Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/ae5206-c843-4bd5-8860-71e95b04b3ec/1/4UfpZ2DKgnlUOr3_ZPeqk094zfU.roa
File: 4UfpZ2DKgnlUOr3_ZPeqk094zfU.roa (raw, json)
Hash identifier: l6G3ZRAX+RS5SMvgTR82vBrX2JAx1wS6gJUO+Sdy1Kk=
Subject key identifier: E1:47:E9:67:60:CA:82:79:54:3A:BD:FF:64:F7:AA:93:4F:78:CD:F5
Certificate issuer: /CN=a43b5322b8ea38a7a044dcb0671a75dba1043d7e
Certificate serial: 018570306F866EFB3E0F8A6ADADED1C2E83C
Authority key identifier: A4:3B:53:22:B8:EA:38:A7:A0:44:DC:B0:67:1A:75:DB:A1:04:3D:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pDtTIrjqOKegRNywZxp126EEPX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/ae5206-c843-4bd5-8860-71e95b04b3ec/1/4UfpZ2DKgnlUOr3_ZPeqk094zfU.roa
Signing time: Mon 02 Jan 2023 01:55:00 +0000
ROA not before: Mon 02 Jan 2023 01:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 134094
IP address blocks: 185.190.16.0/24 maxlen: 24
185.190.17.0/24 maxlen: 24
185.190.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 Nov 2023 15:56:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:6f:86:6e:fb:3e:0f:8a:6a:da:de:d1:c2:e8:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a43b5322b8ea38a7a044dcb0671a75dba1043d7e
Validity
Not Before: Jan 2 01:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e147e96760ca8279543abdff64f7aa934f78cdf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:04:93:41:6c:6f:62:28:e8:62:58:94:74:c4:
c4:29:c0:61:31:bc:63:39:e7:20:fe:08:8a:11:ca:
0f:e1:69:5b:c5:21:95:bb:b4:01:e8:c9:15:fc:76:
2b:88:cd:e2:d5:e3:f2:d4:ed:bd:c7:31:1c:53:f5:
7d:80:0b:8e:2b:92:d0:52:70:cf:b8:64:e9:15:b1:
b5:02:79:d5:31:4b:51:f0:09:6f:28:e9:0c:a2:30:
be:0c:a5:c5:f5:93:f3:40:ad:8b:f5:88:15:a7:40:
bb:df:d0:f0:5c:df:f4:e5:93:17:68:44:c5:91:0e:
cd:52:37:b8:e4:b3:8b:4e:8d:89:18:0c:f0:84:39:
7e:2e:ff:2d:fe:42:d0:64:5f:18:e2:e3:0a:50:27:
54:31:42:79:18:a8:46:ec:14:28:a2:94:31:e3:2a:
04:3d:6e:34:42:03:d9:d0:a3:b4:e9:7c:99:98:ed:
ae:c5:d7:09:81:63:b1:5f:6b:f1:f5:55:47:77:4a:
b0:54:ce:57:a6:7e:36:dd:ac:fa:cb:b7:0a:95:5c:
bc:ec:a8:46:ff:c5:6c:95:8f:f3:23:ae:6e:56:6c:
9c:71:ca:53:7b:67:81:2f:af:be:12:73:6f:01:ff:
04:e5:e6:59:ab:3c:44:ec:6f:d3:a4:fc:14:de:51:
0d:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:47:E9:67:60:CA:82:79:54:3A:BD:FF:64:F7:AA:93:4F:78:CD:F5
X509v3 Authority Key Identifier:
keyid:A4:3B:53:22:B8:EA:38:A7:A0:44:DC:B0:67:1A:75:DB:A1:04:3D:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pDtTIrjqOKegRNywZxp126EEPX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/ae5206-c843-4bd5-8860-71e95b04b3ec/1/4UfpZ2DKgnlUOr3_ZPeqk094zfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/ae5206-c843-4bd5-8860-71e95b04b3ec/1/pDtTIrjqOKegRNywZxp126EEPX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.16.0/23
