Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/b366bb-7220-45f3-b46d-d63a5111fbf7/1/ApLPnScaq4VQa2qKiXnhomA8g2A.roa
File: ApLPnScaq4VQa2qKiXnhomA8g2A.roa (raw, json)
Hash identifier: NBvu3p5XvoBzoguJs/bQKViFlITinGLIFDWpd7p3t7I=
Subject key identifier: 02:92:CF:9D:27:1A:AB:85:50:6B:6A:8A:89:79:E1:A2:60:3C:83:60
Certificate issuer: /CN=02c4913823a319feba2270e1ba2ca09e435bd55b
Certificate serial: 01856F26C7268959F0CA5109AE41072535F8
Authority key identifier: 02:C4:91:38:23:A3:19:FE:BA:22:70:E1:BA:2C:A0:9E:43:5B:D5:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AsSROCOjGf66InDhuiygnkNb1Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/b366bb-7220-45f3-b46d-d63a5111fbf7/1/ApLPnScaq4VQa2qKiXnhomA8g2A.roa
Signing time: Sun 01 Jan 2023 21:04:50 +0000
ROA not before: Sun 01 Jan 2023 21:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48904
IP address blocks: 185.204.8.0/23 maxlen: 23
185.204.10.0/23 maxlen: 23
217.72.16.0/21 maxlen: 21
217.72.24.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:c7:26:89:59:f0:ca:51:09:ae:41:07:25:35:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02c4913823a319feba2270e1ba2ca09e435bd55b
Validity
Not Before: Jan 1 21:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0292cf9d271aab85506b6a8a8979e1a2603c8360
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ef:9a:e1:f0:e5:c3:ee:c1:1d:4f:5b:b8:ab:
a2:cc:03:68:e3:33:9b:6d:a8:9f:47:cb:64:7a:e2:
4c:6d:8a:ee:7e:02:72:1b:cd:be:da:9b:5d:d4:60:
c9:09:57:14:d1:af:76:69:c2:aa:b9:62:59:4e:35:
56:6e:ab:c0:e9:e7:65:22:16:c0:e1:0b:95:66:c9:
06:50:ba:fd:aa:7f:39:0b:0f:4d:87:3a:eb:89:56:
a0:bb:9c:7f:71:3b:08:ef:2a:35:d5:20:7a:6f:90:
6e:40:7d:c7:9b:22:7d:75:76:18:36:84:38:c8:03:
8d:71:9a:ce:7f:d8:27:c1:f6:f9:84:b5:66:d5:ba:
bf:be:d6:59:9d:01:7a:df:93:39:72:65:96:bc:65:
a4:ce:e9:55:8f:7a:ec:89:6c:80:13:15:2b:bd:36:
c4:7f:eb:2a:9c:5e:81:55:9c:4a:35:b6:58:f6:03:
37:69:ac:d9:ab:e3:7c:2c:67:50:16:f3:93:ac:55:
b2:74:27:24:3e:72:b0:33:9f:58:2a:70:9a:11:44:
5b:26:28:ec:c6:dc:c1:35:5d:31:f4:ef:49:ba:03:
2a:10:08:7d:b9:dc:13:c9:20:c6:11:08:8c:73:ad:
3a:0f:38:33:07:e8:89:fc:97:9f:b3:8a:1f:44:ed:
f6:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:92:CF:9D:27:1A:AB:85:50:6B:6A:8A:89:79:E1:A2:60:3C:83:60
X509v3 Authority Key Identifier:
keyid:02:C4:91:38:23:A3:19:FE:BA:22:70:E1:BA:2C:A0:9E:43:5B:D5:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AsSROCOjGf66InDhuiygnkNb1Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b366bb-7220-45f3-b46d-d63a5111fbf7/1/ApLPnScaq4VQa2qKiXnhomA8g2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b366bb-7220-45f3-b46d-d63a5111fbf7/1/AsSROCOjGf66InDhuiygnkNb1Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.8.0/22
