Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/3fd6e9-17d3-4019-8669-9666d976285d/1/pEY7TuNpi1-Dd4rjAVwZuqQ_oRY.roa
File: pEY7TuNpi1-Dd4rjAVwZuqQ_oRY.roa (raw, json)
Hash identifier: ajrYe4izGmSUmpHGL7WLDR5ofw3j3ViB6MsIeWvFdic=
Subject key identifier: A4:46:3B:4E:E3:69:8B:5F:83:77:8A:E3:01:5C:19:BA:A4:3F:A1:16
Certificate issuer: /CN=b0a5699a08c7bfd707cfb06d3213f5cacbf28257
Certificate serial: 018C6329B2BC6BF3A79B8FBA5FA05F4652A6
Authority key identifier: B0:A5:69:9A:08:C7:BF:D7:07:CF:B0:6D:32:13:F5:CA:CB:F2:82:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sKVpmgjHv9cHz7BtMhP1ysvyglc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/3fd6e9-17d3-4019-8669-9666d976285d/1/pEY7TuNpi1-Dd4rjAVwZuqQ_oRY.roa
Signing time: Wed 13 Dec 2023 12:32:06 +0000
ROA not before: Wed 13 Dec 2023 12:32:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206930
IP address blocks: 185.171.164.0/23 maxlen: 23
185.171.164.0/22 maxlen: 22
185.171.166.0/24 maxlen: 24
185.171.167.0/24 maxlen: 24
185.171.166.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Dec 2023 12:36:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:63:29:b2:bc:6b:f3:a7:9b:8f:ba:5f:a0:5f:46:52:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0a5699a08c7bfd707cfb06d3213f5cacbf28257
Validity
Not Before: Dec 13 12:32:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4463b4ee3698b5f83778ae3015c19baa43fa116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:cf:22:c7:89:98:50:51:d3:fc:7a:e9:d8:64:
fc:7f:87:81:5b:52:8c:de:fb:79:a8:5b:6c:81:1f:
e5:7c:6f:b6:51:f1:66:72:0d:69:56:04:79:9b:d9:
83:70:f3:7c:0a:cb:c6:8c:4b:d6:19:63:ce:1a:3f:
bf:d5:28:9a:9b:07:bf:95:36:0c:83:d2:dd:07:92:
02:0e:bf:70:c0:9d:cb:1d:d4:16:22:54:9f:d6:7b:
26:1c:36:c3:57:33:0f:8c:f2:70:31:9d:47:fc:d9:
83:ad:a2:b9:80:bf:37:72:6d:a3:36:5f:3b:c1:c3:
af:2f:45:61:10:7a:c0:42:61:c9:3d:0e:18:74:3f:
b0:d6:64:3b:95:5b:b3:bc:d0:8d:f1:bc:a1:f4:a3:
1a:07:71:ea:62:a4:8b:a5:9c:c5:7d:0a:5f:a1:c3:
9b:a1:b8:71:f6:3a:a6:74:cb:7d:42:65:b5:d5:d1:
48:f8:39:06:3f:90:58:38:1c:7d:c6:92:25:e1:e3:
ec:f9:34:6f:0b:74:ad:cf:17:9d:93:4e:10:13:c4:
ac:6e:b4:ae:8e:f3:34:08:39:b5:2e:7d:26:cf:96:
8b:4e:71:47:f5:57:eb:29:d8:40:7b:7e:eb:77:79:
05:71:ea:d5:ce:a7:cd:87:fd:5d:9d:aa:f6:18:cf:
61:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:46:3B:4E:E3:69:8B:5F:83:77:8A:E3:01:5C:19:BA:A4:3F:A1:16
X509v3 Authority Key Identifier:
keyid:B0:A5:69:9A:08:C7:BF:D7:07:CF:B0:6D:32:13:F5:CA:CB:F2:82:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sKVpmgjHv9cHz7BtMhP1ysvyglc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/3fd6e9-17d3-4019-8669-9666d976285d/1/pEY7TuNpi1-Dd4rjAVwZuqQ_oRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/3fd6e9-17d3-4019-8669-9666d976285d/1/sKVpmgjHv9cHz7BtMhP1ysvyglc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.164.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:d1:e6:8e:72:82:a0:60:4f:36:fe:13:4a:d2:a4:d9:e3:c1:
