Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/K8gabvy8-WIZdmOmHDVW9mhDxw0.roa
File: K8gabvy8-WIZdmOmHDVW9mhDxw0.roa (raw, json)
Hash identifier: mMfrmV2uKJyzwNtov3DPM+9Ac2aoxCHjrBXn1WPYozY=
Subject key identifier: 2B:C8:1A:6E:FC:BC:F9:62:19:76:63:A6:1C:35:56:F6:68:43:C7:0D
Certificate issuer: /CN=b75a0566d0b63a1f862d83458e4f2ea6fd8f7d21
Certificate serial: 01874C1A23BE10B4F5C0E86B6DD060E3D2EB
Authority key identifier: B7:5A:05:66:D0:B6:3A:1F:86:2D:83:45:8E:4F:2E:A6:FD:8F:7D:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t1oFZtC2Oh-GLYNFjk8upv2PfSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/K8gabvy8-WIZdmOmHDVW9mhDxw0.roa
Signing time: Tue 04 Apr 2023 11:49:54 +0000
ROA not before: Tue 04 Apr 2023 11:49:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51561
IP address blocks: 185.168.132.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4c:1a:23:be:10:b4:f5:c0:e8:6b:6d:d0:60:e3:d2:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b75a0566d0b63a1f862d83458e4f2ea6fd8f7d21
Validity
Not Before: Apr 4 11:49:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2bc81a6efcbcf962197663a61c3556f66843c70d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f0:06:97:f8:a3:39:13:35:dc:45:79:91:a3:
54:27:61:a1:5f:d9:18:2e:f1:58:3c:29:eb:11:da:
5f:62:12:f8:b8:93:b0:e0:ca:e2:1a:28:88:34:06:
ed:36:8a:cf:07:b1:11:70:5f:a5:ba:ae:6c:f1:c2:
4d:71:50:a2:5a:4a:a0:05:89:b0:10:43:4c:48:a7:
ef:0a:8f:db:d3:1a:f3:e1:42:f5:2e:ab:c2:b5:8c:
ee:97:a8:a6:b2:d8:99:3f:ff:e0:c1:5e:9f:88:f3:
f7:9d:1a:49:a5:2c:65:81:c9:f2:7c:af:a1:5d:b7:
b6:aa:93:b9:79:ef:df:57:29:0c:3f:9f:29:97:b9:
26:68:8d:ae:55:2f:5e:9b:f5:d6:40:fa:72:0b:be:
e2:cf:f7:12:b9:f0:05:ec:ab:4c:e1:c1:81:be:83:
30:82:0e:df:65:e2:c5:a3:4c:6c:03:8d:cb:bf:b7:
fb:86:3a:6d:ec:89:1e:f1:4c:b4:4c:02:f9:06:a1:
78:a9:f9:7d:87:dd:f2:06:23:4a:87:79:cc:ba:d4:
b2:8b:6c:7e:90:f0:51:a1:54:4c:9b:16:f4:e4:72:
6e:a2:84:fd:59:91:9b:d6:7a:90:36:a3:92:d0:01:
72:89:b3:fc:28:4a:85:48:cb:59:57:4b:8b:64:c6:
cc:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:C8:1A:6E:FC:BC:F9:62:19:76:63:A6:1C:35:56:F6:68:43:C7:0D
X509v3 Authority Key Identifier:
keyid:B7:5A:05:66:D0:B6:3A:1F:86:2D:83:45:8E:4F:2E:A6:FD:8F:7D:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t1oFZtC2Oh-GLYNFjk8upv2PfSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/K8gabvy8-WIZdmOmHDVW9mhDxw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/t1oFZtC2Oh-GLYNFjk8upv2PfSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.168.132.0/23
Signature Algorithm: sha256WithRSAEncryption
