Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/3fea1a-57bc-493a-9a3e-8c25b5fb276f/1/rKuGk0SL1wDTqZcvaVHx0Htz2II.roa
File: rKuGk0SL1wDTqZcvaVHx0Htz2II.roa (raw, json)
Hash identifier: 9Zlg2Eh9TxixK/U31C+xJnTIUdHd3bcMo6OAOmLWwEI=
Subject key identifier: AC:AB:86:93:44:8B:D7:00:D3:A9:97:2F:69:51:F1:D0:7B:73:D8:82
Certificate issuer: /CN=1c99cebe0cf09903903d19c1ca0ae62421764859
Certificate serial: 01878F2815BA2515716B1BA6855313109736
Authority key identifier: 1C:99:CE:BE:0C:F0:99:03:90:3D:19:C1:CA:0A:E6:24:21:76:48:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJnOvgzwmQOQPRnBygrmJCF2SFk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/3fea1a-57bc-493a-9a3e-8c25b5fb276f/1/rKuGk0SL1wDTqZcvaVHx0Htz2II.roa
Signing time: Mon 17 Apr 2023 12:19:41 +0000
ROA not before: Mon 17 Apr 2023 12:19:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16186
IP address blocks: 185.116.4.0/22 maxlen: 22
89.105.48.0/20 maxlen: 20
2001:820::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8f:28:15:ba:25:15:71:6b:1b:a6:85:53:13:10:97:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c99cebe0cf09903903d19c1ca0ae62421764859
Validity
Not Before: Apr 17 12:19:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=acab8693448bd700d3a9972f6951f1d07b73d882
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:1f:31:56:ef:46:d8:2a:86:c2:2b:05:e4:58:
5d:e9:44:72:84:17:42:a0:1f:e9:e4:33:d5:5f:a7:
e4:e6:84:b1:7c:57:44:e9:31:b8:33:81:2e:a6:d0:
c1:35:1d:2d:54:c2:ab:b1:97:e7:67:32:9e:18:16:
ed:3e:e2:4b:42:fb:18:77:f8:86:f7:07:9b:e6:2f:
4f:ca:71:81:82:1e:06:57:fe:2f:0f:e6:1d:25:e5:
86:4f:1f:ec:0f:21:5d:16:b1:1f:60:d4:3f:e3:f5:
67:82:d8:69:a2:97:2a:30:28:37:4c:3f:38:9c:bd:
2a:2c:e8:66:66:fd:e7:c6:e4:5e:7f:98:24:13:b0:
1b:77:f1:18:fb:cc:88:90:b6:a1:34:24:35:de:13:
42:ab:0a:af:8c:0c:3c:bb:cd:92:46:db:6f:18:88:
84:1d:d2:86:1c:c8:e5:38:1c:5f:cc:54:4b:08:53:
a8:07:b7:4d:22:ad:92:46:dd:68:1c:16:12:12:38:
1a:09:51:cc:19:0e:a4:00:e1:e4:8f:a7:36:d6:cb:
0b:7d:10:5d:eb:46:92:cd:1b:95:55:53:44:d9:6d:
af:9f:68:8e:f8:03:38:2b:cf:33:2f:87:29:09:f2:
b2:ec:d7:fa:31:19:af:79:9a:31:68:d6:14:18:bf:
a9:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:AB:86:93:44:8B:D7:00:D3:A9:97:2F:69:51:F1:D0:7B:73:D8:82
X509v3 Authority Key Identifier:
keyid:1C:99:CE:BE:0C:F0:99:03:90:3D:19:C1:CA:0A:E6:24:21:76:48:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJnOvgzwmQOQPRnBygrmJCF2SFk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/3fea1a-57bc-493a-9a3e-8c25b5fb276f/1/rKuGk0SL1wDTqZcvaVHx0Htz2II.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/3fea1a-57bc-493a-9a3e-8c25b5fb276f/1/HJnOvgzwmQOQPRnBygrmJCF2SFk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.105.48.0/20