95:ab:17:e0:3b:65:2a:75:95:22:ed:4b:cf:09:58:15:cd:2a:
95:f8:57:33:cb:a4:40:1e:14:b6:c9:54:69:de:d7:5e:9d:4b:
0b:23:26:08:a2:11:e0:92:3f:98:d9:8a:29:5f:03:b5:11:a9:
47:2f:66:05:b0:d2:65:ad:42:a0:05:b0:c2:1b:d0:44:c2:62:
f8:5f:40:59:ec:1f:4f:97:50:8c:68:12:37:01:ff:3a:c1:10:
44:ae:6a:12:56:62:69:df:67:da:67:e8:8a:93:71:33:f4:c4:
12:56:a2:36:df:46:c2:7d:1d:98:94:3d:d4:11:64:60:d8:e6:
d5:f5:b9:64:21:c7:ce:e7:cb:83:b9:cb:5a:67:62:57:c7:93:
7e:3f:ad:a1:c1:9b:c4:43:e7:d0:f3:67:4f:fe:ae:a2:bc:e8:
92:c7:7d:25:e4:80:a2:1e:4c:9c:15:a2:9c:4c:82:99:fe:02:
3f:d6:31:57:b4:17:6f:0b:e2:d3:b2:5c:fc:e4:e4:99:ab:97:
15:9f:4f:d8:b5:f2:28:6f:f6:76:87:5c:75:73:ce:f1:f5:18:
1f:b1:83:85:28:fa:27:4d:00:0b:dd:5d:07:20:36:31:a8:d0:
e1:a9:42:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxjKbK8a/Onm4+6X6BfRlKmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYTU2OTlhMDhjN2JmZDcwN2NmYjA2ZDMyMTNmNWNhY2Jm
MjgyNTcwHhcNMjMxMjEzMTIzMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDQ2M2I0ZWUzNjk4YjVmODM3NzhhZTMwMTVjMTliYWE0M2ZhMTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8c8ix4mYUFHT/Hrp2GT8f4eBW1KM
3vt5qFtsgR/lfG+2UfFmcg1pVgR5m9mDcPN8CsvGjEvWGWPOGj+/1Siamwe/lTYM
g9LdB5ICDr9wwJ3LHdQWIlSf1nsmHDbDVzMPjPJwMZ1H/NmDraK5gL83cm2jNl87
wcOvL0VhEHrAQmHJPQ4YdD+w1mQ7lVuzvNCN8byh9KMaB3HqYqSLpZzFfQpfocOb
obhx9jqmdMt9QmW11dFI+DkGP5BYOBx9xpIl4ePs+TRvC3Stzxedk04QE8SsbrSu
jvM0CDm1Ln0mz5aLTnFH9VfrKdhAe37rd3kFcerVzqfNh/1dnar2GM9hLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKRGO07jaYtfg3eK4wFcGbqkP6EWMB8GA1UdIwQY
MBaAFLClaZoIx7/XB8+wbTIT9crL8oJXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0tWcG1nakh2OWNIejdCdE1oUDF5c3Z5Z2xjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8zZmQ2ZTktMTdkMy00MDE5LTg2Njkt
OTY2NmQ5NzYyODVkLzEvcEVZN1R1TnBpMS1EZDRyakFWd1p1cVFfb1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8zZmQ2ZTktMTdkMy00MDE5LTg2NjktOTY2NmQ5NzYyODVk
LzEvc0tWcG1nakh2OWNIejdCdE1oUDF5c3Z5Z2xjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaukMA0G
CSqGSIb3DQEBCwUAA4IBAQBL0eaOcoKgYE82/hNK0qTZ48GVqxfgO2UqdZUi7UvP
CVgVzSqV+Fczy6RAHhS2yVRp3tdenUsLIyYIohHgkj+Y2YopXwO1EalHL2YFsNJl
rUKgBbDCG9BEwmL4X0BZ7B9Pl1CMaBI3Af86wRBErmoSVmJp32faZ+iKk3Ez9MQS
VqI230bCfR2YlD3UEWRg2ObV9blkIcfO58uDuctaZ2JXx5N+P62hwZvEQ+fQ82dP
/q6ivOiSx30l5ICiHkycFaKcTIKZ/gI/1jFXtBdvC+LTslz85OSZq5cVn0/YtfIo
b/Z2h1x1c87x9RgfsYOFKPonTQAL3V0HIDYxqNDhqUIG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:59 2024 by rpki-client on console-fra.rpki-client.org