185.190.19.0/24
Signature Algorithm: sha256WithRSAEncryption
46:a0:59:13:00:cc:93:67:c2:d6:29:d7:e3:a9:f5:d0:cb:14:
b1:e2:d3:ba:ae:f1:d1:74:f4:06:df:ef:3a:e1:de:a8:65:76:
32:b8:60:2b:37:0b:fb:9d:9a:e7:cd:2d:3e:43:0f:74:40:f3:
c1:32:32:c0:73:2a:f4:bd:52:17:a4:b7:50:93:d2:0b:ca:ca:
20:d7:4f:e1:e6:a0:80:91:7a:c2:e5:70:b8:46:d1:f5:30:33:
0c:6d:7b:66:f4:b5:f9:56:ef:61:d2:af:2e:91:d1:58:7b:6a:
43:2b:92:46:aa:f7:ad:7c:94:2a:a3:e6:e5:8f:35:b8:09:c4:
ab:b7:02:3e:e0:37:71:77:61:61:c8:3a:02:32:4a:c6:82:86:
46:0a:6f:4b:e8:30:51:10:d4:e4:a3:1c:1f:8e:af:98:4d:06:
51:73:50:7f:8a:e6:14:53:98:48:e3:7c:4e:f9:83:97:c5:6b:
1d:1f:2d:a8:3f:57:ff:f6:21:22:b6:1d:bf:d6:cc:67:97:2b:
72:9e:15:fb:89:59:00:51:ce:89:73:e2:ec:94:e2:09:51:93:
6a:9b:72:aa:df:b8:de:f9:e3:42:ae:b7:29:04:db:68:90:c1:
69:70:56:c8:1e:0a:53:46:11:36:a4:3e:40:a7:1c:3c:42:a2:
7d:41:1c:af
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwMG+Gbvs+D4pq2t7Rwug8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0M2I1MzIyYjhlYTM4YTdhMDQ0ZGNiMDY3MWE3NWRiYTEw
NDNkN2UwHhcNMjMwMTAyMDE1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTQ3ZTk2NzYwY2E4Mjc5NTQzYWJkZmY2NGY3YWE5MzRmNzhjZGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzASTQWxvYijoYliUdMTEKcBhMbxj
Oecg/giKEcoP4WlbxSGVu7QB6MkV/HYriM3i1ePy1O29xzEcU/V9gAuOK5LQUnDP
uGTpFbG1AnnVMUtR8AlvKOkMojC+DKXF9ZPzQK2L9YgVp0C739DwXN/05ZMXaETF
kQ7NUje45LOLTo2JGAzwhDl+Lv8t/kLQZF8Y4uMKUCdUMUJ5GKhG7BQoopQx4yoE
PW40QgPZ0KO06XyZmO2uxdcJgWOxX2vx9VVHd0qwVM5Xpn423az6y7cKlVy87KhG
/8VslY/zI65uVmycccpTe2eBL6++EnNvAf8E5eZZqzxE7G/TpPwU3lEN2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOFH6WdgyoJ5VDq9/2T3qpNPeM31MB8GA1UdIwQY
MBaAFKQ7UyK46jinoETcsGcadduhBD1+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcER0VElyanFPS2VnUk55d1p4cDEyNkVFUFg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9hZTUyMDYtYzg0My00YmQ1LTg4NjAt
NzFlOTViMDRiM2VjLzEvNFVmcFoyREtnbmxVT3IzX1pQZXFrMDk0emZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9hZTUyMDYtYzg0My00YmQ1LTg4NjAtNzFlOTViMDRiM2Vj
LzEvcER0VElyanFPS2VnUk55d1p4cDEyNkVFUFg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBub4QAwQA
ub4TMA0GCSqGSIb3DQEBCwUAA4IBAQBGoFkTAMyTZ8LWKdfjqfXQyxSx4tO6rvHR
dPQG3+864d6oZXYyuGArNwv7nZrnzS0+Qw90QPPBMjLAcyr0vVIXpLdQk9ILysog
10/h5qCAkXrC5XC4RtH1MDMMbXtm9LX5Vu9h0q8ukdFYe2pDK5JGqvetfJQqo+bl
jzW4CcSrtwI+4Ddxd2FhyDoCMkrGgoZGCm9L6DBRENTkoxwfjq+YTQZRc1B/iuYU
U5hI43xO+YOXxWsdHy2oP1f/9iEith2/1sxnlytynhX7iVkAUc6Jc+LslOIJUZNq
m3Kq37je+eNCrrcpBNtokMFpcFbIHgpTRhE2pD5Apxw8QqJ9QRyv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:04 2024 by rpki-client on console-ams.rpki-client.org