Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/57IqK-AH061DyTXV71ONjQzXAvE.roa
File: 57IqK-AH061DyTXV71ONjQzXAvE.roa (raw, json)
Hash identifier: k090sDXhFtB4ZXDR5K99LEYZYU/qTtm5mcJkDmCCr74=
Subject key identifier: E7:B2:2A:2B:E0:07:D3:AD:43:C9:35:D5:EF:53:8D:8D:0C:D7:02:F1
Certificate issuer: /CN=65179265803b7804d0fccf5962a8b163743e0d1e
Certificate serial: 018C59062D9466FEB6220529F98A3AFAE92D
Authority key identifier: 65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/57IqK-AH061DyTXV71ONjQzXAvE.roa
Signing time: Mon 11 Dec 2023 13:17:06 +0000
ROA not before: Mon 11 Dec 2023 13:17:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199760
IP address blocks: 160.214.100.0/24 maxlen: 24
160.214.109.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:59:06:2d:94:66:fe:b6:22:05:29:f9:8a:3a:fa:e9:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65179265803b7804d0fccf5962a8b163743e0d1e
Validity
Not Before: Dec 11 13:17:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7b22a2be007d3ad43c935d5ef538d8d0cd702f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a3:39:c3:82:85:cb:77:e7:a3:61:3d:bc:85:
90:d4:be:72:01:31:44:49:cf:99:09:ae:73:e4:bb:
ed:76:ca:55:9f:a6:fd:4a:fa:0d:66:f0:26:47:c9:
ee:ad:b4:42:ab:16:f7:dd:e7:75:c0:13:0d:50:15:
63:66:9d:80:5d:0d:d6:96:60:fd:6b:ee:bf:d4:63:
99:6e:03:b8:38:4c:4e:9c:7e:0b:69:52:34:cd:76:
04:b8:89:c8:51:75:59:40:67:ff:f4:73:69:29:88:
9d:c9:44:60:a7:62:7b:04:3b:cb:16:e5:da:e8:00:
bf:13:ea:c4:82:b8:4a:93:d1:96:0c:d1:40:b4:ed:
06:78:de:3b:6e:10:82:34:92:72:61:2c:c1:4d:0a:
3c:1b:6d:cc:b4:7e:56:89:97:ba:0e:8d:1a:2e:20:
19:f7:45:49:b0:78:07:71:cc:73:73:0a:e3:ea:12:
bb:42:85:45:64:c3:23:c4:3c:4b:5f:1b:a8:a8:36:
2a:e1:a0:f3:f8:a1:71:3e:eb:7d:8d:a6:1b:a4:39:
c6:82:5e:d3:06:69:5b:35:ba:f1:3b:5e:9d:2c:fd:
d4:1e:c3:c3:a9:c2:97:fd:70:eb:c8:e8:1a:9f:1d:
78:f2:af:e8:c0:81:c3:e8:68:dc:11:4f:f8:89:c5:
2d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:B2:2A:2B:E0:07:D3:AD:43:C9:35:D5:EF:53:8D:8D:0C:D7:02:F1
X509v3 Authority Key Identifier:
keyid:65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/57IqK-AH061DyTXV71ONjQzXAvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.214.100.0/24
160.214.109.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:bc:15:3c:38:86:2e:84:2a:f3:2b:20:51:ac:04:7e:64:4b:
37:6c:f3:fa:69:27:e5:95:45:47:63:95:8e:15:35:ec:10:fb:
c7:1b:d7:b2:0f:e8:06:ba:99:e1:37:fc:4e:3d:7a:4b:99:71:
10:cd:92:ef:3a:6d:74:0c:50:04:59:29:28:85:8c:56:95:56:
aa:11:0d:2e:77:3e:5b:da:b6:d3:71:45:0f:4a:50:fa:5e:65:
55:9b:83:c2:5b:78:7f:b7:f4:7b:e5:37:4e:ad:f8:c3:5c:6d:
63:43:d4:01:10:2b:24:f0:85:4d:4e:b7:e0:c3:d9:f9:8e:16:
32:d9:d8:c5:90:bd:44:da:85:4b:cc:65:26:2d:ff:a2:ff:b3:
62:5e:01:4f:76:21:7d:8e:5e:b3:ee:df:9b:27:a1:46:2a:58:
09:77:fe:2c:97:28:80:91:ef:9d:6f:9d:4a:ab:52:38:00:9f:
1e:b7:a2:7a:be:d0:d1:18:e0:5c:46:00:a9:38:fc:97:5f:c8:
9d:45:fe:a1:3d:4c:a7:f7:18:4b:2c:cd:d4:1b:ee:ce:df:60:
93:dc:63:47:96:00:fb:a6:44:d4:b1:a2:eb:12:c9:df:2b:03:
26:0f:ef:64:5f:ec:94:55:e5:c5:0f:41:73:26:0b:e5:25:65:
13:a0:8b:e5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxZBi2UZv62IgUp+Yo6+uktMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MTc5MjY1ODAzYjc4MDRkMGZjY2Y1OTYyYThiMTYzNzQz
ZTBkMWUwHhcNMjMxMjExMTMxNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2IyMmEyYmUwMDdkM2FkNDNjOTM1ZDVlZjUzOGQ4ZDBjZDcwMmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaM5w4KFy3fno2E9vIWQ1L5yATFE
Sc+ZCa5z5LvtdspVn6b9SvoNZvAmR8nurbRCqxb33ed1wBMNUBVjZp2AXQ3WlmD9
a+6/1GOZbgO4OExOnH4LaVI0zXYEuInIUXVZQGf/9HNpKYidyURgp2J7BDvLFuXa
6AC/E+rEgrhKk9GWDNFAtO0GeN47bhCCNJJyYSzBTQo8G23MtH5WiZe6Do0aLiAZ
90VJsHgHccxzcwrj6hK7QoVFZMMjxDxLXxuoqDYq4aDz+KFxPut9jaYbpDnGgl7T
BmlbNbrxO16dLP3UHsPDqcKX/XDryOganx148q/owIHD6GjcEU/4icUt/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOeyKivgB9OtQ8k11e9TjY0M1wLxMB8GA1UdIwQY
MBaAFGUXkmWAO3gE0PzPWWKosWN0Pg0eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEt
ZjdiYjZkOWEzYmU4LzEvNTdJcUstQUgwNjFEeVRYVjcxT05qUXpYQXZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEtZjdiYjZkOWEzYmU4
LzEvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAoNZkAwQA
oNZtMA0GCSqGSIb3DQEBCwUAA4IBAQCbvBU8OIYuhCrzKyBRrAR+ZEs3bPP6aSfl
lUVHY5WOFTXsEPvHG9eyD+gGupnhN/xOPXpLmXEQzZLvOm10DFAEWSkohYxWlVaq
EQ0udz5b2rbTcUUPSlD6XmVVm4PCW3h/t/R75TdOrfjDXG1jQ9QBECsk8IVNTrfg
w9n5jhYy2djFkL1E2oVLzGUmLf+i/7NiXgFPdiF9jl6z7t+bJ6FGKlgJd/4slyiA
ke+db51Kq1I4AJ8et6J6vtDRGOBcRgCpOPyXX8idRf6hPUyn9xhLLM3UG+7O32CT
3GNHlgD7pkTUsaLrEsnfKwMmD+9kX+yUVeXFD0FzJgvlJWUToIvl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:11 2024 by rpki-client on console-fra.rpki-client.org