Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/ABc05yvRtTST0ZqBVZg3i7IMjX4.roa
File: ABc05yvRtTST0ZqBVZg3i7IMjX4.roa (raw, json)
Hash identifier: 8Pc+MMktpDQTkBtneLa1K5bwXZOK2uLz0zuiUPDLfjU=
Subject key identifier: 00:17:34:E7:2B:D1:B5:34:93:D1:9A:81:55:98:37:8B:B2:0C:8D:7E
Certificate issuer: /CN=d03046d16cfc391b028b88743773ce005cf97b1d
Certificate serial: 01856DB87658D6E8875C81BDCB265D84E7CB
Authority key identifier: D0:30:46:D1:6C:FC:39:1B:02:8B:88:74:37:73:CE:00:5C:F9:7B:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0DBG0Wz8ORsCi4h0N3POAFz5ex0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/ABc05yvRtTST0ZqBVZg3i7IMjX4.roa
Signing time: Sun 01 Jan 2023 14:24:43 +0000
ROA not before: Sun 01 Jan 2023 14:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 185.163.152.0/24 maxlen: 24
185.163.153.0/24 maxlen: 24
185.163.155.0/24 maxlen: 24
185.163.154.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:b8:76:58:d6:e8:87:5c:81:bd:cb:26:5d:84:e7:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d03046d16cfc391b028b88743773ce005cf97b1d
Validity
Not Before: Jan 1 14:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=001734e72bd1b53493d19a815598378bb20c8d7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f6:e8:77:51:12:11:98:3b:75:c5:48:cc:5b:
bf:23:47:e2:64:3b:b1:53:07:d3:36:12:d1:15:b8:
1a:9c:f1:f2:e8:06:47:d9:83:f3:a7:30:c0:4a:8c:
26:24:7b:20:53:15:c0:80:da:d8:ec:20:22:28:fb:
72:8a:90:3c:7f:95:eb:09:b4:48:20:9f:6b:71:31:
5a:c1:28:b2:83:fd:16:57:d3:71:bf:55:34:91:6b:
6d:56:d2:d7:92:0f:09:17:f2:78:29:0d:84:97:2d:
1f:79:07:03:91:d8:d2:51:ec:78:c5:52:00:26:f5:
93:3b:af:f9:e5:8f:f2:e2:ae:f2:d9:f9:24:d8:50:
fe:56:15:0c:2e:c3:68:5f:6a:88:35:ad:e8:f7:27:
33:19:81:02:11:7f:8f:a7:94:d8:07:b0:54:9d:ff:
a6:92:83:e1:5f:de:a8:c3:60:98:5a:f6:f0:a1:43:
24:cf:6e:0e:09:5c:92:b1:e5:df:a7:7b:9f:b6:95:
01:c8:d7:90:31:2a:a3:3f:ad:e5:05:6a:f1:90:68:
cf:b5:41:8f:e5:85:62:f7:94:24:6f:77:c3:7c:b8:
ec:52:bf:8c:a3:e3:c9:ee:64:4b:1b:ab:2a:6e:93:
4d:f7:c0:56:1a:f7:0d:41:77:a4:ea:e4:d6:e2:99:
28:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:17:34:E7:2B:D1:B5:34:93:D1:9A:81:55:98:37:8B:B2:0C:8D:7E
X509v3 Authority Key Identifier:
keyid:D0:30:46:D1:6C:FC:39:1B:02:8B:88:74:37:73:CE:00:5C:F9:7B:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0DBG0Wz8ORsCi4h0N3POAFz5ex0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/ABc05yvRtTST0ZqBVZg3i7IMjX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/0DBG0Wz8ORsCi4h0N3POAFz5ex0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.152.0/22
