Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/701933-8450-49ca-a3ef-69d8092b54e1/1/oJW6ASsURMYSfzLxAE_s1LjhP7s.roa
File: oJW6ASsURMYSfzLxAE_s1LjhP7s.roa (raw, json)
Hash identifier: JpQaQ7nCa6ynkpGewMESmDjngVGw+vS8qUiZ05Qolpg=
Subject key identifier: A0:95:BA:01:2B:14:44:C6:12:7F:32:F1:00:4F:EC:D4:B8:E1:3F:BB
Certificate issuer: /CN=67bf353715a34dda28605fdcf7b7ae806d31159c
Certificate serial: 018CC5DC2216EB84C1994A7E30DD35CD48CF
Authority key identifier: 67:BF:35:37:15:A3:4D:DA:28:60:5F:DC:F7:B7:AE:80:6D:31:15:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z781NxWjTdooYF_c97eugG0xFZw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/701933-8450-49ca-a3ef-69d8092b54e1/1/oJW6ASsURMYSfzLxAE_s1LjhP7s.roa
Signing time: Mon 01 Jan 2024 16:29:47 +0000
ROA not before: Mon 01 Jan 2024 16:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 45040
IP address blocks: 185.216.160.0/22 maxlen: 22
2a0b:b9c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:22:16:eb:84:c1:99:4a:7e:30:dd:35:cd:48:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67bf353715a34dda28605fdcf7b7ae806d31159c
Validity
Not Before: Jan 1 16:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a095ba012b1444c6127f32f1004fecd4b8e13fbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f8:38:e1:cc:a8:a2:fb:0e:69:98:26:b3:ec:
ed:8b:95:4f:98:11:38:7e:85:27:15:c3:8e:5c:aa:
72:5d:a5:da:8f:02:db:da:64:e8:a7:c7:35:cb:10:
72:06:3d:38:0b:ee:06:77:3e:91:51:3b:f6:69:2a:
16:09:73:30:d1:e9:18:a8:d5:f9:e1:6e:46:8c:3e:
ff:15:90:eb:1f:a1:86:de:45:b3:87:a3:46:2b:86:
78:60:6f:65:b5:6c:a6:19:28:4c:72:d5:42:ba:61:
16:40:88:d1:67:1c:72:ab:99:ed:23:8f:cc:82:a7:
2f:df:f0:ba:07:83:0f:03:2f:ed:10:11:7a:72:b8:
df:ac:4b:a2:16:ec:f5:2a:27:7f:0f:46:14:46:6c:
0d:4a:66:b7:ef:fe:ff:6d:14:69:9d:55:33:0b:0f:
79:2c:ae:61:43:dc:21:78:6b:b3:9b:46:21:9e:97:
d8:30:34:56:84:74:10:57:90:2e:87:14:be:f4:5c:
bd:51:8c:ad:bb:4d:eb:f6:39:ee:b8:71:c4:4b:02:
6a:63:d3:d0:31:5c:98:ea:32:f3:56:f9:92:c1:0a:
29:33:fe:9a:9f:fe:0b:c7:22:fa:02:f1:4f:a6:12:
d1:34:b8:70:2d:e5:66:0b:26:97:88:95:08:9a:e3:
77:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:95:BA:01:2B:14:44:C6:12:7F:32:F1:00:4F:EC:D4:B8:E1:3F:BB
X509v3 Authority Key Identifier:
keyid:67:BF:35:37:15:A3:4D:DA:28:60:5F:DC:F7:B7:AE:80:6D:31:15:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z781NxWjTdooYF_c97eugG0xFZw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/701933-8450-49ca-a3ef-69d8092b54e1/1/oJW6ASsURMYSfzLxAE_s1LjhP7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/701933-8450-49ca-a3ef-69d8092b54e1/1/Z781NxWjTdooYF_c97eugG0xFZw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.160.0/22
