Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/kJ4w9nUGfb7odENRwDEhPUe5TkA.roa
File: kJ4w9nUGfb7odENRwDEhPUe5TkA.roa (raw, json)
Hash identifier: KxVA93fHRVwBhkIA2r6MMuJKQgPFxBJZ+6HnMriepnE=
Subject key identifier: 90:9E:30:F6:75:06:7D:BE:E8:74:43:51:C0:31:21:3D:47:B9:4E:40
Certificate issuer: /CN=168600dfac9d3d1a75e6630d697102f2f2132c48
Certificate serial: 0186702FF7F853473B7C269A721C9AE99B9C
Authority key identifier: 16:86:00:DF:AC:9D:3D:1A:75:E6:63:0D:69:71:02:F2:F2:13:2C:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FoYA36ydPRp15mMNaXEC8vITLEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/kJ4w9nUGfb7odENRwDEhPUe5TkA.roa
Signing time: Mon 20 Feb 2023 18:57:17 +0000
ROA not before: Mon 20 Feb 2023 18:57:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203248
IP address blocks: 185.165.46.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:70:2f:f7:f8:53:47:3b:7c:26:9a:72:1c:9a:e9:9b:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=168600dfac9d3d1a75e6630d697102f2f2132c48
Validity
Not Before: Feb 20 18:57:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=909e30f675067dbee8744351c031213d47b94e40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b7:9a:82:6c:6e:dc:87:65:a8:92:dd:54:44:
f7:d3:da:87:98:44:c0:3c:67:c2:dd:09:89:d8:a1:
f2:e2:de:27:1a:81:c2:c0:e0:14:55:e7:b8:d3:b6:
a5:e2:9d:18:4c:e5:06:c7:87:46:19:ce:59:6c:51:
a2:b6:53:ac:4a:92:c5:05:5f:4a:0a:a1:73:3f:bf:
99:13:ad:40:cb:d5:7d:9e:0e:09:4b:44:33:cc:28:
2e:52:85:f5:9c:ba:0b:03:dd:37:24:86:1e:f8:d5:
cc:67:e0:f4:e4:a2:96:ce:22:5a:a5:82:62:71:09:
7b:f3:52:22:bb:58:8a:3c:47:ed:32:e4:33:9d:0f:
c1:0c:7d:5b:30:06:c7:e9:54:37:ad:3d:7a:09:94:
f9:a3:2e:6c:c4:36:1a:5d:f1:03:b9:ec:1f:52:95:
89:fc:e3:d7:e0:a0:f5:78:2b:c5:a0:b4:2e:3c:ad:
c4:0d:1b:fc:64:35:03:39:67:4b:83:bc:5a:c0:47:
8f:a6:20:33:15:d0:06:a3:5f:4c:40:36:50:98:5b:
0c:b5:7a:8b:0e:22:b5:7e:37:03:6c:68:fd:ef:c2:
02:cd:34:1e:16:fb:3e:5f:f7:f1:6c:f2:7a:b3:5f:
43:fe:a5:2f:f2:d1:59:e7:24:b4:97:2f:64:8a:f1:
95:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:9E:30:F6:75:06:7D:BE:E8:74:43:51:C0:31:21:3D:47:B9:4E:40
X509v3 Authority Key Identifier:
keyid:16:86:00:DF:AC:9D:3D:1A:75:E6:63:0D:69:71:02:F2:F2:13:2C:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FoYA36ydPRp15mMNaXEC8vITLEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/kJ4w9nUGfb7odENRwDEhPUe5TkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/FoYA36ydPRp15mMNaXEC8vITLEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.46.0/24
Signature Algorithm: sha256WithRSAEncryption
