Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/fbcbf7-ffc0-4392-8203-9c0a9e8b78e1/1/jTK6YRlkT99cSHLR6qPbFpAgL6c.roa
File: jTK6YRlkT99cSHLR6qPbFpAgL6c.roa (raw, json)
Hash identifier: WZCduqPP7AvBFu151Of673KdY2NfRefCg2XJfPXk7NA=
Subject key identifier: 8D:32:BA:61:19:64:4F:DF:5C:48:72:D1:EA:A3:DB:16:90:20:2F:A7
Certificate issuer: /CN=24ecd13ae027f37f03862749347044a262028eb0
Certificate serial: 01856D01B3D6BB3A8BB7F6FDB87C1EE03885
Authority key identifier: 24:EC:D1:3A:E0:27:F3:7F:03:86:27:49:34:70:44:A2:62:02:8E:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JOzROuAn838DhidJNHBEomICjrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/fbcbf7-ffc0-4392-8203-9c0a9e8b78e1/1/jTK6YRlkT99cSHLR6qPbFpAgL6c.roa
Signing time: Sun 01 Jan 2023 11:05:06 +0000
ROA not before: Sun 01 Jan 2023 11:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199370
IP address blocks: 185.16.164.0/24 maxlen: 24
185.16.164.0/23 maxlen: 23
185.16.164.0/22 maxlen: 24
185.16.165.0/24 maxlen: 24
185.16.166.0/24 maxlen: 24
185.16.166.0/23 maxlen: 23
185.16.167.0/24 maxlen: 24
2a03:d6c0::/32 maxlen: 32
2a03:d6c0:c000::/34 maxlen: 34
2a03:d6c0:8000::/34 maxlen: 34
2a03:d6c0:4000::/34 maxlen: 34
2a03:d6c0::/34 maxlen: 34
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:b3:d6:bb:3a:8b:b7:f6:fd:b8:7c:1e:e0:38:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24ecd13ae027f37f03862749347044a262028eb0
Validity
Not Before: Jan 1 11:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d32ba6119644fdf5c4872d1eaa3db1690202fa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:8a:f4:b4:bd:69:8c:8e:f4:8a:c7:ff:58:7b:
0f:f8:78:d1:6a:5c:6f:f6:31:bb:dd:ad:85:b6:f5:
64:76:85:d1:3c:5a:62:a9:14:d6:c7:01:96:47:14:
ab:a0:0e:53:a9:60:04:ac:d5:ad:23:1e:12:1f:fb:
13:d4:4c:b3:bc:76:17:87:e8:bd:0c:9b:31:fd:c7:
23:4b:c2:ec:a6:bb:ff:6f:ad:e6:ce:bb:30:77:d4:
7e:55:30:b2:71:6b:52:8b:f2:a0:29:2a:43:99:13:
fb:77:21:18:97:f0:04:6e:2c:11:b1:e0:74:28:0a:
6e:85:42:c0:58:bf:11:56:1e:00:a7:c5:12:cb:30:
8a:df:33:d5:66:5d:39:8a:24:d2:be:6a:30:79:e6:
59:c8:f6:27:64:78:c4:d6:14:bf:85:fc:48:ca:e3:
69:e2:cb:f0:83:57:7e:6b:35:4b:92:b5:ff:78:eb:
df:98:99:7e:55:ad:9d:23:2b:ec:db:ce:fa:92:8e:
a2:bf:95:52:aa:19:8f:92:ed:54:7e:ae:e6:5a:01:
36:88:26:ab:45:04:fa:8f:19:b4:31:f8:52:92:f9:
52:ed:61:77:9e:f9:c9:54:ee:13:29:18:72:90:82:
12:83:50:ee:97:5d:87:b1:a5:4a:a2:eb:1e:ed:85:
92:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:32:BA:61:19:64:4F:DF:5C:48:72:D1:EA:A3:DB:16:90:20:2F:A7
X509v3 Authority Key Identifier:
keyid:24:EC:D1:3A:E0:27:F3:7F:03:86:27:49:34:70:44:A2:62:02:8E:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JOzROuAn838DhidJNHBEomICjrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/fbcbf7-ffc0-4392-8203-9c0a9e8b78e1/1/jTK6YRlkT99cSHLR6qPbFpAgL6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/fbcbf7-ffc0-4392-8203-9c0a9e8b78e1/1/JOzROuAn838DhidJNHBEomICjrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.16.164.0/22
