Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/bc51cb-de0c-4881-b0b1-1aa277df3769/1/1-SDkD41fg1WCyNEbGfEQ191udrM.roa
File: 1-SDkD41fg1WCyNEbGfEQ191udrM.roa (raw, json)
Hash identifier: zAj7M10JzZ8decxJKmtcSF6wzOj9TEqu8qQNUCyPw9Y=
Subject key identifier: F9:20:E4:0F:8D:5F:83:55:82:C8:D1:1B:19:F1:10:D7:DD:6E:76:B3
Certificate issuer: /CN=3e2bbf346ebd4aa0b76e10c58321ad33d72d519f
Certificate serial: 01856F393EDA7018AD79636CAA68F5075109
Authority key identifier: 3E:2B:BF:34:6E:BD:4A:A0:B7:6E:10:C5:83:21:AD:33:D7:2D:51:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Piu_NG69SqC3bhDFgyGtM9ctUZ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/bc51cb-de0c-4881-b0b1-1aa277df3769/1/1-SDkD41fg1WCyNEbGfEQ191udrM.roa
Signing time: Sun 01 Jan 2023 21:25:00 +0000
ROA not before: Sun 01 Jan 2023 21:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13237
IP address blocks: 185.160.96.0/24 maxlen: 24
185.160.98.0/24 maxlen: 24
185.160.97.0/24 maxlen: 24
185.160.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:3e:da:70:18:ad:79:63:6c:aa:68:f5:07:51:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e2bbf346ebd4aa0b76e10c58321ad33d72d519f
Validity
Not Before: Jan 1 21:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f920e40f8d5f835582c8d11b19f110d7dd6e76b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e2:80:41:16:f9:23:36:bc:7a:fb:79:02:80:
20:4a:28:29:58:f6:b6:1f:6b:ed:4e:5b:70:ab:5e:
be:d7:68:33:af:32:44:1c:a1:42:d8:1a:04:b6:29:
89:b3:cb:eb:f2:1f:4e:6d:5d:39:ca:7b:b6:1d:bd:
06:ff:fb:11:98:74:0b:e8:4b:a3:1e:3b:f3:d2:a0:
43:ed:f7:80:4c:6d:d6:ad:c5:77:6a:d7:36:5c:e1:
89:08:da:4f:9d:d1:c2:0c:fd:1b:42:d3:e9:2c:c6:
fd:85:d2:d0:f3:3e:94:68:bc:d5:71:ef:91:d2:5a:
c5:9f:3d:00:90:3a:a3:45:c1:b0:1f:08:75:67:8b:
86:5d:2b:6b:32:28:a9:c5:db:56:18:b9:ae:08:9e:
1d:3d:2d:32:b5:c5:c6:9d:b3:1d:d2:17:91:43:f1:
ee:1a:3a:d1:21:bb:ab:d2:7a:fd:3f:f7:78:d2:03:
0b:01:6a:0a:9f:17:14:6c:df:3e:fa:79:1d:ab:c0:
a7:d8:b1:cb:97:9d:da:fc:7b:b1:da:c2:af:2d:3d:
41:4d:f1:a9:e9:bb:d3:fd:35:e3:84:e8:ed:b3:04:
57:2f:6a:b4:4c:fe:b3:94:ea:ae:81:44:61:a7:a1:
4e:c2:69:ec:28:8e:ad:db:23:82:ba:83:b7:a6:dc:
28:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:20:E4:0F:8D:5F:83:55:82:C8:D1:1B:19:F1:10:D7:DD:6E:76:B3
X509v3 Authority Key Identifier:
keyid:3E:2B:BF:34:6E:BD:4A:A0:B7:6E:10:C5:83:21:AD:33:D7:2D:51:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Piu_NG69SqC3bhDFgyGtM9ctUZ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bc51cb-de0c-4881-b0b1-1aa277df3769/1/1-SDkD41fg1WCyNEbGfEQ191udrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bc51cb-de0c-4881-b0b1-1aa277df3769/1/Piu_NG69SqC3bhDFgyGtM9ctUZ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.96.0/22
