Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/9aa058-384c-4234-b492-c68d7f9c7818/1/AmAdvPRbIwA0xATzjAlYOIngokQ.roa
File: AmAdvPRbIwA0xATzjAlYOIngokQ.roa (raw, json)
Hash identifier: 2n2qUwqI3iDueZjsrrHUSUYlCAM9g2w4awDVKWY+S50=
Subject key identifier: 02:60:1D:BC:F4:5B:23:00:34:C4:04:F3:8C:09:58:38:89:E0:A2:44
Certificate issuer: /CN=3b413164a13c24ca77847774a6eb57105ee7809f
Certificate serial: 0185727102DDE0743D9EDB93649ACB715B33
Authority key identifier: 3B:41:31:64:A1:3C:24:CA:77:84:77:74:A6:EB:57:10:5E:E7:80:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0ExZKE8JMp3hHd0putXEF7ngJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/9aa058-384c-4234-b492-c68d7f9c7818/1/AmAdvPRbIwA0xATzjAlYOIngokQ.roa
Signing time: Mon 02 Jan 2023 12:24:46 +0000
ROA not before: Mon 02 Jan 2023 12:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61129
IP address blocks: 185.67.157.0/24 maxlen: 24
185.67.158.0/24 maxlen: 24
185.67.159.0/24 maxlen: 24
185.67.156.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:02:dd:e0:74:3d:9e:db:93:64:9a:cb:71:5b:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b413164a13c24ca77847774a6eb57105ee7809f
Validity
Not Before: Jan 2 12:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02601dbcf45b230034c404f38c09583889e0a244
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:43:95:82:a7:dc:43:7a:09:7b:2b:de:3c:2d:
9c:a6:7f:bd:58:41:08:d0:7c:4c:bd:48:f0:a8:e8:
7f:5a:76:ed:37:82:0d:f2:f5:78:f2:26:32:e5:83:
88:0e:9e:eb:00:a0:d0:7f:9f:24:6e:e1:45:cc:43:
a0:a6:08:d5:db:b0:f6:34:3b:5d:07:c6:73:ee:ff:
e0:50:34:b9:c3:2d:5a:9b:32:db:1c:e8:1d:c6:30:
da:f1:57:00:06:f6:aa:0c:5e:f3:ae:14:be:90:7c:
a1:d9:d6:0d:88:f4:d3:a9:c1:38:ba:0c:b7:1f:a9:
56:b1:59:23:8c:8f:ad:b4:4a:42:09:c3:10:87:02:
d9:cc:c8:66:fb:0e:82:48:ad:1a:82:ec:d5:94:6a:
9c:fb:6b:24:f7:5c:d1:e1:98:14:86:b5:90:7d:74:
3c:04:5c:11:ff:60:6b:2c:3d:e3:e3:a1:02:37:90:
3d:49:04:6c:3d:91:42:22:3f:43:aa:fb:eb:38:a9:
b7:33:14:eb:bf:2e:f9:b4:3b:ed:00:84:ac:3c:6f:
5a:c3:93:1f:05:2f:5c:91:cb:8c:e1:27:d9:02:9d:
5f:11:8c:c9:46:e8:82:f7:5a:f5:d6:e1:42:61:9e:
9c:00:22:43:11:9b:91:47:45:1a:fd:e2:1a:1e:ce:
54:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:60:1D:BC:F4:5B:23:00:34:C4:04:F3:8C:09:58:38:89:E0:A2:44
X509v3 Authority Key Identifier:
keyid:3B:41:31:64:A1:3C:24:CA:77:84:77:74:A6:EB:57:10:5E:E7:80:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0ExZKE8JMp3hHd0putXEF7ngJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/9aa058-384c-4234-b492-c68d7f9c7818/1/AmAdvPRbIwA0xATzjAlYOIngokQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/9aa058-384c-4234-b492-c68d7f9c7818/1/O0ExZKE8JMp3hHd0putXEF7ngJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.156.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:52:f0:7e:d0:3c:24:04:b5:2c:c1:ae:21:d8:16:f1:52:96:
