Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/d2354a-f3c2-41d5-b292-a9d267acf664/1/PaadP70yrD642QjZMFy1juKz1tE.roa
File: PaadP70yrD642QjZMFy1juKz1tE.roa (raw, json)
Hash identifier: tl25nT2J6Uhpe3cgccXAe/zg1Xr9lAOf+q7AaIRf2NQ=
Subject key identifier: 3D:A6:9D:3F:BD:32:AC:3E:B8:D9:08:D9:30:5C:B5:8E:E2:B3:D6:D1
Certificate issuer: /CN=29e46e75865e8d4a081e4b5dda46d3c94003679b
Certificate serial: 01856FF044A4CF815C9E3F0A108FD6ACA51F
Authority key identifier: 29:E4:6E:75:86:5E:8D:4A:08:1E:4B:5D:DA:46:D3:C9:40:03:67:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KeRudYZejUoIHktd2kbTyUADZ5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/d2354a-f3c2-41d5-b292-a9d267acf664/1/PaadP70yrD642QjZMFy1juKz1tE.roa
Signing time: Mon 02 Jan 2023 00:44:55 +0000
ROA not before: Mon 02 Jan 2023 00:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43783
IP address blocks: 185.167.56.0/22 maxlen: 22
185.167.56.0/24 maxlen: 24
185.167.58.0/24 maxlen: 24
185.167.57.0/24 maxlen: 24
185.167.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:44:a4:cf:81:5c:9e:3f:0a:10:8f:d6:ac:a5:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29e46e75865e8d4a081e4b5dda46d3c94003679b
Validity
Not Before: Jan 2 00:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3da69d3fbd32ac3eb8d908d9305cb58ee2b3d6d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:94:43:01:c3:f7:48:0b:6b:e1:ec:db:36:b7:
3b:51:e4:f9:86:e3:68:cc:f5:da:96:b5:4c:8e:ff:
96:a9:19:f4:8a:fd:69:d7:e7:f0:b2:0e:68:b3:33:
20:17:1d:4c:39:06:e8:e0:12:c4:cc:78:c6:bc:28:
bb:e2:47:f0:a3:af:e5:e0:49:a5:16:4f:59:ba:4d:
9c:c8:5b:f4:64:7f:80:1b:88:d3:8e:4a:7e:53:00:
bc:89:4a:e4:dc:6b:e2:09:04:28:20:a6:20:01:80:
35:5d:13:b0:01:40:ea:ba:f2:16:19:c2:60:5b:1a:
de:c3:c7:cc:d2:9f:b5:32:a3:b5:16:52:46:02:a2:
45:80:b6:89:da:c2:56:ad:b1:cb:ab:58:81:4a:1a:
fe:77:9b:66:36:7b:0b:c7:86:cb:51:6f:f0:fa:6f:
6a:21:1b:e1:17:d5:63:62:47:fd:c8:a4:cb:45:22:
15:69:f6:bc:27:c9:2d:3b:f0:11:0d:a4:68:f5:cf:
fb:06:db:52:91:d0:90:e1:d7:17:ee:4f:1b:8b:f2:
83:56:37:5b:7d:92:87:a7:58:cb:d7:61:64:2d:75:
f9:76:32:87:f1:d4:9a:09:e0:d7:7a:96:26:1f:e9:
64:55:b2:32:cc:ed:4b:9d:5b:01:04:7f:75:78:13:
eb:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:A6:9D:3F:BD:32:AC:3E:B8:D9:08:D9:30:5C:B5:8E:E2:B3:D6:D1
X509v3 Authority Key Identifier:
keyid:29:E4:6E:75:86:5E:8D:4A:08:1E:4B:5D:DA:46:D3:C9:40:03:67:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KeRudYZejUoIHktd2kbTyUADZ5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d2354a-f3c2-41d5-b292-a9d267acf664/1/PaadP70yrD642QjZMFy1juKz1tE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d2354a-f3c2-41d5-b292-a9d267acf664/1/KeRudYZejUoIHktd2kbTyUADZ5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.56.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:fa:52:be:34:19:a0:00:9c:7f:18:8b:9b:10:bf:99:63:5c:
db:6d:ef:be:a1:55:30:04:85:3f:1f:01:10:36:0e:21:89:7b:
c1:56:1a:6c:2f:83:4b:a7:16:f6:07:38:dc:ed:2b:22:3e:41:
15:69:4b:dc:4c:a7:59:bb:27:b7:47:c5:2f:3a:59:2c:56:9d:
e9:16:db:d6:24:5a:c6:dc:7b:ca:c4:38:95:5c:20:d7:be:b5:
e6:96:04:32:99:b5:ae:fb:2a:d1:b9:90:3a:27:c9:5e:c2:38:
6e:b7:93:18:62:ce:da:ee:ac:79:bf:9d:60:5f:68:43:17:df:
4f:bb:02:c3:7e:c3:26:1c:94:d7:53:3f:df:64:5d:46:5d:0f:
6d:e9:7b:14:90:1f:d3:30:c6:34:8f:b4:3f:a6:b0:3e:03:2a:
a7:b2:3d:b9:a8:7e:8a:17:1b:ca:5f:ec:04:a4:03:a8:14:d8:
65:d4:57:6d:9e:17:f0:40:f6:3b:07:98:77:b1:b9:97:0b:97:
d6:b7:a3:ce:f5:57:9e:c5:cc:b0:a7:7c:83:49:18:6a:5f:cb:
75:79:7b:4c:ed:46:49:74:57:55:be:b9:db:29:21:d6:a0:14:
ca:ce:05:a0:30:31:73:47:6a:a5:63:02:ef:d6:f4:63:e7:5b:
35:4e:9a:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv8ESkz4Fcnj8KEI/WrKUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZTQ2ZTc1ODY1ZThkNGEwODFlNGI1ZGRhNDZkM2M5NDAw
MzY3OWIwHhcNMjMwMTAyMDA0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGE2OWQzZmJkMzJhYzNlYjhkOTA4ZDkzMDVjYjU4ZWUyYjNkNmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJRDAcP3SAtr4ezbNrc7UeT5huNo
zPXalrVMjv+WqRn0iv1p1+fwsg5oszMgFx1MOQbo4BLEzHjGvCi74kfwo6/l4Eml
Fk9Zuk2cyFv0ZH+AG4jTjkp+UwC8iUrk3GviCQQoIKYgAYA1XROwAUDquvIWGcJg
Wxrew8fM0p+1MqO1FlJGAqJFgLaJ2sJWrbHLq1iBShr+d5tmNnsLx4bLUW/w+m9q
IRvhF9VjYkf9yKTLRSIVafa8J8ktO/ARDaRo9c/7BttSkdCQ4dcX7k8bi/KDVjdb
fZKHp1jL12FkLXX5djKH8dSaCeDXepYmH+lkVbIyzO1LnVsBBH91eBPrXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD2mnT+9Mqw+uNkI2TBctY7is9bRMB8GA1UdIwQY
MBaAFCnkbnWGXo1KCB5LXdpG08lAA2ebMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2VSdWRZWmVqVW9JSGt0ZDJrYlR5VUFEWjVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9kMjM1NGEtZjNjMi00MWQ1LWIyOTIt
YTlkMjY3YWNmNjY0LzEvUGFhZFA3MHlyRDY0MlFqWk1GeTFqdUt6MXRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9kMjM1NGEtZjNjMi00MWQ1LWIyOTItYTlkMjY3YWNmNjY0
LzEvS2VSdWRZWmVqVW9JSGt0ZDJrYlR5VUFEWjVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuac4MA0G
CSqGSIb3DQEBCwUAA4IBAQCf+lK+NBmgAJx/GIubEL+ZY1zbbe++oVUwBIU/HwEQ
Ng4hiXvBVhpsL4NLpxb2Bzjc7SsiPkEVaUvcTKdZuye3R8UvOlksVp3pFtvWJFrG
3HvKxDiVXCDXvrXmlgQymbWu+yrRuZA6J8lewjhut5MYYs7a7qx5v51gX2hDF99P
uwLDfsMmHJTXUz/fZF1GXQ9t6XsUkB/TMMY0j7Q/prA+Ayqnsj25qH6KFxvKX+wE
pAOoFNhl1FdtnhfwQPY7B5h3sbmXC5fWt6PO9Veexcywp3yDSRhqX8t1eXtM7UZJ
dFdVvrnbKSHWoBTKzgWgMDFzR2qlYwLv1vRj51s1TppX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:26 2024 by rpki-client on console-fra.rpki-client.org