Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/d0e824-f7d3-4f0d-bdd4-b9628a24d9d1/1/lfWipZ3wJDu9uZ09EKfJA0AzYOQ.roa
File: lfWipZ3wJDu9uZ09EKfJA0AzYOQ.roa (raw, json)
Hash identifier: ghvH6I+3cC4iiQeOZseLslomQNBbdbXEsfaaY3z672w=
Subject key identifier: 95:F5:A2:A5:9D:F0:24:3B:BD:B9:9D:3D:10:A7:C9:03:40:33:60:E4
Certificate issuer: /CN=c8e2d1f3257cfae0ffe673c1f77534653312f06b
Certificate serial: 01856F2FE43E155122585C2280503618A0E7
Authority key identifier: C8:E2:D1:F3:25:7C:FA:E0:FF:E6:73:C1:F7:75:34:65:33:12:F0:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yOLR8yV8-uD_5nPB93U0ZTMS8Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/d0e824-f7d3-4f0d-bdd4-b9628a24d9d1/1/lfWipZ3wJDu9uZ09EKfJA0AzYOQ.roa
Signing time: Sun 01 Jan 2023 21:14:47 +0000
ROA not before: Sun 01 Jan 2023 21:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207181
IP address blocks: 185.162.208.0/22 maxlen: 22
185.162.209.0/24 maxlen: 24
185.162.211.0/24 maxlen: 24
185.162.208.0/24 maxlen: 24
185.162.210.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:e4:3e:15:51:22:58:5c:22:80:50:36:18:a0:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8e2d1f3257cfae0ffe673c1f77534653312f06b
Validity
Not Before: Jan 1 21:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95f5a2a59df0243bbdb99d3d10a7c903403360e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:6b:01:d2:1f:ca:61:d1:3a:39:25:98:9a:35:
df:51:eb:26:91:e0:87:de:70:dd:95:3e:13:f4:c6:
a9:87:a0:46:fd:9a:32:4c:4d:31:06:e6:1e:2f:b0:
f8:15:96:86:ef:66:c6:69:55:f5:4a:23:8b:22:18:
a4:87:53:f1:c8:6f:c4:61:11:2f:e7:65:48:0a:5a:
88:cc:3c:c8:0d:95:71:a1:e0:78:1a:98:ca:b4:d0:
31:6a:c0:dd:47:73:b0:ad:9a:05:9a:37:f9:4a:fd:
71:89:ab:9b:06:69:e0:b6:5a:79:6e:f2:97:51:d1:
b6:5a:04:55:ef:ab:15:3a:8e:9d:15:7a:ac:f6:ef:
c2:01:e6:61:71:d2:69:7f:9f:87:a3:a5:7a:5e:95:
ed:56:3e:f2:bf:f4:1b:34:7c:c3:71:ab:40:2d:ff:
51:ac:b5:92:77:f1:8d:e8:15:fc:7b:e9:cc:0c:58:
cb:13:9b:d1:f9:55:ed:b5:66:7e:cb:21:f3:ba:a0:
90:fd:7a:60:14:43:d1:ed:e9:b3:8f:b0:b7:61:bd:
52:63:c0:22:b0:34:3e:fd:c2:8e:a2:4d:db:11:b1:
d8:c9:7d:b9:eb:26:c0:22:1e:74:35:ee:7f:22:fa:
28:7d:62:16:91:b8:b5:69:94:9f:9f:88:72:87:92:
d9:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:F5:A2:A5:9D:F0:24:3B:BD:B9:9D:3D:10:A7:C9:03:40:33:60:E4
X509v3 Authority Key Identifier:
keyid:C8:E2:D1:F3:25:7C:FA:E0:FF:E6:73:C1:F7:75:34:65:33:12:F0:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yOLR8yV8-uD_5nPB93U0ZTMS8Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/d0e824-f7d3-4f0d-bdd4-b9628a24d9d1/1/lfWipZ3wJDu9uZ09EKfJA0AzYOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/d0e824-f7d3-4f0d-bdd4-b9628a24d9d1/1/yOLR8yV8-uD_5nPB93U0ZTMS8Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.208.0/22
