Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/n98BS7Pa2IRw99CY-fAQIcuUtgo.roa
File: n98BS7Pa2IRw99CY-fAQIcuUtgo.roa (raw, json)
Hash identifier: wtzOTTBxy1e7gt7aCm7YDhgu5UZyOst0dABEA+is9QY=
Subject key identifier: 9F:DF:01:4B:B3:DA:D8:84:70:F7:D0:98:F9:F0:10:21:CB:94:B6:0A
Certificate issuer: /CN=b3dd35ccff6c2b86a1fad8f103bc20070d09e50d
Certificate serial: 0185723A4FAFC68CB6531940BD3A134C3E7C
Authority key identifier: B3:DD:35:CC:FF:6C:2B:86:A1:FA:D8:F1:03:BC:20:07:0D:09:E5:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s901zP9sK4ah-tjxA7wgBw0J5Q0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/n98BS7Pa2IRw99CY-fAQIcuUtgo.roa
Signing time: Mon 02 Jan 2023 11:25:02 +0000
ROA not before: Mon 02 Jan 2023 11:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48763
IP address blocks: 185.173.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:4f:af:c6:8c:b6:53:19:40:bd:3a:13:4c:3e:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3dd35ccff6c2b86a1fad8f103bc20070d09e50d
Validity
Not Before: Jan 2 11:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9fdf014bb3dad88470f7d098f9f01021cb94b60a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:2f:f3:5e:54:2b:2f:5a:33:0f:be:8b:05:1d:
68:04:c8:fd:7c:e8:6b:dc:22:de:62:75:3f:8c:a6:
96:82:cc:ad:f5:e4:8b:02:17:06:b0:3e:c0:d5:c7:
51:ac:16:96:8b:ee:52:2d:9e:db:93:3f:06:40:92:
73:b5:bd:03:d6:6d:d6:49:0d:59:c0:fa:3e:46:a0:
45:cd:e8:d9:cc:46:66:1d:17:81:62:35:db:a3:74:
40:00:0f:a5:32:30:8a:81:58:cf:b2:7b:06:bd:7b:
0b:2f:a8:ed:98:07:6a:8b:ac:87:f3:aa:aa:f7:28:
63:96:0a:c7:64:d9:a0:cb:ad:b5:82:34:e1:07:cb:
c8:ff:55:e1:f4:a8:88:2d:b2:1d:ed:85:c2:96:f0:
d5:ed:84:09:0b:f2:de:ea:2c:6e:96:b8:65:8d:99:
47:f1:57:a4:e0:2e:4a:1b:9c:73:9e:97:ac:7a:dc:
90:3f:b6:21:3e:58:04:ce:9f:18:4c:d0:30:54:e2:
fb:6a:2c:64:24:48:93:f3:b9:81:77:18:6b:7c:c3:
7b:6f:5d:34:50:c1:4e:f8:56:e5:02:d4:f4:55:7b:
a5:0d:0c:8d:a6:cf:23:a9:9a:f5:d5:1d:91:64:85:
fd:ba:26:88:75:df:d9:2f:27:29:31:e5:26:35:44:
34:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:DF:01:4B:B3:DA:D8:84:70:F7:D0:98:F9:F0:10:21:CB:94:B6:0A
X509v3 Authority Key Identifier:
keyid:B3:DD:35:CC:FF:6C:2B:86:A1:FA:D8:F1:03:BC:20:07:0D:09:E5:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s901zP9sK4ah-tjxA7wgBw0J5Q0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/n98BS7Pa2IRw99CY-fAQIcuUtgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/s901zP9sK4ah-tjxA7wgBw0J5Q0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.157.0/24
Signature Algorithm: sha256WithRSAEncryption
