Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/iQ1RpU3SUVzZvK6iwtQrSRcWcyI.roa
File: iQ1RpU3SUVzZvK6iwtQrSRcWcyI.roa (raw, json)
Hash identifier: FWT4zPfBg70+YvSfjSVmL3FDI+kcWooKVO3+IlXDOVU=
Subject key identifier: 89:0D:51:A5:4D:D2:51:5C:D9:BC:AE:A2:C2:D4:2B:49:17:16:73:22
Certificate issuer: /CN=d181d0c40951a4f900e4d9dd9c20e4856350920e
Certificate serial: 018697F95772AA55325DFEAC36191410C17B
Authority key identifier: D1:81:D0:C4:09:51:A4:F9:00:E4:D9:DD:9C:20:E4:85:63:50:92:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0YHQxAlRpPkA5NndnCDkhWNQkg4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/iQ1RpU3SUVzZvK6iwtQrSRcWcyI.roa
Signing time: Tue 28 Feb 2023 12:22:25 +0000
ROA not before: Tue 28 Feb 2023 12:22:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29119
IP address blocks: 185.160.152.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:97:f9:57:72:aa:55:32:5d:fe:ac:36:19:14:10:c1:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d181d0c40951a4f900e4d9dd9c20e4856350920e
Validity
Not Before: Feb 28 12:22:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=890d51a54dd2515cd9bcaea2c2d42b4917167322
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ff:a9:8b:32:4c:61:61:17:04:f1:c4:a1:c2:
62:65:da:16:20:9f:47:4d:8c:8e:94:30:bd:9a:6c:
d8:84:44:61:4a:16:34:85:df:3a:c9:44:f2:e4:50:
53:d7:77:ae:55:68:01:1f:b8:b8:a3:ce:ae:f8:a9:
9a:7f:c2:e8:09:31:54:53:76:40:b5:64:1e:29:08:
de:a3:51:ea:5e:db:42:d7:95:21:0b:1a:a4:0e:5f:
83:4f:bd:54:e8:ce:3b:0a:84:10:8f:5a:32:e7:fa:
75:3e:71:db:58:7d:86:e5:a4:93:f5:ac:cb:a5:a9:
fa:a9:69:38:e0:8f:ce:1b:5f:72:ad:26:0e:b6:ce:
5a:c6:81:38:3b:13:37:d9:4c:fb:c1:5f:2a:59:26:
66:12:f0:fd:0d:9b:d6:26:c1:aa:e9:bd:8d:a9:3a:
7b:b3:e0:82:2a:67:a4:15:af:a9:0a:1c:57:db:e9:
9e:c0:ac:b1:7d:c4:04:ef:59:30:0b:0b:60:37:a4:
df:1a:d8:44:6b:9c:a8:5a:f4:c6:d6:01:68:70:b4:
f1:19:de:66:fb:0e:9c:4d:ce:fa:5c:8f:a2:31:47:
77:b6:2b:b6:a9:c8:d4:37:88:a9:c3:11:69:5e:01:
f0:86:8e:63:c7:0a:fd:fa:d2:36:cb:1e:18:a7:bc:
0e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:0D:51:A5:4D:D2:51:5C:D9:BC:AE:A2:C2:D4:2B:49:17:16:73:22
X509v3 Authority Key Identifier:
keyid:D1:81:D0:C4:09:51:A4:F9:00:E4:D9:DD:9C:20:E4:85:63:50:92:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0YHQxAlRpPkA5NndnCDkhWNQkg4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/iQ1RpU3SUVzZvK6iwtQrSRcWcyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/0YHQxAlRpPkA5NndnCDkhWNQkg4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.152.0/23
Signature Algorithm: sha256WithRSAEncryption
