Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/66bd4b-1e56-4b46-8bab-d38a7660b51e/1/vwlyvW9RqmSQtWPWWVq_rHrF_8s.roa
File: vwlyvW9RqmSQtWPWWVq_rHrF_8s.roa (raw, json)
Hash identifier: eLuRGOOX7XSV8yBpnoQji1Lvdt0lWUjEpNMRJ+uu+78=
Subject key identifier: BF:09:72:BD:6F:51:AA:64:90:B5:63:D6:59:5A:BF:AC:7A:C5:FF:CB
Certificate issuer: /CN=46815ca15d72a5a696f8bcdf486f5801966772bb
Certificate serial: 018CC870FF2B837DA84C32FF677A462B8E45
Authority key identifier: 46:81:5C:A1:5D:72:A5:A6:96:F8:BC:DF:48:6F:58:01:96:67:72:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RoFcoV1ypaaW-LzfSG9YAZZncrs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/66bd4b-1e56-4b46-8bab-d38a7660b51e/1/vwlyvW9RqmSQtWPWWVq_rHrF_8s.roa
Signing time: Tue 02 Jan 2024 04:31:37 +0000
ROA not before: Tue 02 Jan 2024 04:31:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60607
IP address blocks: 185.28.160.0/24 maxlen: 24
185.28.163.0/24 maxlen: 24
185.28.162.0/24 maxlen: 24
185.28.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Mar 2024 10:30:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:ff:2b:83:7d:a8:4c:32:ff:67:7a:46:2b:8e:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46815ca15d72a5a696f8bcdf486f5801966772bb
Validity
Not Before: Jan 2 04:31:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf0972bd6f51aa6490b563d6595abfac7ac5ffcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:1b:ef:49:3f:bc:db:5b:53:30:33:65:db:5d:
a2:0a:7a:f9:9b:0c:5c:7c:50:f2:6e:dc:ef:1c:0d:
d9:7e:cb:c9:c3:13:c3:7a:61:87:cb:30:6e:21:cb:
60:00:75:79:d4:3e:c1:ac:5b:3e:33:cd:b3:43:50:
54:08:a3:c0:51:a4:77:0a:62:c5:47:60:27:56:16:
1a:46:6e:6c:c5:b3:5b:5e:31:26:7a:8d:60:de:34:
26:0d:0d:36:ed:7c:77:48:27:cf:b7:56:64:85:9f:
a1:76:6a:c8:a4:a4:29:ea:5f:e0:49:6b:1c:25:ef:
37:4b:cc:0e:46:50:c2:3e:b0:c4:e1:84:45:52:c3:
50:3f:e5:9f:ab:18:08:bc:e5:2d:1a:50:c5:f0:68:
a2:b1:c3:af:52:a5:9e:66:d6:6e:03:1c:a1:b0:29:
b8:7b:69:69:cf:f5:21:60:81:e9:ec:d4:e5:8d:55:
c4:41:0b:1e:42:6f:5b:1f:b0:d5:f2:e1:66:22:fb:
0e:9a:d1:2d:b1:50:fc:81:25:03:da:93:bf:d9:77:
15:92:b7:15:85:98:7c:95:23:f2:15:a6:b7:17:c2:
6c:46:78:1b:ea:0d:4d:17:7f:0b:86:32:e6:91:28:
b5:32:0c:35:51:2a:75:76:b9:0b:e3:98:92:0a:c8:
a7:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:09:72:BD:6F:51:AA:64:90:B5:63:D6:59:5A:BF:AC:7A:C5:FF:CB
X509v3 Authority Key Identifier:
keyid:46:81:5C:A1:5D:72:A5:A6:96:F8:BC:DF:48:6F:58:01:96:67:72:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RoFcoV1ypaaW-LzfSG9YAZZncrs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/66bd4b-1e56-4b46-8bab-d38a7660b51e/1/vwlyvW9RqmSQtWPWWVq_rHrF_8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/66bd4b-1e56-4b46-8bab-d38a7660b51e/1/RoFcoV1ypaaW-LzfSG9YAZZncrs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.160.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:37:a9:74:0f:0b:51:33:44:12:d5:0a:09:f5:b1:c0:71:28:
99:3d:df:13:f3:7f:e1:ee:20:2e:81:a6:07:d0:db:33:8f:4b:
98:d7:95:b5:b3:e6:14:10:0b:7a:86:c4:c2:55:8b:ee:80:91:
67:22:1b:ee:62:bf:8b:dc:14:18:99:cf:f8:c6:ba:f3:d9:d4:
a9:2a:c1:71:81:ea:f5:c2:c3:fa:65:b9:d9:cb:9e:8a:60:02:
98:76:8f:03:e4:40:2c:83:15:88:ae:2c:cb:b5:55:f2:1e:8c:
12:f8:df:c2:57:ca:4c:84:15:b4:ac:3d:0a:cc:05:d3:e4:ba:
23:d0:73:85:b7:e7:85:b1:96:f6:9c:17:bd:f0:a9:96:b2:bd:
67:ef:32:5a:31:d4:b4:f1:cf:99:95:87:ed:85:40:13:0e:56:
31:fe:bd:ee:b0:ed:26:33:9f:de:08:f9:e4:d4:44:3b:35:6c:
ac:ad:9f:82:cd:5c:c2:ca:a5:60:50:1a:b7:29:ac:d5:29:b1:
90:e0:d4:82:76:ad:2f:cf:61:2e:a6:6b:87:79:40:ca:c7:62:
b7:06:3b:35:2b:18:d9:a5:b8:21:4c:33:a4:2e:06:85:2e:01:
c2:79:a4:63:b5:fe:86:78:61:bc:38:44:48:5b:27:a7:57:02:
f5:1b:2f:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcP8rg32oTDL/Z3pGK45FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ODE1Y2ExNWQ3MmE1YTY5NmY4YmNkZjQ4NmY1ODAxOTY2
NzcyYmIwHhcNMjQwMTAyMDQzMTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjA5NzJiZDZmNTFhYTY0OTBiNTYzZDY1OTVhYmZhYzdhYzVmZmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohvvST+821tTMDNl212iCnr5mwxc
fFDybtzvHA3ZfsvJwxPDemGHyzBuIctgAHV51D7BrFs+M82zQ1BUCKPAUaR3CmLF
R2AnVhYaRm5sxbNbXjEmeo1g3jQmDQ027Xx3SCfPt1ZkhZ+hdmrIpKQp6l/gSWsc
Je83S8wORlDCPrDE4YRFUsNQP+WfqxgIvOUtGlDF8GiiscOvUqWeZtZuAxyhsCm4
e2lpz/UhYIHp7NTljVXEQQseQm9bH7DV8uFmIvsOmtEtsVD8gSUD2pO/2XcVkrcV
hZh8lSPyFaa3F8JsRngb6g1NF38LhjLmkSi1Mgw1USp1drkL45iSCsinTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL8Jcr1vUapkkLVj1llav6x6xf/LMB8GA1UdIwQY
MBaAFEaBXKFdcqWmlvi830hvWAGWZ3K7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm9GY29WMXlwYWFXLUx6ZlNHOVlBWlpuY3JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC82NmJkNGItMWU1Ni00YjQ2LThiYWIt
ZDM4YTc2NjBiNTFlLzEvdndseXZXOVJxbVNRdFdQV1dWcV9ySHJGXzhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC82NmJkNGItMWU1Ni00YjQ2LThiYWItZDM4YTc2NjBiNTFl
LzEvUm9GY29WMXlwYWFXLUx6ZlNHOVlBWlpuY3JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRygMA0G
CSqGSIb3DQEBCwUAA4IBAQB/N6l0DwtRM0QS1QoJ9bHAcSiZPd8T83/h7iAugaYH
0Nszj0uY15W1s+YUEAt6hsTCVYvugJFnIhvuYr+L3BQYmc/4xrrz2dSpKsFxger1
wsP6ZbnZy56KYAKYdo8D5EAsgxWIrizLtVXyHowS+N/CV8pMhBW0rD0KzAXT5Loj
0HOFt+eFsZb2nBe98KmWsr1n7zJaMdS08c+ZlYfthUATDlYx/r3usO0mM5/eCPnk
1EQ7NWysrZ+CzVzCyqVgUBq3KazVKbGQ4NSCdq0vz2EupmuHeUDKx2K3Bjs1KxjZ
pbghTDOkLgaFLgHCeaRjtf6GeGG8OERIWyenVwL1Gy/T
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:36 2025 by rpki-client