Signature Algorithm: sha256WithRSAEncryption
27:76:95:3b:75:ce:08:68:02:ad:67:86:72:a5:24:96:18:b0:
40:46:02:ba:a8:1a:40:22:8f:df:66:ef:23:9c:a0:e9:59:62:
29:4e:2c:2d:d6:ec:e0:86:d9:22:8d:92:e5:0c:85:5b:07:17:
7d:6b:01:7d:04:7e:8e:3a:c0:e5:6f:c8:50:02:0d:87:54:30:
91:26:8b:90:48:4f:fd:d9:d7:dc:ae:dd:d3:41:c3:06:f4:5e:
d9:d9:4c:d9:cd:4b:94:cb:37:78:48:be:a5:b9:90:60:8e:32:
34:70:47:1c:19:85:9d:21:3b:24:b2:d5:aa:c3:03:8e:47:1d:
2f:13:22:c6:66:5e:c9:47:65:e8:87:60:6c:09:eb:d4:a3:79:
ad:1f:70:26:d9:ee:e7:87:28:f7:1c:82:ef:f1:42:be:5a:8c:
f4:2b:92:f6:5e:28:ad:ac:54:89:ef:d2:ad:5d:9c:58:59:6e:
b3:84:5b:20:b8:a2:5a:45:37:88:fd:e0:54:7b:ec:1c:4b:fa:
56:ef:26:d2:d7:51:9d:ae:7d:fe:46:b9:9b:f4:9f:6a:b2:9d:
da:81:2b:6b:34:5b:32:79:3f:06:9d:b0:37:9b:31:15:33:99:
3d:1a:76:bb:e2:66:a7:0f:c9:06:5a:2b:00:99:a3:a8:53:a1:
25:9a:14:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtuHZY1uiHXIG9yyZdhOfLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMzA0NmQxNmNmYzM5MWIwMjhiODg3NDM3NzNjZTAwNWNm
OTdiMWQwHhcNMjMwMTAxMTQyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDE3MzRlNzJiZDFiNTM0OTNkMTlhODE1NTk4Mzc4YmIyMGM4ZDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/bod1ESEZg7dcVIzFu/I0fiZDux
UwfTNhLRFbganPHy6AZH2YPzpzDASowmJHsgUxXAgNrY7CAiKPtyipA8f5XrCbRI
IJ9rcTFawSiyg/0WV9Nxv1U0kWttVtLXkg8JF/J4KQ2Ely0feQcDkdjSUex4xVIA
JvWTO6/55Y/y4q7y2fkk2FD+VhUMLsNoX2qINa3o9yczGYECEX+Pp5TYB7BUnf+m
koPhX96ow2CYWvbwoUMkz24OCVySseXfp3uftpUByNeQMSqjP63lBWrxkGjPtUGP
5YVi95Qkb3fDfLjsUr+Mo+PJ7mRLG6sqbpNN98BWGvcNQXek6uTW4pkoIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAAXNOcr0bU0k9GagVWYN4uyDI1+MB8GA1UdIwQY
MBaAFNAwRtFs/DkbAouIdDdzzgBc+XsdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMERCRzBXejhPUnNDaTRoME4zUE9BRno1ZXgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xOGQxMzItOTk1MS00MDU1LWI1YTYt
ZGMwZTFhNzI1MjIxLzEvQUJjMDV5dlJ0VFNUMFpxQlZaZzNpN0lNalg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8xOGQxMzItOTk1MS00MDU1LWI1YTYtZGMwZTFhNzI1MjIx
LzEvMERCRzBXejhPUnNDaTRoME4zUE9BRno1ZXgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaOYMA0G
CSqGSIb3DQEBCwUAA4IBAQAndpU7dc4IaAKtZ4ZypSSWGLBARgK6qBpAIo/fZu8j
nKDpWWIpTiwt1uzghtkijZLlDIVbBxd9awF9BH6OOsDlb8hQAg2HVDCRJouQSE/9
2dfcrt3TQcMG9F7Z2UzZzUuUyzd4SL6luZBgjjI0cEccGYWdITskstWqwwOORx0v
EyLGZl7JR2Xoh2BsCevUo3mtH3Am2e7nhyj3HILv8UK+Woz0K5L2XiitrFSJ79Kt
XZxYWW6zhFsguKJaRTeI/eBUe+wcS/pW7ybS11Gdrn3+Rrmb9J9qsp3agStrNFsy
eT8GnbA3mzEVM5k9Gna74manD8kGWisAmaOoU6ElmhR1
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:28:10 2024 by rpki-client on console-fra.rpki-client.org