d2:af:50:87:d2:0e:a2:54:0b:c2:ce:98:07:68:a6:ac:d5:23:
af:32:43:7f:6f:3e:bb:7c:de:f7:bd:42:d4:e7:38:be:fd:81:
16:c4:26:8e:37:76:f4:2f:42:a3:e9:72:85:01:33:bb:88:67:
da:a6:b9:0c:8f:21:11:ba:ed:c1:9c:43:a5:05:40:8f:56:b9:
9a:86:b5:98:38:56:77:08:0d:16:f2:a9:c3:3e:50:87:ae:ba:
dd:7e:22:7e:5d:c7:3f:09:5a:0d:b7:e8:a9:6d:16:31:59:54:
ca:ae:8c:3f:bc:1a:8d:45:85:f4:16:a8:c9:76:de:d9:31:b6:
58:ee:3f:23:e8:de:79:2f:07:d7:70:e8:c5:af:88:9a:cb:d7:
49:21:1b:e6:39:f9:42:8d:7e:89:41:6a:ca:0f:fe:44:a8:78:
cc:8b:03:fc:89:f5:16:de:dc:00:d8:73:5b:52:63:1c:e0:f3:
af:45:52:3c:32:c2:c3:96:1c:52:fa:bf:7a:89:57:be:85:54:
ee:9a:8b:e8:e1:ec:2f:21:77:17:3a:cc:5e:1a:c9:3e:96:9d:
20:51:9c:38:a5:9b:f9:6c:ac:3a:fb:bd:ef:6e:04:fd:72:6f:
d0:c8:76:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVycQLd4HQ9ntuTZJrLcVszMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDEzMTY0YTEzYzI0Y2E3Nzg0Nzc3NGE2ZWI1NzEwNWVl
NzgwOWYwHhcNMjMwMTAyMTIyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjYwMWRiY2Y0NWIyMzAwMzRjNDA0ZjM4YzA5NTgzODg5ZTBhMjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEOVgqfcQ3oJeyvePC2cpn+9WEEI
0HxMvUjwqOh/WnbtN4IN8vV48iYy5YOIDp7rAKDQf58kbuFFzEOgpgjV27D2NDtd
B8Zz7v/gUDS5wy1amzLbHOgdxjDa8VcABvaqDF7zrhS+kHyh2dYNiPTTqcE4ugy3
H6lWsVkjjI+ttEpCCcMQhwLZzMhm+w6CSK0aguzVlGqc+2sk91zR4ZgUhrWQfXQ8
BFwR/2BrLD3j46ECN5A9SQRsPZFCIj9DqvvrOKm3MxTrvy75tDvtAISsPG9aw5Mf
BS9ckcuM4SfZAp1fEYzJRuiC91r11uFCYZ6cACJDEZuRR0Ua/eIaHs5UHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAJgHbz0WyMANMQE84wJWDiJ4KJEMB8GA1UdIwQY
MBaAFDtBMWShPCTKd4R3dKbrVxBe54CfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBFeFpLRThKTXAzaEhkMHB1dFhFRjduZ0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS85YWEwNTgtMzg0Yy00MjM0LWI0OTIt
YzY4ZDdmOWM3ODE4LzEvQW1BZHZQUmJJd0EweEFUempBbFlPSW5nb2tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS85YWEwNTgtMzg0Yy00MjM0LWI0OTItYzY4ZDdmOWM3ODE4
LzEvTzBFeFpLRThKTXAzaEhkMHB1dFhFRjduZ0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUOcMA0G
CSqGSIb3DQEBCwUAA4IBAQA/UvB+0DwkBLUswa4h2BbxUpbSr1CH0g6iVAvCzpgH
aKas1SOvMkN/bz67fN73vULU5zi+/YEWxCaON3b0L0Kj6XKFATO7iGfaprkMjyER
uu3BnEOlBUCPVrmahrWYOFZ3CA0W8qnDPlCHrrrdfiJ+Xcc/CVoNt+ipbRYxWVTK
row/vBqNRYX0FqjJdt7ZMbZY7j8j6N55LwfXcOjFr4iay9dJIRvmOflCjX6JQWrK
D/5EqHjMiwP8ifUW3twA2HNbUmMc4POvRVI8MsLDlhxS+r96iVe+hVTumovo4ewv
IXcXOsxeGsk+lp0gUZw4pZv5bKw6+73vbgT9cm/QyHb0
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:18:53 2024 by rpki-client on console-ams.rpki-client.org