185.116.4.0/22
IPv6:
2001:820::/32
Signature Algorithm: sha256WithRSAEncryption
43:e3:29:0e:a5:58:91:12:43:48:42:99:aa:9b:01:a5:f0:bc:
aa:03:27:fd:82:f9:98:b7:0b:83:50:62:85:d0:26:61:5a:55:
62:07:9a:e5:26:c8:ef:22:98:32:37:75:1f:d6:9d:71:d4:36:
21:fc:35:23:5a:ef:51:ab:40:ea:bd:54:4f:01:54:e6:a0:16:
ae:b0:ab:be:3b:7a:95:99:54:6f:c2:7b:a6:60:20:e5:f9:d8:
38:1d:3b:de:08:ba:57:76:ab:ec:6b:0a:a6:4a:04:97:c0:c4:
03:15:1a:28:2d:11:b1:7a:51:b6:db:b9:04:8d:d9:52:1f:66:
64:9b:44:8c:65:6f:5d:19:d0:f3:a4:8a:1f:91:8d:03:cd:f5:
03:28:c2:80:b1:78:62:b7:e2:4e:5f:ad:87:f0:c0:89:cf:f9:
82:57:1c:4e:42:5c:55:ea:2e:3f:78:1e:7f:2e:01:0e:25:9e:
42:ab:51:a3:91:b1:c9:65:45:98:f4:06:61:a2:3f:9f:bb:b1:
c9:5e:3f:e1:73:ae:ff:9f:a3:64:9a:43:b4:24:3c:f3:25:7e:
1a:36:f6:d7:c6:35:7e:5b:60:a2:a8:20:bd:59:95:8b:f4:79:
1c:36:44:03:1e:67:56:23:6e:69:68:6d:52:25:f3:2c:11:24:
0f:9a:11:a0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYePKBW6JRVxaxumhVMTEJc2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTljZWJlMGNmMDk5MDM5MDNkMTljMWNhMGFlNjI0MjE3
NjQ4NTkwHhcNMjMwNDE3MTIxOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2FiODY5MzQ0OGJkNzAwZDNhOTk3MmY2OTUxZjFkMDdiNzNkODgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyB8xVu9G2CqGwisF5Fhd6URyhBdC
oB/p5DPVX6fk5oSxfFdE6TG4M4EuptDBNR0tVMKrsZfnZzKeGBbtPuJLQvsYd/iG
9web5i9PynGBgh4GV/4vD+YdJeWGTx/sDyFdFrEfYNQ/4/VngthpopcqMCg3TD84
nL0qLOhmZv3nxuRef5gkE7Abd/EY+8yIkLahNCQ13hNCqwqvjAw8u82SRttvGIiE
HdKGHMjlOBxfzFRLCFOoB7dNIq2SRt1oHBYSEjgaCVHMGQ6kAOHkj6c21ssLfRBd
60aSzRuVVVNE2W2vn2iO+AM4K88zL4cpCfKy7Nf6MRmveZoxaNYUGL+pZwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKyrhpNEi9cA06mXL2lR8dB7c9iCMB8GA1UdIwQY
MBaAFByZzr4M8JkDkD0ZwcoK5iQhdkhZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpuT3ZnendtUU9RUFJuQnlncm1KQ0YyU0ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8zZmVhMWEtNTdiYy00OTNhLTlhM2Ut
OGMyNWI1ZmIyNzZmLzEvckt1R2swU0wxd0RUcVpjdmFWSHgwSHR6MklJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8zZmVhMWEtNTdiYy00OTNhLTlhM2UtOGMyNWI1ZmIyNzZm
LzEvSEpuT3ZnendtUU9RUFJuQnlncm1KQ0YyU0ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEWWkwAwQC
uXQEMA0EAgACMAcDBQAgAQggMA0GCSqGSIb3DQEBCwUAA4IBAQBD4ykOpViREkNI
QpmqmwGl8LyqAyf9gvmYtwuDUGKF0CZhWlViB5rlJsjvIpgyN3Uf1p1x1DYh/DUj
Wu9Rq0DqvVRPAVTmoBausKu+O3qVmVRvwnumYCDl+dg4HTveCLpXdqvsawqmSgSX
wMQDFRooLRGxelG227kEjdlSH2Zkm0SMZW9dGdDzpIofkY0DzfUDKMKAsXhit+JO
X62H8MCJz/mCVxxOQlxV6i4/eB5/LgEOJZ5Cq1GjkbHJZUWY9AZhoj+fu7HJXj/h
c67/n6NkmkO0JDzzJX4aNvbXxjV+W2CiqCC9WZWL9HkcNkQDHmdWI25paG1SJfMs
ESQPmhGg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:29 2024 by rpki-client on console-ams.rpki-client.org