Signature Algorithm: sha256WithRSAEncryption
03:8c:4a:82:3a:0c:49:d5:a8:40:60:2b:16:b5:0c:34:2d:f8:
6a:d2:2d:91:00:a1:66:1e:99:e4:1d:aa:88:af:50:8a:a3:9f:
ca:12:50:ff:4c:67:75:96:7e:1c:0d:97:9a:3f:6f:7b:31:2b:
a7:5e:c9:45:a4:c3:d3:37:85:bd:3f:7e:54:ac:f2:aa:c9:f0:
ed:08:d8:bd:f5:23:da:f9:52:b5:84:e3:85:65:41:41:71:73:
fd:35:4b:f4:cb:32:64:65:b5:7e:1f:bd:ec:fb:8e:32:18:a4:
05:1c:1a:49:4a:e7:23:19:e2:64:2e:81:23:61:19:8d:3a:84:
df:ee:5c:95:72:75:15:40:78:c6:b9:26:63:c2:c4:be:ae:ef:
85:d8:4f:f0:5a:6b:f8:31:4f:12:95:ac:ec:33:f8:8a:1b:b1:
aa:0b:92:4d:5d:d1:2f:15:3a:a0:b4:d5:48:f8:47:a1:a5:e6:
b2:85:97:9b:e2:58:66:06:32:c0:20:49:75:05:f2:48:e4:3a:
fc:a3:91:b4:6c:17:8c:a0:90:b2:75:67:b1:7d:34:7e:95:20:
71:df:c1:0f:ac:dc:a7:91:9a:28:c0:1b:c3:ea:f4:55:1c:95:
86:e9:c0:9e:23:a3:d8:e4:34:ea:09:b1:fb:42:18:d7:0c:94:
72:fe:8e:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvL+Q+FVEiWFwigFA2GKDnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZTJkMWYzMjU3Y2ZhZTBmZmU2NzNjMWY3NzUzNDY1MzMx
MmYwNmIwHhcNMjMwMTAxMjExNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWY1YTJhNTlkZjAyNDNiYmRiOTlkM2QxMGE3YzkwMzQwMzM2MGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimsB0h/KYdE6OSWYmjXfUesmkeCH
3nDdlT4T9Maph6BG/ZoyTE0xBuYeL7D4FZaG72bGaVX1SiOLIhikh1PxyG/EYREv
52VIClqIzDzIDZVxoeB4GpjKtNAxasDdR3OwrZoFmjf5Sv1xiaubBmngtlp5bvKX
UdG2WgRV76sVOo6dFXqs9u/CAeZhcdJpf5+Ho6V6XpXtVj7yv/QbNHzDcatALf9R
rLWSd/GN6BX8e+nMDFjLE5vR+VXttWZ+yyHzuqCQ/XpgFEPR7emzj7C3Yb1SY8Ai
sDQ+/cKOok3bEbHYyX256ybAIh50Ne5/IvoofWIWkbi1aZSfn4hyh5LZAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJX1oqWd8CQ7vbmdPRCnyQNAM2DkMB8GA1UdIwQY
MBaAFMji0fMlfPrg/+Zzwfd1NGUzEvBrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU9MUjh5VjgtdURfNW5QQjkzVTBaVE1TOEdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9kMGU4MjQtZjdkMy00ZjBkLWJkZDQt
Yjk2MjhhMjRkOWQxLzEvbGZXaXBaM3dKRHU5dVowOUVLZkpBMEF6WU9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9kMGU4MjQtZjdkMy00ZjBkLWJkZDQtYjk2MjhhMjRkOWQx
LzEveU9MUjh5VjgtdURfNW5QQjkzVTBaVE1TOEdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaLQMA0G
CSqGSIb3DQEBCwUAA4IBAQADjEqCOgxJ1ahAYCsWtQw0Lfhq0i2RAKFmHpnkHaqI
r1CKo5/KElD/TGd1ln4cDZeaP297MSunXslFpMPTN4W9P35UrPKqyfDtCNi99SPa
+VK1hOOFZUFBcXP9NUv0yzJkZbV+H73s+44yGKQFHBpJSucjGeJkLoEjYRmNOoTf
7lyVcnUVQHjGuSZjwsS+ru+F2E/wWmv4MU8SlazsM/iKG7GqC5JNXdEvFTqgtNVI
+EehpeayhZeb4lhmBjLAIEl1BfJI5Dr8o5G0bBeMoJCydWexfTR+lSBx38EPrNyn
kZoowBvD6vRVHJWG6cCeI6PY5DTqCbH7QhjXDJRy/o4l
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:49 2024 by rpki-client on console-ams.rpki-client.org