Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/m2dbdFfH2Bt_b2L6e0pjGDJOEcU.roa
File: m2dbdFfH2Bt_b2L6e0pjGDJOEcU.roa (raw, json)
Hash identifier: +8HcRvZiLrGkaEYuNp4Z9pW7m4zkDLxurnaj5OSsScU=
Subject key identifier: 9B:67:5B:74:57:C7:D8:1B:7F:6F:62:FA:7B:4A:63:18:32:4E:11:C5
Certificate issuer: /CN=65179265803b7804d0fccf5962a8b163743e0d1e
Certificate serial: 018CE997FAE7BF8D2ECE91A72FE04101E3E0
Authority key identifier: 65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/m2dbdFfH2Bt_b2L6e0pjGDJOEcU.roa
Signing time: Mon 08 Jan 2024 15:01:40 +0000
ROA not before: Mon 08 Jan 2024 15:01:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 160.214.96.0/24 maxlen: 24
160.214.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Jan 2024 11:19:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e9:97:fa:e7:bf:8d:2e:ce:91:a7:2f:e0:41:01:e3:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65179265803b7804d0fccf5962a8b163743e0d1e
Validity
Not Before: Jan 8 15:01:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b675b7457c7d81b7f6f62fa7b4a6318324e11c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:48:0a:fe:1b:d1:d9:e6:9e:03:0b:5c:01:de:
61:fb:1f:1d:38:2c:02:31:a2:a0:7f:df:c7:95:04:
8e:50:97:30:55:30:52:37:d7:a8:ed:e6:66:78:27:
82:cb:1d:f7:b7:b4:7e:3e:cf:e3:5d:f1:98:49:d8:
cc:94:b2:92:bf:3f:5f:0e:21:d9:c8:0d:a0:47:80:
12:93:86:b5:69:d5:ba:f1:7e:17:5d:9a:b4:19:58:
0b:75:bf:4b:8a:04:b9:ea:66:01:15:2f:4d:d4:e3:
3d:0d:4f:00:6d:ff:d2:75:38:d6:bb:b2:17:ad:78:
c9:36:7e:a5:93:16:9b:bf:f2:5a:b6:1a:b2:dc:71:
4e:07:3a:84:11:6b:12:37:fc:3a:ce:55:c3:6d:08:
18:e1:c8:bd:5b:3c:7f:ab:4b:b3:98:a6:0a:78:04:
91:9d:c9:9d:a4:3b:b8:ad:32:ba:95:a3:d9:c3:7f:
4d:65:03:2b:d6:bf:00:25:02:8a:9b:8d:1a:a9:d8:
83:a8:79:2e:38:ea:d1:f2:51:c9:f6:41:83:a7:11:
22:6a:a0:c0:ae:d0:30:2c:ec:dc:c8:99:79:e2:54:
1d:b0:11:b9:1f:f4:f2:92:17:f6:40:cf:07:58:f0:
49:3c:4e:7d:93:3e:5d:e6:82:43:2e:a7:bc:b1:6e:
57:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:67:5B:74:57:C7:D8:1B:7F:6F:62:FA:7B:4A:63:18:32:4E:11:C5
X509v3 Authority Key Identifier:
keyid:65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/m2dbdFfH2Bt_b2L6e0pjGDJOEcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.214.96.0/24
160.214.108.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:11:ed:c1:50:80:0a:a4:18:1b:b5:74:47:3a:ac:67:05:8c:
4c:fe:a2:0e:1d:81:12:6d:89:ba:57:09:db:1c:2b:de:6f:65:
4d:d0:26:13:77:58:c3:59:96:85:b8:1a:ad:1a:91:14:95:69:
f3:fe:46:36:b6:20:65:fa:df:75:02:65:7c:ae:56:eb:21:23:
cd:21:28:a6:62:ca:2a:a1:5c:a8:5b:89:13:29:90:da:64:c3:
f8:d7:1d:06:30:94:7e:fe:bb:1e:fe:2d:8d:11:e2:6b:c6:a1:
41:a0:d1:53:4f:c7:0b:a5:da:44:87:ea:39:15:52:a6:11:dc:
f3:39:a2:74:7e:5d:69:4a:91:9b:8b:1f:06:a7:d6:30:cd:c6:
9a:d6:21:97:6b:22:d2:d5:1d:56:99:b8:44:21:48:8f:16:78:
48:5e:d1:dc:ab:77:01:a4:a2:d8:03:8d:08:65:b2:79:be:a7:
eb:da:2b:25:69:34:b9:da:a1:16:92:07:3a:db:b2:ff:c1:ee:
22:4b:b7:88:7a:3e:53:2c:a3:63:6b:83:a9:74:dc:3d:7d:8b:
71:20:f1:ff:df:ae:5b:e1:cc:63:00:31:bf:5e:23:43:55:5c:
18:0a:06:0c:10:0b:c6:37:a3:9f:17:2b:1e:b8:59:bf:d4:4e:
1d:0b:9e:18
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzpl/rnv40uzpGnL+BBAePgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MTc5MjY1ODAzYjc4MDRkMGZjY2Y1OTYyYThiMTYzNzQz
ZTBkMWUwHhcNMjQwMTA4MTUwMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjY3NWI3NDU3YzdkODFiN2Y2ZjYyZmE3YjRhNjMxODMyNGUxMWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkgK/hvR2eaeAwtcAd5h+x8dOCwC
MaKgf9/HlQSOUJcwVTBSN9eo7eZmeCeCyx33t7R+Ps/jXfGYSdjMlLKSvz9fDiHZ
yA2gR4ASk4a1adW68X4XXZq0GVgLdb9LigS56mYBFS9N1OM9DU8Abf/SdTjWu7IX
rXjJNn6lkxabv/Jathqy3HFOBzqEEWsSN/w6zlXDbQgY4ci9Wzx/q0uzmKYKeASR
ncmdpDu4rTK6laPZw39NZQMr1r8AJQKKm40aqdiDqHkuOOrR8lHJ9kGDpxEiaqDA
rtAwLOzcyJl54lQdsBG5H/Tykhf2QM8HWPBJPE59kz5d5oJDLqe8sW5XdwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJtnW3RXx9gbf29i+ntKYxgyThHFMB8GA1UdIwQY
MBaAFGUXkmWAO3gE0PzPWWKosWN0Pg0eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEt
ZjdiYjZkOWEzYmU4LzEvbTJkYmRGZkgyQnRfYjJMNmUwcGpHREpPRWNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEtZjdiYjZkOWEzYmU4
LzEvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAoNZgAwQA
oNZsMA0GCSqGSIb3DQEBCwUAA4IBAQAuEe3BUIAKpBgbtXRHOqxnBYxM/qIOHYES
bYm6VwnbHCveb2VN0CYTd1jDWZaFuBqtGpEUlWnz/kY2tiBl+t91AmV8rlbrISPN
ISimYsoqoVyoW4kTKZDaZMP41x0GMJR+/rse/i2NEeJrxqFBoNFTT8cLpdpEh+o5
FVKmEdzzOaJ0fl1pSpGbix8Gp9Ywzcaa1iGXayLS1R1WmbhEIUiPFnhIXtHcq3cB
pKLYA40IZbJ5vqfr2islaTS52qEWkgc627L/we4iS7eIej5TLKNja4OpdNw9fYtx
IPH/365b4cxjADG/XiNDVVwYCgYMEAvGN6OfFyseuFm/1E4dC54Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:11 2024 by rpki-client on console-fra.rpki-client.org