Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/66bd4b-1e56-4b46-8bab-d38a7660b51e/1/UaKAEuGSKaxDR8TGv722tE-NF9Y.roa
File: UaKAEuGSKaxDR8TGv722tE-NF9Y.roa (raw, json)
Hash identifier: Wh3ygdTTYBsvsxK7Hz28L3M9xBpqDo6JACCcXGVJRz4=
Subject key identifier: 51:A2:80:12:E1:92:29:AC:43:47:C4:C6:BF:BD:B6:B4:4F:8D:17:D6
Certificate issuer: /CN=46815ca15d72a5a696f8bcdf486f5801966772bb
Certificate serial: 018AEFF8302D0E8DE9647938CD24E407DD85
Authority key identifier: 46:81:5C:A1:5D:72:A5:A6:96:F8:BC:DF:48:6F:58:01:96:67:72:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RoFcoV1ypaaW-LzfSG9YAZZncrs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/66bd4b-1e56-4b46-8bab-d38a7660b51e/1/UaKAEuGSKaxDR8TGv722tE-NF9Y.roa
Signing time: Mon 02 Oct 2023 10:38:54 +0000
ROA not before: Mon 02 Oct 2023 10:38:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60607
IP address blocks: 185.28.160.0/24 maxlen: 24
185.28.162.0/24 maxlen: 24
185.28.163.0/27 maxlen: 27
185.28.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Oct 2023 11:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:f8:30:2d:0e:8d:e9:64:79:38:cd:24:e4:07:dd:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46815ca15d72a5a696f8bcdf486f5801966772bb
Validity
Not Before: Oct 2 10:38:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51a28012e19229ac4347c4c6bfbdb6b44f8d17d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ea:64:0c:52:55:33:8d:8b:99:14:ae:20:0a:
e8:67:a7:cd:99:f1:86:ad:62:91:1d:04:a4:6c:ff:
64:ff:90:18:02:b3:dd:fa:79:4f:71:cb:a8:2e:d6:
b9:29:44:e0:a8:03:e2:db:6f:57:b1:5c:e9:f3:c5:
c3:d7:57:06:93:c6:4f:d0:66:a8:fa:5f:fa:ed:46:
cd:4b:3f:f3:83:1e:f2:f5:36:66:22:72:2b:1b:d6:
93:1d:02:c6:64:7b:eb:72:4a:7e:40:ed:e6:07:d6:
69:f3:25:ed:73:0e:95:b2:63:6f:9e:47:66:55:1c:
94:8f:a6:2c:8f:4a:33:7c:43:87:83:d1:6b:15:ca:
27:4d:db:03:84:42:c1:d6:86:ab:ee:f4:7d:3f:2a:
b8:2b:cb:f1:f3:46:d9:f2:aa:03:de:4b:d4:07:13:
a0:ee:30:12:15:f6:6f:af:7c:94:e6:c0:9d:ed:28:
be:c4:fc:2f:a5:c2:b8:ba:49:05:45:b7:b4:1c:58:
53:41:a7:99:1b:62:ad:4d:52:14:2f:82:fb:12:9b:
e7:0c:91:df:73:eb:77:a8:04:e8:93:25:02:41:ee:
d8:4f:3c:03:11:d6:dd:6f:0e:b5:00:8a:ca:53:4c:
c0:31:7d:86:99:ba:5c:69:ff:b5:be:75:d1:c0:e6:
60:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:A2:80:12:E1:92:29:AC:43:47:C4:C6:BF:BD:B6:B4:4F:8D:17:D6
X509v3 Authority Key Identifier:
keyid:46:81:5C:A1:5D:72:A5:A6:96:F8:BC:DF:48:6F:58:01:96:67:72:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RoFcoV1ypaaW-LzfSG9YAZZncrs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/66bd4b-1e56-4b46-8bab-d38a7660b51e/1/UaKAEuGSKaxDR8TGv722tE-NF9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/66bd4b-1e56-4b46-8bab-d38a7660b51e/1/RoFcoV1ypaaW-LzfSG9YAZZncrs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.160.0-185.28.163.31
