Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/32c5ce-28b2-47d7-abd5-2e9d6ca08701/1/sKT1pXyjdkVMkMgENML4JJ1SOwU.roa
File: sKT1pXyjdkVMkMgENML4JJ1SOwU.roa (raw, json)
Hash identifier: rYy8YqeSy2dQUw2msoNGqREp5GfGLpQORIygym1bgY8=
Subject key identifier: B0:A4:F5:A5:7C:A3:76:45:4C:90:C8:04:34:C2:F8:24:9D:52:3B:05
Certificate issuer: /CN=65865968a1d8f4f377865c913af3b9af890d7cce
Certificate serial: 01856E2FBA1A89A19AA352544B647C10D1D9
Authority key identifier: 65:86:59:68:A1:D8:F4:F3:77:86:5C:91:3A:F3:B9:AF:89:0D:7C:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZYZZaKHY9PN3hlyROvO5r4kNfM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/32c5ce-28b2-47d7-abd5-2e9d6ca08701/1/sKT1pXyjdkVMkMgENML4JJ1SOwU.roa
Signing time: Sun 01 Jan 2023 16:34:59 +0000
ROA not before: Sun 01 Jan 2023 16:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61241
IP address blocks: 185.161.172.0/23 maxlen: 23
2a07:c386::/32 maxlen: 32
2a07:c381::/32 maxlen: 32
2a07:c384::/32 maxlen: 32
2a07:c383::/32 maxlen: 32
2a07:c387::/32 maxlen: 32
2a07:c380::/32 maxlen: 32
2a07:c380:38::/48 maxlen: 48
2a07:c382::/32 maxlen: 32
2a07:c385::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:ba:1a:89:a1:9a:a3:52:54:4b:64:7c:10:d1:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65865968a1d8f4f377865c913af3b9af890d7cce
Validity
Not Before: Jan 1 16:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0a4f5a57ca376454c90c80434c2f8249d523b05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:24:fa:ab:34:3a:11:a1:b7:87:0b:c5:6c:2b:
02:55:6c:fb:6b:99:42:7e:27:49:e3:0b:09:e0:00:
50:61:fd:68:d5:6a:bd:31:ef:2a:5a:03:51:2f:81:
31:ff:4c:88:94:aa:00:97:01:7b:1b:60:1e:70:26:
7c:21:64:e9:54:58:44:7c:b6:2a:e3:b9:4f:ea:d0:
38:9c:9d:fb:1c:cb:4b:23:3b:b8:90:a7:2e:ec:e2:
8d:81:fe:b3:50:bc:24:0d:32:4b:0d:db:6c:31:41:
08:d4:74:66:aa:68:d9:f8:af:f5:50:20:f0:0b:33:
a9:7c:4f:e9:00:f4:fa:d8:2b:d3:50:a9:7c:5d:a3:
3a:80:f2:d4:de:fe:e7:6e:a4:07:eb:fd:20:0f:bd:
78:23:f9:31:39:25:03:df:d8:41:c6:56:14:b2:b1:
db:8d:e4:21:d9:2b:35:f9:35:1e:c6:82:b1:26:13:
70:94:cf:ec:05:a7:58:71:41:c0:f6:87:8f:31:22:
96:ec:87:0c:30:6d:57:6c:ab:d7:5a:a3:8b:28:19:
4a:0b:a9:1c:10:bb:c0:df:fc:ff:06:13:fd:bd:1e:
21:b4:b0:9f:c5:ef:7b:b5:d6:66:56:c0:13:5b:91:
90:dc:58:f2:5d:81:57:d8:49:67:32:d3:40:07:b3:
1f:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:A4:F5:A5:7C:A3:76:45:4C:90:C8:04:34:C2:F8:24:9D:52:3B:05
X509v3 Authority Key Identifier:
keyid:65:86:59:68:A1:D8:F4:F3:77:86:5C:91:3A:F3:B9:AF:89:0D:7C:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYZZaKHY9PN3hlyROvO5r4kNfM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/32c5ce-28b2-47d7-abd5-2e9d6ca08701/1/sKT1pXyjdkVMkMgENML4JJ1SOwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/32c5ce-28b2-47d7-abd5-2e9d6ca08701/1/ZYZZaKHY9PN3hlyROvO5r4kNfM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.172.0/23