26:c3:d0:9e:4e:ab:c6:cf:9f:40:73:81:88:70:0a:26:a5:15:
82:6f:fe:be:0a:63:9e:a3:8f:2f:0f:6e:7c:10:28:4f:70:be:
9d:d5:25:e2:37:a1:e3:d9:ec:bf:cc:00:b7:f6:49:6b:f6:a2:
b2:a1:4f:34:49:a4:67:97:26:2a:fb:98:ec:74:53:a8:59:ca:
50:d8:b4:a7:25:3f:c9:64:cb:d8:60:43:12:e4:ca:c8:ad:64:
b0:e6:75:82:88:c0:45:ca:96:f5:da:66:5e:64:5a:f7:4b:a7:
2a:be:11:be:a2:3e:fe:e4:5a:41:2e:6a:97:9b:03:2d:59:d3:
22:98:72:17:49:72:13:db:93:bb:57:06:4c:b8:77:77:0e:54:
4d:72:57:38:ba:27:e7:26:cb:83:98:5c:3b:93:54:d5:34:3e:
54:e1:9d:da:e7:6e:35:80:87:07:88:9d:1d:5a:1b:6b:db:4b:
c3:bc:b3:ba:ed:94:ca:8f:81:ea:fb:aa:d1:bd:42:33:89:e2:
c3:5b:e2:cc:77:39:61:45:63:dc:d6:9c:e2:30:fc:4a:17:64:
2f:cd:66:4b:dc:c7:4f:a3:7e:d9:0c:5b:c4:ca:d8:4a:cd:2b:
f8:72:f1:cf:6b:88:47:a5:31:4e:87:38:e0:c2:07:e5:12:fe:
cd:99:95:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdMGiO+ELT1wOhrbdBg49LrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NWEwNTY2ZDBiNjNhMWY4NjJkODM0NThlNGYyZWE2ZmQ4
ZjdkMjEwHhcNMjMwNDA0MTE0OTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmM4MWE2ZWZjYmNmOTYyMTk3NjYzYTYxYzM1NTZmNjY4NDNjNzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/AGl/ijORM13EV5kaNUJ2GhX9kY
LvFYPCnrEdpfYhL4uJOw4MriGiiINAbtNorPB7ERcF+luq5s8cJNcVCiWkqgBYmw
EENMSKfvCo/b0xrz4UL1LqvCtYzul6imstiZP//gwV6fiPP3nRpJpSxlgcnyfK+h
Xbe2qpO5ee/fVykMP58pl7kmaI2uVS9em/XWQPpyC77iz/cSufAF7KtM4cGBvoMw
gg7fZeLFo0xsA43Lv7f7hjpt7Ike8Uy0TAL5BqF4qfl9h93yBiNKh3nMutSyi2x+
kPBRoVRMmxb05HJuooT9WZGb1nqQNqOS0AFyibP8KEqFSMtZV0uLZMbMswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCvIGm78vPliGXZjphw1VvZoQ8cNMB8GA1UdIwQY
MBaAFLdaBWbQtjofhi2DRY5PLqb9j30hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDFvRlp0QzJPaC1HTFlORmprOHVwdjJQZlNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8xMDM1NzAtMWNmNi00MmFjLTgxZDQt
ODNmNjAxYzNmYjU5LzEvSzhnYWJ2eTgtV0laZG1PbUhEVlc5bWhEeHcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8xMDM1NzAtMWNmNi00MmFjLTgxZDQtODNmNjAxYzNmYjU5
LzEvdDFvRlp0QzJPaC1HTFlORmprOHVwdjJQZlNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuaiEMA0G
CSqGSIb3DQEBCwUAA4IBAQAmw9CeTqvGz59Ac4GIcAompRWCb/6+CmOeo48vD258
EChPcL6d1SXiN6Hj2ey/zAC39klr9qKyoU80SaRnlyYq+5jsdFOoWcpQ2LSnJT/J
ZMvYYEMS5MrIrWSw5nWCiMBFypb12mZeZFr3S6cqvhG+oj7+5FpBLmqXmwMtWdMi
mHIXSXIT25O7VwZMuHd3DlRNclc4uifnJsuDmFw7k1TVND5U4Z3a5241gIcHiJ0d
Whtr20vDvLO67ZTKj4Hq+6rRvUIzieLDW+LMdzlhRWPc1pziMPxKF2QvzWZL3MdP
o37ZDFvEythKzSv4cvHPa4hHpTFOhzjgwgflEv7NmZWY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:21 2024 by rpki-client on console-ams.rpki-client.org