23:15:6b:1e:ef:75:ca:74:7b:9a:a1:87:cf:53:5a:b8:a6:38:
3f:8e:37:eb:2b:5e:e3:e3:92:d5:c4:e0:50:66:6e:ae:dc:c3:
88:85:be:77:3c:3a:b9:af:13:26:8c:e6:ae:25:34:82:64:38:
c2:9d:56:ab:c2:d1:86:f1:5c:85:6e:86:0a:c8:dd:c7:56:03:
8f:60:ba:2d:b5:21:87:22:8a:09:7e:f0:30:c6:4f:24:66:19:
9d:67:43:23:38:7c:5a:bc:a9:94:07:40:9f:5f:4f:f7:e7:34:
60:81:96:5e:4b:08:e0:53:a8:d8:16:dc:4a:fc:4a:e5:50:1b:
2f:0c:13:95:eb:d5:8c:53:b0:cb:07:21:a9:2f:68:4c:9f:90:
a4:fe:1d:cd:77:63:31:cf:fa:87:86:28:e9:c8:b5:52:8f:ec:
c4:5e:3b:80:29:5d:84:4a:e4:81:81:37:a1:8d:8b:02:b1:3d:
5e:7d:e3:fd:c2:9d:05:cf:7a:55:64:5c:00:2a:7a:cf:23:cc:
ae:21:d7:cb:3f:b1:b8:78:ec:59:17:20:c5:54:3e:18:53:7e:
f8:45:25:1e:f6:17:2b:4f:ca:83:06:56:a4:73:03:1d:bb:d4:
3c:f6:2b:8f:8d:80:9a:cf:df:f3:27:6e:6c:84:1f:e1:dd:62:
8d:8e:bb:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyOk+vxoy2UxlAvToTTD58MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZGQzNWNjZmY2YzJiODZhMWZhZDhmMTAzYmMyMDA3MGQw
OWU1MGQwHhcNMjMwMTAyMTEyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmRmMDE0YmIzZGFkODg0NzBmN2QwOThmOWYwMTAyMWNiOTRiNjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiS/zXlQrL1ozD76LBR1oBMj9fOhr
3CLeYnU/jKaWgsyt9eSLAhcGsD7A1cdRrBaWi+5SLZ7bkz8GQJJztb0D1m3WSQ1Z
wPo+RqBFzejZzEZmHReBYjXbo3RAAA+lMjCKgVjPsnsGvXsLL6jtmAdqi6yH86qq
9yhjlgrHZNmgy621gjThB8vI/1Xh9KiILbId7YXClvDV7YQJC/Le6ixulrhljZlH
8Vek4C5KG5xznpesetyQP7YhPlgEzp8YTNAwVOL7aixkJEiT87mBdxhrfMN7b100
UMFO+FblAtT0VXulDQyNps8jqZr11R2RZIX9uiaIdd/ZLycpMeUmNUQ0TwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ/fAUuz2tiEcPfQmPnwECHLlLYKMB8GA1UdIwQY
MBaAFLPdNcz/bCuGofrY8QO8IAcNCeUNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczkwMXpQOXNLNGFoLXRqeEE3d2dCdzBKNVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny80NGQ0YTMtN2E4NC00NDk5LThiNzEt
MmIxMDUwNTFiYTU5LzEvbjk4QlM3UGEySVJ3OTlDWS1mQVFJY3VVdGdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny80NGQ0YTMtN2E4NC00NDk5LThiNzEtMmIxMDUwNTFiYTU5
LzEvczkwMXpQOXNLNGFoLXRqeEE3d2dCdzBKNVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAua2dMA0G
CSqGSIb3DQEBCwUAA4IBAQAjFWse73XKdHuaoYfPU1q4pjg/jjfrK17j45LVxOBQ
Zm6u3MOIhb53PDq5rxMmjOauJTSCZDjCnVarwtGG8VyFboYKyN3HVgOPYLottSGH
IooJfvAwxk8kZhmdZ0MjOHxavKmUB0CfX0/35zRggZZeSwjgU6jYFtxK/ErlUBsv
DBOV69WMU7DLByGpL2hMn5Ck/h3Nd2Mxz/qHhijpyLVSj+zEXjuAKV2ESuSBgTeh
jYsCsT1efeP9wp0Fz3pVZFwAKnrPI8yuIdfLP7G4eOxZFyDFVD4YU374RSUe9hcr
T8qDBlakcwMdu9Q89iuPjYCaz9/zJ25shB/h3WKNjrup
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:45 2024 by rpki-client on console-fra.rpki-client.org