Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/0ff9e5-fbbe-4b3b-b938-9ceaa1b7a116/1/1-p7IU30bYH-N5lZWHr27wCr9ucg.roa
File: 1-p7IU30bYH-N5lZWHr27wCr9ucg.roa (raw, json)
Hash identifier: bs4OIuBamSPamsWnXmZm+bi2BY3zyqZ8+aHilliNR48=
Subject key identifier: FA:9E:C8:53:7D:1B:60:7F:8D:E6:56:56:1E:BD:BB:C0:2A:FD:B9:C8
Certificate issuer: /CN=5b066db8ae1655fc3d8a4aa99ebbd93a3fe0e3e4
Certificate serial: 01856E2682C187878EA6107BFBA7DAE40E75
Authority key identifier: 5B:06:6D:B8:AE:16:55:FC:3D:8A:4A:A9:9E:BB:D9:3A:3F:E0:E3:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WwZtuK4WVfw9ikqpnrvZOj_g4-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/0ff9e5-fbbe-4b3b-b938-9ceaa1b7a116/1/1-p7IU30bYH-N5lZWHr27wCr9ucg.roa
Signing time: Sun 01 Jan 2023 16:24:55 +0000
ROA not before: Sun 01 Jan 2023 16:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25264
IP address blocks: 185.105.186.0/24 maxlen: 24
185.105.185.0/24 maxlen: 24
185.105.184.0/24 maxlen: 24
185.105.184.0/22 maxlen: 22
185.105.187.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:82:c1:87:87:8e:a6:10:7b:fb:a7:da:e4:0e:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b066db8ae1655fc3d8a4aa99ebbd93a3fe0e3e4
Validity
Not Before: Jan 1 16:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa9ec8537d1b607f8de656561ebdbbc02afdb9c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:12:03:69:90:1d:aa:ad:b6:6c:cd:8f:a8:e2:
85:b2:34:a5:98:e4:36:1a:06:45:e7:c8:a2:74:e1:
f9:d7:7d:4d:69:3d:c4:c5:f5:0b:d2:af:8c:05:89:
b0:5b:8a:77:a4:a9:0b:9c:5f:2a:b4:5a:10:7d:99:
53:8f:2f:22:6a:67:38:5c:7e:c0:35:dc:a3:04:27:
cc:11:60:f8:3d:7f:1f:5e:a3:5f:ae:dd:6b:11:13:
1a:ae:ee:69:12:ad:03:97:3f:fb:25:80:ff:7c:52:
50:02:ad:ae:51:62:b2:a0:6b:2c:50:46:8c:ba:7d:
0b:5c:80:a4:b1:90:e9:b0:9c:26:d0:1a:0f:87:cf:
5c:d6:00:fd:24:70:17:50:13:41:83:8d:38:a5:5f:
31:05:19:10:2f:9c:65:97:d9:86:7f:34:dd:f5:42:
5e:e2:55:c4:d4:e0:bb:e2:fc:d8:37:de:bf:55:52:
45:d6:29:45:88:30:d2:6b:b7:67:10:d5:5f:cc:c1:
eb:63:62:d8:ff:6d:28:26:87:9e:d1:d8:f4:77:de:
4e:b6:30:4f:80:db:e3:70:20:43:77:8f:0f:01:1f:
66:fb:f1:be:1d:94:e9:89:86:28:ea:6e:64:3c:81:
d8:cf:df:d3:87:ff:4b:99:3b:1d:bc:46:61:d6:84:
af:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:9E:C8:53:7D:1B:60:7F:8D:E6:56:56:1E:BD:BB:C0:2A:FD:B9:C8
X509v3 Authority Key Identifier:
keyid:5B:06:6D:B8:AE:16:55:FC:3D:8A:4A:A9:9E:BB:D9:3A:3F:E0:E3:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WwZtuK4WVfw9ikqpnrvZOj_g4-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/0ff9e5-fbbe-4b3b-b938-9ceaa1b7a116/1/1-p7IU30bYH-N5lZWHr27wCr9ucg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/0ff9e5-fbbe-4b3b-b938-9ceaa1b7a116/1/WwZtuK4WVfw9ikqpnrvZOj_g4-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.105.184.0/22
