Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/I6xFYUPP3HwgaBWyzPwkULNheSE.roa
File: I6xFYUPP3HwgaBWyzPwkULNheSE.roa (raw, json)
Hash identifier: WxxZz9EHgwBiUUW9v46/ZdYUwHj3h8+Oq5zPSB2CEOc=
Subject key identifier: 23:AC:45:61:43:CF:DC:7C:20:68:15:B2:CC:FC:24:50:B3:61:79:21
Certificate issuer: /CN=2b0140ad39414c4eab02ac55422b44163ed34b0f
Certificate serial: 0191E1CE241AFBEA9B2AF39E82398206A29A
Authority key identifier: 2B:01:40:AD:39:41:4C:4E:AB:02:AC:55:42:2B:44:16:3E:D3:4B:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KwFArTlBTE6rAqxVQitEFj7TSw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/I6xFYUPP3HwgaBWyzPwkULNheSE.roa
Signing time: Wed 11 Sep 2024 15:57:48 +0000
ROA not before: Wed 11 Sep 2024 15:57:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44407
IP address blocks: 185.111.16.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 11 Sep 2024 16:44:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e1:ce:24:1a:fb:ea:9b:2a:f3:9e:82:39:82:06:a2:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b0140ad39414c4eab02ac55422b44163ed34b0f
Validity
Not Before: Sep 11 15:57:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23ac456143cfdc7c206815b2ccfc2450b3617921
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d2:f1:b0:a2:12:27:ab:7d:b5:79:df:2c:23:
c9:37:5a:24:a0:07:e9:67:0c:9a:21:18:04:2c:14:
4a:f9:51:3a:5b:89:70:ed:46:a5:26:6e:4d:6a:fa:
01:99:f5:be:c0:81:d9:62:3d:80:6e:d1:2f:e7:59:
69:7e:37:35:4f:fb:91:dc:45:27:ff:9b:b2:eb:f2:
1a:9f:41:64:ea:96:f3:fe:a3:c4:fb:dd:ab:5e:60:
b8:35:14:b3:ff:05:12:8f:46:57:c0:7b:f1:71:4a:
32:dc:9a:36:cd:6e:53:07:f4:a3:9b:d6:bd:ba:04:
3a:5e:be:50:fb:10:76:a8:46:dd:b3:ef:43:5c:6f:
56:85:c5:bb:95:93:5b:bf:0d:4b:b3:82:5a:ea:eb:
e0:d1:22:bc:69:9e:f5:34:fe:82:c8:23:8d:00:74:
2e:8d:1c:35:b5:b2:a5:e4:60:e7:5c:05:44:33:2d:
dd:99:d5:8b:0d:e0:5b:8d:59:18:cf:57:64:c4:5e:
95:f1:42:df:9c:27:9a:0a:d0:ab:a0:20:db:27:80:
9a:95:10:8d:f9:c3:ea:55:85:f4:d8:a9:3f:c3:49:
9b:e6:8e:91:19:ce:33:3c:65:4e:5b:be:3f:18:c3:
19:09:40:ab:ad:29:8a:52:9a:71:66:c7:b8:80:f5:
6d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:AC:45:61:43:CF:DC:7C:20:68:15:B2:CC:FC:24:50:B3:61:79:21
X509v3 Authority Key Identifier:
keyid:2B:01:40:AD:39:41:4C:4E:AB:02:AC:55:42:2B:44:16:3E:D3:4B:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KwFArTlBTE6rAqxVQitEFj7TSw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/I6xFYUPP3HwgaBWyzPwkULNheSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.16.0/22
Signature Algorithm: sha256WithRSAEncryption
