGeUPWc.roa
File: 4ONHvc7UP9zJ9_S1szhcQGeUPWc.roa (raw, json)
Hash identifier: guyzoDtTJ4jy8f8R7meLUQ+4MiDpKKzKwyRtb2duwPI=
Subject key identifier: E0:E3:47:BD:CE:D4:3F:DC:C9:F7:F4:B5:B3:38:5C:40:67:94:3D:67
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018CC42555D90DD9173275DCE9FF59C6DE54
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/4ONHvc7UP9zJ9_S1szhcQGeUPWc.roa
Signing time: Mon 01 Jan 2024 08:30:30 +0000
ROA not before: Mon 01 Jan 2024 08:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21161
IP address blocks: 185.186.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Jan 2024 15:24:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:55:d9:0d:d9:17:32:75:dc:e9:ff:59:c6:de:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 08:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0e347bdced43fdcc9f7f4b5b3385c4067943d67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:8d:f5:ee:b4:87:a0:a2:3a:66:f3:c8:c0:a1:
62:5d:19:6e:40:c1:70:19:a8:96:73:9d:48:cc:57:
27:cf:67:d3:72:24:fc:c7:9e:72:98:bb:51:fa:de:
4d:16:4a:f3:ca:75:aa:63:48:2e:e3:8d:58:81:73:
83:93:ac:6c:7e:a0:e7:5a:2a:ab:06:89:94:83:fb:
16:cf:a7:d2:77:65:0b:6f:cd:a1:21:07:39:65:a0:
bc:de:68:00:37:2e:00:39:50:8d:47:e7:2b:2d:8b:
e7:fd:91:5b:c4:0d:8e:f5:a6:80:16:8c:75:b2:13:
3b:6a:53:b9:85:b8:1b:ff:d6:56:0c:bc:69:01:1a:
58:d0:6b:ad:52:21:c0:97:a3:f3:e1:13:17:35:77:
d2:34:6b:29:17:20:f8:ea:bb:e3:9f:c1:41:c6:89:
a2:d4:0f:5b:23:41:78:93:59:a3:68:c3:ec:7a:c9:
28:d7:45:33:80:86:20:41:2d:2e:21:3b:00:c0:75:
88:59:49:c9:db:19:3f:8f:04:9f:3a:c1:2e:47:42:
48:ab:2a:9a:74:8c:6d:1a:cc:4e:b5:80:4b:d2:a0:
fe:fb:8c:ee:14:1c:64:20:b1:d2:79:cc:a8:2b:19:
44:d0:70:6f:d5:28:dc:84:8d:cb:09:06:1e:ac:4b:
21:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:E3:47:BD:CE:D4:3F:DC:C9:F7:F4:B5:B3:38:5C:40:67:94:3D:67
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/4ONHvc7UP9zJ9_S1szhcQGeUPWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.67.0/24
Signature Algorithm: sha256WithRSAEncryption
27:a4:9e:d7:1c:c0:30:13:78:92:80:8f:87:74:dc:0f:ae:dc:
b5:09:65:9f:32:e4:87:a0:89:cf:26:17:02:13:d4:88:62:22:
8d:93:ec:17:3c:b4:5f:1d:3d:25:20:f9:70:a1:b9:54:a2:de:
aa:71:e6:2c:c1:a1:08:c4:75:0f:a4:45:e9:81:76:d5:a5:2a:
3c:2a:67:85:ba:bc:4a:e3:32:30:5b:d2:28:67:bc:2d:ba:60:
51:83:8f:0c:20:99:f1:07:fa:e5:6c:d2:ac:ca:a1:ac:16:ab:
d1:35:84:d5:9a:f4:95:80:c8:c2:cc:57:33:ec:e1:d4:d0:7d:
ae:44:cf:2c:bf:02:5c:73:f6:c3:d4:ba:4c:15:9e:90:65:88:
b5:42:46:9e:e8:86:97:d7:46:d5:ea:0b:28:14:71:08:35:d5:
b0:74:4a:94:76:4b:6b:e8:85:7e:8e:5c:ab:47:74:b8:90:a7:
0f:62:bc:39:b2:93:8b:50:d0:3c:e1:58:b5:57:79:ba:ab:1a:
1b:54:30:7a:e4:13:98:ac:75:e4:9e:50:4f:f7:3a:04:d0:79:
07:3e:d3:37:50:e2:0a:e8:72:b2:92:4f:fa:8c:5d:22:85:36:
68:a0:56:c4:d1:ce:5c:da:2c:db:19:aa:77:20:77:9f:af:2b:
4d:a1:4a:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJVXZDdkXMnXc6f9Zxt5UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwMTAxMDgzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGUzNDdiZGNlZDQzZmRjYzlmN2Y0YjViMzM4NWM0MDY3OTQzZDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkI317rSHoKI6ZvPIwKFiXRluQMFw
GaiWc51IzFcnz2fTciT8x55ymLtR+t5NFkrzynWqY0gu441YgXODk6xsfqDnWiqr
BomUg/sWz6fSd2ULb82hIQc5ZaC83mgANy4AOVCNR+crLYvn/ZFbxA2O9aaAFox1
shM7alO5hbgb/9ZWDLxpARpY0GutUiHAl6Pz4RMXNXfSNGspFyD46rvjn8FBxomi
1A9bI0F4k1mjaMPsesko10UzgIYgQS0uITsAwHWIWUnJ2xk/jwSfOsEuR0JIqyqa
dIxtGsxOtYBL0qD++4zuFBxkILHSecyoKxlE0HBv1SjchI3LCQYerEsh6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFODjR73O1D/cyff0tbM4XEBnlD1nMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvNE9OSHZjN1VQOXpKOV9TMXN6aGNRR2VVUFdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubpDMA0G
CSqGSIb3DQEBCwUAA4IBAQAnpJ7XHMAwE3iSgI+HdNwPrty1CWWfMuSHoInPJhcC
E9SIYiKNk+wXPLRfHT0lIPlwoblUot6qceYswaEIxHUPpEXpgXbVpSo8KmeFurxK
4zIwW9IoZ7wtumBRg48MIJnxB/rlbNKsyqGsFqvRNYTVmvSVgMjCzFcz7OHU0H2u
RM8svwJcc/bD1LpMFZ6QZYi1Qkae6IaX10bV6gsoFHEINdWwdEqUdktr6IV+jlyr
R3S4kKcPYrw5spOLUNA84Vi1V3m6qxobVDB65BOYrHXknlBP9zoE0HkHPtM3UOIK
6HKykk/6jF0ihTZooFbE0c5c2izbGap3IHefrytNoUps
-----END CERTIFICATE-----
Generated at Thu Jan 25 18:43:16 2024 by rpki-client on console-ams.rpki-client.org