Signature Algorithm: sha256WithRSAEncryption
71:3f:f0:9c:89:c1:16:49:31:75:cc:8b:db:f2:76:de:a0:9d:
65:d0:c6:9d:0a:00:eb:c0:a6:1a:a8:d3:8d:89:ae:ab:48:96:
e7:29:d7:54:8b:43:9b:2e:e6:40:d5:c3:10:0d:69:b4:dc:ff:
2f:ab:50:ce:0d:b5:c7:63:5b:65:ec:4f:88:1c:b5:73:66:3c:
12:81:27:95:5b:87:22:3b:73:e3:68:51:fa:34:07:e9:51:57:
c4:0c:21:10:98:e1:cd:72:45:ee:af:21:c9:93:3f:6e:6a:bf:
f2:3f:08:dc:f1:4f:9c:ed:e9:89:6f:02:7c:8d:6d:64:58:14:
b0:67:e9:fd:03:84:c5:22:4e:dd:ed:69:d9:7d:ad:35:2a:6f:
25:04:f3:b0:84:86:b3:ba:73:fc:8e:9d:55:a7:eb:f6:49:9e:
58:4d:b0:b3:07:ca:d4:1a:41:b8:08:11:80:e4:3a:3a:8d:bc:
04:92:2b:74:eb:4e:22:71:c4:73:e0:e5:38:03:84:ea:ce:3c:
8a:a3:e2:3c:77:14:4c:a7:a3:d6:0b:a6:65:eb:fc:79:82:2f:
42:92:94:2b:34:19:c8:11:80:93:f3:33:2a:8b:f1:bc:5b:b2:
6c:6e:7e:8e:fa:2e:45:c2:e7:f2:b2:51:a7:c2:d1:13:9f:41:
f7:64:a7:98
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAYrv+DAtDo3pZHk4zSTkB92FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ODE1Y2ExNWQ3MmE1YTY5NmY4YmNkZjQ4NmY1ODAxOTY2
NzcyYmIwHhcNMjMxMDAyMTAzODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWEyODAxMmUxOTIyOWFjNDM0N2M0YzZiZmJkYjZiNDRmOGQxN2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgupkDFJVM42LmRSuIAroZ6fNmfGG
rWKRHQSkbP9k/5AYArPd+nlPccuoLta5KUTgqAPi229XsVzp88XD11cGk8ZP0Gao
+l/67UbNSz/zgx7y9TZmInIrG9aTHQLGZHvrckp+QO3mB9Zp8yXtcw6VsmNvnkdm
VRyUj6Ysj0ozfEOHg9FrFconTdsDhELB1oar7vR9Pyq4K8vx80bZ8qoD3kvUBxOg
7jASFfZvr3yU5sCd7Si+xPwvpcK4ukkFRbe0HFhTQaeZG2KtTVIUL4L7EpvnDJHf
c+t3qATokyUCQe7YTzwDEdbdbw61AIrKU0zAMX2Gmbpcaf+1vnXRwOZgEwIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFFGigBLhkimsQ0fExr+9trRPjRfWMB8GA1UdIwQY
MBaAFEaBXKFdcqWmlvi830hvWAGWZ3K7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm9GY29WMXlwYWFXLUx6ZlNHOVlBWlpuY3JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC82NmJkNGItMWU1Ni00YjQ2LThiYWIt
ZDM4YTc2NjBiNTFlLzEvVWFLQUV1R1NLYXhEUjhUR3Y3MjJ0RS1ORjlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC82NmJkNGItMWU1Ni00YjQ2LThiYWItZDM4YTc2NjBiNTFl
LzEvUm9GY29WMXlwYWFXLUx6ZlNHOVlBWlpuY3JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAATAPMA0DBAW5HKAD
BQW5HKMAMA0GCSqGSIb3DQEBCwUAA4IBAQBxP/CcicEWSTF1zIvb8nbeoJ1l0Mad
CgDrwKYaqNONia6rSJbnKddUi0ObLuZA1cMQDWm03P8vq1DODbXHY1tl7E+IHLVz
ZjwSgSeVW4ciO3PjaFH6NAfpUVfEDCEQmOHNckXuryHJkz9uar/yPwjc8U+c7emJ
bwJ8jW1kWBSwZ+n9A4TFIk7d7WnZfa01Km8lBPOwhIazunP8jp1Vp+v2SZ5YTbCz
B8rUGkG4CBGA5Do6jbwEkit0604iccRz4OU4A4TqzjyKo+I8dxRMp6PWC6Zl6/x5
gi9CkpQrNBnIEYCT8zMqi/G8W7Jsbn6O+i5FwufyslGnwtETn0H3ZKeY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:42 2024 by rpki-client on console-ams.rpki-client.org