Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/9HJ6tASdJCniDpO3ZW7L70iFIoQ.roa
File: 9HJ6tASdJCniDpO3ZW7L70iFIoQ.roa (raw, json)
Hash identifier: zHklIzgkofGzOkkbRaa7bL5l/tShZjkLjSQ597n3IUo=
Subject key identifier: F4:72:7A:B4:04:9D:24:29:E2:0E:93:B7:65:6E:CB:EF:48:85:22:84
Certificate issuer: /CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Certificate serial: 018F0655F9F1B5E8E16338DE1384F81C920D
Authority key identifier: AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/9HJ6tASdJCniDpO3ZW7L70iFIoQ.roa
Signing time: Mon 22 Apr 2024 15:04:08 +0000
ROA not before: Mon 22 Apr 2024 15:04:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57053
IP address blocks: 185.155.158.0/24 maxlen: 24
185.155.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 May 2024 14:09:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:06:55:f9:f1:b5:e8:e1:63:38:de:13:84:f8:1c:92:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Validity
Not Before: Apr 22 15:04:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4727ab4049d2429e20e93b7656ecbef48852284
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:93:bc:91:77:32:54:46:b9:4b:86:e5:34:b3:
fe:fc:c7:2d:76:fc:2e:c6:cc:f2:4c:ea:99:40:73:
8e:98:cc:dc:c4:d5:fa:16:20:5b:87:73:fd:87:67:
77:8d:a3:24:6f:a1:40:60:25:58:b6:66:60:21:ce:
28:21:50:74:1d:24:68:00:ef:e6:d4:b1:87:df:31:
4d:77:43:f7:76:72:70:fc:16:1f:c0:33:fc:e6:52:
d7:e5:7e:9e:82:e9:8a:5e:80:b1:9b:5c:23:9f:5f:
6f:99:87:03:2d:8f:bf:32:a3:30:62:be:b0:de:fc:
ec:67:8a:d7:6c:3b:43:14:98:f7:84:a6:92:01:e9:
99:db:49:10:c7:18:24:69:6c:6a:c8:14:00:e4:43:
ee:aa:57:d1:49:37:d3:56:db:be:de:5e:0b:4c:2b:
47:ac:15:59:45:fc:55:4c:e6:7c:f0:ae:c7:77:70:
7c:6e:07:58:78:f0:38:ff:f3:af:86:b2:c4:e6:f3:
f9:d4:61:23:b6:a3:e2:c7:85:83:72:df:1e:17:da:
67:05:5f:1e:fb:6c:d6:d5:60:cb:e6:9b:b4:5a:cb:
9a:26:4a:52:3c:fb:c1:22:9b:7b:21:bd:12:5e:44:
3f:f0:bd:0c:c1:44:41:2e:8f:f4:f5:a0:b9:ae:98:
f5:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:72:7A:B4:04:9D:24:29:E2:0E:93:B7:65:6E:CB:EF:48:85:22:84
X509v3 Authority Key Identifier:
keyid:AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/9HJ6tASdJCniDpO3ZW7L70iFIoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.158.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:7d:41:6a:12:1c:81:b5:6e:3a:c5:87:0c:cf:5e:0e:9a:46:
d0:3b:8a:be:0b:8c:61:e5:93:b3:9a:a2:8f:65:f7:d6:a9:57:
89:26:e1:f0:b2:42:4d:39:1c:f4:d1:5c:df:71:db:d6:25:85:
2d:fd:4d:70:13:6d:1d:6b:a6:5e:36:5d:a0:4f:93:67:3c:fa:
18:2c:b4:e4:99:39:65:fe:02:b6:fd:f4:33:6a:17:6f:50:89:
1c:a4:26:8a:55:e7:59:73:09:5d:1e:24:81:fc:ff:00:13:1f:
90:95:e8:0b:56:b5:68:c4:40:f5:a0:8c:11:39:47:60:72:8e:
e7:8c:1e:4c:62:1b:01:63:6e:0d:a5:75:d8:be:7c:df:cb:22:
3f:02:99:32:86:b1:f0:5a:fa:56:bc:72:0c:2f:b6:98:d7:5f:
f4:2f:8f:57:11:54:bf:61:6f:9d:8e:c1:cb:9f:85:e4:28:fe:
78:9b:6e:68:c9:58:9c:ca:ca:4d:e6:6a:c9:3a:9d:f2:36:f9:
6e:3b:81:78:9c:4a:28:0f:60:f9:5c:9b:48:af:9c:ec:04:2f:
0c:6b:25:1f:52:ef:e1:d7:44:f4:ac:8b:8b:a6:b7:fe:c6:89:
67:59:b4:d6:7e:32:fd:0c:be:56:a9:5d:38:3a:43:77:80:32:
c7:8e:6c:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8GVfnxtejhYzjeE4T4HJINMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZTA4ZDkzMzZmMmU2Y2QxNjVlYjczMDI5N2ZlNmQyMGM4
M2MzOWEwHhcNMjQwNDIyMTUwNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDcyN2FiNDA0OWQyNDI5ZTIwZTkzYjc2NTZlY2JlZjQ4ODUyMjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpO8kXcyVEa5S4blNLP+/Mctdvwu
xszyTOqZQHOOmMzcxNX6FiBbh3P9h2d3jaMkb6FAYCVYtmZgIc4oIVB0HSRoAO/m
1LGH3zFNd0P3dnJw/BYfwDP85lLX5X6egumKXoCxm1wjn19vmYcDLY+/MqMwYr6w
3vzsZ4rXbDtDFJj3hKaSAemZ20kQxxgkaWxqyBQA5EPuqlfRSTfTVtu+3l4LTCtH
rBVZRfxVTOZ88K7Hd3B8bgdYePA4//OvhrLE5vP51GEjtqPix4WDct8eF9pnBV8e
+2zW1WDL5pu0WsuaJkpSPPvBIpt7Ib0SXkQ/8L0MwURBLo/09aC5rpj12QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPRyerQEnSQp4g6Tt2Vuy+9IhSKEMB8GA1UdIwQY
MBaAFK7gjZM28ubNFl63MCl/5tIMg8OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAt
NDk3YmVkZDcxZWI5LzEvOUhKNnRBU2RKQ25pRHBPM1pXN0w3MGlGSW9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAtNDk3YmVkZDcxZWI5
LzEvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuZueMA0G
CSqGSIb3DQEBCwUAA4IBAQCifUFqEhyBtW46xYcMz14OmkbQO4q+C4xh5ZOzmqKP
ZffWqVeJJuHwskJNORz00VzfcdvWJYUt/U1wE20da6ZeNl2gT5NnPPoYLLTkmTll
/gK2/fQzahdvUIkcpCaKVedZcwldHiSB/P8AEx+QlegLVrVoxED1oIwROUdgco7n
jB5MYhsBY24NpXXYvnzfyyI/ApkyhrHwWvpWvHIML7aY11/0L49XEVS/YW+djsHL
n4XkKP54m25oyVicyspN5mrJOp3yNvluO4F4nEooD2D5XJtIr5zsBC8MayUfUu/h
10T0rIuLprf+xolnWbTWfjL9DL5WqV04OkN3gDLHjmwi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:20 2024 by rpki-client on console-fra.rpki-client.org