Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/Owj-iYWEypi1xsznfKFKMdWcdbM.roa
File: Owj-iYWEypi1xsznfKFKMdWcdbM.roa (raw, json)
Hash identifier: ueJYUQlIjUvGs3UfS4a+8xmzVyzpdwilg3/aAcbv5D4=
Subject key identifier: 3B:08:FE:89:85:84:CA:98:B5:C6:CC:E7:7C:A1:4A:31:D5:9C:75:B3
Certificate issuer: /CN=d03046d16cfc391b028b88743773ce005cf97b1d
Certificate serial: 01856DB877B7EF81F85EE05D5D3B7BFDE97D
Authority key identifier: D0:30:46:D1:6C:FC:39:1B:02:8B:88:74:37:73:CE:00:5C:F9:7B:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0DBG0Wz8ORsCi4h0N3POAFz5ex0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/Owj-iYWEypi1xsznfKFKMdWcdbM.roa
Signing time: Sun 01 Jan 2023 14:24:43 +0000
ROA not before: Sun 01 Jan 2023 14:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.163.152.0/24 maxlen: 24
185.163.153.0/24 maxlen: 24
185.163.155.0/24 maxlen: 24
185.163.154.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:b8:77:b7:ef:81:f8:5e:e0:5d:5d:3b:7b:fd:e9:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d03046d16cfc391b028b88743773ce005cf97b1d
Validity
Not Before: Jan 1 14:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b08fe898584ca98b5c6cce77ca14a31d59c75b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e0:82:46:4f:06:07:c8:1d:23:0a:3d:af:80:
a8:8c:55:4a:5b:ac:8d:aa:22:a7:a4:d9:2e:8e:ac:
69:2a:57:91:e5:05:26:6b:d3:b6:db:28:6b:fe:db:
75:d2:2a:e7:1c:45:6b:09:da:46:f8:89:88:c7:1e:
97:51:0c:c4:d8:35:32:41:e3:13:ae:57:79:32:87:
c4:9b:71:be:50:34:91:c4:fe:6d:db:6a:e2:99:b7:
a9:30:d2:fa:83:e0:a9:82:6e:ed:cb:6d:e1:04:10:
ff:cb:6c:e5:1e:9e:4d:da:4f:55:08:f8:8a:fc:cf:
a9:7a:a3:02:76:a2:44:05:16:e1:68:b3:47:62:83:
87:09:5d:de:df:8c:b6:79:a9:32:38:ce:50:ce:fd:
bd:72:91:c7:99:ee:c1:63:42:96:d5:46:b2:19:b8:
ba:2f:bf:fe:22:f8:31:ea:e7:3d:95:90:91:69:8f:
43:2d:da:a5:22:4a:9d:56:bd:da:47:1a:fc:d8:07:
ae:f3:9d:95:24:ae:f3:07:3a:ef:39:37:01:e6:14:
ae:07:9a:cc:09:95:4c:97:4c:a5:1e:20:5f:a1:51:
16:27:a3:1d:be:e7:b0:4e:5a:7d:d9:24:e7:67:f3:
c1:5d:82:6e:79:1b:47:b6:6d:c4:dd:d1:8d:77:d6:
d3:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:08:FE:89:85:84:CA:98:B5:C6:CC:E7:7C:A1:4A:31:D5:9C:75:B3
X509v3 Authority Key Identifier:
keyid:D0:30:46:D1:6C:FC:39:1B:02:8B:88:74:37:73:CE:00:5C:F9:7B:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0DBG0Wz8ORsCi4h0N3POAFz5ex0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/Owj-iYWEypi1xsznfKFKMdWcdbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/0DBG0Wz8ORsCi4h0N3POAFz5ex0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.152.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:76:2d:a0:7b:4a:d4:ec:69:21:aa:06:19:7a:c7:87:56:a8:
bf:20:69:f3:db:ec:a8:f2:8a:6d:7d:5b:0b:ce:5e:7e:15:00:
08:f8:7d:b0:78:95:b5:78:f6:4b:24:de:7b:82:49:86:76:2d:
1e:71:2f:a1:8d:86:49:82:e4:04:41:fd:ed:45:6c:d4:5e:98:
45:3e:34:cb:d0:62:a2:08:b1:79:0d:24:15:14:c5:fa:9f:6c:
3d:c4:b2:d4:c9:51:d1:f6:c8:cc:79:d9:a6:c5:bf:01:18:64:
e7:c5:05:a1:a5:6a:ef:aa:3e:e4:17:b1:93:b6:d4:a4:96:96:
f8:c2:97:97:ee:ca:e1:cb:3e:6e:b9:7c:b5:2e:0f:2a:9a:c6:
e1:df:18:c7:03:ce:e1:5e:92:ec:f2:f4:90:3d:d4:1b:57:ea:
2f:1d:fe:e2:f9:d8:f0:82:f3:3b:78:12:cf:dd:86:62:33:0b:
46:9c:da:85:b1:63:54:e8:df:51:1c:55:67:de:e4:55:3e:db:
c3:14:91:7a:4c:61:d0:f3:02:29:50:fe:61:4c:a0:8e:b8:b4:
33:6e:40:96:1b:5e:58:cf:2f:07:d1:99:af:19:1d:c4:52:27:
b4:3a:16:c7:72:69:cd:85:b5:47:79:33:10:af:55:98:17:3d:
a2:eb:aa:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtuHe374H4XuBdXTt7/el9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMzA0NmQxNmNmYzM5MWIwMjhiODg3NDM3NzNjZTAwNWNm
OTdiMWQwHhcNMjMwMTAxMTQyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjA4ZmU4OTg1ODRjYTk4YjVjNmNjZTc3Y2ExNGEzMWQ1OWM3NWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+CCRk8GB8gdIwo9r4CojFVKW6yN
qiKnpNkujqxpKleR5QUma9O22yhr/tt10irnHEVrCdpG+ImIxx6XUQzE2DUyQeMT
rld5MofEm3G+UDSRxP5t22rimbepMNL6g+Cpgm7ty23hBBD/y2zlHp5N2k9VCPiK
/M+peqMCdqJEBRbhaLNHYoOHCV3e34y2eakyOM5Qzv29cpHHme7BY0KW1UayGbi6
L7/+Ivgx6uc9lZCRaY9DLdqlIkqdVr3aRxr82Aeu852VJK7zBzrvOTcB5hSuB5rM
CZVMl0ylHiBfoVEWJ6MdvuewTlp92STnZ/PBXYJueRtHtm3E3dGNd9bTgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDsI/omFhMqYtcbM53yhSjHVnHWzMB8GA1UdIwQY
MBaAFNAwRtFs/DkbAouIdDdzzgBc+XsdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMERCRzBXejhPUnNDaTRoME4zUE9BRno1ZXgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xOGQxMzItOTk1MS00MDU1LWI1YTYt
ZGMwZTFhNzI1MjIxLzEvT3dqLWlZV0V5cGkxeHN6bmZLRktNZFdjZGJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8xOGQxMzItOTk1MS00MDU1LWI1YTYtZGMwZTFhNzI1MjIx
LzEvMERCRzBXejhPUnNDaTRoME4zUE9BRno1ZXgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaOYMA0G
CSqGSIb3DQEBCwUAA4IBAQCwdi2ge0rU7GkhqgYZeseHVqi/IGnz2+yo8optfVsL
zl5+FQAI+H2weJW1ePZLJN57gkmGdi0ecS+hjYZJguQEQf3tRWzUXphFPjTL0GKi
CLF5DSQVFMX6n2w9xLLUyVHR9sjMedmmxb8BGGTnxQWhpWrvqj7kF7GTttSklpb4
wpeX7srhyz5uuXy1Lg8qmsbh3xjHA87hXpLs8vSQPdQbV+ovHf7i+djwgvM7eBLP
3YZiMwtGnNqFsWNU6N9RHFVn3uRVPtvDFJF6TGHQ8wIpUP5hTKCOuLQzbkCWG15Y
zy8H0ZmvGR3EUie0OhbHcmnNhbVHeTMQr1WYFz2i66o5
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:28:10 2024 by rpki-client on console-fra.rpki-client.org