Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/a1bd16-84b4-4612-a7f0-9c76d10ec532/1/jX53sOhN0sUjCeVn_uOGEr6AEDo.roa
File: jX53sOhN0sUjCeVn_uOGEr6AEDo.roa (raw, json)
Hash identifier: E2NtLoYfsp9kkd+08Z5yvlw+TD+wXdHkDoHnCDTZglA=
Subject key identifier: 8D:7E:77:B0:E8:4D:D2:C5:23:09:E5:67:FE:E3:86:12:BE:80:10:3A
Certificate issuer: /CN=6b7dfe4b68b20895ededf3a003232a979e17c38c
Certificate serial: 018570B08D4E41006B422D7E5BF98F87D36F
Authority key identifier: 6B:7D:FE:4B:68:B2:08:95:ED:ED:F3:A0:03:23:2A:97:9E:17:C3:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a33-S2iyCJXt7fOgAyMql54Xw4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/a1bd16-84b4-4612-a7f0-9c76d10ec532/1/jX53sOhN0sUjCeVn_uOGEr6AEDo.roa
Signing time: Mon 02 Jan 2023 04:14:56 +0000
ROA not before: Mon 02 Jan 2023 04:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212889
IP address blocks: 185.164.22.0/24 maxlen: 24
185.164.23.0/24 maxlen: 24
185.164.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:8d:4e:41:00:6b:42:2d:7e:5b:f9:8f:87:d3:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b7dfe4b68b20895ededf3a003232a979e17c38c
Validity
Not Before: Jan 2 04:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d7e77b0e84dd2c52309e567fee38612be80103a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:74:e3:46:d4:b5:1c:ff:23:a0:9b:ad:7b:31:
5d:c2:94:46:1a:41:f0:76:48:54:03:90:89:b1:42:
a8:33:d4:67:20:35:cb:6c:de:fe:20:05:50:01:f8:
c3:a5:82:bc:51:b8:e7:30:8b:5a:05:46:26:d2:e9:
08:9f:f5:f5:4f:82:5a:f5:2b:a6:a8:92:b3:9c:2b:
d1:46:95:e5:db:c3:9b:8b:c0:11:c5:b1:fe:5e:2d:
fa:e4:9a:1a:ee:7f:10:8c:af:58:8f:bf:35:d1:db:
cb:0d:9f:02:1d:c8:02:20:86:b7:b9:93:a3:0c:ab:
8f:42:82:9c:ca:bf:58:a4:a5:e7:b9:a3:90:8a:bc:
01:99:e6:9e:7e:73:c5:ae:21:53:a2:4f:dd:12:34:
a3:d6:2a:e1:44:17:f1:b5:12:0e:0b:9f:d6:1b:b6:
2f:c3:36:0c:15:31:13:de:ad:41:74:2e:00:5f:c6:
1a:48:ca:1e:77:c8:be:87:a9:6a:65:c8:93:51:79:
fb:a6:88:d2:26:8f:75:15:df:36:78:4e:6f:4d:59:
1b:51:bd:f4:f4:cc:00:d2:2e:d0:9b:eb:8b:ce:6f:
4a:2e:f8:30:58:1c:20:34:e9:25:08:ef:dd:74:63:
a3:9c:4b:bd:bd:7e:af:45:d3:2f:8e:01:28:55:00:
a4:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:7E:77:B0:E8:4D:D2:C5:23:09:E5:67:FE:E3:86:12:BE:80:10:3A
X509v3 Authority Key Identifier:
keyid:6B:7D:FE:4B:68:B2:08:95:ED:ED:F3:A0:03:23:2A:97:9E:17:C3:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a33-S2iyCJXt7fOgAyMql54Xw4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/a1bd16-84b4-4612-a7f0-9c76d10ec532/1/jX53sOhN0sUjCeVn_uOGEr6AEDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/a1bd16-84b4-4612-a7f0-9c76d10ec532/1/a33-S2iyCJXt7fOgAyMql54Xw4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.20.0/24
