Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/9a78e6-3bf7-42b6-8cbf-119942f3d7a7/1/4QHWQWm_t8RLa8X9Z48R1OCoLzo.roa
File: 4QHWQWm_t8RLa8X9Z48R1OCoLzo.roa (raw, json)
Hash identifier: thqqxqtMogoDWLi+JbKn67Grtr47mzP2KaDDOlLdn6w=
Subject key identifier: E1:01:D6:41:69:BF:B7:C4:4B:6B:C5:FD:67:8F:11:D4:E0:A8:2F:3A
Certificate issuer: /CN=10af800ce95bfbb1f473b0b5f9f7b93175930e89
Certificate serial: 01856CA5DF302E4219074B4B175ABAE02BC4
Authority key identifier: 10:AF:80:0C:E9:5B:FB:B1:F4:73:B0:B5:F9:F7:B9:31:75:93:0E:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EK-ADOlb-7H0c7C1-fe5MXWTDok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/9a78e6-3bf7-42b6-8cbf-119942f3d7a7/1/4QHWQWm_t8RLa8X9Z48R1OCoLzo.roa
Signing time: Sun 01 Jan 2023 09:24:47 +0000
ROA not before: Sun 01 Jan 2023 09:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24971
IP address blocks: 185.32.160.0/22 maxlen: 24
2a00:a5a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:a5:df:30:2e:42:19:07:4b:4b:17:5a:ba:e0:2b:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10af800ce95bfbb1f473b0b5f9f7b93175930e89
Validity
Not Before: Jan 1 09:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e101d64169bfb7c44b6bc5fd678f11d4e0a82f3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:1f:1c:f6:ae:71:1a:42:b5:73:8c:4e:cc:30:
f3:d9:c5:4d:b1:bc:da:a7:da:86:12:32:7f:88:33:
d2:f9:58:8e:c3:c3:48:b1:bd:1f:a7:7f:20:2b:31:
d1:b5:c1:1c:d7:25:25:dd:5a:cd:68:fd:8a:fd:66:
85:df:3d:e0:35:1e:d1:8c:7c:ac:a4:a9:18:d0:06:
21:bb:d9:07:60:0c:73:60:7d:22:6f:4c:91:9d:7f:
07:92:e1:f3:1a:4a:c7:fc:24:70:11:f1:42:3c:b5:
55:51:38:91:7d:ed:1e:85:53:42:40:5a:c5:04:1b:
ef:24:2e:a0:81:34:ad:f5:75:d2:c0:b4:71:ee:b9:
d0:71:7e:1f:b9:7a:bf:14:df:ab:50:43:8d:e3:e3:
ba:18:8d:c2:68:7f:47:2f:c6:11:46:73:60:7e:cd:
f8:e2:dc:68:81:1e:b1:d4:52:33:c6:c2:14:59:a1:
79:95:5a:c2:b7:16:89:f1:50:42:80:f0:f4:b7:42:
7b:fc:fa:87:05:b2:2f:ed:c4:7b:f7:ce:f8:ab:3a:
c5:d9:5f:f5:40:f0:fe:cb:25:00:dd:64:8b:48:04:
67:04:7c:cb:e8:5f:d1:04:29:ff:c8:8f:8b:a7:f0:
ee:ba:32:59:62:37:46:12:08:db:b3:a8:49:d0:b0:
65:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:01:D6:41:69:BF:B7:C4:4B:6B:C5:FD:67:8F:11:D4:E0:A8:2F:3A
X509v3 Authority Key Identifier:
keyid:10:AF:80:0C:E9:5B:FB:B1:F4:73:B0:B5:F9:F7:B9:31:75:93:0E:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EK-ADOlb-7H0c7C1-fe5MXWTDok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9a78e6-3bf7-42b6-8cbf-119942f3d7a7/1/4QHWQWm_t8RLa8X9Z48R1OCoLzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9a78e6-3bf7-42b6-8cbf-119942f3d7a7/1/EK-ADOlb-7H0c7C1-fe5MXWTDok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.32.160.0/22
