Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/66bd4b-1e56-4b46-8bab-d38a7660b51e/1/N4w8O-LpatompDULUssVz7V8LjQ.roa
File: N4w8O-LpatompDULUssVz7V8LjQ.roa (raw, json)
Hash identifier: r1hAQa1IKC1//L6K/xdlX0q8uXdySfVKMElw0kL/9F4=
Subject key identifier: 37:8C:3C:3B:E2:E9:6A:DA:26:A4:35:0B:52:CB:15:CF:B5:7C:2E:34
Certificate issuer: /CN=46815ca15d72a5a696f8bcdf486f5801966772bb
Certificate serial: 018ABCFD1571EEFBB8658D4604F331AC0263
Authority key identifier: 46:81:5C:A1:5D:72:A5:A6:96:F8:BC:DF:48:6F:58:01:96:67:72:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RoFcoV1ypaaW-LzfSG9YAZZncrs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/66bd4b-1e56-4b46-8bab-d38a7660b51e/1/N4w8O-LpatompDULUssVz7V8LjQ.roa
Signing time: Fri 22 Sep 2023 13:03:37 +0000
ROA not before: Fri 22 Sep 2023 13:03:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60607
IP address blocks: 185.28.160.0/24 maxlen: 24
185.28.163.0/24 maxlen: 24
185.28.162.0/24 maxlen: 24
185.28.161.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bc:fd:15:71:ee:fb:b8:65:8d:46:04:f3:31:ac:02:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46815ca15d72a5a696f8bcdf486f5801966772bb
Validity
Not Before: Sep 22 13:03:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=378c3c3be2e96ada26a4350b52cb15cfb57c2e34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:51:4e:50:50:e9:06:04:be:b0:9d:73:f5:e3:
eb:d7:1e:cf:29:fb:6d:22:1a:54:87:4a:3c:e7:c3:
85:3a:fc:3e:5e:21:b9:96:2f:03:5e:6e:3c:b2:05:
72:6c:b7:fc:e6:dc:f2:e1:b9:a1:1c:c7:76:eb:f3:
1f:1e:5c:a8:01:cb:a8:ba:ab:93:db:a6:ef:a7:4a:
5c:f6:0d:73:3a:31:0f:49:de:d6:2a:09:44:95:6a:
b4:1a:7a:ee:ae:4f:e5:dd:2c:13:63:c7:b8:20:47:
5f:dd:f3:95:f2:32:8a:b5:23:e0:32:7d:06:e7:fa:
42:3c:20:08:38:24:1c:1b:2e:58:2b:a5:ef:22:2b:
be:01:fe:6a:88:f3:b2:e9:26:81:4e:ba:a0:ee:c1:
c3:2b:a9:30:d6:0c:b5:9e:1a:08:19:63:1d:ad:2f:
09:b2:50:ec:39:ec:34:c9:09:6b:40:94:75:78:87:
58:64:be:54:8c:19:cf:ac:11:02:9f:9d:97:0c:6f:
3e:b5:77:50:00:c3:1e:12:e2:32:5b:11:08:37:77:
bb:67:4b:b9:28:34:ad:ff:b4:89:5a:9a:19:f6:af:
f1:f7:9b:43:19:05:93:21:0d:46:ab:f3:f2:c4:46:
52:dc:2c:bf:6d:ba:1e:3a:d6:0b:d3:dd:b1:0f:3a:
1d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:8C:3C:3B:E2:E9:6A:DA:26:A4:35:0B:52:CB:15:CF:B5:7C:2E:34
X509v3 Authority Key Identifier:
keyid:46:81:5C:A1:5D:72:A5:A6:96:F8:BC:DF:48:6F:58:01:96:67:72:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RoFcoV1ypaaW-LzfSG9YAZZncrs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/66bd4b-1e56-4b46-8bab-d38a7660b51e/1/N4w8O-LpatompDULUssVz7V8LjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/66bd4b-1e56-4b46-8bab-d38a7660b51e/1/RoFcoV1ypaaW-LzfSG9YAZZncrs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.160.0/22
