Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/1-WgYpDV0yyT4m4RAomn22mzJAjY.roa
File: 1-WgYpDV0yyT4m4RAomn22mzJAjY.roa (raw, json)
Hash identifier: fHKlVtUn3W7BDmUjoz6X5Q8AbXm3bbxhy63SUb2kCGU=
Subject key identifier: F9:68:18:A4:35:74:CB:24:F8:9B:84:40:A2:69:F6:DA:6C:C9:02:36
Certificate issuer: /CN=34fe6b9d0cc1e7f6e16b2a46b42ca5e01c700346
Certificate serial: 018CC9BBF8947AB1A86910ED08E4D35216A9
Authority key identifier: 34:FE:6B:9D:0C:C1:E7:F6:E1:6B:2A:46:B4:2C:A5:E0:1C:70:03:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NP5rnQzB5_bhaypGtCyl4BxwA0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/1-WgYpDV0yyT4m4RAomn22mzJAjY.roa
Signing time: Tue 02 Jan 2024 10:33:08 +0000
ROA not before: Tue 02 Jan 2024 10:33:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8897
IP address blocks: 185.156.17.0/24 maxlen: 24
185.156.16.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 18 Jan 2024 14:30:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:f8:94:7a:b1:a8:69:10:ed:08:e4:d3:52:16:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34fe6b9d0cc1e7f6e16b2a46b42ca5e01c700346
Validity
Not Before: Jan 2 10:33:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f96818a43574cb24f89b8440a269f6da6cc90236
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f7:99:f3:b1:0b:dd:17:af:f0:58:ff:d7:0d:
15:77:8d:ba:0f:e8:b0:67:0e:88:10:43:41:b1:38:
d8:31:69:fb:47:44:db:90:23:82:65:b1:33:3f:91:
15:7c:4a:3a:d2:7d:9d:3b:de:1f:e5:2d:9a:02:d4:
c1:50:67:ea:4e:a5:52:d3:ef:e6:ed:be:81:71:74:
12:d4:49:6f:48:93:cf:0a:91:60:94:3e:08:5c:cf:
70:b6:e8:f7:b0:33:95:37:c6:4e:48:53:84:29:50:
34:20:98:a5:f7:be:20:d3:f4:7b:cf:0c:8f:f9:34:
9e:a3:3a:72:1c:78:6b:b4:38:b1:8a:95:23:75:7e:
6c:3c:87:13:d0:c3:30:6f:14:2d:03:c7:89:9c:f6:
60:a7:70:e3:a2:85:91:fd:43:d1:2b:d5:4a:62:a6:
c7:cc:25:37:16:14:6e:f1:54:9f:4f:0d:96:c8:34:
b0:89:60:0b:af:b6:28:7b:73:40:84:a1:40:af:5b:
f4:5f:5e:28:28:db:2c:a0:39:46:22:c5:c9:c1:76:
57:6d:f5:13:a2:c4:d6:93:ae:10:0f:ff:5b:19:f1:
ae:71:da:33:37:3e:b8:fe:d5:54:ef:e9:5e:48:eb:
c1:f8:ba:f3:45:dc:3d:d4:0b:d3:e8:3a:76:7d:50:
33:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:68:18:A4:35:74:CB:24:F8:9B:84:40:A2:69:F6:DA:6C:C9:02:36
X509v3 Authority Key Identifier:
keyid:34:FE:6B:9D:0C:C1:E7:F6:E1:6B:2A:46:B4:2C:A5:E0:1C:70:03:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NP5rnQzB5_bhaypGtCyl4BxwA0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/1-WgYpDV0yyT4m4RAomn22mzJAjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/NP5rnQzB5_bhaypGtCyl4BxwA0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.16.0/22
