Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/6c54a9-9fe5-4893-9da7-7b986633ac5e/1/b-_tdTvR7M0Fyw9nHk9HLoxgwdo.roa
File: b-_tdTvR7M0Fyw9nHk9HLoxgwdo.roa (raw, json)
Hash identifier: +pmbz8Q8cDroFhwiobrvEajU/4UdMC5N0VPDx5xLCkI=
Subject key identifier: 6F:EF:ED:75:3B:D1:EC:CD:05:CB:0F:67:1E:4F:47:2E:8C:60:C1:DA
Certificate issuer: /CN=229fb0fb3d278e1b280a777de200efbd08baac30
Certificate serial: 01882EA7E12CA06E241E2B76151F72E472F8
Authority key identifier: 22:9F:B0:FB:3D:27:8E:1B:28:0A:77:7D:E2:00:EF:BD:08:BA:AC:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ip-w-z0njhsoCnd94gDvvQi6rDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/6c54a9-9fe5-4893-9da7-7b986633ac5e/1/b-_tdTvR7M0Fyw9nHk9HLoxgwdo.roa
Signing time: Thu 18 May 2023 11:38:54 +0000
ROA not before: Thu 18 May 2023 11:38:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206927
IP address blocks: 185.171.176.0/24 maxlen: 24
185.171.179.0/24 maxlen: 24
185.171.178.0/24 maxlen: 24
185.171.177.0/24 maxlen: 24
2a0a:e100::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:2e:a7:e1:2c:a0:6e:24:1e:2b:76:15:1f:72:e4:72:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=229fb0fb3d278e1b280a777de200efbd08baac30
Validity
Not Before: May 18 11:38:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fefed753bd1eccd05cb0f671e4f472e8c60c1da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e4:b8:d1:f1:b2:d7:c4:04:93:29:df:ff:99:
bf:4d:51:f6:0b:be:31:00:ab:9e:03:0e:ee:86:da:
90:90:8f:99:30:8c:6a:8a:e3:43:89:33:45:4f:b1:
8d:48:bd:1f:95:a0:3b:c6:c2:d0:2b:45:df:1d:ad:
b7:4a:e1:c1:0f:5a:7f:f5:f0:72:2c:90:ec:22:43:
fb:a9:56:fe:bf:be:ca:c8:d7:d9:d0:e9:01:a2:1e:
43:39:e2:78:02:ea:23:f8:a2:2e:16:b0:e0:d3:26:
17:82:c3:74:25:fa:82:5e:66:99:24:45:b5:5b:e5:
41:9a:c1:6a:e0:b6:fa:c3:fd:0c:6b:1b:22:c5:5d:
e7:a5:77:9c:31:e7:38:8f:b2:e9:db:1d:57:a0:70:
98:40:a8:9a:2c:cd:6b:52:9a:b3:94:11:0c:4b:45:
bb:bd:23:60:95:aa:d3:f2:d8:27:99:2f:89:eb:f5:
f8:3c:bc:60:14:1e:f4:9a:03:4a:42:d6:f2:5d:94:
90:d3:57:00:eb:0b:19:a9:d9:46:f8:6d:cd:b8:25:
b5:6e:bb:3d:42:86:20:89:80:81:f9:5e:46:87:d7:
a8:41:ef:70:08:62:ee:3d:f2:ac:fd:23:2b:2e:d2:
46:ea:83:cd:3f:28:e9:17:e1:7a:72:db:90:12:7a:
c0:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:EF:ED:75:3B:D1:EC:CD:05:CB:0F:67:1E:4F:47:2E:8C:60:C1:DA
X509v3 Authority Key Identifier:
keyid:22:9F:B0:FB:3D:27:8E:1B:28:0A:77:7D:E2:00:EF:BD:08:BA:AC:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ip-w-z0njhsoCnd94gDvvQi6rDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/6c54a9-9fe5-4893-9da7-7b986633ac5e/1/b-_tdTvR7M0Fyw9nHk9HLoxgwdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/6c54a9-9fe5-4893-9da7-7b986633ac5e/1/Ip-w-z0njhsoCnd94gDvvQi6rDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.176.0/22
