Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/86c539-621e-4460-a067-e0dc18e88229/1/A-obcIhXu662MNFdEPhqjREtmUs.roa
File: A-obcIhXu662MNFdEPhqjREtmUs.roa (raw, json)
Hash identifier: CipGKAxAENabe36GaqaYU6rLMvtRp9ooWCBA/wbUYDs=
Subject key identifier: 03:EA:1B:70:88:57:BB:AE:B6:30:D1:5D:10:F8:6A:8D:11:2D:99:4B
Certificate issuer: /CN=a2916527fd91e9b3cf8e062bce06df5cbd4c4b1a
Certificate serial: 01856D0172080F51D1B5F612C85460E18D3F
Authority key identifier: A2:91:65:27:FD:91:E9:B3:CF:8E:06:2B:CE:06:DF:5C:BD:4C:4B:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/opFlJ_2R6bPPjgYrzgbfXL1MSxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/86c539-621e-4460-a067-e0dc18e88229/1/A-obcIhXu662MNFdEPhqjREtmUs.roa
Signing time: Sun 01 Jan 2023 11:04:49 +0000
ROA not before: Sun 01 Jan 2023 11:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 37002
IP address blocks: 185.165.34.0/24 maxlen: 24
185.165.35.0/24 maxlen: 24
185.165.32.0/22 maxlen: 24
185.165.32.0/24 maxlen: 24
185.165.33.0/24 maxlen: 24
2a0b:dc00::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:72:08:0f:51:d1:b5:f6:12:c8:54:60:e1:8d:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2916527fd91e9b3cf8e062bce06df5cbd4c4b1a
Validity
Not Before: Jan 1 11:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03ea1b708857bbaeb630d15d10f86a8d112d994b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:66:08:c3:ff:45:d1:3d:0f:ec:9b:07:89:dd:
6d:ab:ad:b3:c1:90:e6:f4:9f:da:93:10:29:47:dc:
f8:63:d8:ef:3a:58:5d:eb:ba:bc:76:63:ee:5c:23:
f9:49:71:a7:96:a5:62:c7:05:69:36:60:cf:a0:cb:
8d:95:d1:76:38:4b:44:be:3a:b4:eb:94:5e:a9:25:
68:d2:4d:84:da:fe:b6:73:0c:4c:9b:df:46:b8:53:
c2:9d:37:0e:88:aa:81:6d:dd:a1:41:62:56:55:c9:
d5:00:77:42:99:35:73:34:73:e8:b8:0e:d6:d5:af:
85:a6:0c:a1:f2:28:8c:da:5d:15:48:e8:db:87:d7:
ca:92:6b:4d:51:08:76:2c:20:7a:16:f8:4a:c6:16:
f6:ae:77:0a:10:fb:eb:a8:9b:59:ee:62:be:06:be:
94:99:87:f3:73:f3:69:6e:3e:fc:ec:51:62:e7:19:
56:14:43:22:29:55:0a:40:e8:dd:46:8a:b2:63:4c:
a4:e2:41:28:54:ba:b5:cb:2a:5f:d9:b5:2f:22:f7:
06:7f:2b:46:d1:35:37:3f:36:5c:9a:bc:72:5d:f5:
90:a5:bb:8f:4b:70:fb:49:46:4a:2c:ed:ab:44:42:
5e:7b:33:fd:b6:6c:9a:97:b7:fe:2e:4f:85:5c:c5:
53:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:EA:1B:70:88:57:BB:AE:B6:30:D1:5D:10:F8:6A:8D:11:2D:99:4B
X509v3 Authority Key Identifier:
keyid:A2:91:65:27:FD:91:E9:B3:CF:8E:06:2B:CE:06:DF:5C:BD:4C:4B:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/opFlJ_2R6bPPjgYrzgbfXL1MSxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86c539-621e-4460-a067-e0dc18e88229/1/A-obcIhXu662MNFdEPhqjREtmUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86c539-621e-4460-a067-e0dc18e88229/1/opFlJ_2R6bPPjgYrzgbfXL1MSxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.32.0/22
