Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/aXTCi9hKfy1ho3OgubidKMLSc8Q.roa
File: aXTCi9hKfy1ho3OgubidKMLSc8Q.roa (raw, json)
Hash identifier: 4V0u61XIl+H39tNl9D84GMAuIV2ScJ/HH/cn/PYdLoQ=
Subject key identifier: 69:74:C2:8B:D8:4A:7F:2D:61:A3:73:A0:B9:B8:9D:28:C2:D2:73:C4
Certificate issuer: /CN=34fe6b9d0cc1e7f6e16b2a46b42ca5e01c700346
Certificate serial: 01856ECB63370970DE28A5AC61F48EFB08C5
Authority key identifier: 34:FE:6B:9D:0C:C1:E7:F6:E1:6B:2A:46:B4:2C:A5:E0:1C:70:03:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NP5rnQzB5_bhaypGtCyl4BxwA0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/aXTCi9hKfy1ho3OgubidKMLSc8Q.roa
Signing time: Sun 01 Jan 2023 19:25:01 +0000
ROA not before: Sun 01 Jan 2023 19:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.156.16.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Aug 2023 09:33:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:63:37:09:70:de:28:a5:ac:61:f4:8e:fb:08:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34fe6b9d0cc1e7f6e16b2a46b42ca5e01c700346
Validity
Not Before: Jan 1 19:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6974c28bd84a7f2d61a373a0b9b89d28c2d273c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:96:1b:46:c8:20:c1:35:15:15:02:d4:4c:78:
8b:d9:ab:bd:ec:7a:4e:e9:10:28:c1:07:07:84:27:
58:ab:00:53:6f:21:e2:03:00:d7:10:12:c5:8f:5d:
14:b6:d6:3d:72:76:43:4c:9c:76:c3:42:70:e6:77:
01:9e:f6:3a:88:3e:6d:1a:9e:8f:cb:76:dd:d8:1d:
17:06:cf:bf:b6:c5:c7:d8:7b:f7:81:5d:3c:aa:3c:
21:dd:9e:80:e1:19:d3:fc:bb:a3:79:5c:ce:11:31:
1f:77:c3:f3:67:14:b8:c0:f7:7a:94:1a:66:ba:c3:
ba:36:7f:61:dd:9f:c7:da:8d:54:9f:36:c8:ce:19:
03:02:af:ab:0e:af:0f:e0:d8:f4:fa:ce:da:77:73:
66:54:77:c4:92:83:6e:0d:34:e7:30:14:f4:4a:8f:
e6:d5:c8:cf:dc:0e:76:e6:06:20:be:70:a7:1b:d9:
c3:08:0e:e1:a0:e9:58:57:6c:a2:93:c4:f2:37:cf:
83:6c:50:ff:45:8d:16:b2:6b:ca:79:9d:48:ac:00:
30:3c:42:78:28:a2:3d:8e:d1:3c:1f:ef:30:2b:f8:
2d:87:a5:01:a3:fa:f5:51:8e:81:bc:20:0b:07:1c:
10:d3:a7:e7:5b:7a:68:93:eb:6b:76:90:22:5f:7a:
29:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:74:C2:8B:D8:4A:7F:2D:61:A3:73:A0:B9:B8:9D:28:C2:D2:73:C4
X509v3 Authority Key Identifier:
keyid:34:FE:6B:9D:0C:C1:E7:F6:E1:6B:2A:46:B4:2C:A5:E0:1C:70:03:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NP5rnQzB5_bhaypGtCyl4BxwA0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/aXTCi9hKfy1ho3OgubidKMLSc8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/NP5rnQzB5_bhaypGtCyl4BxwA0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.16.0/24
