Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/MaysZY_FQ4mUydJwZ2syGKlPo4A.roa
File: MaysZY_FQ4mUydJwZ2syGKlPo4A.roa (raw, json)
Hash identifier: Ib77lC9wU94ijtXZ7wAX+4IKk5uY8s1A6QHw0vp7DwI=
Subject key identifier: 31:AC:AC:65:8F:C5:43:89:94:C9:D2:70:67:6B:32:18:A9:4F:A3:80
Certificate issuer: /CN=d03046d16cfc391b028b88743773ce005cf97b1d
Certificate serial: 018CC64AF088E12351A7095C3FCB48CB6D99
Authority key identifier: D0:30:46:D1:6C:FC:39:1B:02:8B:88:74:37:73:CE:00:5C:F9:7B:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0DBG0Wz8ORsCi4h0N3POAFz5ex0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/MaysZY_FQ4mUydJwZ2syGKlPo4A.roa
Signing time: Mon 01 Jan 2024 18:30:49 +0000
ROA not before: Mon 01 Jan 2024 18:30:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.163.152.0/24 maxlen: 24
185.163.153.0/24 maxlen: 24
185.163.155.0/24 maxlen: 24
185.163.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:f0:88:e1:23:51:a7:09:5c:3f:cb:48:cb:6d:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d03046d16cfc391b028b88743773ce005cf97b1d
Validity
Not Before: Jan 1 18:30:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31acac658fc5438994c9d270676b3218a94fa380
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a9:f0:3b:ae:cf:c4:27:aa:8f:c6:dd:23:91:
ae:1a:e9:0f:1e:57:cb:7e:ad:3e:ec:ed:88:43:65:
b0:15:cb:9b:f0:cf:c7:7f:14:1c:93:be:ae:ef:13:
c9:b1:a0:a3:93:09:f2:ea:0f:7d:f1:13:a6:f1:55:
71:e0:81:f1:78:49:55:c5:83:d2:b4:84:5a:9d:4f:
7d:c4:45:95:44:89:b9:b6:53:fd:e7:55:bd:7b:3e:
df:f6:f0:ed:72:10:b6:2b:51:64:84:fd:ec:0b:dc:
16:6f:5a:93:a8:81:de:02:c8:6c:13:37:aa:27:c7:
46:cc:f3:d9:d4:9d:0d:96:f2:5e:01:a7:8a:c0:c0:
e8:2a:72:5c:25:d5:91:39:96:65:6b:3b:c4:a1:98:
b4:ad:0e:2e:28:14:f2:04:f8:34:2c:7e:0f:90:82:
05:2c:d6:46:22:4b:77:40:3f:63:f4:06:9c:61:88:
ab:89:5f:f7:9d:ad:97:1d:c3:e4:13:7f:de:0c:84:
71:45:e3:92:89:ba:12:a6:54:9d:17:37:3e:61:70:
28:f1:05:c6:54:ac:88:cf:6e:cc:bb:21:dd:b7:e1:
27:23:69:76:f9:40:48:59:cd:66:f6:0e:9f:df:77:
74:02:23:b7:b6:5a:0b:e1:56:aa:c2:26:c1:7a:e5:
69:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:AC:AC:65:8F:C5:43:89:94:C9:D2:70:67:6B:32:18:A9:4F:A3:80
X509v3 Authority Key Identifier:
keyid:D0:30:46:D1:6C:FC:39:1B:02:8B:88:74:37:73:CE:00:5C:F9:7B:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0DBG0Wz8ORsCi4h0N3POAFz5ex0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/MaysZY_FQ4mUydJwZ2syGKlPo4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/0DBG0Wz8ORsCi4h0N3POAFz5ex0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.152.0/22