IPv6:
2a0b:b9c0::/32
Signature Algorithm: sha256WithRSAEncryption
40:d4:71:b3:0a:ca:82:c0:73:73:b0:fa:e9:dc:cd:69:57:39:
62:c8:48:76:cb:a0:7a:8c:29:d6:99:88:f9:c9:a2:92:14:75:
9c:43:84:b1:55:28:df:c5:ce:1e:69:7a:72:39:8d:6e:3b:0e:
95:6d:ee:48:77:2b:de:0d:a4:6c:c7:87:67:3a:d4:96:54:24:
73:86:4e:61:f9:3b:b2:c4:d4:a8:09:f7:20:b1:00:90:7e:78:
db:46:81:e2:67:26:70:40:33:63:50:3b:da:9f:59:52:73:ab:
30:66:d3:ac:72:43:e3:b1:71:64:01:cf:2b:fd:6b:e6:22:6e:
a5:7f:42:57:89:ae:22:b1:ec:b6:c9:64:e5:f4:b8:72:57:ea:
33:1d:d2:12:b4:44:e8:47:86:22:aa:a8:46:8d:f2:1b:9a:ec:
89:9d:db:09:6f:7a:c4:3b:45:87:b9:11:bb:0b:aa:af:d8:c5:
1e:6c:bf:7a:30:a5:22:2a:cc:4c:b0:5f:bf:8d:7e:4f:5a:1e:
c2:a9:bf:cf:84:fd:f9:cf:6f:46:02:82:c3:eb:17:05:b0:9e:
17:56:19:55:10:3c:05:15:d1:17:d5:68:f7:8c:2b:80:7a:5f:
16:9b:fb:7e:5c:29:51:43:87:1f:d7:0c:df:ec:d5:31:c2:f4:
81:cc:9a:70
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3CIW64TBmUp+MN01zUjPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YmYzNTM3MTVhMzRkZGEyODYwNWZkY2Y3YjdhZTgwNmQz
MTE1OWMwHhcNMjQwMTAxMTYyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDk1YmEwMTJiMTQ0NGM2MTI3ZjMyZjEwMDRmZWNkNGI4ZTEzZmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPg44cyoovsOaZgms+zti5VPmBE4
foUnFcOOXKpyXaXajwLb2mTop8c1yxByBj04C+4Gdz6RUTv2aSoWCXMw0ekYqNX5
4W5GjD7/FZDrH6GG3kWzh6NGK4Z4YG9ltWymGShMctVCumEWQIjRZxxyq5ntI4/M
gqcv3/C6B4MPAy/tEBF6crjfrEuiFuz1Kid/D0YURmwNSma37/7/bRRpnVUzCw95
LK5hQ9wheGuzm0YhnpfYMDRWhHQQV5AuhxS+9Fy9UYytu03r9jnuuHHESwJqY9PQ
MVyY6jLzVvmSwQopM/6an/4LxyL6AvFPphLRNLhwLeVmCyaXiJUImuN3VwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKCVugErFETGEn8y8QBP7NS44T+7MB8GA1UdIwQY
MBaAFGe/NTcVo03aKGBf3Pe3roBtMRWcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjc4MU54V2pUZG9vWUZfYzk3ZXVnRzB4Rlp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS83MDE5MzMtODQ1MC00OWNhLWEzZWYt
NjlkODA5MmI1NGUxLzEvb0pXNkFTc1VSTVlTZnpMeEFFX3MxTGpoUDdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS83MDE5MzMtODQ1MC00OWNhLWEzZWYtNjlkODA5MmI1NGUx
LzEvWjc4MU54V2pUZG9vWUZfYzk3ZXVnRzB4Rlp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudigMA0E
AgACMAcDBQAqC7nAMA0GCSqGSIb3DQEBCwUAA4IBAQBA1HGzCsqCwHNzsPrp3M1p
VzliyEh2y6B6jCnWmYj5yaKSFHWcQ4SxVSjfxc4eaXpyOY1uOw6Vbe5IdyveDaRs
x4dnOtSWVCRzhk5h+TuyxNSoCfcgsQCQfnjbRoHiZyZwQDNjUDvan1lSc6swZtOs
ckPjsXFkAc8r/WvmIm6lf0JXia4isey2yWTl9LhyV+ozHdIStEToR4YiqqhGjfIb
muyJndsJb3rEO0WHuRG7C6qv2MUebL96MKUiKsxMsF+/jX5PWh7Cqb/PhP35z29G
AoLD6xcFsJ4XVhlVEDwFFdEX1Wj3jCuAel8Wm/t+XClRQ4cf1wzf7NUxwvSBzJpw
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:34:31 2025 by rpki-client