Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/d6ec3b-e717-4c3d-b0ae-5e60f6da2b09/1/ijFY7mZNN49d66jrt5zEJ1ycArM.roa
File: ijFY7mZNN49d66jrt5zEJ1ycArM.roa (raw, json)
Hash identifier: ta4wLeAkndZiH0dAUqiX5qp6ooeG1my8eI224/qYse4=
Subject key identifier: 8A:31:58:EE:66:4D:37:8F:5D:EB:A8:EB:B7:9C:C4:27:5C:9C:02:B3
Certificate issuer: /CN=83609f2b9d2486f36e8cd29dfa2a756a48de7c51
Certificate serial: 01856D386283343A35D3CB71AA6A500378D3
Authority key identifier: 83:60:9F:2B:9D:24:86:F3:6E:8C:D2:9D:FA:2A:75:6A:48:DE:7C:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g2CfK50khvNujNKd-ip1akjefFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/d6ec3b-e717-4c3d-b0ae-5e60f6da2b09/1/ijFY7mZNN49d66jrt5zEJ1ycArM.roa
Signing time: Sun 01 Jan 2023 12:04:49 +0000
ROA not before: Sun 01 Jan 2023 12:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34984
IP address blocks: 185.226.161.0/24 maxlen: 24
185.226.160.0/24 maxlen: 24
185.226.163.0/24 maxlen: 24
185.226.162.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:34:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:62:83:34:3a:35:d3:cb:71:aa:6a:50:03:78:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83609f2b9d2486f36e8cd29dfa2a756a48de7c51
Validity
Not Before: Jan 1 12:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a3158ee664d378f5deba8ebb79cc4275c9c02b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:0b:b7:ab:ab:5d:5b:d5:cc:0d:a2:c9:42:70:
e3:1e:7d:9a:74:35:19:c0:85:e8:3c:76:2c:aa:3c:
3a:e5:b6:49:c8:64:02:76:b8:10:8e:d9:ee:8c:35:
95:d0:76:95:ba:8f:aa:e4:16:ce:18:9f:12:a6:b9:
a2:c6:da:8e:39:d9:d6:e2:9a:e4:86:a1:f2:e7:ae:
b5:d3:46:c2:a7:21:1a:c3:f6:a0:28:ff:7f:85:3c:
04:10:1a:89:0d:92:af:45:eb:c5:55:d9:28:15:6b:
86:da:e4:af:e9:f1:eb:ac:d8:15:17:17:9e:5a:e3:
74:d3:e7:f3:26:7e:36:26:56:d5:06:17:e2:e4:f0:
b0:01:d0:c9:1f:59:22:7d:4e:dc:86:45:ac:45:6a:
fd:a6:0b:5d:f3:a7:a8:35:ba:56:c2:5c:5d:cd:02:
a0:a8:09:7c:b5:15:82:95:ef:7d:9f:50:ff:9c:e5:
27:79:47:f2:6f:eb:48:b4:f6:1a:9f:c4:c8:b7:0f:
91:71:0d:b3:c1:82:8f:ff:58:61:2f:1f:48:c9:a0:
85:e8:b0:ac:5b:b9:79:a7:8f:e2:33:4c:71:ef:87:
73:e6:c7:24:59:8d:41:6c:c0:52:64:9e:31:b8:c5:
4b:c2:9e:ab:5e:bd:57:3f:8b:fd:60:fb:fa:15:1f:
66:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:31:58:EE:66:4D:37:8F:5D:EB:A8:EB:B7:9C:C4:27:5C:9C:02:B3
X509v3 Authority Key Identifier:
keyid:83:60:9F:2B:9D:24:86:F3:6E:8C:D2:9D:FA:2A:75:6A:48:DE:7C:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g2CfK50khvNujNKd-ip1akjefFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/d6ec3b-e717-4c3d-b0ae-5e60f6da2b09/1/ijFY7mZNN49d66jrt5zEJ1ycArM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/d6ec3b-e717-4c3d-b0ae-5e60f6da2b09/1/g2CfK50khvNujNKd-ip1akjefFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.160.0/22