Signature Algorithm: sha256WithRSAEncryption
82:8f:ea:ad:ee:f6:0a:20:3b:36:02:d3:c4:08:68:7a:f8:91:
ea:7e:ef:00:f5:bc:1d:d2:59:f3:33:c7:f3:e9:64:0c:55:eb:
52:99:52:b4:32:07:78:42:dd:00:8e:cd:3f:7e:ba:3b:af:f8:
62:15:80:5e:ff:16:f7:3f:2d:22:1c:f4:52:6d:8e:df:ff:b7:
e2:75:95:3e:75:bc:f8:34:45:7d:58:6e:3d:f1:2c:08:d7:dc:
ca:08:84:32:1e:89:e3:79:09:2b:2f:a3:c6:6c:5b:f9:86:a2:
4b:6e:a0:47:7f:fa:e2:10:92:48:27:62:d6:77:20:02:2a:66:
6e:b7:dc:b0:11:3c:0b:8f:f6:3d:10:d9:d6:c7:d0:ae:92:3e:
79:7d:90:c6:60:e4:11:6c:d6:9a:7a:ac:c1:86:37:6b:a2:19:
f0:67:6f:e2:9c:5b:85:82:21:b0:85:f4:4b:9c:45:69:ad:c4:
74:34:13:6f:70:a4:6d:b8:67:57:e1:25:b3:5b:72:7c:da:6d:
22:e1:3b:e9:e8:08:62:a0:4c:27:d3:57:48:05:53:67:c8:b9:
97:60:7e:76:ff:43:48:87:f1:76:d7:71:30:f3:f7:f6:70:e1:
40:0d:a1:a4:e6:d1:ea:85:23:c3:75:57:5e:61:d2:84:fa:8a:
9c:82:8c:a5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzJu/iUerGoaRDtCOTTUhapMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZmU2YjlkMGNjMWU3ZjZlMTZiMmE0NmI0MmNhNWUwMWM3
MDAzNDYwHhcNMjQwMTAyMTAzMzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTY4MThhNDM1NzRjYjI0Zjg5Yjg0NDBhMjY5ZjZkYTZjYzkwMjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnveZ87EL3Rev8Fj/1w0Vd426D+iw
Zw6IEENBsTjYMWn7R0TbkCOCZbEzP5EVfEo60n2dO94f5S2aAtTBUGfqTqVS0+/m
7b6BcXQS1ElvSJPPCpFglD4IXM9wtuj3sDOVN8ZOSFOEKVA0IJil974g0/R7zwyP
+TSeozpyHHhrtDixipUjdX5sPIcT0MMwbxQtA8eJnPZgp3DjooWR/UPRK9VKYqbH
zCU3FhRu8VSfTw2WyDSwiWALr7Yoe3NAhKFAr1v0X14oKNssoDlGIsXJwXZXbfUT
osTWk64QD/9bGfGucdozNz64/tVU7+leSOvB+LrzRdw91AvT6Dp2fVAzbwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPloGKQ1dMsk+JuEQKJp9tpsyQI2MB8GA1UdIwQY
MBaAFDT+a50Mwef24WsqRrQspeAccANGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlA1cm5RekI1X2JoYXlwR3RDeWw0Qnh3QTBZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82MmRmMzYtZmQzNi00YmFmLTlkMmUt
MTE4YWZlZDdhNWFlLzEvMS1XZ1lwRFYweXlUNG00UkFvbW4yMm16SkFqWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjgvNjJkZjM2LWZkMzYtNGJhZi05ZDJlLTExOGFmZWQ3YTVh
ZS8xL05QNXJuUXpCNV9iaGF5cEd0Q3lsNEJ4d0EwWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmcEDAN
BgkqhkiG9w0BAQsFAAOCAQEAgo/qre72CiA7NgLTxAhoeviR6n7vAPW8HdJZ8zPH
8+lkDFXrUplStDIHeELdAI7NP366O6/4YhWAXv8W9z8tIhz0Um2O3/+34nWVPnW8
+DRFfVhuPfEsCNfcygiEMh6J43kJKy+jxmxb+YaiS26gR3/64hCSSCdi1ncgAipm
brfcsBE8C4/2PRDZ1sfQrpI+eX2QxmDkEWzWmnqswYY3a6IZ8Gdv4pxbhYIhsIX0
S5xFaa3EdDQTb3CkbbhnV+Els1tyfNptIuE76egIYqBMJ9NXSAVTZ8i5l2B+dv9D
SIfxdtdxMPP39nDhQA2hpObR6oUjw3VXXmHShPqKnIKMpQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:09 2024 by rpki-client on console-fra.rpki-client.org