Signature Algorithm: sha256WithRSAEncryption
bb:4a:1c:ed:b1:5e:46:c8:d2:5d:d5:7e:04:4d:fc:35:1b:10:
35:55:63:c9:52:aa:06:44:b1:d9:72:39:96:5e:1a:e5:96:15:
1c:b2:86:9a:b6:8d:91:20:65:4c:86:e0:1d:13:0b:7c:d2:22:
fa:f8:30:3e:c4:b7:60:c6:b8:e6:63:28:30:39:78:56:6b:fb:
6f:86:40:a0:ea:42:df:8b:08:1a:6b:f0:04:50:22:64:1f:ee:
2a:91:fc:55:82:8b:f8:15:37:fe:9d:08:10:5a:a4:50:da:99:
ee:26:9d:91:77:8a:fb:a7:87:cc:1c:f6:d9:14:fc:27:80:5d:
47:53:db:1d:56:cf:51:56:7a:13:4d:cd:5f:25:9c:57:e7:25:
25:1f:f9:c6:6f:89:da:5f:d8:7f:4a:a9:d4:85:86:07:63:53:
ac:d4:c4:86:e1:a0:35:d0:dc:27:77:c7:cd:53:25:c9:a1:06:
1d:a8:b0:54:00:0b:60:d4:12:34:cb:8a:10:e7:94:ee:cd:c4:
91:e3:bb:f3:62:ad:4f:b9:fb:37:1d:dc:fb:07:2b:08:a1:75:
ad:e1:3a:87:6d:58:35:85:bb:74:92:48:14:4c:2a:53:c9:dd:
5f:68:a4:93:58:32:57:68:40:4d:25:4a:b8:ee:6b:1e:5b:7f:
a1:88:3f:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSvCI4SNRpwlcP8tIy22ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMzA0NmQxNmNmYzM5MWIwMjhiODg3NDM3NzNjZTAwNWNm
OTdiMWQwHhcNMjQwMTAxMTgzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWFjYWM2NThmYzU0Mzg5OTRjOWQyNzA2NzZiMzIxOGE5NGZhMzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlanwO67PxCeqj8bdI5GuGukPHlfL
fq0+7O2IQ2WwFcub8M/HfxQck76u7xPJsaCjkwny6g998ROm8VVx4IHxeElVxYPS
tIRanU99xEWVRIm5tlP951W9ez7f9vDtchC2K1FkhP3sC9wWb1qTqIHeAshsEzeq
J8dGzPPZ1J0NlvJeAaeKwMDoKnJcJdWROZZlazvEoZi0rQ4uKBTyBPg0LH4PkIIF
LNZGIkt3QD9j9AacYYiriV/3na2XHcPkE3/eDIRxReOSiboSplSdFzc+YXAo8QXG
VKyIz27MuyHdt+EnI2l2+UBIWc1m9g6f33d0AiO3tloL4VaqwibBeuVpOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDGsrGWPxUOJlMnScGdrMhipT6OAMB8GA1UdIwQY
MBaAFNAwRtFs/DkbAouIdDdzzgBc+XsdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMERCRzBXejhPUnNDaTRoME4zUE9BRno1ZXgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xOGQxMzItOTk1MS00MDU1LWI1YTYt
ZGMwZTFhNzI1MjIxLzEvTWF5c1pZX0ZRNG1VeWRKd1oyc3lHS2xQbzRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8xOGQxMzItOTk1MS00MDU1LWI1YTYtZGMwZTFhNzI1MjIx
LzEvMERCRzBXejhPUnNDaTRoME4zUE9BRno1ZXgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaOYMA0G
CSqGSIb3DQEBCwUAA4IBAQC7ShztsV5GyNJd1X4ETfw1GxA1VWPJUqoGRLHZcjmW
XhrllhUcsoaato2RIGVMhuAdEwt80iL6+DA+xLdgxrjmYygwOXhWa/tvhkCg6kLf
iwgaa/AEUCJkH+4qkfxVgov4FTf+nQgQWqRQ2pnuJp2Rd4r7p4fMHPbZFPwngF1H
U9sdVs9RVnoTTc1fJZxX5yUlH/nGb4naX9h/SqnUhYYHY1Os1MSG4aA10Nwnd8fN
UyXJoQYdqLBUAAtg1BI0y4oQ55TuzcSR47vzYq1Pufs3Hdz7BysIoXWt4TqHbVg1
hbt0kkgUTCpTyd1faKSTWDJXaEBNJUq47mseW3+hiD8Y
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:26:33 2025 by rpki-client