Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/a2cfb0-0e68-4e47-8881-b8c9a2a9da46/1/vKAJ2gdB-2LdJC08xoZ7vvm8m-E.roa
File: vKAJ2gdB-2LdJC08xoZ7vvm8m-E.roa (raw, json)
Hash identifier: 4ankc+cUsdCixNN6tlHEH6UgS4s/Zbc4vQmLuOmvjZo=
Subject key identifier: BC:A0:09:DA:07:41:FB:62:DD:24:2D:3C:C6:86:7B:BE:F9:BC:9B:E1
Certificate issuer: /CN=c85f510c72ce0b79c2899b35845ffe3670693f05
Certificate serial: 018571CC2A74DBD8CF833942808F4C599583
Authority key identifier: C8:5F:51:0C:72:CE:0B:79:C2:89:9B:35:84:5F:FE:36:70:69:3F:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yF9RDHLOC3nCiZs1hF_-NnBpPwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/a2cfb0-0e68-4e47-8881-b8c9a2a9da46/1/vKAJ2gdB-2LdJC08xoZ7vvm8m-E.roa
Signing time: Mon 02 Jan 2023 09:24:43 +0000
ROA not before: Mon 02 Jan 2023 09:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35681
IP address blocks: 185.160.69.0/24 maxlen: 24
185.160.70.0/24 maxlen: 24
185.160.71.0/24 maxlen: 24
185.160.68.0/22 maxlen: 22
185.160.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:cc:2a:74:db:d8:cf:83:39:42:80:8f:4c:59:95:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c85f510c72ce0b79c2899b35845ffe3670693f05
Validity
Not Before: Jan 2 09:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bca009da0741fb62dd242d3cc6867bbef9bc9be1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b0:98:7d:d3:e8:90:3c:eb:27:47:ba:41:68:
20:98:2a:e8:ac:b5:26:85:19:0b:84:9b:f3:eb:5f:
8a:60:01:c0:96:0f:2a:c7:3a:e0:69:10:3d:87:d5:
19:ea:40:9e:23:2a:bc:fe:d3:7c:91:0d:01:e3:00:
e2:79:cb:e5:47:ed:74:95:82:f8:c6:60:cd:62:1b:
b6:3e:20:b7:fd:08:ee:af:b3:40:bb:b1:62:31:c8:
f7:92:5a:81:6a:3c:71:10:81:a3:e1:b7:ef:70:16:
1f:ce:59:44:7e:64:5a:8b:06:e5:41:80:ed:41:9c:
5a:09:ef:55:f1:84:f6:b8:6a:01:66:02:47:6c:e9:
a0:50:06:c3:9a:0a:92:33:dd:30:82:05:54:f3:59:
9d:c4:25:46:83:fc:96:67:ca:e1:8d:8e:20:eb:8b:
2c:00:8f:16:5b:9b:5c:c2:d7:e4:5a:c7:25:17:0e:
3c:0e:64:03:dc:73:f3:af:1b:db:35:83:31:3a:b1:
55:cf:7d:fb:79:d9:fc:1a:e0:a7:be:6a:d2:57:e0:
c1:f2:d4:1c:8b:41:d8:c1:a8:d3:2a:45:10:33:f8:
9a:44:bc:8b:89:e7:fb:cd:7a:4e:d7:f1:7b:e6:41:
c4:2c:d5:dc:36:e3:73:36:29:9c:34:df:28:0c:ae:
12:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:A0:09:DA:07:41:FB:62:DD:24:2D:3C:C6:86:7B:BE:F9:BC:9B:E1
X509v3 Authority Key Identifier:
keyid:C8:5F:51:0C:72:CE:0B:79:C2:89:9B:35:84:5F:FE:36:70:69:3F:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yF9RDHLOC3nCiZs1hF_-NnBpPwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/a2cfb0-0e68-4e47-8881-b8c9a2a9da46/1/vKAJ2gdB-2LdJC08xoZ7vvm8m-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/a2cfb0-0e68-4e47-8881-b8c9a2a9da46/1/yF9RDHLOC3nCiZs1hF_-NnBpPwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.68.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:7e:f3:b1:f3:ff:40:55:f5:cc:fb:08:b7:ad:ce:0b:29:3a:
71:01:99:4d:f7:f8:bc:e4:95:2a:1c:2b:07:16:de:cd:c9:05:
95:43:c9:55:3f:46:d0:b8:98:7a:90:ca:30:d1:c8:35:8c:37:
70:f8:3e:70:41:87:9b:c3:c7:71:e6:d1:ab:e9:9e:8c:15:5b:
5e:e6:95:fb:f8:aa:43:17:26:88:4d:92:f2:65:36:9b:91:3e:
9c:56:75:ac:9c:a5:de:e0:0d:f8:db:30:a9:ce:c6:6c:33:9c:
58:c2:aa:ca:dd:54:90:fc:fb:ac:33:e3:56:8f:e8:cb:21:2c:
7e:8a:da:fe:a1:04:3e:d4:7a:7c:d1:ca:5e:7c:99:2c:ac:a6:
5e:5c:5c:40:c3:2c:d1:c1:46:5a:62:45:55:0a:98:4c:94:0b:
54:c6:80:8f:23:c7:4a:3b:d1:41:62:bd:7d:00:ee:e6:5d:ee:
a5:dd:cd:03:7d:a2:ca:d6:7f:90:7c:87:77:ec:87:2b:29:97:
01:74:42:05:cc:22:1f:38:0f:35:d8:5b:62:cb:2d:a5:f6:b2:
bb:7e:5a:b8:9e:93:59:64:6a:cb:c3:c2:39:fe:69:53:bb:8c:
8c:0c:a2:5f:ae:26:b7:0b:66:05:70:ad:16:81:69:36:be:1c:
0e:41:bd:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxzCp029jPgzlCgI9MWZWDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NWY1MTBjNzJjZTBiNzljMjg5OWIzNTg0NWZmZTM2NzA2
OTNmMDUwHhcNMjMwMTAyMDkyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2EwMDlkYTA3NDFmYjYyZGQyNDJkM2NjNjg2N2JiZWY5YmM5YmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrCYfdPokDzrJ0e6QWggmCrorLUm
hRkLhJvz61+KYAHAlg8qxzrgaRA9h9UZ6kCeIyq8/tN8kQ0B4wDiecvlR+10lYL4
xmDNYhu2PiC3/Qjur7NAu7FiMcj3klqBajxxEIGj4bfvcBYfzllEfmRaiwblQYDt
QZxaCe9V8YT2uGoBZgJHbOmgUAbDmgqSM90wggVU81mdxCVGg/yWZ8rhjY4g64ss
AI8WW5tcwtfkWsclFw48DmQD3HPzrxvbNYMxOrFVz337edn8GuCnvmrSV+DB8tQc
i0HYwajTKkUQM/iaRLyLief7zXpO1/F75kHELNXcNuNzNimcNN8oDK4S+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLygCdoHQfti3SQtPMaGe775vJvhMB8GA1UdIwQY
MBaAFMhfUQxyzgt5wombNYRf/jZwaT8FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUY5UkRITE9DM25DaVpzMWhGXy1ObkJwUHdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9hMmNmYjAtMGU2OC00ZTQ3LTg4ODEt
YjhjOWEyYTlkYTQ2LzEvdktBSjJnZEItMkxkSkMwOHhvWjd2dm04bS1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9hMmNmYjAtMGU2OC00ZTQ3LTg4ODEtYjhjOWEyYTlkYTQ2
LzEveUY5UkRITE9DM25DaVpzMWhGXy1ObkJwUHdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaBEMA0G
CSqGSIb3DQEBCwUAA4IBAQCcfvOx8/9AVfXM+wi3rc4LKTpxAZlN9/i85JUqHCsH
Ft7NyQWVQ8lVP0bQuJh6kMow0cg1jDdw+D5wQYebw8dx5tGr6Z6MFVte5pX7+KpD
FyaITZLyZTabkT6cVnWsnKXe4A342zCpzsZsM5xYwqrK3VSQ/PusM+NWj+jLISx+
itr+oQQ+1Hp80cpefJksrKZeXFxAwyzRwUZaYkVVCphMlAtUxoCPI8dKO9FBYr19
AO7mXe6l3c0DfaLK1n+QfId37IcrKZcBdEIFzCIfOA812Ftiyy2l9rK7flq4npNZ
ZGrLw8I5/mlTu4yMDKJfria3C2YFcK0WgWk2vhwOQb0l
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:41 2024 by rpki-client on console-ams.rpki-client.org