Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/054d47-a112-48c6-b4aa-fb1942b5aff4/1/_1kQle_8hLLfknB_wgmJStFh3iM.roa
File: _1kQle_8hLLfknB_wgmJStFh3iM.roa (raw, json)
Hash identifier: 3SH9v1Q0OFY0+CR6mMEF+ZyilH6aptYoaGgi+n+qD4k=
Subject key identifier: FF:59:10:95:EF:FC:84:B2:DF:92:70:7F:C2:09:89:4A:D1:61:DE:23
Certificate issuer: /CN=032b8c544e0debcfd6d7554d1595f044c2050783
Certificate serial: 018571F11E407F07E179E8F7A280F5413321
Authority key identifier: 03:2B:8C:54:4E:0D:EB:CF:D6:D7:55:4D:15:95:F0:44:C2:05:07:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AyuMVE4N68_W11VNFZXwRMIFB4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/054d47-a112-48c6-b4aa-fb1942b5aff4/1/_1kQle_8hLLfknB_wgmJStFh3iM.roa
Signing time: Mon 02 Jan 2023 10:05:05 +0000
ROA not before: Mon 02 Jan 2023 10:05:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201629
IP address blocks: 185.68.13.0/24 maxlen: 24
185.68.15.0/24 maxlen: 24
185.68.12.0/24 maxlen: 24
185.68.14.0/24 maxlen: 24
185.68.12.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f1:1e:40:7f:07:e1:79:e8:f7:a2:80:f5:41:33:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=032b8c544e0debcfd6d7554d1595f044c2050783
Validity
Not Before: Jan 2 10:05:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff591095effc84b2df92707fc209894ad161de23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7d:f4:a1:3e:8c:f3:87:e2:bf:10:e5:12:38:
0c:f7:6b:fa:24:26:14:e8:6f:7b:c5:59:39:18:5b:
b1:0a:da:df:e7:6c:5a:2c:cb:67:20:f4:06:93:99:
14:41:e4:91:f2:86:d0:11:2c:ad:fe:34:10:a7:5d:
75:57:b8:e3:a2:a2:71:21:85:e6:21:0d:96:1d:0c:
e6:66:89:28:73:b9:d4:03:22:b8:77:7e:f5:eb:e4:
22:6e:64:8a:f3:97:a2:b4:57:1b:71:7e:07:9b:cb:
7b:7e:1a:b2:b0:6b:c7:83:67:24:86:c7:ed:c3:7f:
2e:b8:f7:80:81:13:8d:5d:64:61:3e:18:e3:bf:cd:
60:84:82:60:9a:97:18:f9:65:a3:2e:41:a3:13:fb:
07:e9:91:b4:72:30:08:0f:cd:29:24:65:b7:0e:ee:
0e:8e:d0:0b:37:be:1a:bd:91:19:a6:81:f8:4d:61:
23:08:fb:38:c3:b6:64:23:2b:d7:a2:6b:27:09:9a:
20:93:21:4d:f9:57:5b:c7:e9:2f:47:bb:82:81:83:
71:c5:86:e6:a3:76:dd:a8:a7:23:c3:8c:05:23:35:
dd:9c:62:77:be:17:e9:66:3f:d2:8b:be:dc:a3:7d:
bf:ef:bb:25:dd:5c:b3:4a:03:fc:80:ba:fa:ff:8f:
72:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:59:10:95:EF:FC:84:B2:DF:92:70:7F:C2:09:89:4A:D1:61:DE:23
X509v3 Authority Key Identifier:
keyid:03:2B:8C:54:4E:0D:EB:CF:D6:D7:55:4D:15:95:F0:44:C2:05:07:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AyuMVE4N68_W11VNFZXwRMIFB4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/054d47-a112-48c6-b4aa-fb1942b5aff4/1/_1kQle_8hLLfknB_wgmJStFh3iM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/054d47-a112-48c6-b4aa-fb1942b5aff4/1/AyuMVE4N68_W11VNFZXwRMIFB4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.12.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:1d:a9:7c:ca:5c:81:7a:70:d8:70:a8:90:7e:07:db:81:ef:
14:2a:5d:28:0e:b4:a9:88:7b:36:f4:88:3e:27:2d:0e:6e:05:
5a:01:85:49:1d:7e:1c:ef:b8:f7:c4:8b:2d:0b:25:d8:bd:7d:
ce:d1:cd:94:45:c3:47:40:06:52:e0:9e:29:cd:df:ad:18:d8:
e4:11:6d:b9:1e:3a:6b:cd:41:48:e3:c6:43:c4:e8:b6:10:e1:
ba:cd:f3:8c:e5:5d:5a:e0:e5:95:e3:23:d1:0f:25:3e:bf:7e:
a3:5d:32:e0:39:03:58:60:40:93:58:e6:76:1b:8e:25:82:31:
f3:1e:af:79:61:8d:4b:d9:8c:2d:50:29:3f:b6:3d:8f:7a:3e:
d8:1f:dd:8b:76:b9:de:58:2e:bd:4f:e4:f5:73:63:71:cf:42:
f3:4c:30:d2:14:bb:de:c3:5b:40:f8:fd:c7:43:25:40:50:8a:
c8:cf:ac:a6:47:9d:c0:b5:5c:68:31:37:55:de:7c:7e:9d:8a:
bf:ed:0e:a0:72:f6:71:96:7d:e3:a4:cd:aa:c3:16:4c:1b:06:
cb:0b:9f:e0:e3:0f:7b:bc:a6:fa:ed:59:42:e4:68:a7:79:f5:
ab:51:7a:f6:97:25:1f:63:40:0c:e2:e0:e4:72:79:17:a4:c3:
37:5b:5e:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx8R5Afwfheej3ooD1QTMhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMmI4YzU0NGUwZGViY2ZkNmQ3NTU0ZDE1OTVmMDQ0YzIw
NTA3ODMwHhcNMjMwMTAyMTAwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjU5MTA5NWVmZmM4NGIyZGY5MjcwN2ZjMjA5ODk0YWQxNjFkZTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtX30oT6M84fivxDlEjgM92v6JCYU
6G97xVk5GFuxCtrf52xaLMtnIPQGk5kUQeSR8obQESyt/jQQp111V7jjoqJxIYXm
IQ2WHQzmZokoc7nUAyK4d3716+QibmSK85eitFcbcX4Hm8t7fhqysGvHg2ckhsft
w38uuPeAgRONXWRhPhjjv81ghIJgmpcY+WWjLkGjE/sH6ZG0cjAID80pJGW3Du4O
jtALN74avZEZpoH4TWEjCPs4w7ZkIyvXomsnCZogkyFN+Vdbx+kvR7uCgYNxxYbm
o3bdqKcjw4wFIzXdnGJ3vhfpZj/Si77co32/77sl3VyzSgP8gLr6/49ygwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP9ZEJXv/ISy35Jwf8IJiUrRYd4jMB8GA1UdIwQY
MBaAFAMrjFRODevP1tdVTRWV8ETCBQeDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXl1TVZFNE42OF9XMTFWTkZaWHdSTUlGQjRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8wNTRkNDctYTExMi00OGM2LWI0YWEt
ZmIxOTQyYjVhZmY0LzEvXzFrUWxlXzhoTExma25CX3dnbUpTdEZoM2lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8wNTRkNDctYTExMi00OGM2LWI0YWEtZmIxOTQyYjVhZmY0
LzEvQXl1TVZFNE42OF9XMTFWTkZaWHdSTUlGQjRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUQMMA0G
CSqGSIb3DQEBCwUAA4IBAQB/Hal8ylyBenDYcKiQfgfbge8UKl0oDrSpiHs29Ig+
Jy0ObgVaAYVJHX4c77j3xIstCyXYvX3O0c2URcNHQAZS4J4pzd+tGNjkEW25Hjpr
zUFI48ZDxOi2EOG6zfOM5V1a4OWV4yPRDyU+v36jXTLgOQNYYECTWOZ2G44lgjHz
Hq95YY1L2YwtUCk/tj2Pej7YH92LdrneWC69T+T1c2Nxz0LzTDDSFLvew1tA+P3H
QyVAUIrIz6ymR53AtVxoMTdV3nx+nYq/7Q6gcvZxln3jpM2qwxZMGwbLC5/g4w97
vKb67VlC5GinefWrUXr2lyUfY0AM4uDkcnkXpMM3W175
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:54 2024 by rpki-client on console-ams.rpki-client.org