IPv6:
2a0a:e100::/29
Signature Algorithm: sha256WithRSAEncryption
4e:54:cd:c3:7c:a0:d4:85:72:39:0e:0b:52:43:26:1b:8c:1c:
fb:dc:b2:04:e2:5b:cb:47:83:25:d3:2b:91:7f:69:bf:17:7a:
dd:05:c4:a3:79:35:92:8a:31:77:f0:a3:e2:32:df:72:a5:be:
e7:06:6d:ec:82:3a:3e:28:1c:3b:7b:07:e2:65:16:09:2c:12:
f9:93:d4:08:6e:45:89:6b:e4:0d:08:3b:b8:b6:33:cd:c5:f5:
cb:29:8a:6b:e4:45:a6:33:09:12:4e:8d:46:51:e4:0d:9d:e4:
5b:93:72:ec:b6:f0:7e:01:28:44:fe:55:69:ae:e4:3b:d6:11:
71:d4:9b:19:cd:27:ed:58:22:16:7a:f6:1e:a5:93:a3:14:e5:
23:fa:e8:5f:50:05:05:c4:68:88:de:6c:7f:33:cc:c1:21:3e:
8f:59:0f:93:49:f2:a0:4c:3f:a7:43:a9:46:da:42:39:65:82:
98:3d:87:15:2c:ce:56:fb:ab:3c:93:cf:90:83:69:11:30:eb:
96:88:ae:d9:2e:7f:a4:b5:ee:2a:d2:51:1a:95:b9:cf:33:f6:
6f:34:00:0f:e5:a7:07:2a:70:8a:5a:e4:d6:30:17:25:d5:28:
88:e3:66:eb:9e:56:f8:bd:a5:70:d1:90:96:19:be:e5:13:73:
4d:44:a7:ad
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYgup+EsoG4kHit2FR9y5HL4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyOWZiMGZiM2QyNzhlMWIyODBhNzc3ZGUyMDBlZmJkMDhi
YWFjMzAwHhcNMjMwNTE4MTEzODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmVmZWQ3NTNiZDFlY2NkMDVjYjBmNjcxZTRmNDcyZThjNjBjMWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeS40fGy18QEkynf/5m/TVH2C74x
AKueAw7uhtqQkI+ZMIxqiuNDiTNFT7GNSL0flaA7xsLQK0XfHa23SuHBD1p/9fBy
LJDsIkP7qVb+v77KyNfZ0OkBoh5DOeJ4Auoj+KIuFrDg0yYXgsN0JfqCXmaZJEW1
W+VBmsFq4Lb6w/0MaxsixV3npXecMec4j7Lp2x1XoHCYQKiaLM1rUpqzlBEMS0W7
vSNglarT8tgnmS+J6/X4PLxgFB70mgNKQtbyXZSQ01cA6wsZqdlG+G3NuCW1brs9
QoYgiYCB+V5Gh9eoQe9wCGLuPfKs/SMrLtJG6oPNPyjpF+F6ctuQEnrABQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG/v7XU70ezNBcsPZx5PRy6MYMHaMB8GA1UdIwQY
MBaAFCKfsPs9J44bKAp3feIA770IuqwwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXAtdy16MG5qaHNvQ25kOTRnRHZ2UWk2ckRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS82YzU0YTktOWZlNS00ODkzLTlkYTct
N2I5ODY2MzNhYzVlLzEvYi1fdGRUdlI3TTBGeXc5bkhrOUhMb3hnd2RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS82YzU0YTktOWZlNS00ODkzLTlkYTctN2I5ODY2MzNhYzVl
LzEvSXAtdy16MG5qaHNvQ25kOTRnRHZ2UWk2ckRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuauwMA0E
AgACMAcDBQMqCuEAMA0GCSqGSIb3DQEBCwUAA4IBAQBOVM3DfKDUhXI5DgtSQyYb
jBz73LIE4lvLR4Ml0yuRf2m/F3rdBcSjeTWSijF38KPiMt9ypb7nBm3sgjo+KBw7
ewfiZRYJLBL5k9QIbkWJa+QNCDu4tjPNxfXLKYpr5EWmMwkSTo1GUeQNneRbk3Ls
tvB+AShE/lVpruQ71hFx1JsZzSftWCIWevYepZOjFOUj+uhfUAUFxGiI3mx/M8zB
IT6PWQ+TSfKgTD+nQ6lG2kI5ZYKYPYcVLM5W+6s8k8+Qg2kRMOuWiK7ZLn+kte4q
0lEalbnPM/ZvNAAP5acHKnCKWuTWMBcl1SiI42brnlb4vaVw0ZCWGb7lE3NNRKet
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:30 2024 by rpki-client on console-ams.rpki-client.org