Signature Algorithm: sha256WithRSAEncryption
ea:82:48:65:3b:67:f9:e5:fe:d4:29:28:c0:d2:ec:31:4a:a8:
34:5b:33:26:c6:85:4e:3e:28:ae:ed:76:26:d3:35:20:4c:f0:
3f:fd:dd:29:3e:93:66:fe:ab:84:32:ec:d5:bb:8d:20:0f:07:
10:ec:80:b0:21:4c:9c:92:36:9a:09:0a:66:a9:98:d6:9c:99:
36:86:fd:21:7f:35:c4:f6:ec:30:c5:12:b2:04:4c:73:4d:7d:
c7:09:39:76:6c:6f:a6:8b:34:c3:d0:c7:f4:d7:cf:1e:34:f9:
1c:df:5d:0d:08:0f:39:cd:3c:d3:b4:fb:79:75:7e:d6:58:53:
39:84:71:61:8f:df:12:85:ee:8a:35:c5:20:44:d1:c8:40:3b:
cc:0c:10:d9:b5:a3:7c:4e:1d:9e:40:56:e8:f4:be:4a:5a:dc:
1f:94:22:0e:e3:33:96:36:b0:76:c0:eb:ce:c1:f6:2b:19:43:
26:9f:fc:f0:70:2f:53:06:6a:4a:10:5f:c9:ba:a8:89:32:97:
23:04:7d:ec:aa:aa:6c:6d:15:df:82:7f:b6:60:91:e6:75:d1:
5a:d8:d8:5d:46:05:80:90:b2:78:8d:d2:9c:2b:26:96:83:c6:
86:6f:13:32:48:16:0c:57:1b:9a:4b:fb:26:aa:a7:05:8f:d5:
1f:da:d0:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYq8/RVx7vu4ZY1GBPMxrAJjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ODE1Y2ExNWQ3MmE1YTY5NmY4YmNkZjQ4NmY1ODAxOTY2
NzcyYmIwHhcNMjMwOTIyMTMwMzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzhjM2MzYmUyZTk2YWRhMjZhNDM1MGI1MmNiMTVjZmI1N2MyZTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVFOUFDpBgS+sJ1z9ePr1x7PKftt
IhpUh0o858OFOvw+XiG5li8DXm48sgVybLf85tzy4bmhHMd26/MfHlyoAcuouquT
26bvp0pc9g1zOjEPSd7WKglElWq0Gnrurk/l3SwTY8e4IEdf3fOV8jKKtSPgMn0G
5/pCPCAIOCQcGy5YK6XvIiu+Af5qiPOy6SaBTrqg7sHDK6kw1gy1nhoIGWMdrS8J
slDsOew0yQlrQJR1eIdYZL5UjBnPrBECn52XDG8+tXdQAMMeEuIyWxEIN3e7Z0u5
KDSt/7SJWpoZ9q/x95tDGQWTIQ1Gq/PyxEZS3Cy/bboeOtYL092xDzodgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDeMPDvi6WraJqQ1C1LLFc+1fC40MB8GA1UdIwQY
MBaAFEaBXKFdcqWmlvi830hvWAGWZ3K7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm9GY29WMXlwYWFXLUx6ZlNHOVlBWlpuY3JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC82NmJkNGItMWU1Ni00YjQ2LThiYWIt
ZDM4YTc2NjBiNTFlLzEvTjR3OE8tTHBhdG9tcERVTFVzc1Z6N1Y4TGpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC82NmJkNGItMWU1Ni00YjQ2LThiYWItZDM4YTc2NjBiNTFl
LzEvUm9GY29WMXlwYWFXLUx6ZlNHOVlBWlpuY3JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRygMA0G
CSqGSIb3DQEBCwUAA4IBAQDqgkhlO2f55f7UKSjA0uwxSqg0WzMmxoVOPiiu7XYm
0zUgTPA//d0pPpNm/quEMuzVu40gDwcQ7ICwIUyckjaaCQpmqZjWnJk2hv0hfzXE
9uwwxRKyBExzTX3HCTl2bG+mizTD0Mf0188eNPkc310NCA85zTzTtPt5dX7WWFM5
hHFhj98She6KNcUgRNHIQDvMDBDZtaN8Th2eQFbo9L5KWtwflCIO4zOWNrB2wOvO
wfYrGUMmn/zwcC9TBmpKEF/JuqiJMpcjBH3sqqpsbRXfgn+2YJHmddFa2NhdRgWA
kLJ4jdKcKyaWg8aGbxMySBYMVxuaS/smqqcFj9Uf2tDX
-----END CERTIFICATE-----
Generated at Mon Oct 2 11:16:35 2023 by rpki-client on console-ams.rpki-client.org