IPv6:
2a00:a5a0::/32
Signature Algorithm: sha256WithRSAEncryption
69:f2:22:1d:14:c6:af:f1:be:24:53:7e:92:74:7e:f6:97:ae:
d2:07:8f:0c:f7:9a:97:b6:f4:4f:2a:55:ad:aa:0b:ef:3e:cf:
3a:b6:58:ea:c9:4f:cb:f0:17:b1:e2:c5:a5:fa:8b:d3:6f:42:
37:19:17:38:08:d0:56:ca:92:69:ee:ad:69:9a:ff:22:69:27:
cd:68:24:ea:ae:a8:32:f3:3c:29:4a:7b:ef:8f:54:6e:5f:8f:
fe:f8:f0:9b:f6:15:a2:79:cc:a5:72:0a:15:10:3c:28:ec:d9:
e9:8f:26:7b:04:ee:76:96:ed:65:4b:c2:0c:8c:da:3b:85:ef:
13:90:84:2e:45:c1:c9:c4:3d:66:80:ed:52:6b:ee:ff:fe:d0:
ac:22:e2:9e:83:96:06:c6:99:32:2b:ee:32:88:0e:0d:62:e5:
3d:18:6d:22:11:60:a3:eb:10:69:e7:72:b3:8b:a9:d7:80:e0:
e9:b2:a9:b9:36:34:9e:80:ab:56:be:d8:bf:36:61:f0:69:25:
90:c3:b7:31:94:10:a8:55:06:22:03:b0:18:e4:91:31:c4:d7:
fc:cd:e7:fd:94:06:3f:52:50:5d:de:9e:51:a8:80:5f:02:8c:
0a:4c:5a:4b:f5:69:8b:41:4b:e8:3f:7f:3c:bf:6f:51:38:8c:
a6:8e:8d:3f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVspd8wLkIZB0tLF1q64CvEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwYWY4MDBjZTk1YmZiYjFmNDczYjBiNWY5ZjdiOTMxNzU5
MzBlODkwHhcNMjMwMTAxMDkyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTAxZDY0MTY5YmZiN2M0NGI2YmM1ZmQ2NzhmMTFkNGUwYTgyZjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjB8c9q5xGkK1c4xOzDDz2cVNsbza
p9qGEjJ/iDPS+ViOw8NIsb0fp38gKzHRtcEc1yUl3VrNaP2K/WaF3z3gNR7RjHys
pKkY0AYhu9kHYAxzYH0ib0yRnX8HkuHzGkrH/CRwEfFCPLVVUTiRfe0ehVNCQFrF
BBvvJC6ggTSt9XXSwLRx7rnQcX4fuXq/FN+rUEON4+O6GI3CaH9HL8YRRnNgfs34
4txogR6x1FIzxsIUWaF5lVrCtxaJ8VBCgPD0t0J7/PqHBbIv7cR79874qzrF2V/1
QPD+yyUA3WSLSARnBHzL6F/RBCn/yI+Lp/DuujJZYjdGEgjbs6hJ0LBl3QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOEB1kFpv7fES2vF/WePEdTgqC86MB8GA1UdIwQY
MBaAFBCvgAzpW/ux9HOwtfn3uTF1kw6JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUstQURPbGItN0gwYzdDMS1mZTVNWFdURG9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS85YTc4ZTYtM2JmNy00MmI2LThjYmYt
MTE5OTQyZjNkN2E3LzEvNFFIV1FXbV90OFJMYThYOVo0OFIxT0NvTHpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS85YTc4ZTYtM2JmNy00MmI2LThjYmYtMTE5OTQyZjNkN2E3
LzEvRUstQURPbGItN0gwYzdDMS1mZTVNWFdURG9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSCgMA0E
AgACMAcDBQAqAKWgMA0GCSqGSIb3DQEBCwUAA4IBAQBp8iIdFMav8b4kU36SdH72
l67SB48M95qXtvRPKlWtqgvvPs86tljqyU/L8Bex4sWl+ovTb0I3GRc4CNBWypJp
7q1pmv8iaSfNaCTqrqgy8zwpSnvvj1RuX4/++PCb9hWiecylcgoVEDwo7NnpjyZ7
BO52lu1lS8IMjNo7he8TkIQuRcHJxD1mgO1Sa+7//tCsIuKeg5YGxpkyK+4yiA4N
YuU9GG0iEWCj6xBp53Kzi6nXgODpsqm5NjSegKtWvti/NmHwaSWQw7cxlBCoVQYi
A7AY5JExxNf8zef9lAY/UlBd3p5RqIBfAowKTFpL9WmLQUvoP388v29ROIymjo0/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:39 2024 by rpki-client on console-ams.rpki-client.org