Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/bc51cb-de0c-4881-b0b1-1aa277df3769/1/hXDB6bHJSLst-Zkflbjt7gm36f4.roa
File: hXDB6bHJSLst-Zkflbjt7gm36f4.roa (raw, json)
Hash identifier: JR1iut+vEGCAhBZT2xKD1x7nDJl0fQkQCknaFJhliQs=
Subject key identifier: 85:70:C1:E9:B1:C9:48:BB:2D:F9:99:1F:95:B8:ED:EE:09:B7:E9:FE
Certificate issuer: /CN=3e2bbf346ebd4aa0b76e10c58321ad33d72d519f
Certificate serial: 01856F3940190FEF6A91EB0A6A683A7EF282
Authority key identifier: 3E:2B:BF:34:6E:BD:4A:A0:B7:6E:10:C5:83:21:AD:33:D7:2D:51:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Piu_NG69SqC3bhDFgyGtM9ctUZ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/bc51cb-de0c-4881-b0b1-1aa277df3769/1/hXDB6bHJSLst-Zkflbjt7gm36f4.roa
Signing time: Sun 01 Jan 2023 21:25:00 +0000
ROA not before: Sun 01 Jan 2023 21:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212257
IP address blocks: 185.160.96.0/22 maxlen: 22
185.160.97.0/24 maxlen: 24
185.160.98.0/24 maxlen: 24
185.160.96.0/24 maxlen: 24
185.160.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:40:19:0f:ef:6a:91:eb:0a:6a:68:3a:7e:f2:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e2bbf346ebd4aa0b76e10c58321ad33d72d519f
Validity
Not Before: Jan 1 21:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8570c1e9b1c948bb2df9991f95b8edee09b7e9fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:26:6a:b3:0c:f6:d0:e8:bf:fe:29:85:6f:3e:
4a:3e:5c:d9:17:08:1b:08:24:75:4b:03:d8:4e:d2:
6d:4c:25:06:55:43:44:f0:62:c4:03:70:ed:4c:13:
8d:63:e3:9c:54:8b:86:26:74:e0:59:ea:14:01:b0:
62:85:cf:00:55:b0:c3:ff:fa:05:f6:60:34:81:cf:
ab:32:da:21:41:5f:f0:cd:e0:75:ce:11:7a:af:c3:
f8:02:55:95:99:e4:e8:22:e2:5d:1a:9e:16:b8:18:
6f:14:b4:86:86:00:2d:09:c3:ca:bf:fb:a8:44:60:
14:db:40:77:fa:bc:9f:41:1a:c0:f4:19:3f:4b:d6:
70:c0:37:bc:39:b2:11:18:0d:ce:43:59:9d:bf:fb:
d2:ee:5d:a5:9b:a7:bd:1b:df:c5:18:81:87:dd:40:
26:99:5d:02:cd:19:95:00:43:96:18:2a:a9:a8:41:
e8:49:7f:1c:77:f1:4c:16:df:92:59:df:3f:a7:a6:
01:d8:eb:e6:60:23:27:c7:87:e5:6d:b4:cb:a3:dd:
5b:9a:02:a6:b7:35:91:90:94:ca:b8:85:ac:98:90:
92:01:4b:55:42:40:b3:78:ad:bf:6f:79:18:af:df:
5f:e1:54:a7:45:f6:32:c2:fd:42:9f:af:d2:19:01:
e8:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:70:C1:E9:B1:C9:48:BB:2D:F9:99:1F:95:B8:ED:EE:09:B7:E9:FE
X509v3 Authority Key Identifier:
keyid:3E:2B:BF:34:6E:BD:4A:A0:B7:6E:10:C5:83:21:AD:33:D7:2D:51:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Piu_NG69SqC3bhDFgyGtM9ctUZ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bc51cb-de0c-4881-b0b1-1aa277df3769/1/hXDB6bHJSLst-Zkflbjt7gm36f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bc51cb-de0c-4881-b0b1-1aa277df3769/1/Piu_NG69SqC3bhDFgyGtM9ctUZ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.96.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:3e:e0:b7:8d:6e:95:dd:35:84:9f:70:32:ec:f5:0d:fd:5d:
