Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c51d08-8575-4bfb-af6e-01889cc03eba/1/1Ahe4MglDbqfttTtBuLQzl4g_Ys.roa
File: 1Ahe4MglDbqfttTtBuLQzl4g_Ys.roa (raw, json)
Hash identifier: P1DeLxvOMgOrRo+xrpo+oxCZKizL9rfb7V4tDGKfHxY=
Subject key identifier: D4:08:5E:E0:C8:25:0D:BA:9F:B6:D4:ED:06:E2:D0:CE:5E:20:FD:8B
Certificate issuer: /CN=567ac9bf0be91e0a48664ec8b6a6770957a21020
Certificate serial: 018963CCC72E4A0BEC9EB805C34BED7C830C
Authority key identifier: 56:7A:C9:BF:0B:E9:1E:0A:48:66:4E:C8:B6:A6:77:09:57:A2:10:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VnrJvwvpHgpIZk7ItqZ3CVeiECA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c51d08-8575-4bfb-af6e-01889cc03eba/1/1Ahe4MglDbqfttTtBuLQzl4g_Ys.roa
Signing time: Mon 17 Jul 2023 12:21:51 +0000
ROA not before: Mon 17 Jul 2023 12:21:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 185.118.71.0/24 maxlen: 24
185.118.69.0/24 maxlen: 24
185.118.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 26 Nov 2023 21:09:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:63:cc:c7:2e:4a:0b:ec:9e:b8:05:c3:4b:ed:7c:83:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=567ac9bf0be91e0a48664ec8b6a6770957a21020
Validity
Not Before: Jul 17 12:21:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4085ee0c8250dba9fb6d4ed06e2d0ce5e20fd8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:45:22:0b:92:34:57:1a:22:ed:06:4d:1b:26:
e7:72:e4:3f:a2:0c:db:a7:15:03:29:d2:09:6d:b9:
5f:fd:19:68:4b:3e:ee:99:4f:ec:46:6c:c9:81:2a:
e2:a8:a3:9c:4e:99:a2:0c:f7:44:11:cf:80:4c:2c:
f0:f8:6f:e1:0e:dd:a1:b5:77:3a:bb:39:21:a8:6f:
e2:a4:7d:f3:a2:2d:4b:77:0f:93:1c:d3:92:cd:f8:
dc:bb:ef:1f:d7:d9:1f:93:47:e8:17:f9:d6:16:91:
17:5a:e4:69:c8:85:76:88:33:7a:6a:cc:8b:ec:0f:
8f:e7:18:0b:18:cf:a6:72:00:e6:77:dd:0e:10:5d:
f1:9e:29:10:ff:98:b4:44:3f:5c:00:d5:81:90:64:
1a:70:84:fc:32:89:53:ae:31:0f:28:4b:ab:c7:4f:
63:5b:20:e7:32:6a:8e:9f:4a:93:80:d1:9e:d7:c5:
40:7a:57:ef:ea:1d:45:14:71:c2:09:fd:3a:fd:a9:
8d:2a:3f:2b:dd:d9:a5:a1:c2:ac:d3:7b:5d:37:92:
92:05:33:a7:2e:6a:41:df:3a:d6:91:19:d6:1f:9b:
e8:29:0a:04:f9:93:e9:e8:14:64:ed:7e:ba:8b:05:
f6:d7:6d:8e:09:49:92:95:4e:e2:49:01:b5:da:3a:
d5:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:08:5E:E0:C8:25:0D:BA:9F:B6:D4:ED:06:E2:D0:CE:5E:20:FD:8B
X509v3 Authority Key Identifier:
keyid:56:7A:C9:BF:0B:E9:1E:0A:48:66:4E:C8:B6:A6:77:09:57:A2:10:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VnrJvwvpHgpIZk7ItqZ3CVeiECA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c51d08-8575-4bfb-af6e-01889cc03eba/1/1Ahe4MglDbqfttTtBuLQzl4g_Ys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c51d08-8575-4bfb-af6e-01889cc03eba/1/VnrJvwvpHgpIZk7ItqZ3CVeiECA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.69.0-185.118.71.255