Signature Algorithm: sha256WithRSAEncryption
56:24:33:97:86:b4:01:3c:c5:59:75:f5:7c:d6:0a:93:a2:6d:
8a:4c:4a:96:b8:62:3a:f9:b7:46:ca:1c:ab:98:b4:21:ad:72:
18:24:e3:76:f5:0f:4a:ad:c9:ee:26:72:25:98:a9:b0:d8:25:
62:8c:dc:36:50:7e:bd:d2:3d:9a:d4:92:8f:20:82:3c:64:d8:
52:da:c6:65:a2:9f:fe:fe:5c:75:4e:04:bf:3e:3f:c1:e5:9a:
74:c2:85:ca:f5:35:4d:84:a4:a9:1a:7b:7b:64:d9:f1:68:28:
b6:a7:f2:b9:ce:66:17:3b:2b:e7:f1:91:0f:b6:76:75:82:f1:
ca:c8:f8:c9:84:84:2e:33:34:18:4e:71:42:96:61:cf:f9:b7:
98:ec:f8:51:86:26:19:76:1f:19:5c:f5:24:ca:ad:0b:34:d3:
63:ff:28:5b:7c:4f:43:76:d4:9a:72:1f:ab:c7:6f:2d:90:71:
b5:83:f7:df:d3:13:ce:d9:dc:ce:77:c4:45:39:80:0f:dc:41:
0f:b4:10:0e:b3:71:3d:42:6a:0c:6c:ba:e3:d5:4e:4a:86:da:
05:98:f3:c9:e7:f9:21:19:ad:d0:1a:6d:12:6e:f8:e5:50:06:
db:3c:40:c3:24:0b:d0:b6:0a:6c:a1:91:df:ea:e0:7a:af:8e:
f7:09:c3:b2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvOT7acBiteWNsqmj1B1EJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMmJiZjM0NmViZDRhYTBiNzZlMTBjNTgzMjFhZDMzZDcy
ZDUxOWYwHhcNMjMwMTAxMjEyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTIwZTQwZjhkNWY4MzU1ODJjOGQxMWIxOWYxMTBkN2RkNmU3NmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluKAQRb5Iza8evt5AoAgSigpWPa2
H2vtTltwq16+12gzrzJEHKFC2BoEtimJs8vr8h9ObV05ynu2Hb0G//sRmHQL6Euj
Hjvz0qBD7feATG3WrcV3atc2XOGJCNpPndHCDP0bQtPpLMb9hdLQ8z6UaLzVce+R
0lrFnz0AkDqjRcGwHwh1Z4uGXStrMiipxdtWGLmuCJ4dPS0ytcXGnbMd0heRQ/Hu
GjrRIbur0nr9P/d40gMLAWoKnxcUbN8++nkdq8Cn2LHLl53a/Hux2sKvLT1BTfGp
6bvT/TXjhOjtswRXL2q0TP6zlOqugURhp6FOwmnsKI6t2yOCuoO3ptwoawIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPkg5A+NX4NVgsjRGxnxENfdbnazMB8GA1UdIwQY
MBaAFD4rvzRuvUqgt24QxYMhrTPXLVGfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGl1X05HNjlTcUMzYmhERmd5R3RNOWN0VVo4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iYzUxY2ItZGUwYy00ODgxLWIwYjEt
MWFhMjc3ZGYzNzY5LzEvMS1TRGtENDFmZzFXQ3lORWJHZkVRMTkxdWRyTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWMvYmM1MWNiLWRlMGMtNDg4MS1iMGIxLTFhYTI3N2RmMzc2
OS8xL1BpdV9ORzY5U3FDM2JoREZneUd0TTljdFVaOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmgYDAN
BgkqhkiG9w0BAQsFAAOCAQEAViQzl4a0ATzFWXX1fNYKk6JtikxKlrhiOvm3Rsoc
q5i0Ia1yGCTjdvUPSq3J7iZyJZipsNglYozcNlB+vdI9mtSSjyCCPGTYUtrGZaKf
/v5cdU4Evz4/weWadMKFyvU1TYSkqRp7e2TZ8Wgotqfyuc5mFzsr5/GRD7Z2dYLx
ysj4yYSELjM0GE5xQpZhz/m3mOz4UYYmGXYfGVz1JMqtCzTTY/8oW3xPQ3bUmnIf
q8dvLZBxtYP339MTztncznfERTmAD9xBD7QQDrNxPUJqDGy649VOSobaBZjzyef5
IRmt0BptEm745VAG2zxAwyQL0LYKbKGR3+rgeq+O9wnDsg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:52 2024 by rpki-client on console-fra.rpki-client.org