IPv6:
2a07:c380::/29
Signature Algorithm: sha256WithRSAEncryption
50:5f:4d:0b:77:30:ec:e0:be:b7:b0:aa:9f:ff:e9:54:5b:ca:
5c:68:79:44:c1:80:ac:da:3f:e7:d2:8d:c8:0c:57:aa:0f:db:
84:a5:5c:33:41:db:89:91:b5:ac:21:34:90:43:17:94:29:1f:
18:8d:65:08:28:3d:65:e4:31:01:99:88:4d:6f:8d:ca:d7:28:
6a:ce:6e:60:a3:ea:75:a1:5a:a2:4a:7b:fa:93:e1:60:37:fc:
65:2c:a2:dc:b6:f1:9e:a2:75:a0:91:62:63:30:c1:62:6e:9f:
32:f0:42:b5:5b:0d:9e:6a:47:17:08:9e:97:79:00:2f:d5:f7:
d7:64:db:5d:1d:98:97:b8:4d:89:a9:bb:d3:5e:5e:28:9b:17:
43:38:fe:6c:d6:d9:c1:97:54:c1:34:74:66:9e:99:03:7b:c1:
35:c5:94:7b:30:ab:6e:3d:56:8b:55:70:de:46:38:e0:a4:4d:
82:d9:46:23:16:7d:b1:d9:db:64:0d:7f:e8:d7:78:88:ed:af:
bc:85:d8:9b:ad:11:26:b9:2c:a2:6e:d4:01:f3:84:62:f7:55:
e4:03:8d:50:7b:a9:40:32:a6:d7:46:e3:25:73:14:81:ca:04:
b3:58:d8:8d:1e:7a:be:e3:1d:de:31:8a:ef:b8:86:15:50:69:
73:54:b2:74
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuL7oaiaGao1JUS2R8ENHZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ODY1OTY4YTFkOGY0ZjM3Nzg2NWM5MTNhZjNiOWFmODkw
ZDdjY2UwHhcNMjMwMTAxMTYzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGE0ZjVhNTdjYTM3NjQ1NGM5MGM4MDQzNGMyZjgyNDlkNTIzYjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3yT6qzQ6EaG3hwvFbCsCVWz7a5lC
fidJ4wsJ4ABQYf1o1Wq9Me8qWgNRL4Ex/0yIlKoAlwF7G2AecCZ8IWTpVFhEfLYq
47lP6tA4nJ37HMtLIzu4kKcu7OKNgf6zULwkDTJLDdtsMUEI1HRmqmjZ+K/1UCDw
CzOpfE/pAPT62CvTUKl8XaM6gPLU3v7nbqQH6/0gD714I/kxOSUD39hBxlYUsrHb
jeQh2Ss1+TUexoKxJhNwlM/sBadYcUHA9oePMSKW7IcMMG1XbKvXWqOLKBlKC6kc
ELvA3/z/BhP9vR4htLCfxe97tdZmVsATW5GQ3FjyXYFX2ElnMtNAB7MfBQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLCk9aV8o3ZFTJDIBDTC+CSdUjsFMB8GA1UdIwQY
MBaAFGWGWWih2PTzd4ZckTrzua+JDXzOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWllaWmFLSFk5UE4zaGx5Uk92TzVyNGtOZk00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8zMmM1Y2UtMjhiMi00N2Q3LWFiZDUt
MmU5ZDZjYTA4NzAxLzEvc0tUMXBYeWpka1ZNa01nRU5NTDRKSjFTT3dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8zMmM1Y2UtMjhiMi00N2Q3LWFiZDUtMmU5ZDZjYTA4NzAx
LzEvWllaWmFLSFk5UE4zaGx5Uk92TzVyNGtOZk00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuaGsMA0E
AgACMAcDBQMqB8OAMA0GCSqGSIb3DQEBCwUAA4IBAQBQX00LdzDs4L63sKqf/+lU
W8pcaHlEwYCs2j/n0o3IDFeqD9uEpVwzQduJkbWsITSQQxeUKR8YjWUIKD1l5DEB
mYhNb43K1yhqzm5go+p1oVqiSnv6k+FgN/xlLKLctvGeonWgkWJjMMFibp8y8EK1
Ww2eakcXCJ6XeQAv1ffXZNtdHZiXuE2JqbvTXl4omxdDOP5s1tnBl1TBNHRmnpkD
e8E1xZR7MKtuPVaLVXDeRjjgpE2C2UYjFn2x2dtkDX/o13iI7a+8hdibrREmuSyi
btQB84Ri91XkA41Qe6lAMqbXRuMlcxSBygSzWNiNHnq+4x3eMYrvuIYVUGlzVLJ0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:11 2024 by rpki-client on console-ams.rpki-client.org