Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/c12020-a1a1-400e-91f3-835599260ff6/1/iNbSb6FmysP7rgFAW-LmDO15Q7w.roa
File: iNbSb6FmysP7rgFAW-LmDO15Q7w.roa (raw, json)
Hash identifier: vlYj3XHsaJgxQ4/Wu83f4skuGYNQQPyxGcKYs+xIrdg=
Subject key identifier: 88:D6:D2:6F:A1:66:CA:C3:FB:AE:01:40:5B:E2:E6:0C:ED:79:43:BC
Certificate issuer: /CN=3a5ec28e841f29f380a7ce2cb5cd5673700821fd
Certificate serial: 018BAA11D7A801C00E8ACEF925D74E01D081
Authority key identifier: 3A:5E:C2:8E:84:1F:29:F3:80:A7:CE:2C:B5:CD:56:73:70:08:21:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ol7CjoQfKfOAp84stc1Wc3AIIf0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/c12020-a1a1-400e-91f3-835599260ff6/1/iNbSb6FmysP7rgFAW-LmDO15Q7w.roa
Signing time: Tue 07 Nov 2023 13:56:17 +0000
ROA not before: Tue 07 Nov 2023 13:56:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206150
IP address blocks: 185.161.151.0/24 maxlen: 24
185.238.177.0/24 maxlen: 24
185.238.179.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:aa:11:d7:a8:01:c0:0e:8a:ce:f9:25:d7:4e:01:d0:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a5ec28e841f29f380a7ce2cb5cd5673700821fd
Validity
Not Before: Nov 7 13:56:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88d6d26fa166cac3fbae01405be2e60ced7943bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0c:82:42:03:81:3f:b2:c7:67:55:38:ec:fd:
8f:6f:d4:e4:64:f6:c7:7a:ab:a7:14:b5:af:db:ee:
88:d1:a1:d1:1b:63:be:bc:85:a3:f4:91:19:48:3e:
75:f6:b8:a0:c6:10:69:d4:16:83:ed:83:15:f6:f1:
bc:9f:9e:84:43:dc:25:62:87:44:66:93:6b:8b:ae:
aa:3f:56:da:d6:54:f5:4e:ab:80:84:29:43:ef:1b:
5b:07:ec:99:b8:d1:2e:ac:82:b4:e0:40:c4:94:98:
f4:fc:d8:83:01:8c:5a:77:81:ff:67:e9:e1:9f:07:
9a:df:68:0b:2b:1d:fe:32:e1:80:8d:e0:f9:ec:47:
fc:45:fb:69:64:7f:6c:de:a5:5b:0d:ec:b6:de:0d:
29:6c:41:06:47:03:06:95:d8:05:ba:79:12:bd:38:
bc:09:2c:89:bf:ae:78:b1:d8:6d:87:b7:17:55:0f:
ac:86:ce:1d:47:0c:56:01:2e:71:7c:4d:2a:3c:5f:
57:56:2d:1b:40:76:76:a0:1f:9b:cd:d5:f5:67:2d:
56:91:64:55:2d:bb:fc:98:b1:54:82:5b:8a:c6:74:
58:a3:04:75:4a:3c:24:ff:8f:a2:f8:cd:67:4b:36:
2c:2b:98:f3:6b:f0:c7:8c:78:b9:75:0d:32:5d:53:
e1:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:D6:D2:6F:A1:66:CA:C3:FB:AE:01:40:5B:E2:E6:0C:ED:79:43:BC
X509v3 Authority Key Identifier:
keyid:3A:5E:C2:8E:84:1F:29:F3:80:A7:CE:2C:B5:CD:56:73:70:08:21:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ol7CjoQfKfOAp84stc1Wc3AIIf0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/c12020-a1a1-400e-91f3-835599260ff6/1/iNbSb6FmysP7rgFAW-LmDO15Q7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/c12020-a1a1-400e-91f3-835599260ff6/1/Ol7CjoQfKfOAp84stc1Wc3AIIf0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.151.0/24
