Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/xYvcyihYk0oEUfIJifFTgO6Onns.roa
File: xYvcyihYk0oEUfIJifFTgO6Onns.roa (raw, json)
Hash identifier: zMBHEMJT2cn+BoP12LTFuiT0PDAzdnxSzJy36HtMtx0=
Subject key identifier: C5:8B:DC:CA:28:58:93:4A:04:51:F2:09:89:F1:53:80:EE:8E:9E:7B
Certificate issuer: /CN=65179265803b7804d0fccf5962a8b163743e0d1e
Certificate serial: 018CC425360443DAB935C5A9CEB8F9AEA193
Authority key identifier: 65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/xYvcyihYk0oEUfIJifFTgO6Onns.roa
Signing time: Mon 01 Jan 2024 08:30:22 +0000
ROA not before: Mon 01 Jan 2024 08:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399471
IP address blocks: 160.214.105.0/24 maxlen: 24
160.214.104.0/24 maxlen: 24
160.214.107.0/24 maxlen: 24
160.214.106.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:36:04:43:da:b9:35:c5:a9:ce:b8:f9:ae:a1:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65179265803b7804d0fccf5962a8b163743e0d1e
Validity
Not Before: Jan 1 08:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c58bdcca2858934a0451f20989f15380ee8e9e7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:55:23:95:ed:49:b2:63:a7:fd:f7:65:c7:a6:
95:39:d2:59:77:fd:88:df:22:ca:4a:fd:e6:34:23:
43:a6:07:8b:bc:f9:6c:13:31:4d:55:12:86:b4:55:
91:9e:1f:b4:f1:53:5d:a8:f1:8b:d2:38:06:95:d2:
b9:d0:bb:37:0d:57:ad:26:43:3c:98:95:17:e1:11:
37:51:f0:da:c4:e6:37:8a:4c:a7:a2:9e:1d:dd:1c:
ae:b5:80:e2:c8:a0:8b:37:b5:ec:0d:76:70:61:4a:
a4:72:6a:ed:ad:3c:6a:2a:76:32:c2:19:bc:59:38:
bc:03:b5:85:92:d6:f6:0d:d5:ce:23:df:b5:53:3d:
a3:e9:5f:6c:14:c7:26:34:f1:8c:b9:f3:09:af:b6:
18:be:0f:c9:a8:ab:1f:73:46:8b:9f:a4:76:90:9d:
af:da:d4:c2:68:a4:18:6d:cb:12:3d:4b:0e:7d:0b:
ea:ab:9c:0c:63:cb:88:48:3e:c1:71:0a:ea:61:77:
d4:2d:8f:6c:8e:c7:d8:95:94:7a:97:8a:c1:91:b6:
42:e3:14:37:53:0f:ca:28:38:cc:fa:cd:b7:8e:a3:
22:e9:57:82:a2:d1:4c:17:49:85:fc:f2:cb:a5:fa:
3e:c4:2a:ea:02:5b:72:a0:9f:23:45:3d:65:48:d2:
10:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:8B:DC:CA:28:58:93:4A:04:51:F2:09:89:F1:53:80:EE:8E:9E:7B
X509v3 Authority Key Identifier:
keyid:65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/xYvcyihYk0oEUfIJifFTgO6Onns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.214.104.0/22
Signature Algorithm: sha256WithRSAEncryption
79:e7:a2:fa:4a:32:a6:8f:78:89:f6:53:f9:f9:0a:07:64:23:
2b:f4:a2:a5:a4:10:99:fb:b4:af:72:df:25:ee:61:46:3f:4b:
c4:6c:cd:1c:04:91:cf:ce:ac:b7:bb:4b:e5:40:1b:86:06:6a:
a8:6f:37:69:71:95:8b:87:7f:a0:45:55:28:c1:2a:bb:21:eb:
12:13:2b:4f:e0:e1:63:27:57:71:11:09:33:80:46:03:7f:8b:
96:c5:31:2c:50:c0:dc:14:91:d4:8d:19:d6:e7:be:6d:e2:f9:
40:35:d2:e2:f9:ac:1e:43:ad:cb:ab:f8:6d:f4:a2:e5:41:33:
38:92:f3:79:9e:35:10:21:f1:0c:a5:ee:f4:29:0f:01:fe:fd:
c7:d9:df:b8:b4:d8:8a:8f:b1:e8:06:61:dd:fd:47:42:a5:af:
a5:c4:5c:10:02:40:77:52:27:ee:fd:f5:bd:b3:17:27:d7:fb:
5a:31:42:b5:88:07:4d:15:2c:dd:f5:a6:d4:a3:b7:cd:48:fb:
0e:35:f7:e3:30:dd:62:bd:ca:61:9a:05:05:1b:45:88:c9:30:
59:44:a1:2d:b4:70:33:02:18:58:7c:96:03:96:63:fc:a9:62:
f4:ce:12:2a:2a:bc:ae:fa:40:dc:4c:f3:d6:2f:99:78:00:56:
6d:df:92:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJTYEQ9q5NcWpzrj5rqGTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MTc5MjY1ODAzYjc4MDRkMGZjY2Y1OTYyYThiMTYzNzQz
ZTBkMWUwHhcNMjQwMTAxMDgzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNThiZGNjYTI4NTg5MzRhMDQ1MWYyMDk4OWYxNTM4MGVlOGU5ZTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1Ujle1JsmOn/fdlx6aVOdJZd/2I
3yLKSv3mNCNDpgeLvPlsEzFNVRKGtFWRnh+08VNdqPGL0jgGldK50Ls3DVetJkM8
mJUX4RE3UfDaxOY3ikynop4d3RyutYDiyKCLN7XsDXZwYUqkcmrtrTxqKnYywhm8
WTi8A7WFktb2DdXOI9+1Uz2j6V9sFMcmNPGMufMJr7YYvg/JqKsfc0aLn6R2kJ2v
2tTCaKQYbcsSPUsOfQvqq5wMY8uISD7BcQrqYXfULY9sjsfYlZR6l4rBkbZC4xQ3
Uw/KKDjM+s23jqMi6VeCotFMF0mF/PLLpfo+xCrqAltyoJ8jRT1lSNIQ0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMWL3MooWJNKBFHyCYnxU4Dujp57MB8GA1UdIwQY
MBaAFGUXkmWAO3gE0PzPWWKosWN0Pg0eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEt
ZjdiYjZkOWEzYmU4LzEveFl2Y3lpaFlrMG9FVWZJSmlmRlRnTzZPbm5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEtZjdiYjZkOWEzYmU4
LzEvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCoNZoMA0G
CSqGSIb3DQEBCwUAA4IBAQB556L6SjKmj3iJ9lP5+QoHZCMr9KKlpBCZ+7Svct8l
7mFGP0vEbM0cBJHPzqy3u0vlQBuGBmqobzdpcZWLh3+gRVUowSq7IesSEytP4OFj
J1dxEQkzgEYDf4uWxTEsUMDcFJHUjRnW575t4vlANdLi+aweQ63Lq/ht9KLlQTM4
kvN5njUQIfEMpe70KQ8B/v3H2d+4tNiKj7HoBmHd/UdCpa+lxFwQAkB3Uifu/fW9
sxcn1/taMUK1iAdNFSzd9abUo7fNSPsONffjMN1ivcphmgUFG0WIyTBZRKEttHAz
AhhYfJYDlmP8qWL0zhIqKryu+kDcTPPWL5l4AFZt35JF
-----END CERTIFICATE-----
Generated at Wed Jan 3 13:03:14 2024 by rpki-client on console-ams.rpki-client.org