IPv6:
2a03:d6c0::/32
Signature Algorithm: sha256WithRSAEncryption
00:74:eb:90:ba:2a:cf:57:4c:37:4b:0f:54:1f:71:0b:f4:4b:
6e:78:2b:d2:6a:84:a6:4f:a8:ef:90:c2:39:9c:19:38:2c:94:
c4:b6:8f:32:3e:4b:c4:b7:1d:24:5d:dd:5f:8d:4d:be:cc:73:
11:fc:9e:cd:7d:7c:01:f8:13:7a:9a:9d:73:09:dc:91:50:5d:
66:32:a7:02:c1:cd:93:63:51:d3:53:5a:6f:ac:55:81:b5:c4:
09:e0:42:1c:20:83:d8:8e:84:34:db:bc:28:ed:27:ab:45:7d:
41:f0:19:8f:4b:c4:bf:fa:77:e0:64:7c:7d:52:34:67:b0:99:
1a:8c:2f:e0:f0:89:db:dd:dd:95:c7:65:dd:8a:15:d2:06:90:
11:16:f3:9c:78:96:94:c7:55:12:29:7a:7a:3e:3d:f5:b7:d2:
b6:2b:2d:a0:48:ac:7b:bc:60:16:7c:6c:cc:03:8f:7b:49:f0:
03:e4:7f:37:be:d9:8d:dd:24:35:a6:b5:e3:ad:b4:41:57:36:
1c:22:bb:8e:9d:fd:52:e9:05:66:19:68:20:2f:91:c1:88:9b:
82:05:88:18:db:2f:f8:66:fc:db:53:b0:4f:de:54:96:3f:d4:
37:0f:6e:e7:72:95:ff:8e:7b:ba:2a:2b:0c:a5:4c:e1:69:0b:
78:c4:62:8b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtAbPWuzqLt/b9uHwe4DiFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ZWNkMTNhZTAyN2YzN2YwMzg2Mjc0OTM0NzA0NGEyNjIw
MjhlYjAwHhcNMjMwMTAxMTEwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDMyYmE2MTE5NjQ0ZmRmNWM0ODcyZDFlYWEzZGIxNjkwMjAyZmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4r0tL1pjI70isf/WHsP+HjRalxv
9jG73a2FtvVkdoXRPFpiqRTWxwGWRxSroA5TqWAErNWtIx4SH/sT1EyzvHYXh+i9
DJsx/ccjS8Lsprv/b63mzrswd9R+VTCycWtSi/KgKSpDmRP7dyEYl/AEbiwRseB0
KApuhULAWL8RVh4Ap8USyzCK3zPVZl05iiTSvmoweeZZyPYnZHjE1hS/hfxIyuNp
4svwg1d+azVLkrX/eOvfmJl+Va2dIyvs2876ko6iv5VSqhmPku1Ufq7mWgE2iCar
RQT6jxm0MfhSkvlS7WF3nvnJVO4TKRhykIISg1Dul12HsaVKouse7YWSfQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI0yumEZZE/fXEhy0eqj2xaQIC+nMB8GA1UdIwQY
MBaAFCTs0TrgJ/N/A4YnSTRwRKJiAo6wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk96Uk91QW44MzhEaGlkSk5IQkVvbUlDanJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9mYmNiZjctZmZjMC00MzkyLTgyMDMt
OWMwYTllOGI3OGUxLzEvalRLNllSbGtUOTljU0hMUjZxUGJGcEFnTDZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9mYmNiZjctZmZjMC00MzkyLTgyMDMtOWMwYTllOGI3OGUx
LzEvSk96Uk91QW44MzhEaGlkSk5IQkVvbUlDanJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRCkMA0E
AgACMAcDBQAqA9bAMA0GCSqGSIb3DQEBCwUAA4IBAQAAdOuQuirPV0w3Sw9UH3EL
9EtueCvSaoSmT6jvkMI5nBk4LJTEto8yPkvEtx0kXd1fjU2+zHMR/J7NfXwB+BN6
mp1zCdyRUF1mMqcCwc2TY1HTU1pvrFWBtcQJ4EIcIIPYjoQ027wo7SerRX1B8BmP
S8S/+nfgZHx9UjRnsJkajC/g8Inb3d2Vx2XdihXSBpARFvOceJaUx1USKXp6Pj31
t9K2Ky2gSKx7vGAWfGzMA497SfAD5H83vtmN3SQ1prXjrbRBVzYcIruOnf1S6QVm
GWggL5HBiJuCBYgY2y/4ZvzbU7BP3lSWP9Q3D27ncpX/jnu6KisMpUzhaQt4xGKL
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:10:59 2024 by rpki-client on console-ams.rpki-client.org