27:d9:58:80:25:dd:39:ef:47:8f:03:d1:5f:08:f9:43:ca:20:
94:92:cd:ee:d5:2e:30:19:c9:48:bb:32:16:ce:57:6d:67:5f:
69:a0:0b:5c:a3:ed:8e:e8:c1:fa:29:fa:19:fc:28:b4:b7:79:
e7:e9:a4:8e:05:ec:ad:6d:86:dd:f3:f6:42:9d:e4:8c:20:e3:
1e:42:b9:92:55:ec:04:bc:ca:fb:1b:c8:01:65:74:ab:6e:aa:
fd:c5:d4:51:82:ab:26:9d:8c:a4:7b:8e:78:27:f5:f7:37:33:
7b:e1:59:09:67:eb:ad:db:a2:d0:f4:ad:c3:e1:2f:d7:74:a7:
b6:bc:3a:3c:a7:4c:36:39:6d:ec:37:b1:43:d7:aa:bc:27:ef:
c2:c4:4e:5b:c7:11:05:b6:17:5b:51:85:24:dc:30:50:79:ee:
39:98:47:84:5c:d9:e4:d0:13:93:8d:ba:40:19:b7:c7:94:96:
17:ea:c8:b6:2d:b0:7a:17:0a:b1:e2:ae:e9:1a:b5:64:b5:ad:
1d:ac:24:69:4a:f5:b5:aa:d3:df:f1:02:03:9e:ce:79:b0:01:
2c:a3:17:76:00:d8:16:ec:83:23:b4:d0:81:01:0d:73:5b:f8:
cd:f0:4d:9d:8a:93:15:57:09:55:fd:d3:50:ef:fe:82:55:d6:
18:17:28:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZwL/f4U0c7fCaachya6ZucMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ODYwMGRmYWM5ZDNkMWE3NWU2NjMwZDY5NzEwMmYyZjIx
MzJjNDgwHhcNMjMwMjIwMTg1NzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDllMzBmNjc1MDY3ZGJlZTg3NDQzNTFjMDMxMjEzZDQ3Yjk0ZTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Leagmxu3IdlqJLdVET309qHmETA
PGfC3QmJ2KHy4t4nGoHCwOAUVee407al4p0YTOUGx4dGGc5ZbFGitlOsSpLFBV9K
CqFzP7+ZE61Ay9V9ng4JS0QzzCguUoX1nLoLA903JIYe+NXMZ+D05KKWziJapYJi
cQl781Iiu1iKPEftMuQznQ/BDH1bMAbH6VQ3rT16CZT5oy5sxDYaXfEDuewfUpWJ
/OPX4KD1eCvFoLQuPK3EDRv8ZDUDOWdLg7xawEePpiAzFdAGo19MQDZQmFsMtXqL
DiK1fjcDbGj978ICzTQeFvs+X/fxbPJ6s19D/qUv8tFZ5yS0ly9kivGVSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJCeMPZ1Bn2+6HRDUcAxIT1HuU5AMB8GA1UdIwQY
MBaAFBaGAN+snT0adeZjDWlxAvLyEyxIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm9ZQTM2eWRQUnAxNW1NTmFYRUM4dklUTEVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9hZjM1YzMtN2Y4MS00ODI5LThkYmEt
MThkYmU2NTA0YmI0LzEva0o0dzluVUdmYjdvZEVOUndERWhQVWU1VGtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9hZjM1YzMtN2Y4MS00ODI5LThkYmEtMThkYmU2NTA0YmI0
LzEvRm9ZQTM2eWRQUnAxNW1NTmFYRUM4dklUTEVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaUuMA0G
CSqGSIb3DQEBCwUAA4IBAQAn2ViAJd0570ePA9FfCPlDyiCUks3u1S4wGclIuzIW
zldtZ19poAtco+2O6MH6KfoZ/Ci0t3nn6aSOBeytbYbd8/ZCneSMIOMeQrmSVewE
vMr7G8gBZXSrbqr9xdRRgqsmnYyke454J/X3NzN74VkJZ+ut26LQ9K3D4S/XdKe2
vDo8p0w2OW3sN7FD16q8J+/CxE5bxxEFthdbUYUk3DBQee45mEeEXNnk0BOTjbpA
GbfHlJYX6si2LbB6Fwqx4q7pGrVkta0drCRpSvW1qtPf8QIDns55sAEsoxd2ANgW
7IMjtNCBAQ1zW/jN8E2dipMVVwlV/dNQ7/6CVdYYFyjZ
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:33 2024 by rpki-client on console-fra.rpki-client.org