Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/6db46d-bc2d-45d7-a279-820325f53ccb/1/9FZo08hKxYCxTCjGa0zGtMCXgFQ.roa
File: 9FZo08hKxYCxTCjGa0zGtMCXgFQ.roa (raw, json)
Hash identifier: Y5eY02UiD9Ms5vOMbjNYUi9wqpHN89feYzwZz+Wf6jM=
Subject key identifier: F4:56:68:D3:C8:4A:C5:80:B1:4C:28:C6:6B:4C:C6:B4:C0:97:80:54
Certificate issuer: /CN=656cc25012e3a4c8b1626dd757c7b0510e457341
Certificate serial: 01856FE722C22A2C8B7BB1D9ACBBE9DF7E83
Authority key identifier: 65:6C:C2:50:12:E3:A4:C8:B1:62:6D:D7:57:C7:B0:51:0E:45:73:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZWzCUBLjpMixYm3XV8ewUQ5Fc0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/6db46d-bc2d-45d7-a279-820325f53ccb/1/9FZo08hKxYCxTCjGa0zGtMCXgFQ.roa
Signing time: Mon 02 Jan 2023 00:34:56 +0000
ROA not before: Mon 02 Jan 2023 00:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 185.170.189.0/24 maxlen: 24
185.170.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e7:22:c2:2a:2c:8b:7b:b1:d9:ac:bb:e9:df:7e:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=656cc25012e3a4c8b1626dd757c7b0510e457341
Validity
Not Before: Jan 2 00:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f45668d3c84ac580b14c28c66b4cc6b4c0978054
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:54:88:cd:d3:bc:a7:58:19:7a:28:6a:e7:21:
af:ef:50:d6:97:2c:10:77:ee:69:a4:f8:f6:a5:fa:
b5:8a:d4:39:65:78:0f:94:79:00:1b:3a:4a:5d:d5:
ee:0b:72:76:b7:0a:cb:40:8e:5c:53:4e:ae:5e:18:
a6:67:a4:d6:ba:4a:a3:e3:92:00:6c:40:58:47:5f:
ad:7e:92:09:57:9c:8c:00:30:5d:ae:e9:47:b0:2c:
6a:16:52:73:13:3f:c2:6b:bb:3c:16:00:49:1e:23:
d0:74:9f:88:9a:7d:e7:22:70:fd:f9:66:9b:e1:a4:
7f:ea:ad:be:b3:39:38:db:61:65:60:81:59:16:8a:
7e:e9:bc:b8:9a:8a:ab:09:3d:d0:50:9f:02:b9:49:
ce:9c:e2:80:11:b6:87:e1:61:a4:a3:98:64:57:0e:
52:f7:96:51:bd:74:e1:af:0d:05:55:e6:7d:6f:da:
13:7a:d3:d0:f8:a3:11:6f:04:21:fc:31:6e:76:60:
a8:2d:ea:fa:e7:58:96:f5:b2:aa:38:cf:b2:51:29:
f3:75:3a:aa:ef:2b:2b:07:b1:6c:6e:9e:26:8e:2c:
27:31:96:e5:2b:9c:7a:fb:39:5a:70:95:c4:6d:03:
e1:57:be:4e:92:77:dc:46:81:fc:7a:d1:b2:b9:a1:
e3:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:56:68:D3:C8:4A:C5:80:B1:4C:28:C6:6B:4C:C6:B4:C0:97:80:54
X509v3 Authority Key Identifier:
keyid:65:6C:C2:50:12:E3:A4:C8:B1:62:6D:D7:57:C7:B0:51:0E:45:73:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZWzCUBLjpMixYm3XV8ewUQ5Fc0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6db46d-bc2d-45d7-a279-820325f53ccb/1/9FZo08hKxYCxTCjGa0zGtMCXgFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6db46d-bc2d-45d7-a279-820325f53ccb/1/ZWzCUBLjpMixYm3XV8ewUQ5Fc0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.188.0/23