Signature Algorithm: sha256WithRSAEncryption
93:a8:b3:7a:fe:40:4f:14:15:da:58:af:e2:d6:e1:8f:1e:81:
ea:42:41:83:75:d1:0b:48:6f:f2:b1:67:80:24:8a:b9:99:c8:
4a:59:33:c0:80:52:56:8f:e8:72:8d:6b:8c:71:0f:92:b5:65:
f1:9e:6b:f9:fe:7d:cc:10:6b:cf:c8:8e:ab:63:73:9d:37:09:
c6:71:94:f7:73:6e:61:8e:86:05:4e:e8:dd:44:da:e6:66:c6:
40:b0:22:4a:fb:64:7c:2f:e5:02:47:df:fb:5a:aa:0e:3a:85:
40:00:95:7b:cc:fc:11:5a:51:3b:d5:f2:c0:03:bf:c3:55:7b:
1d:85:fd:8d:fd:5e:a7:fa:a3:ac:b6:09:42:cc:95:38:95:6b:
20:1e:78:09:83:81:2e:cb:4a:81:6a:36:10:8a:20:9a:06:88:
eb:5c:0e:3a:9e:8c:84:e2:dc:0f:6a:b0:5a:94:cc:d7:8e:a8:
9a:63:c4:48:93:9d:86:af:1c:a0:06:c2:fc:29:84:6a:2a:60:
d0:22:a3:24:1b:94:31:04:84:3d:a2:0d:e0:f2:40:ef:bb:09:
d0:05:b5:48:95:7a:bc:87:4c:76:30:aa:47:31:b7:c8:8c:8f:
54:57:cd:f1:3e:25:b2:06:79:88:e9:65:de:50:38:05:67:c5:
80:0d:76:e5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVuJoLBh4eOphB7+6fa5A51MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMDY2ZGI4YWUxNjU1ZmMzZDhhNGFhOTllYmJkOTNhM2Zl
MGUzZTQwHhcNMjMwMTAxMTYyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTllYzg1MzdkMWI2MDdmOGRlNjU2NTYxZWJkYmJjMDJhZmRiOWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohIDaZAdqq22bM2PqOKFsjSlmOQ2
GgZF58iidOH5131NaT3ExfUL0q+MBYmwW4p3pKkLnF8qtFoQfZlTjy8iamc4XH7A
NdyjBCfMEWD4PX8fXqNfrt1rERMaru5pEq0Dlz/7JYD/fFJQAq2uUWKyoGssUEaM
un0LXICksZDpsJwm0BoPh89c1gD9JHAXUBNBg404pV8xBRkQL5xll9mGfzTd9UJe
4lXE1OC74vzYN96/VVJF1ilFiDDSa7dnENVfzMHrY2LY/20oJoee0dj0d95OtjBP
gNvjcCBDd48PAR9m+/G+HZTpiYYo6m5kPIHYz9/Th/9LmTsdvEZh1oSvFQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPqeyFN9G2B/jeZWVh69u8Aq/bnIMB8GA1UdIwQY
MBaAFFsGbbiuFlX8PYpKqZ672To/4OPkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3dadHVLNFdWZnc5aWtxcG5ydlpPal9nNC1RLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8wZmY5ZTUtZmJiZS00YjNiLWI5Mzgt
OWNlYWExYjdhMTE2LzEvMS1wN0lVMzBiWUgtTjVsWldIcjI3d0NyOXVjZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTQvMGZmOWU1LWZiYmUtNGIzYi1iOTM4LTljZWFhMWI3YTEx
Ni8xL1d3WnR1SzRXVmZ3OWlrcXBucnZaT2pfZzQtUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlpuDAN
BgkqhkiG9w0BAQsFAAOCAQEAk6izev5ATxQV2liv4tbhjx6B6kJBg3XRC0hv8rFn
gCSKuZnISlkzwIBSVo/oco1rjHEPkrVl8Z5r+f59zBBrz8iOq2NznTcJxnGU93Nu
YY6GBU7o3UTa5mbGQLAiSvtkfC/lAkff+1qqDjqFQACVe8z8EVpRO9XywAO/w1V7
HYX9jf1ep/qjrLYJQsyVOJVrIB54CYOBLstKgWo2EIogmgaI61wOOp6MhOLcD2qw
WpTM146ommPESJOdhq8coAbC/CmEaipg0CKjJBuUMQSEPaIN4PJA77sJ0AW1SJV6
vIdMdjCqRzG3yIyPVFfN8T4lsgZ5iOll3lA4BWfFgA125Q==
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:47 2024 by rpki-client on console-ams.rpki-client.org