76:c1:ed:0b:6f:e3:d8:5f:bf:24:6c:f1:6c:88:54:f1:51:7f:
76:6e:a7:ba:0f:52:0c:fc:ea:cc:1a:70:7e:5c:1e:c3:1f:81:
59:ae:33:f0:b2:7d:75:fc:a6:09:79:b5:25:fb:f0:91:d5:5f:
91:4d:6e:24:9e:ac:0f:d4:01:43:aa:c1:a6:d3:ae:4a:5f:ba:
f1:2a:3f:b8:ee:d4:8f:be:3b:11:ae:bb:c3:31:fb:d0:9c:1f:
1c:55:79:4b:d4:40:c3:d7:f5:59:41:04:3e:2c:04:f9:6f:06:
2f:68:ee:0d:ef:35:81:42:c0:de:8f:41:8a:84:b3:37:07:b5:
00:37:ce:d2:c0:fc:e4:63:fe:c0:a6:12:f7:ef:9e:0e:a4:0c:
42:56:6a:56:7d:ab:60:12:aa:4b:8c:8c:92:67:95:d5:d4:fd:
9b:b4:70:9f:24:ca:10:47:2f:48:e7:5c:c3:98:d4:c0:4b:9b:
b6:fa:ac:cf:7d:2d:11:2f:e5:c7:92:9c:2b:28:f4:88:a9:b3:
7b:70:e0:dd:ca:10:1b:50:d6:c3:41:8e:cd:ca:0a:4f:a5:14:
e3:97:7b:bc:e7:79:71:9d:65:b4:82:40:ba:1e:19:db:c4:8e:
9f:1e:d3:81:1a:db:2b:fd:11:c1:d2:92:82:9c:ec:87:d2:d1:
65:5b:27:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHhziQa++qbKvOegjmCBqKaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMDE0MGFkMzk0MTRjNGVhYjAyYWM1NTQyMmI0NDE2M2Vk
MzRiMGYwHhcNMjQwOTExMTU1NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2FjNDU2MTQzY2ZkYzdjMjA2ODE1YjJjY2ZjMjQ1MGIzNjE3OTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9LxsKISJ6t9tXnfLCPJN1okoAfp
ZwyaIRgELBRK+VE6W4lw7UalJm5NavoBmfW+wIHZYj2AbtEv51lpfjc1T/uR3EUn
/5uy6/Ian0Fk6pbz/qPE+92rXmC4NRSz/wUSj0ZXwHvxcUoy3Jo2zW5TB/Sjm9a9
ugQ6Xr5Q+xB2qEbds+9DXG9WhcW7lZNbvw1Ls4Ja6uvg0SK8aZ71NP6CyCONAHQu
jRw1tbKl5GDnXAVEMy3dmdWLDeBbjVkYz1dkxF6V8ULfnCeaCtCroCDbJ4CalRCN
+cPqVYX02Kk/w0mb5o6RGc4zPGVOW74/GMMZCUCrrSmKUppxZse4gPVtvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCOsRWFDz9x8IGgVssz8JFCzYXkhMB8GA1UdIwQY
MBaAFCsBQK05QUxOqwKsVUIrRBY+00sPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3dGQXJUbEJURTZyQXF4VlFpdEVGajdUU3c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy84OWMzZTQtYjYxMy00OWVjLWFlMjUt
MmU3NTIyOGY5MjYxLzEvSTZ4RllVUFAzSHdnYUJXeXpQd2tVTE5oZVNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy84OWMzZTQtYjYxMy00OWVjLWFlMjUtMmU3NTIyOGY5MjYx
LzEvS3dGQXJUbEJURTZyQXF4VlFpdEVGajdUU3c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuW8QMA0G
CSqGSIb3DQEBCwUAA4IBAQB2we0Lb+PYX78kbPFsiFTxUX92bqe6D1IM/OrMGnB+
XB7DH4FZrjPwsn11/KYJebUl+/CR1V+RTW4knqwP1AFDqsGm065KX7rxKj+47tSP
vjsRrrvDMfvQnB8cVXlL1EDD1/VZQQQ+LAT5bwYvaO4N7zWBQsDej0GKhLM3B7UA
N87SwPzkY/7AphL3754OpAxCVmpWfatgEqpLjIySZ5XV1P2btHCfJMoQRy9I51zD
mNTAS5u2+qzPfS0RL+XHkpwrKPSIqbN7cODdyhAbUNbDQY7NygpPpRTjl3u853lx
nWW0gkC6HhnbxI6fHtOBGtsr/RHB0pKCnOyH0tFlWydM
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:42:23 2025 by rpki-client