Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/abe6c0-e79d-4cdd-92ad-f21363071591/1/3Kk93vU-sAmHihAiy2d33l1ywqo.roa
File: 3Kk93vU-sAmHihAiy2d33l1ywqo.roa (raw, json)
Hash identifier: nOQ7v4BDd1fGKYOdFS0UCXR90RQsHnmSTJLIen7W9f0=
Subject key identifier: DC:A9:3D:DE:F5:3E:B0:09:87:8A:10:22:CB:67:77:DE:5D:72:C2:AA
Certificate issuer: /CN=4c18a44d54a47a5ea97dedfd5ed8379d7eea02d0
Certificate serial: 018572A7F42A87F6F1D17DC569990D279EEC
Authority key identifier: 4C:18:A4:4D:54:A4:7A:5E:A9:7D:ED:FD:5E:D8:37:9D:7E:EA:02:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TBikTVSkel6pfe39Xtg3nX7qAtA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/abe6c0-e79d-4cdd-92ad-f21363071591/1/3Kk93vU-sAmHihAiy2d33l1ywqo.roa
Signing time: Mon 02 Jan 2023 13:24:47 +0000
ROA not before: Mon 02 Jan 2023 13:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20874
IP address blocks: 185.111.161.0/24 maxlen: 24
185.111.162.0/24 maxlen: 24
185.111.163.0/24 maxlen: 24
185.111.160.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:a7:f4:2a:87:f6:f1:d1:7d:c5:69:99:0d:27:9e:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c18a44d54a47a5ea97dedfd5ed8379d7eea02d0
Validity
Not Before: Jan 2 13:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dca93ddef53eb009878a1022cb6777de5d72c2aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:93:43:f5:62:5f:23:b3:b9:e7:d8:71:fd:ec:
6c:3c:95:3a:4b:e2:cf:85:e8:46:d8:f9:b4:1d:c6:
b8:e2:1f:dd:3b:bf:de:ef:25:2b:29:dc:ba:01:bc:
05:43:c0:85:a1:57:d1:83:71:cf:0e:b3:49:97:94:
00:1f:ab:da:66:cf:fb:08:85:61:63:e7:80:22:34:
9e:aa:a2:4b:53:40:76:22:0b:22:ce:8a:7c:55:18:
a0:91:0d:c2:4a:01:2d:94:a8:d8:ed:94:22:d1:62:
b3:98:99:9c:ca:9e:c0:28:cc:ee:94:18:d0:2b:0d:
2a:7c:60:5b:a8:eb:9c:07:62:27:ba:2b:ff:41:47:
c5:1e:09:28:30:91:0b:5c:96:77:1a:9c:91:b6:e9:
7a:2a:f3:a4:ab:a5:e4:3b:f6:dc:7a:48:8d:b6:f3:
ca:d4:4f:cb:2f:9e:38:dc:41:58:8a:8b:d0:45:25:
15:b5:4c:f6:3d:6a:92:d2:8a:54:cf:0c:bc:a4:b4:
42:48:87:5e:49:24:a7:a1:2e:ce:fe:6d:90:bb:0e:
38:95:eb:7b:6d:82:5c:c4:2b:64:b8:78:d3:4f:64:
1c:92:b2:0b:b8:71:36:54:4b:4b:f5:7a:a3:f1:00:
db:c1:df:3e:c0:63:82:1a:2a:c5:90:6d:62:0d:b8:
e7:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:A9:3D:DE:F5:3E:B0:09:87:8A:10:22:CB:67:77:DE:5D:72:C2:AA
X509v3 Authority Key Identifier:
keyid:4C:18:A4:4D:54:A4:7A:5E:A9:7D:ED:FD:5E:D8:37:9D:7E:EA:02:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TBikTVSkel6pfe39Xtg3nX7qAtA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/abe6c0-e79d-4cdd-92ad-f21363071591/1/3Kk93vU-sAmHihAiy2d33l1ywqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/abe6c0-e79d-4cdd-92ad-f21363071591/1/TBikTVSkel6pfe39Xtg3nX7qAtA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.160.0/22