185.164.22.0/23
Signature Algorithm: sha256WithRSAEncryption
00:66:55:d0:d8:50:ac:97:16:1a:d5:f9:ba:3b:81:58:cc:8c:
f4:59:f1:b7:57:25:80:67:9e:41:24:af:3a:27:b3:42:3a:97:
9d:f6:3e:19:17:35:43:14:f6:95:6c:d4:c3:23:46:22:c6:f5:
b3:d6:b3:65:4e:c9:45:2f:ca:30:1d:67:8d:00:b2:d8:21:4f:
8d:db:09:10:f6:af:38:1a:c4:e3:d0:73:92:20:9d:24:96:c2:
7f:30:c7:2b:46:3c:55:28:d6:93:d3:c7:f1:94:2a:93:e4:94:
28:c6:e7:df:85:1c:82:cf:d0:91:94:a2:fb:14:9c:47:a9:98:
df:a7:99:e7:07:71:00:52:2b:90:2e:78:74:14:64:49:ab:33:
de:5d:c4:7d:89:1e:4c:8c:c2:2f:d4:8f:9e:80:4c:1c:51:ee:
97:3f:96:53:63:b7:a4:fd:e2:42:56:40:c4:52:0d:71:5d:be:
b3:83:6c:d1:3b:d8:90:bc:c4:b3:81:bc:99:36:08:2a:a2:62:
1a:5d:9c:ed:04:94:ba:64:cc:95:f8:55:e2:14:cd:18:d6:e8:
e6:52:ad:d2:7f:34:fd:71:a9:f8:cd:a7:18:8a:54:81:12:b9:
82:ce:78:94:54:46:9a:61:77:88:ea:28:3d:bb:c8:9b:c9:7f:
c5:0e:15:5f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwsI1OQQBrQi1+W/mPh9NvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiN2RmZTRiNjhiMjA4OTVlZGVkZjNhMDAzMjMyYTk3OWUx
N2MzOGMwHhcNMjMwMTAyMDQxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDdlNzdiMGU4NGRkMmM1MjMwOWU1NjdmZWUzODYxMmJlODAxMDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknTjRtS1HP8joJutezFdwpRGGkHw
dkhUA5CJsUKoM9RnIDXLbN7+IAVQAfjDpYK8UbjnMItaBUYm0ukIn/X1T4Ja9Sum
qJKznCvRRpXl28Obi8ARxbH+Xi365Joa7n8QjK9Yj7810dvLDZ8CHcgCIIa3uZOj
DKuPQoKcyr9YpKXnuaOQirwBmeaefnPFriFTok/dEjSj1irhRBfxtRIOC5/WG7Yv
wzYMFTET3q1BdC4AX8YaSMoed8i+h6lqZciTUXn7pojSJo91Fd82eE5vTVkbUb30
9MwA0i7Qm+uLzm9KLvgwWBwgNOklCO/ddGOjnEu9vX6vRdMvjgEoVQCkfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI1+d7DoTdLFIwnlZ/7jhhK+gBA6MB8GA1UdIwQY
MBaAFGt9/ktosgiV7e3zoAMjKpeeF8OMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTMzLVMyaXlDSlh0N2ZPZ0F5TXFsNTRYdzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9hMWJkMTYtODRiNC00NjEyLWE3ZjAt
OWM3NmQxMGVjNTMyLzEvalg1M3NPaE4wc1VqQ2VWbl91T0dFcjZBRURvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9hMWJkMTYtODRiNC00NjEyLWE3ZjAtOWM3NmQxMGVjNTMy
LzEvYTMzLVMyaXlDSlh0N2ZPZ0F5TXFsNTRYdzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuaQUAwQB
uaQWMA0GCSqGSIb3DQEBCwUAA4IBAQAAZlXQ2FCslxYa1fm6O4FYzIz0WfG3VyWA
Z55BJK86J7NCOped9j4ZFzVDFPaVbNTDI0YixvWz1rNlTslFL8owHWeNALLYIU+N
2wkQ9q84GsTj0HOSIJ0klsJ/MMcrRjxVKNaT08fxlCqT5JQoxuffhRyCz9CRlKL7
FJxHqZjfp5nnB3EAUiuQLnh0FGRJqzPeXcR9iR5MjMIv1I+egEwcUe6XP5ZTY7ek
/eJCVkDEUg1xXb6zg2zRO9iQvMSzgbyZNggqomIaXZztBJS6ZMyV+FXiFM0Y1ujm
Uq3SfzT9can4zacYilSBErmCzniUVEaaYXeI6ig9u8ibyX/FDhVf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:47 2024 by rpki-client on console-ams.rpki-client.org