Signature Algorithm: sha256WithRSAEncryption
51:85:0f:13:48:08:63:77:3f:ff:36:f9:7f:32:d2:f6:38:7b:
61:a0:6a:09:93:ca:83:92:42:40:5f:06:59:0f:ef:ab:4f:d9:
89:97:09:5b:be:b0:de:9f:c0:2a:35:64:9c:f1:ac:e7:6e:c1:
4f:9b:13:4c:b8:10:e2:4e:8f:0d:3b:f2:41:c8:b5:1d:e6:0a:
1c:3f:9a:cf:9c:e7:f0:88:c2:11:94:8a:c5:93:25:26:e4:be:
19:98:40:8e:0a:e6:39:b7:ad:cf:7c:f5:57:21:08:3e:b6:6d:
7e:79:25:5b:dd:d4:59:8b:62:93:af:5c:94:da:36:51:ab:03:
5c:f4:fe:cf:26:49:f6:5c:8e:fa:cf:a2:41:82:fd:63:3e:6b:
2c:3d:5c:8e:88:0a:ac:61:79:e5:fa:3e:ab:b6:1d:d6:81:32:
39:51:c0:1b:56:ad:99:f4:43:6b:8d:73:f5:51:ce:45:d3:d5:
8b:10:07:43:c6:0d:4f:ee:68:37:92:e8:c7:2e:51:d4:da:8c:
f3:9c:47:bf:8e:72:f0:e5:c8:99:41:e2:7b:8b:c0:dd:6b:bd:
b1:83:7c:38:6c:f5:50:35:03:13:a3:9e:4f:ca:1e:60:84:31:
f1:23:4f:6d:c8:3a:47:44:d7:a1:1d:c7:f0:6f:b3:31:72:c8:
b9:23:8d:ae
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYljzMcuSgvsnrgFw0vtfIMMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2N2FjOWJmMGJlOTFlMGE0ODY2NGVjOGI2YTY3NzA5NTdh
MjEwMjAwHhcNMjMwNzE3MTIyMTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDA4NWVlMGM4MjUwZGJhOWZiNmQ0ZWQwNmUyZDBjZTVlMjBmZDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUUiC5I0Vxoi7QZNGybncuQ/ogzb
pxUDKdIJbblf/RloSz7umU/sRmzJgSriqKOcTpmiDPdEEc+ATCzw+G/hDt2htXc6
uzkhqG/ipH3zoi1Ldw+THNOSzfjcu+8f19kfk0foF/nWFpEXWuRpyIV2iDN6asyL
7A+P5xgLGM+mcgDmd90OEF3xnikQ/5i0RD9cANWBkGQacIT8MolTrjEPKEurx09j
WyDnMmqOn0qTgNGe18VAelfv6h1FFHHCCf06/amNKj8r3dmlocKs03tdN5KSBTOn
LmpB3zrWkRnWH5voKQoE+ZPp6BRk7X66iwX2122OCUmSlU7iSQG12jrVKQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNQIXuDIJQ26n7bU7Qbi0M5eIP2LMB8GA1UdIwQY
MBaAFFZ6yb8L6R4KSGZOyLamdwlXohAgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm5ySnZ3dnBIZ3BJWms3SXRxWjNDVmVpRUNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNTFkMDgtODU3NS00YmZiLWFmNmUt
MDE4ODljYzAzZWJhLzEvMUFoZTRNZ2xEYnFmdHRUdEJ1TFF6bDRnX1lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNTFkMDgtODU3NS00YmZiLWFmNmUtMDE4ODljYzAzZWJh
LzEvVm5ySnZ3dnBIZ3BJWms3SXRxWjNDVmVpRUNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5dkUD
BAO5dkAwDQYJKoZIhvcNAQELBQADggEBAFGFDxNICGN3P/82+X8y0vY4e2GgagmT
yoOSQkBfBlkP76tP2YmXCVu+sN6fwCo1ZJzxrOduwU+bE0y4EOJOjw078kHItR3m
Chw/ms+c5/CIwhGUisWTJSbkvhmYQI4K5jm3rc989VchCD62bX55JVvd1FmLYpOv
XJTaNlGrA1z0/s8mSfZcjvrPokGC/WM+ayw9XI6ICqxheeX6Pqu2HdaBMjlRwBtW
rZn0Q2uNc/VRzkXT1YsQB0PGDU/uaDeS6McuUdTajPOcR7+OcvDlyJlB4nuLwN1r
vbGDfDhs9VA1AxOjnk/KHmCEMfEjT23IOkdE16Edx/BvszFyyLkjja4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:14 2024 by rpki-client on console-ams.rpki-client.org