20:78:65:a2:51:48:9a:e6:39:89:2f:1a:23:e6:be:51:b7:3c:
bc:c7:1a:9d:68:40:16:44:88:96:d9:07:ce:74:8e:21:bb:e4:
8c:cf:c0:e6:64:e7:bf:f6:bc:4b:01:10:b5:5c:ec:53:8d:48:
3a:d1:fb:71:4a:f1:73:d4:a8:e0:8c:eb:5c:5d:57:9b:1c:d0:
8d:cd:8d:40:ec:3d:f6:a6:29:29:25:79:ac:33:70:2d:da:54:
53:1a:10:f5:6b:02:25:2c:2b:e9:c3:22:68:27:e3:fe:48:7b:
ce:e5:28:22:44:d6:97:2f:27:72:4a:5c:43:73:77:af:6b:b3:
3c:ef:ae:7e:98:71:92:7e:1e:ca:68:3f:ad:5a:51:6a:86:38:
3e:f5:e1:ce:6d:44:cb:6f:62:04:6a:35:6a:09:f7:14:02:47:
66:ca:31:cd:df:30:0a:18:65:04:f4:58:04:1d:77:24:bf:f8:
8e:5d:d7:96:e9:4e:c8:b2:34:95:23:29:3e:77:59:e9:14:cb:
b0:79:9e:ba:5d:12:bc:ad:1c:31:b0:dd:23:5f:8f:4d:a4:45:
d7:07:3f:0a:d3:fe:35:7f:c4:48:76:bf:5b:5e:06:5f:23:4a:
e8:31:ee:8b:e5:d7:dc:b6:97:bc:03:74:b2:7a:ad:5e:d0:23:
14:26:58:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaX+VdyqlUyXf6sNhkUEMF7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxODFkMGM0MDk1MWE0ZjkwMGU0ZDlkZDljMjBlNDg1NjM1
MDkyMGUwHhcNMjMwMjI4MTIyMjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTBkNTFhNTRkZDI1MTVjZDliY2FlYTJjMmQ0MmI0OTE3MTY3MzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmf+pizJMYWEXBPHEocJiZdoWIJ9H
TYyOlDC9mmzYhERhShY0hd86yUTy5FBT13euVWgBH7i4o86u+Kmaf8LoCTFUU3ZA
tWQeKQjeo1HqXttC15UhCxqkDl+DT71U6M47CoQQj1oy5/p1PnHbWH2G5aST9azL
pan6qWk44I/OG19yrSYOts5axoE4OxM32Uz7wV8qWSZmEvD9DZvWJsGq6b2NqTp7
s+CCKmekFa+pChxX2+mewKyxfcQE71kwCwtgN6TfGthEa5yoWvTG1gFocLTxGd5m
+w6cTc76XI+iMUd3tiu2qcjUN4ipwxFpXgHwho5jxwr9+tI2yx4Yp7wOIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIkNUaVN0lFc2byuosLUK0kXFnMiMB8GA1UdIwQY
MBaAFNGB0MQJUaT5AOTZ3Zwg5IVjUJIOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFlIUXhBbFJwUGtBNU5uZG5DRGtoV05Ra2c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9hOWQ3OWUtYjI4Mi00M2MxLThiOGEt
Mzg4YjgxYzBjOTBjLzEvaVExUnBVM1NVVnpadks2aXd0UXJTUmNXY3lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9hOWQ3OWUtYjI4Mi00M2MxLThiOGEtMzg4YjgxYzBjOTBj
LzEvMFlIUXhBbFJwUGtBNU5uZG5DRGtoV05Ra2c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuaCYMA0G
CSqGSIb3DQEBCwUAA4IBAQAgeGWiUUia5jmJLxoj5r5Rtzy8xxqdaEAWRIiW2QfO
dI4hu+SMz8DmZOe/9rxLARC1XOxTjUg60ftxSvFz1KjgjOtcXVebHNCNzY1A7D32
pikpJXmsM3At2lRTGhD1awIlLCvpwyJoJ+P+SHvO5SgiRNaXLydySlxDc3eva7M8
765+mHGSfh7KaD+tWlFqhjg+9eHObUTLb2IEajVqCfcUAkdmyjHN3zAKGGUE9FgE
HXckv/iOXdeW6U7IsjSVIyk+d1npFMuweZ66XRK8rRwxsN0jX49NpEXXBz8K0/41
f8RIdr9bXgZfI0roMe6L5dfctpe8A3Syeq1e0CMUJlgr
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:25 2024 by rpki-client on console-ams.rpki-client.org