217.72.16.0/20
Signature Algorithm: sha256WithRSAEncryption
73:9d:85:92:40:d7:12:47:f5:04:c1:e4:6b:9c:fa:3a:76:82:
4c:dd:8c:09:9b:10:c1:da:64:08:55:4c:31:b4:c1:6a:72:6d:
8a:81:60:2c:47:8d:f4:08:40:be:60:09:bb:e6:d5:84:a5:b0:
ce:8b:3d:86:51:a7:ec:1a:ba:d6:18:2a:63:64:e1:df:83:95:
14:c5:ce:5e:51:7a:a3:8d:20:01:3b:c4:34:0c:11:c3:11:95:
38:d7:be:fe:e2:be:da:f4:81:5e:d3:9e:62:91:ad:02:8e:01:
89:35:4b:b5:13:85:d7:e6:22:c3:c5:9a:2e:68:d8:53:43:67:
94:13:79:c7:83:f3:44:71:26:a2:3b:81:fd:b2:36:58:f3:f2:
3d:04:ce:ee:dc:65:6d:6e:9c:e4:f1:db:9d:78:8f:3b:fb:af:
20:13:d4:30:6a:bf:97:b1:86:c2:70:43:0a:b3:ae:cb:4b:97:
f8:47:06:dd:fa:eb:c3:45:03:fa:3f:8b:e4:99:d5:ba:88:34:
da:73:cd:25:71:4a:97:00:d4:dd:99:d1:93:c7:8b:70:c8:dd:
f3:38:b3:8d:6a:be:60:6c:ea:81:ba:d6:57:c7:b2:60:17:db:
91:cd:e2:9f:79:03:73:13:ad:48:c4:3f:05:14:b7:9f:51:43:
55:e8:07:8b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvJscmiVnwylEJrkEHJTX4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYzQ5MTM4MjNhMzE5ZmViYTIyNzBlMWJhMmNhMDllNDM1
YmQ1NWIwHhcNMjMwMTAxMjEwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjkyY2Y5ZDI3MWFhYjg1NTA2YjZhOGE4OTc5ZTFhMjYwM2M4MzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuO+a4fDlw+7BHU9buKuizANo4zOb
baifR8tkeuJMbYrufgJyG82+2ptd1GDJCVcU0a92acKquWJZTjVWbqvA6edlIhbA
4QuVZskGULr9qn85Cw9NhzrriVagu5x/cTsI7yo11SB6b5BuQH3HmyJ9dXYYNoQ4
yAONcZrOf9gnwfb5hLVm1bq/vtZZnQF635M5cmWWvGWkzulVj3rsiWyAExUrvTbE
f+sqnF6BVZxKNbZY9gM3aazZq+N8LGdQFvOTrFWydCckPnKwM59YKnCaEURbJijs
xtzBNV0x9O9JugMqEAh9udwTySDGEQiMc606DzgzB+iJ/Jefs4ofRO32hwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAKSz50nGquFUGtqiol54aJgPINgMB8GA1UdIwQY
MBaAFALEkTgjoxn+uiJw4bosoJ5DW9VbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXNTUk9DT2pHZjY2SW5EaHVpeWdua05iMVZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9iMzY2YmItNzIyMC00NWYzLWI0NmQt
ZDYzYTUxMTFmYmY3LzEvQXBMUG5TY2FxNFZRYTJxS2lYbmhvbUE4ZzJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9iMzY2YmItNzIyMC00NWYzLWI0NmQtZDYzYTUxMTFmYmY3
LzEvQXNTUk9DT2pHZjY2SW5EaHVpeWdua05iMVZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCucwIAwQE
2UgQMA0GCSqGSIb3DQEBCwUAA4IBAQBznYWSQNcSR/UEweRrnPo6doJM3YwJmxDB
2mQIVUwxtMFqcm2KgWAsR430CEC+YAm75tWEpbDOiz2GUafsGrrWGCpjZOHfg5UU
xc5eUXqjjSABO8Q0DBHDEZU4177+4r7a9IFe055ika0CjgGJNUu1E4XX5iLDxZou
aNhTQ2eUE3nHg/NEcSaiO4H9sjZY8/I9BM7u3GVtbpzk8dudeI87+68gE9Qwar+X
sYbCcEMKs67LS5f4Rwbd+uvDRQP6P4vkmdW6iDTac80lcUqXANTdmdGTx4twyN3z
OLONar5gbOqButZXx7JgF9uRzeKfeQNzE61IxD8FFLefUUNV6AeL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:03 2024 by rpki-client on console-ams.rpki-client.org