Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/d4x0PAmtrctq8XlWtctiMiMFrcQ.roa
File: d4x0PAmtrctq8XlWtctiMiMFrcQ.roa (raw, json)
Hash identifier: lrCdZg96DuECZkA3Hgp7ljV/PVZlECOmkv67BArKOB0=
Subject key identifier: 77:8C:74:3C:09:AD:AD:CB:6A:F1:79:56:B5:CB:62:32:23:05:AD:C4
Certificate issuer: /CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Certificate serial: 018E66A752110EF10E3633BBA29001C5A714
Authority key identifier: 9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/d4x0PAmtrctq8XlWtctiMiMFrcQ.roa
Signing time: Fri 22 Mar 2024 14:53:45 +0000
ROA not before: Fri 22 Mar 2024 14:53:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61002
IP address blocks: 185.170.11.0/24 maxlen: 24
188.211.166.0/24 maxlen: 24
193.3.55.0/24 maxlen: 24
193.56.144.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Apr 2024 06:14:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:66:a7:52:11:0e:f1:0e:36:33:bb:a2:90:01:c5:a7:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Validity
Not Before: Mar 22 14:53:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=778c743c09adadcb6af17956b5cb62322305adc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9a:b8:25:d4:e4:85:01:1b:97:43:45:78:4c:
59:3b:0d:87:3b:0f:58:e9:56:fc:fb:21:6f:cd:d4:
97:c4:40:c3:bd:25:64:00:82:d3:6a:7c:24:40:3c:
96:bb:3e:cd:e7:87:cc:e3:4a:26:4f:6a:b4:14:fd:
45:6b:30:b3:26:95:99:c5:a4:bf:db:0f:02:35:04:
fe:b9:cd:fc:89:c9:4a:31:a1:d9:66:45:9c:94:a4:
e8:4b:69:cc:5d:fb:9f:e4:4b:e4:f2:3e:d6:f2:00:
6a:32:51:a4:2d:ec:40:18:33:8b:54:d8:44:65:37:
38:f7:27:4e:72:f3:73:7f:68:b9:01:02:99:06:78:
a4:cc:50:16:38:03:26:dc:43:22:6f:8f:d6:b0:dc:
5e:3e:36:4a:51:db:fa:e5:b8:9f:41:18:f0:a2:53:
79:a4:21:b3:db:ec:7d:95:2f:0e:d4:d9:ba:05:eb:
31:6f:ba:72:80:db:ba:90:63:dd:db:79:57:ff:30:
f9:19:f0:1a:3e:02:72:5e:ed:1b:53:38:32:7f:74:
9f:24:96:4f:e8:85:50:7d:2a:a9:b7:06:cb:ee:fb:
e0:fb:d7:b2:77:0d:4c:9d:e4:bd:82:b1:d3:da:34:
30:e0:fa:61:e2:46:ba:52:90:6d:0f:ab:5f:25:b4:
da:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:8C:74:3C:09:AD:AD:CB:6A:F1:79:56:B5:CB:62:32:23:05:AD:C4
X509v3 Authority Key Identifier:
keyid:9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/d4x0PAmtrctq8XlWtctiMiMFrcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.11.0/24
188.211.166.0/24
193.3.55.0/24
193.56.144.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:81:4c:0e:9d:24:c4:87:2c:19:9e:3a:de:40:24:93:5d:77:
bd:02:3b:0e:ab:f4:9a:8c:64:0d:58:51:53:3c:7d:70:1b:82:
06:81:1b:c2:f8:98:e0:7e:34:b9:a0:3c:53:e2:32:48:ea:c8:
16:61:72:72:98:7d:00:53:d8:a7:db:24:8f:34:54:46:f3:01:
8b:7f:5e:e1:83:94:71:3f:b0:60:48:f1:fb:5d:69:7d:75:a6:
f1:6f:b3:ed:97:91:54:53:d2:79:dd:53:f6:96:bb:dd:a6:f2:
e9:bf:e7:fb:2b:0a:39:00:99:12:26:fe:22:59:60:ba:ec:58:
d0:19:ee:e3:24:91:76:6b:84:80:bc:96:83:20:c8:9c:7e:6c:
59:aa:d7:3f:ea:7c:37:77:47:b0:b2:73:f4:4c:ef:ae:bf:07:
f0:76:b8:44:a3:95:65:de:11:04:f8:9c:74:ee:14:97:d8:67:
98:2e:8b:95:78:f0:8e:06:e4:89:34:3f:9f:6c:de:95:a3:99:
fc:de:78:4b:74:41:07:14:c7:0c:e8:69:6c:aa:2a:14:d9:82:
d7:bf:36:38:55:84:77:64:d1:ce:ad:21:7b:78:2b:f2:10:10:
92:2c:0d:cd:7b:41:2f:f5:bb:c0:f2:73:32:44:c6:5d:81:3d:
be:69:46:9b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY5mp1IRDvEONjO7opABxacUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTQyZjVkZjNjMWFjYjg1N2ZkNTBlZWIwMTZlZWQwNzM4
NWZmOGMwHhcNMjQwMzIyMTQ1MzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzhjNzQzYzA5YWRhZGNiNmFmMTc5NTZiNWNiNjIzMjIzMDVhZGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZq4JdTkhQEbl0NFeExZOw2HOw9Y
6Vb8+yFvzdSXxEDDvSVkAILTanwkQDyWuz7N54fM40omT2q0FP1FazCzJpWZxaS/
2w8CNQT+uc38iclKMaHZZkWclKToS2nMXfuf5Evk8j7W8gBqMlGkLexAGDOLVNhE
ZTc49ydOcvNzf2i5AQKZBnikzFAWOAMm3EMib4/WsNxePjZKUdv65bifQRjwolN5
pCGz2+x9lS8O1Nm6Besxb7pygNu6kGPd23lX/zD5GfAaPgJyXu0bUzgyf3SfJJZP
6IVQfSqptwbL7vvg+9eydw1MneS9grHT2jQw4Pph4ka6UpBtD6tfJbTa6QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHeMdDwJra3LavF5VrXLYjIjBa3EMB8GA1UdIwQY
MBaAFJxUL13zway4V/1Q7rAW7tBzhf+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUt
MjVkYmY0MzgwNGM1LzEvZDR4MFBBbXRyY3RxOFhsV3RjdGlNaU1GcmNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUtMjVkYmY0MzgwNGM1
LzEvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuaoLAwQA
vNOmAwQAwQM3AwQAwTiQMA0GCSqGSIb3DQEBCwUAA4IBAQAegUwOnSTEhywZnjre
QCSTXXe9AjsOq/SajGQNWFFTPH1wG4IGgRvC+JjgfjS5oDxT4jJI6sgWYXJymH0A
U9in2ySPNFRG8wGLf17hg5RxP7BgSPH7XWl9dabxb7Ptl5FUU9J53VP2lrvdpvLp
v+f7Kwo5AJkSJv4iWWC67FjQGe7jJJF2a4SAvJaDIMicfmxZqtc/6nw3d0ewsnP0
TO+uvwfwdrhEo5Vl3hEE+Jx07hSX2GeYLouVePCOBuSJND+fbN6Vo5n83nhLdEEH
FMcM6GlsqioU2YLXvzY4VYR3ZNHOrSF7eCvyEBCSLA3Ne0Ev9bvA8nMyRMZdgT2+
aUab
-----END CERTIFICATE-----
Generated at Fri Apr 12 09:39:05 2024 by rpki-client on console-ams.rpki-client.org