Signature Algorithm: sha256WithRSAEncryption
13:e5:bb:04:6e:e1:92:ae:aa:04:86:81:b0:3c:08:21:35:82:
0d:ea:fa:e8:0a:51:11:7d:ce:42:fe:df:96:9d:1a:de:56:a4:
8a:23:58:b2:fb:0a:b6:d9:10:6b:d0:28:7e:b6:ed:95:42:69:
c9:77:51:50:7a:23:f6:a1:4d:79:5c:e5:5f:b1:42:12:e5:1a:
15:82:e4:7f:ce:dc:f6:9e:38:8e:7f:36:7a:fb:e9:b4:4c:44:
bc:86:bb:cb:03:03:54:00:ed:3f:26:4b:70:9c:4e:b7:87:59:
4d:20:f6:c1:78:35:15:06:78:3e:c7:a2:f1:a8:a8:72:3e:ef:
e6:8f:b7:a9:61:60:4b:6e:68:73:5f:9a:16:f4:07:97:66:53:
bc:91:ab:d3:39:18:17:2f:ed:f8:3b:e6:a4:c8:6c:36:19:0c:
c1:56:c3:74:e2:95:37:39:99:53:8e:3b:99:cb:e6:fa:29:3a:
de:d9:b2:f6:0b:f3:94:17:a3:a2:b4:cd:a8:78:51:da:f8:e2:
a9:7d:cf:c9:05:61:11:63:b0:42:ef:3b:6a:5a:38:af:01:64:
24:ce:7b:34:d3:51:e2:50:21:e6:01:11:86:6a:43:2c:1b:ab:
b6:e8:d7:fd:e9:f7:97:59:35:57:7b:f8:a7:7a:2f:4a:b0:ee:
a0:35:7d:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtOGKDNDo108txqmpQA3jTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNjA5ZjJiOWQyNDg2ZjM2ZThjZDI5ZGZhMmE3NTZhNDhk
ZTdjNTEwHhcNMjMwMTAxMTIwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTMxNThlZTY2NGQzNzhmNWRlYmE4ZWJiNzljYzQyNzVjOWMwMmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigu3q6tdW9XMDaLJQnDjHn2adDUZ
wIXoPHYsqjw65bZJyGQCdrgQjtnujDWV0HaVuo+q5BbOGJ8SprmixtqOOdnW4prk
hqHy566100bCpyEaw/agKP9/hTwEEBqJDZKvRevFVdkoFWuG2uSv6fHrrNgVFxee
WuN00+fzJn42JlbVBhfi5PCwAdDJH1kifU7chkWsRWr9pgtd86eoNbpWwlxdzQKg
qAl8tRWCle99n1D/nOUneUfyb+tItPYan8TItw+RcQ2zwYKP/1hhLx9IyaCF6LCs
W7l5p4/iM0xx74dz5sckWY1BbMBSZJ4xuMVLwp6rXr1XP4v9YPv6FR9mewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIoxWO5mTTePXeuo67ecxCdcnAKzMB8GA1UdIwQY
MBaAFINgnyudJIbzbozSnfoqdWpI3nxRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzJDZks1MGtodk51ak5LZC1pcDFha2plZkZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9kNmVjM2ItZTcxNy00YzNkLWIwYWUt
NWU2MGY2ZGEyYjA5LzEvaWpGWTdtWk5ONDlkNjZqcnQ1ekVKMXljQXJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9kNmVjM2ItZTcxNy00YzNkLWIwYWUtNWU2MGY2ZGEyYjA5
LzEvZzJDZks1MGtodk51ak5LZC1pcDFha2plZkZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueKgMA0G
CSqGSIb3DQEBCwUAA4IBAQAT5bsEbuGSrqoEhoGwPAghNYIN6vroClERfc5C/t+W
nRreVqSKI1iy+wq22RBr0Ch+tu2VQmnJd1FQeiP2oU15XOVfsUIS5RoVguR/ztz2
njiOfzZ6++m0TES8hrvLAwNUAO0/JktwnE63h1lNIPbBeDUVBng+x6LxqKhyPu/m
j7epYWBLbmhzX5oW9AeXZlO8kavTORgXL+34O+akyGw2GQzBVsN04pU3OZlTjjuZ
y+b6KTre2bL2C/OUF6OitM2oeFHa+OKpfc/JBWERY7BC7ztqWjivAWQkzns001Hi
UCHmARGGakMsG6u26Nf96feXWTVXe/inei9KsO6gNX2e
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:17 2024 by rpki-client on console-fra.rpki-client.org