IPv6:
2a0b:dc00::/29
Signature Algorithm: sha256WithRSAEncryption
71:ca:76:51:46:2a:d4:a8:e9:02:d5:08:98:ad:6c:c4:6c:8b:
96:3c:eb:c1:b3:ce:3e:ed:af:fe:b8:39:de:08:f3:3f:0b:9b:
55:bc:21:78:92:41:f3:63:c3:9f:11:80:29:d2:e0:71:63:8b:
cb:fc:eb:98:c7:9c:df:81:a9:42:12:1d:d0:ac:c8:9b:33:86:
fd:8c:c1:bc:b5:fd:61:69:56:8b:1c:6e:8f:32:f7:91:d1:2b:
88:42:b7:69:ef:ef:4c:30:8c:e4:6f:f0:4e:1e:80:d9:9f:ff:
03:8d:9d:01:8b:71:02:78:e2:97:0a:1c:77:d6:03:b7:6d:85:
b8:7f:a3:b8:96:73:4c:2f:0a:9f:f6:e0:98:86:04:31:b7:62:
09:29:14:5c:5c:99:fc:7f:7f:aa:03:a4:32:06:86:46:01:75:
ca:e5:e7:f7:d1:62:14:e9:ad:ad:ef:54:a4:80:f0:51:c9:64:
59:ed:30:af:cb:19:49:35:14:ee:eb:cb:30:3e:03:d3:e1:71:
04:bc:3f:3e:fb:f8:d2:c6:99:61:dd:26:f8:34:5b:28:bf:82:
ab:5a:33:8c:ec:48:9c:18:07:cb:e0:74:75:9e:8a:1d:bd:8c:
74:85:ee:ac:a0:28:6a:d8:bf:bc:4a:19:20:12:ab:dd:3f:c7:
08:dc:99:20
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtAXIID1HRtfYSyFRg4Y0/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyOTE2NTI3ZmQ5MWU5YjNjZjhlMDYyYmNlMDZkZjVjYmQ0
YzRiMWEwHhcNMjMwMTAxMTEwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2VhMWI3MDg4NTdiYmFlYjYzMGQxNWQxMGY4NmE4ZDExMmQ5OTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWYIw/9F0T0P7JsHid1tq62zwZDm
9J/akxApR9z4Y9jvOlhd67q8dmPuXCP5SXGnlqVixwVpNmDPoMuNldF2OEtEvjq0
65ReqSVo0k2E2v62cwxMm99GuFPCnTcOiKqBbd2hQWJWVcnVAHdCmTVzNHPouA7W
1a+Fpgyh8iiM2l0VSOjbh9fKkmtNUQh2LCB6FvhKxhb2rncKEPvrqJtZ7mK+Br6U
mYfzc/Npbj787FFi5xlWFEMiKVUKQOjdRoqyY0yk4kEoVLq1yypf2bUvIvcGfytG
0TU3PzZcmrxyXfWQpbuPS3D7SUZKLO2rREJeezP9tmyal7f+Lk+FXMVTyQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAPqG3CIV7uutjDRXRD4ao0RLZlLMB8GA1UdIwQY
MBaAFKKRZSf9kemzz44GK84G31y9TEsaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3BGbEpfMlI2YlBQamdZcnpnYmZYTDFNU3hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi84NmM1MzktNjIxZS00NDYwLWEwNjct
ZTBkYzE4ZTg4MjI5LzEvQS1vYmNJaFh1NjYyTU5GZEVQaHFqUkV0bVVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi84NmM1MzktNjIxZS00NDYwLWEwNjctZTBkYzE4ZTg4MjI5
LzEvb3BGbEpfMlI2YlBQamdZcnpnYmZYTDFNU3hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaUgMA0E
AgACMAcDBQMqC9wAMA0GCSqGSIb3DQEBCwUAA4IBAQBxynZRRirUqOkC1QiYrWzE
bIuWPOvBs84+7a/+uDneCPM/C5tVvCF4kkHzY8OfEYAp0uBxY4vL/OuYx5zfgalC
Eh3QrMibM4b9jMG8tf1haVaLHG6PMveR0SuIQrdp7+9MMIzkb/BOHoDZn/8DjZ0B
i3ECeOKXChx31gO3bYW4f6O4lnNMLwqf9uCYhgQxt2IJKRRcXJn8f3+qA6QyBoZG
AXXK5ef30WIU6a2t71SkgPBRyWRZ7TCvyxlJNRTu68swPgPT4XEEvD8++/jSxplh
3Sb4NFsov4KrWjOM7EicGAfL4HR1noodvYx0he6soChq2L+8ShkgEqvdP8cI3Jkg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:37 2024 by rpki-client on console-ams.rpki-client.org