Signature Algorithm: sha256WithRSAEncryption
c8:83:96:a0:ea:39:ad:f3:81:f9:0f:f6:32:d3:e3:33:cb:39:
0f:e4:48:b9:ba:bd:37:67:32:36:77:1e:a7:99:02:ee:1a:85:
ff:3f:63:91:57:e6:26:3b:d0:87:c2:22:41:50:00:61:b4:63:
f3:76:e7:89:40:ff:d3:e4:17:dc:ce:b7:59:11:15:37:ee:8a:
28:d8:a9:da:52:dc:dd:88:22:12:8c:1f:bf:d4:6f:d7:e1:db:
5c:38:9b:29:23:4f:36:88:fc:37:59:3e:de:c9:65:93:30:1e:
47:86:7e:5a:43:f4:3e:c1:1d:14:2b:b2:08:d4:c9:e1:9d:ae:
81:e6:76:76:b0:9c:d9:8c:ff:3a:19:c6:b7:be:c3:41:ed:50:
cb:59:b7:f5:cb:06:0f:14:a9:9d:0c:5a:c3:9d:89:b2:b9:53:
5e:8d:c2:2f:21:d5:c4:27:fa:a0:08:e5:08:6d:bb:70:fc:18:
c2:a2:55:d3:9f:b3:f2:3d:76:af:be:79:38:56:e1:b9:e3:cb:
c9:3d:89:a9:4a:5f:f0:64:0e:7b:4f:75:77:a6:e8:b9:e7:30:
d6:da:47:73:6e:64:4b:b9:ae:7c:bf:bb:d9:03:06:de:cb:47:
de:03:22:4e:91:ad:92:67:63:4d:84:c5:d5:a1:25:6d:03:84:
36:74:b0:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv5yLCKiyLe7HZrLvp336DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NmNjMjUwMTJlM2E0YzhiMTYyNmRkNzU3YzdiMDUxMGU0
NTczNDEwHhcNMjMwMTAyMDAzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDU2NjhkM2M4NGFjNTgwYjE0YzI4YzY2YjRjYzZiNGMwOTc4MDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1SIzdO8p1gZeihq5yGv71DWlywQ
d+5ppPj2pfq1itQ5ZXgPlHkAGzpKXdXuC3J2twrLQI5cU06uXhimZ6TWukqj45IA
bEBYR1+tfpIJV5yMADBdrulHsCxqFlJzEz/Ca7s8FgBJHiPQdJ+Imn3nInD9+Wab
4aR/6q2+szk422FlYIFZFop+6by4moqrCT3QUJ8CuUnOnOKAEbaH4WGko5hkVw5S
95ZRvXThrw0FVeZ9b9oTetPQ+KMRbwQh/DFudmCoLer651iW9bKqOM+yUSnzdTqq
7ysrB7Fsbp4mjiwnMZblK5x6+zlacJXEbQPhV75OknfcRoH8etGyuaHjmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPRWaNPISsWAsUwoxmtMxrTAl4BUMB8GA1UdIwQY
MBaAFGVswlAS46TIsWJt11fHsFEORXNBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWld6Q1VCTGpwTWl4WW0zWFY4ZXdVUTVGYzBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi82ZGI0NmQtYmMyZC00NWQ3LWEyNzkt
ODIwMzI1ZjUzY2NiLzEvOUZabzA4aEt4WUN4VENqR2Ewekd0TUNYZ0ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi82ZGI0NmQtYmMyZC00NWQ3LWEyNzktODIwMzI1ZjUzY2Ni
LzEvWld6Q1VCTGpwTWl4WW0zWFY4ZXdVUTVGYzBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuaq8MA0G
CSqGSIb3DQEBCwUAA4IBAQDIg5ag6jmt84H5D/Yy0+MzyzkP5Ei5ur03ZzI2dx6n
mQLuGoX/P2ORV+YmO9CHwiJBUABhtGPzdueJQP/T5BfczrdZERU37ooo2KnaUtzd
iCISjB+/1G/X4dtcOJspI082iPw3WT7eyWWTMB5Hhn5aQ/Q+wR0UK7II1Mnhna6B
5nZ2sJzZjP86Gca3vsNB7VDLWbf1ywYPFKmdDFrDnYmyuVNejcIvIdXEJ/qgCOUI
bbtw/BjColXTn7PyPXavvnk4VuG548vJPYmpSl/wZA57T3V3pui55zDW2kdzbmRL
ua58v7vZAwbey0feAyJOka2SZ2NNhMXVoSVtA4Q2dLBt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:47 2024 by rpki-client on console-ams.rpki-client.org