Signature Algorithm: sha256WithRSAEncryption
05:11:90:fa:14:9f:f1:a2:51:fb:29:b0:a9:54:70:30:f0:35:
89:6b:16:da:64:64:62:3a:f1:64:97:19:26:13:34:5e:84:d2:
26:f8:99:d2:ef:d3:83:b6:6a:6b:6e:e5:df:f5:1a:a4:37:5a:
4b:67:24:72:d0:af:19:0c:8a:42:a1:25:3e:33:7f:e7:fc:85:
75:cd:94:94:d6:55:f9:c4:e5:92:8c:08:7f:52:45:d8:34:c9:
7d:ac:a5:03:ed:14:e6:a9:53:85:24:b5:f5:28:90:b9:1d:32:
06:b0:e1:35:e7:ac:cb:3f:de:57:4e:c7:50:a1:d5:df:b1:81:
f2:51:da:b5:dd:ff:a4:f8:aa:fb:5d:fb:b6:6f:15:7e:01:02:
ac:c6:eb:41:f5:39:89:8c:e2:a2:8c:45:cd:b4:59:c5:64:73:
ec:1f:dc:3e:63:5c:cc:fd:ed:24:80:6d:8f:f7:c5:d0:07:13:
6c:c8:33:7e:aa:9c:09:8c:ae:56:13:88:b1:8e:99:19:01:21:
26:6d:1c:95:70:4a:76:f0:52:fa:87:d1:77:98:b8:35:a9:68:
12:be:32:77:e3:bc:11:16:6b:e7:56:50:16:87:79:1b:77:32:
fd:3d:9b:37:0e:a4:43:cc:e3:97:09:ad:46:cf:5b:22:b2:3b:
62:5c:82:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuy2M3CXDeKKWsYfSO+wjFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZmU2YjlkMGNjMWU3ZjZlMTZiMmE0NmI0MmNhNWUwMWM3
MDAzNDYwHhcNMjMwMTAxMTkyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTc0YzI4YmQ4NGE3ZjJkNjFhMzczYTBiOWI4OWQyOGMyZDI3M2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJYbRsggwTUVFQLUTHiL2au97HpO
6RAowQcHhCdYqwBTbyHiAwDXEBLFj10UttY9cnZDTJx2w0Jw5ncBnvY6iD5tGp6P
y3bd2B0XBs+/tsXH2Hv3gV08qjwh3Z6A4RnT/LujeVzOETEfd8PzZxS4wPd6lBpm
usO6Nn9h3Z/H2o1UnzbIzhkDAq+rDq8P4Nj0+s7ad3NmVHfEkoNuDTTnMBT0So/m
1cjP3A525gYgvnCnG9nDCA7hoOlYV2yik8TyN8+DbFD/RY0WsmvKeZ1IrAAwPEJ4
KKI9jtE8H+8wK/gth6UBo/r1UY6BvCALBxwQ06fnW3pok+trdpAiX3opHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGl0wovYSn8tYaNzoLm4nSjC0nPEMB8GA1UdIwQY
MBaAFDT+a50Mwef24WsqRrQspeAccANGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlA1cm5RekI1X2JoYXlwR3RDeWw0Qnh3QTBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82MmRmMzYtZmQzNi00YmFmLTlkMmUt
MTE4YWZlZDdhNWFlLzEvYVhUQ2k5aEtmeTFobzNPZ3ViaWRLTUxTYzhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82MmRmMzYtZmQzNi00YmFmLTlkMmUtMTE4YWZlZDdhNWFl
LzEvTlA1cm5RekI1X2JoYXlwR3RDeWw0Qnh3QTBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZwQMA0G
CSqGSIb3DQEBCwUAA4IBAQAFEZD6FJ/xolH7KbCpVHAw8DWJaxbaZGRiOvFklxkm
EzRehNIm+JnS79ODtmprbuXf9RqkN1pLZyRy0K8ZDIpCoSU+M3/n/IV1zZSU1lX5
xOWSjAh/UkXYNMl9rKUD7RTmqVOFJLX1KJC5HTIGsOE156zLP95XTsdQodXfsYHy
Udq13f+k+Kr7Xfu2bxV+AQKsxutB9TmJjOKijEXNtFnFZHPsH9w+Y1zM/e0kgG2P
98XQBxNsyDN+qpwJjK5WE4ixjpkZASEmbRyVcEp28FL6h9F3mLg1qWgSvjJ347wR
FmvnVlAWh3kbdzL9PZs3DqRDzOOXCa1Gz1sisjtiXIKu
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:27 2024 by rpki-client on console-ams.rpki-client.org