185.238.177.0/24
185.238.179.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:36:d9:a7:1d:fe:dc:d4:b2:99:57:65:c7:10:a3:ed:0e:e5:
e1:ba:d8:a2:2a:a8:a5:a1:5b:f4:8f:e1:4c:70:29:c9:6a:63:
86:34:11:2d:85:e9:fa:e1:ba:35:f8:a2:c2:b5:e5:37:6e:63:
cd:bd:e0:f0:10:81:be:97:bb:f6:1e:bc:27:99:03:cd:71:2d:
cf:bd:c1:e2:1e:f3:47:97:63:09:88:57:7f:a0:c8:34:b5:28:
03:af:a7:06:e5:56:79:2c:dd:78:ec:05:bf:57:54:6f:3c:19:
1b:6f:ab:e8:f5:68:b4:3e:ad:ca:7e:b8:61:67:1b:c2:67:16:
63:8a:5e:fc:c1:3e:93:85:40:77:f5:e1:f3:50:7a:e2:97:ce:
f2:39:4a:17:d1:fb:95:48:80:7e:75:ce:34:f2:f9:e1:a0:1c:
25:77:f7:e7:3a:75:d7:25:ce:67:e4:15:50:8e:85:e8:98:ba:
75:7a:ab:55:a0:92:e3:92:18:72:4f:fd:99:6b:2d:39:90:9f:
10:be:dd:9d:6c:2c:47:56:f1:62:2d:50:e6:2f:26:06:9d:7d:
bd:0e:43:bf:38:ea:77:14:ba:2b:7b:16:2c:2a:a6:0d:b0:3c:
16:e9:f3:9d:1b:8a:f8:5f:18:9a:86:cc:90:e1:30:b5:72:8f:
d9:3f:34:c9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYuqEdeoAcAOis75JddOAdCBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNWVjMjhlODQxZjI5ZjM4MGE3Y2UyY2I1Y2Q1NjczNzAw
ODIxZmQwHhcNMjMxMTA3MTM1NjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGQ2ZDI2ZmExNjZjYWMzZmJhZTAxNDA1YmUyZTYwY2VkNzk0M2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQyCQgOBP7LHZ1U47P2Pb9TkZPbH
equnFLWv2+6I0aHRG2O+vIWj9JEZSD519rigxhBp1BaD7YMV9vG8n56EQ9wlYodE
ZpNri66qP1ba1lT1TquAhClD7xtbB+yZuNEurIK04EDElJj0/NiDAYxad4H/Z+nh
nwea32gLKx3+MuGAjeD57Ef8RftpZH9s3qVbDey23g0pbEEGRwMGldgFunkSvTi8
CSyJv654sdhth7cXVQ+shs4dRwxWAS5xfE0qPF9XVi0bQHZ2oB+bzdX1Zy1WkWRV
Lbv8mLFUgluKxnRYowR1Sjwk/4+i+M1nSzYsK5jza/DHjHi5dQ0yXVPhxwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIjW0m+hZsrD+64BQFvi5gzteUO8MB8GA1UdIwQY
MBaAFDpewo6EHynzgKfOLLXNVnNwCCH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2w3Q2pvUWZLZk9BcDg0c3RjMVdjM0FJSWYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9jMTIwMjAtYTFhMS00MDBlLTkxZjMt
ODM1NTk5MjYwZmY2LzEvaU5iU2I2Rm15c1A3cmdGQVctTG1ETzE1UTd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9jMTIwMjAtYTFhMS00MDBlLTkxZjMtODM1NTk5MjYwZmY2
LzEvT2w3Q2pvUWZLZk9BcDg0c3RjMVdjM0FJSWYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuaGXAwQA
ue6xAwQAue6zMA0GCSqGSIb3DQEBCwUAA4IBAQB9NtmnHf7c1LKZV2XHEKPtDuXh
utiiKqiloVv0j+FMcCnJamOGNBEthen64bo1+KLCteU3bmPNveDwEIG+l7v2Hrwn
mQPNcS3PvcHiHvNHl2MJiFd/oMg0tSgDr6cG5VZ5LN147AW/V1RvPBkbb6vo9Wi0
Pq3KfrhhZxvCZxZjil78wT6ThUB39eHzUHril87yOUoX0fuVSIB+dc408vnhoBwl
d/fnOnXXJc5n5BVQjoXomLp1eqtVoJLjkhhyT/2Zay05kJ8Qvt2dbCxHVvFiLVDm
LyYGnX29DkO/OOp3FLorexYsKqYNsDwW6fOdG4r4XxiahsyQ4TC1co/ZPzTJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:01 2024 by rpki-client on console-ams.rpki-client.org