35:b8:d2:a6:4c:6d:bf:bb:47:3b:45:2c:97:6e:27:71:81:c7:
09:af:5e:10:cf:21:f1:16:61:1e:82:9c:8c:94:82:65:06:ef:
14:7e:85:68:49:de:bb:f4:9e:93:b1:79:59:b7:b5:97:8b:06:
9b:92:74:b5:45:c8:59:38:5a:34:b1:6b:64:32:2a:02:8d:ff:
e3:6b:5f:b3:42:2f:17:93:91:12:f5:8a:70:f1:8a:82:a3:71:
43:52:02:14:2d:ca:c6:9f:49:98:02:ba:b5:80:19:73:75:40:
30:00:ce:86:f6:4c:b7:94:63:64:c8:e6:a3:00:40:f2:c9:58:
15:95:1f:2b:0a:7d:30:8c:bd:04:01:a3:5a:65:12:52:d1:3c:
90:54:d4:b3:58:6b:02:b9:94:d3:8a:dd:90:fa:21:49:76:22:
de:7d:b0:c4:1a:94:73:01:d6:ca:72:81:97:a5:27:5d:36:13:
4d:7d:2f:0b:d0:93:97:34:22:f5:85:a1:c6:66:6d:3d:92:77:
fe:2b:d6:c8:74:b2:b5:9e:a0:b8:71:eb:c6:7b:8d:c4:8c:47:
63:e8:5f:d5:2c:8d:53:77:b1:02:35:c7:37:6b:e2:5f:b6:a8:
98:74:e8:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvOUAZD+9qkesKamg6fvKCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMmJiZjM0NmViZDRhYTBiNzZlMTBjNTgzMjFhZDMzZDcy
ZDUxOWYwHhcNMjMwMTAxMjEyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTcwYzFlOWIxYzk0OGJiMmRmOTk5MWY5NWI4ZWRlZTA5YjdlOWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSZqswz20Oi//imFbz5KPlzZFwgb
CCR1SwPYTtJtTCUGVUNE8GLEA3DtTBONY+OcVIuGJnTgWeoUAbBihc8AVbDD//oF
9mA0gc+rMtohQV/wzeB1zhF6r8P4AlWVmeToIuJdGp4WuBhvFLSGhgAtCcPKv/uo
RGAU20B3+ryfQRrA9Bk/S9ZwwDe8ObIRGA3OQ1mdv/vS7l2lm6e9G9/FGIGH3UAm
mV0CzRmVAEOWGCqpqEHoSX8cd/FMFt+SWd8/p6YB2OvmYCMnx4flbbTLo91bmgKm
tzWRkJTKuIWsmJCSAUtVQkCzeK2/b3kYr99f4VSnRfYywv1Cn6/SGQHoDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIVwwemxyUi7LfmZH5W47e4Jt+n+MB8GA1UdIwQY
MBaAFD4rvzRuvUqgt24QxYMhrTPXLVGfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGl1X05HNjlTcUMzYmhERmd5R3RNOWN0VVo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iYzUxY2ItZGUwYy00ODgxLWIwYjEt
MWFhMjc3ZGYzNzY5LzEvaFhEQjZiSEpTTHN0LVprZmxianQ3Z20zNmY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9iYzUxY2ItZGUwYy00ODgxLWIwYjEtMWFhMjc3ZGYzNzY5
LzEvUGl1X05HNjlTcUMzYmhERmd5R3RNOWN0VVo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaBgMA0G
CSqGSIb3DQEBCwUAA4IBAQBbPuC3jW6V3TWEn3Ay7PUN/V01uNKmTG2/u0c7RSyX
bidxgccJr14QzyHxFmEegpyMlIJlBu8UfoVoSd679J6TsXlZt7WXiwabknS1RchZ
OFo0sWtkMioCjf/ja1+zQi8Xk5ES9Ypw8YqCo3FDUgIULcrGn0mYArq1gBlzdUAw
AM6G9ky3lGNkyOajAEDyyVgVlR8rCn0wjL0EAaNaZRJS0TyQVNSzWGsCuZTTit2Q
+iFJdiLefbDEGpRzAdbKcoGXpSddNhNNfS8L0JOXNCL1haHGZm09knf+K9bIdLK1
nqC4cevGe43EjEdj6F/VLI1Td7ECNcc3a+JftqiYdOi/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:08 2024 by rpki-client on console-ams.rpki-client.org