Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/3d3b27-f786-41e0-ac54-bfc0ff97a190/1/hzy27Kc5ahSACcUeEhnMPW3UGX8.roa
File: hzy27Kc5ahSACcUeEhnMPW3UGX8.roa (raw, json)
Hash identifier: DsS6GFs9VjONtl4vPK2mjEa+lFeTULmls6tn9+a9Ygk=
Subject key identifier: 87:3C:B6:EC:A7:39:6A:14:80:09:C5:1E:12:19:CC:3D:6D:D4:19:7F
Certificate issuer: /CN=58788f38426e0362b34dd567343fe8461a58babe
Certificate serial: 01856D8AF48E06B7D6F826D65383A6F48A2E
Authority key identifier: 58:78:8F:38:42:6E:03:62:B3:4D:D5:67:34:3F:E8:46:1A:58:BA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WHiPOEJuA2KzTdVnND_oRhpYur4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/3d3b27-f786-41e0-ac54-bfc0ff97a190/1/hzy27Kc5ahSACcUeEhnMPW3UGX8.roa
Signing time: Sun 01 Jan 2023 13:35:01 +0000
ROA not before: Sun 01 Jan 2023 13:35:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205837
IP address blocks: 185.203.162.0/24 maxlen: 24
185.203.161.0/24 maxlen: 24
185.203.160.0/24 maxlen: 24
185.203.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:f4:8e:06:b7:d6:f8:26:d6:53:83:a6:f4:8a:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58788f38426e0362b34dd567343fe8461a58babe
Validity
Not Before: Jan 1 13:35:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=873cb6eca7396a148009c51e1219cc3d6dd4197f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7e:64:13:af:3b:b3:f6:34:e9:00:38:81:0c:
82:f3:9f:f4:9f:e1:49:bb:15:e9:10:09:4e:06:a2:
6a:19:65:75:54:fc:cc:86:62:90:99:5d:d7:08:18:
55:d0:b9:ff:cf:c5:f9:16:3d:90:f3:fb:64:68:72:
04:62:4a:68:01:a3:9a:48:64:d4:60:c9:af:77:7c:
de:34:d7:ea:47:11:2a:13:66:a6:11:9e:09:30:90:
72:9b:fc:39:e5:3b:1a:85:43:4c:20:e8:c3:6d:ef:
7a:52:06:6f:1f:6c:85:12:97:ac:bb:74:26:b6:0b:
cc:09:03:5b:76:c7:89:ac:7a:0c:19:0f:df:15:34:
88:5b:b9:81:40:75:0e:71:e6:9b:d6:5d:19:86:17:
1f:8f:54:8b:15:cf:c0:b4:ca:66:7d:f3:f3:7c:03:
7f:0a:ce:0a:0d:0c:5d:34:e6:a1:95:46:f7:60:40:
c8:95:2d:cf:e0:e2:e5:f2:c9:8c:8a:e1:56:de:ee:
1b:97:bd:5b:5b:d7:92:3e:52:64:89:75:cb:09:d3:
cd:89:c7:60:4f:82:c1:a9:e3:6f:3f:37:93:19:e2:
53:25:6b:31:42:1a:5a:94:1f:e5:e5:7f:d4:00:e0:
18:aa:6c:05:26:81:84:32:98:bb:e9:21:75:5b:4a:
d6:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:3C:B6:EC:A7:39:6A:14:80:09:C5:1E:12:19:CC:3D:6D:D4:19:7F
X509v3 Authority Key Identifier:
keyid:58:78:8F:38:42:6E:03:62:B3:4D:D5:67:34:3F:E8:46:1A:58:BA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WHiPOEJuA2KzTdVnND_oRhpYur4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/3d3b27-f786-41e0-ac54-bfc0ff97a190/1/hzy27Kc5ahSACcUeEhnMPW3UGX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/3d3b27-f786-41e0-ac54-bfc0ff97a190/1/WHiPOEJuA2KzTdVnND_oRhpYur4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.160.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:8d:ab:5f:ac:9e:09:b0:61:4b:c8:0c:24:60:1d:4b:62:68:
2c:5f:be:30:79:05:89:aa:02:79:e5:8d:7c:56:89:c0:c5:1e:
96:f5:19:d8:2e:99:87:df:d4:ab:f9:fb:bb:ff:92:2f:02:1b:
f5:d5:6c:59:05:35:3b:b2:d9:21:f3:15:f5:0c:80:5d:a1:7e:
49:57:f9:31:ac:48:6b:a6:37:5a:b7:c2:14:91:fc:53:bb:80:
cf:50:04:98:3f:6a:01:92:4e:e5:93:43:eb:c4:87:9a:2a:b8:
74:09:f1:8b:58:20:bc:03:ae:df:70:ce:e9:31:dc:b0:96:52:
16:18:5e:f8:5f:90:b7:72:c7:1c:55:4b:15:6e:36:58:25:19:
89:03:fd:5b:2a:3c:14:07:5d:2e:f4:41:d5:bf:9d:be:e7:9f:
98:89:5b:a5:72:4d:d6:9e:15:97:60:82:9e:a7:0c:af:09:13:
2a:3e:34:a0:be:6e:28:99:78:9e:16:64:84:01:a2:82:84:60:
8f:5d:ef:6a:2b:e3:76:7c:7a:51:bb:bf:fc:d5:b0:4f:26:4f:
3d:3e:88:21:5a:fe:bd:25:c3:3f:b1:fe:9e:c8:3d:49:62:b4:
76:cd:47:af:6b:63:4f:1f:e9:8e:e0:8e:f3:5e:46:c9:79:b7:
68:60:3c:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtivSOBrfW+CbWU4Om9IouMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4Nzg4ZjM4NDI2ZTAzNjJiMzRkZDU2NzM0M2ZlODQ2MWE1
OGJhYmUwHhcNMjMwMTAxMTMzNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzNjYjZlY2E3Mzk2YTE0ODAwOWM1MWUxMjE5Y2MzZDZkZDQxOTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuH5kE687s/Y06QA4gQyC85/0n+FJ
uxXpEAlOBqJqGWV1VPzMhmKQmV3XCBhV0Ln/z8X5Fj2Q8/tkaHIEYkpoAaOaSGTU
YMmvd3zeNNfqRxEqE2amEZ4JMJBym/w55TsahUNMIOjDbe96UgZvH2yFEpesu3Qm
tgvMCQNbdseJrHoMGQ/fFTSIW7mBQHUOceab1l0Zhhcfj1SLFc/AtMpmffPzfAN/
Cs4KDQxdNOahlUb3YEDIlS3P4OLl8smMiuFW3u4bl71bW9eSPlJkiXXLCdPNicdg
T4LBqeNvPzeTGeJTJWsxQhpalB/l5X/UAOAYqmwFJoGEMpi76SF1W0rW4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIc8tuynOWoUgAnFHhIZzD1t1Bl/MB8GA1UdIwQY
MBaAFFh4jzhCbgNis03VZzQ/6EYaWLq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0hpUE9FSnVBMkt6VGRWbk5EX29SaHBZdXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8zZDNiMjctZjc4Ni00MWUwLWFjNTQt
YmZjMGZmOTdhMTkwLzEvaHp5MjdLYzVhaFNBQ2NVZUVobk1QVzNVR1g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8zZDNiMjctZjc4Ni00MWUwLWFjNTQtYmZjMGZmOTdhMTkw
LzEvV0hpUE9FSnVBMkt6VGRWbk5EX29SaHBZdXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucugMA0G
CSqGSIb3DQEBCwUAA4IBAQBrjatfrJ4JsGFLyAwkYB1LYmgsX74weQWJqgJ55Y18
VonAxR6W9RnYLpmH39Sr+fu7/5IvAhv11WxZBTU7stkh8xX1DIBdoX5JV/kxrEhr
pjdat8IUkfxTu4DPUASYP2oBkk7lk0PrxIeaKrh0CfGLWCC8A67fcM7pMdywllIW
GF74X5C3csccVUsVbjZYJRmJA/1bKjwUB10u9EHVv52+55+YiVulck3WnhWXYIKe
pwyvCRMqPjSgvm4omXieFmSEAaKChGCPXe9qK+N2fHpRu7/81bBPJk89PoghWv69
JcM/sf6eyD1JYrR2zUeva2NPH+mO4I7zXkbJebdoYDw8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:08 2024 by rpki-client on console-ams.rpki-client.org