Signature Algorithm: sha256WithRSAEncryption
df:30:78:9d:84:87:a2:27:a8:3a:d1:93:74:3a:f8:f9:c7:e2:
cb:cb:25:8d:00:b6:94:cd:a8:b6:32:ba:a6:f0:18:e8:b4:da:
15:8d:60:f4:50:55:17:ce:8a:61:52:19:2d:05:ca:39:54:44:
96:41:f8:ef:ab:1a:5a:11:16:f9:95:c9:da:b3:4d:eb:ef:6a:
a2:3d:66:0e:39:69:7d:24:8d:91:f2:20:74:9d:c4:13:90:ba:
d6:7c:79:6f:e9:45:3e:56:21:57:86:b5:45:48:ed:db:81:54:
cd:71:0f:c3:7b:ca:0a:bc:6a:a3:6b:1b:c4:c9:cb:19:d3:ed:
c1:4d:1d:54:aa:a4:37:8b:78:e8:ad:36:f2:71:79:30:70:e2:
f9:48:f6:44:3e:1c:62:76:43:7e:70:1e:b2:55:c5:ba:a7:fb:
90:10:5b:4c:f7:0b:9a:d6:09:48:07:34:49:95:80:cd:79:a1:
f1:43:c2:dd:9c:4b:61:91:8b:82:18:d9:7a:9a:ec:82:8e:aa:
53:70:e7:3f:0c:f2:46:92:26:c2:f7:a2:dd:db:55:78:a3:14:
fa:97:08:01:70:2e:26:af:c4:fc:0e:46:0f:82:2e:80:cd:e9:
18:4b:ca:cb:82:df:9f:61:f8:27:06:a4:2a:14:ac:15:ef:3e:
b1:3c:40:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyp/Qqh/bx0X3FaZkNJ57sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMThhNDRkNTRhNDdhNWVhOTdkZWRmZDVlZDgzNzlkN2Vl
YTAyZDAwHhcNMjMwMTAyMTMyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2E5M2RkZWY1M2ViMDA5ODc4YTEwMjJjYjY3NzdkZTVkNzJjMmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpND9WJfI7O559hx/exsPJU6S+LP
hehG2Pm0Hca44h/dO7/e7yUrKdy6AbwFQ8CFoVfRg3HPDrNJl5QAH6vaZs/7CIVh
Y+eAIjSeqqJLU0B2Igsizop8VRigkQ3CSgEtlKjY7ZQi0WKzmJmcyp7AKMzulBjQ
Kw0qfGBbqOucB2Inuiv/QUfFHgkoMJELXJZ3GpyRtul6KvOkq6XkO/bcekiNtvPK
1E/LL5443EFYiovQRSUVtUz2PWqS0opUzwy8pLRCSIdeSSSnoS7O/m2Quw44let7
bYJcxCtkuHjTT2QckrILuHE2VEtL9Xqj8QDbwd8+wGOCGirFkG1iDbjnSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNypPd71PrAJh4oQIstnd95dcsKqMB8GA1UdIwQY
MBaAFEwYpE1UpHpeqX3t/V7YN51+6gLQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEJpa1RWU2tlbDZwZmUzOVh0ZzNuWDdxQXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9hYmU2YzAtZTc5ZC00Y2RkLTkyYWQt
ZjIxMzYzMDcxNTkxLzEvM0trOTN2VS1zQW1IaWhBaXkyZDMzbDF5d3FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9hYmU2YzAtZTc5ZC00Y2RkLTkyYWQtZjIxMzYzMDcxNTkx
LzEvVEJpa1RWU2tlbDZwZmUzOVh0ZzNuWDdxQXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuW+gMA0G
CSqGSIb3DQEBCwUAA4IBAQDfMHidhIeiJ6g60ZN0Ovj5x+LLyyWNALaUzai2Mrqm
8BjotNoVjWD0UFUXzophUhktBco5VESWQfjvqxpaERb5lcnas03r72qiPWYOOWl9
JI2R8iB0ncQTkLrWfHlv6UU+ViFXhrVFSO3bgVTNcQ/De8oKvGqjaxvEycsZ0+3B
TR1UqqQ3i3jorTbycXkwcOL5SPZEPhxidkN+cB6yVcW6p/uQEFtM9wua1glIBzRJ
lYDNeaHxQ8LdnEthkYuCGNl6muyCjqpTcOc/DPJGkibC96Ld21V4oxT6lwgBcC4m
r8T8DkYPgi6AzekYS8rLgt+fYfgnBqQqFKwV7z6xPEDQ
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:33 2024 by rpki-client on console-ams.rpki-client.org