Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/4f1087-2f1b-4ab5-ae71-26cdc55644d4/1/1qxPI8lafJNXq86KSocX4lrwkkw.roa
File: 1qxPI8lafJNXq86KSocX4lrwkkw.roa (raw, json)
Hash identifier: l3Imoxe+DKLx69/REC7PaG2GwmeKnDJRvJNO01la+JY=
Subject key identifier: D6:AC:4F:23:C9:5A:7C:93:57:AB:CE:8A:4A:87:17:E2:5A:F0:92:4C
Certificate issuer: /CN=ef0ec81b9c653b8e340508ff848db066e36772b0
Certificate serial: 018C5DDA23E3FCD423E65BC5CAC1F44CCB3F
Authority key identifier: EF:0E:C8:1B:9C:65:3B:8E:34:05:08:FF:84:8D:B0:66:E3:67:72:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7w7IG5xlO440BQj_hI2wZuNncrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/4f1087-2f1b-4ab5-ae71-26cdc55644d4/1/1qxPI8lafJNXq86KSocX4lrwkkw.roa
Signing time: Tue 12 Dec 2023 11:47:06 +0000
ROA not before: Tue 12 Dec 2023 11:47:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203641
IP address blocks: 185.107.160.0/22 maxlen: 24
193.111.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5d:da:23:e3:fc:d4:23:e6:5b:c5:ca:c1:f4:4c:cb:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef0ec81b9c653b8e340508ff848db066e36772b0
Validity
Not Before: Dec 12 11:47:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6ac4f23c95a7c9357abce8a4a8717e25af0924c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:73:c3:63:c6:26:8b:28:7b:45:14:c2:73:69:
e7:c2:3b:dc:fa:01:4c:fb:4b:5a:d5:4e:57:d0:09:
1e:58:de:f2:be:59:4c:19:68:4d:bc:ac:d3:1f:0e:
26:63:3a:6e:66:78:4f:7f:e0:23:53:be:f4:a5:48:
28:26:fb:05:49:5f:3a:e5:ef:d6:11:71:83:71:5e:
c8:22:cc:16:51:f6:88:0c:e6:ca:e0:19:19:88:38:
eb:7a:a9:19:06:43:6f:5a:4a:f5:b8:61:15:89:62:
1a:8f:1d:99:fa:76:c8:1a:fe:7e:5e:7e:e7:f3:62:
bc:c7:ee:4e:6b:90:32:e1:f1:c2:ea:08:73:71:60:
24:24:7c:9d:f3:89:c7:11:18:5d:a3:a8:d8:64:75:
19:ae:65:03:d8:16:c7:9a:a7:43:c0:df:4a:3d:50:
c5:03:26:47:75:e7:ac:75:b1:9c:d7:af:55:11:f1:
d7:c2:4a:f7:89:79:e3:ae:ca:3d:9b:37:63:b2:f4:
27:36:5a:d4:75:7e:cc:bc:e8:92:8b:19:be:96:74:
79:c9:1f:f2:7a:1b:15:4d:9e:37:8c:6a:e6:60:fe:
dc:01:71:29:59:cc:9a:1a:77:6b:db:20:30:30:ea:
13:0a:5d:50:a9:4e:de:c4:e2:ca:00:fb:0a:9c:a7:
bc:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:AC:4F:23:C9:5A:7C:93:57:AB:CE:8A:4A:87:17:E2:5A:F0:92:4C
X509v3 Authority Key Identifier:
keyid:EF:0E:C8:1B:9C:65:3B:8E:34:05:08:FF:84:8D:B0:66:E3:67:72:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7w7IG5xlO440BQj_hI2wZuNncrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/4f1087-2f1b-4ab5-ae71-26cdc55644d4/1/1qxPI8lafJNXq86KSocX4lrwkkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/4f1087-2f1b-4ab5-ae71-26cdc55644d4/1/7w7IG5xlO440BQj_hI2wZuNncrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.160.0/22
193.111.170.0/24
Signature Algorithm: sha256WithRSAEncryption
09:86:db:10:5e:f6:87:1b:d4:1e:68:1c:0f:18:e1:52:de:b7:
bb:ed:70:eb:58:96:c4:31:0c:ac:d1:19:9c:c2:a5:d5:b9:37:
b5:cf:06:f1:24:05:c5:40:55:43:e0:3e:73:0b:61:a8:b5:90:
f2:d2:9c:9e:61:e1:bf:d0:0a:dd:d4:61:65:89:4d:cb:36:89:
3f:0a:c3:58:a8:53:7c:7f:7d:e8:a1:b6:a1:46:ea:ca:1e:4f:
4b:e9:35:92:ca:e3:3b:cf:98:d5:7b:e0:17:84:72:84:df:f2:
eb:7f:56:2f:86:ca:2e:4a:42:76:3e:7e:fa:81:2b:23:1b:f6:
7d:18:da:86:68:52:c3:f9:2b:13:5b:e2:4e:c2:89:65:4b:9a:
0e:09:04:f6:42:a8:22:4c:23:d9:66:36:7d:80:4e:c8:68:7b:
cd:47:cb:2f:4c:2f:29:2c:6c:bd:08:3e:e3:f5:ab:a5:b9:f9:
86:40:5a:52:23:07:e0:dc:8e:10:81:ef:7b:4a:ca:9e:c1:22:
c9:fd:f6:c0:7b:64:5c:7b:b7:c4:49:1e:0f:c5:9c:fb:85:e0:
7c:d6:b9:8d:26:ef:01:96:9c:18:14:b3:68:a7:68:e8:e0:4b:
e5:bd:46:14:0b:cd:a5:02:05:d6:06:46:41:8b:3d:64:32:ce:
ac:85:63:ee
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxd2iPj/NQj5lvFysH0TMs/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMGVjODFiOWM2NTNiOGUzNDA1MDhmZjg0OGRiMDY2ZTM2
NzcyYjAwHhcNMjMxMjEyMTE0NzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmFjNGYyM2M5NWE3YzkzNTdhYmNlOGE0YTg3MTdlMjVhZjA5MjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXPDY8Ymiyh7RRTCc2nnwjvc+gFM
+0ta1U5X0AkeWN7yvllMGWhNvKzTHw4mYzpuZnhPf+AjU770pUgoJvsFSV865e/W
EXGDcV7IIswWUfaIDObK4BkZiDjreqkZBkNvWkr1uGEViWIajx2Z+nbIGv5+Xn7n
82K8x+5Oa5Ay4fHC6ghzcWAkJHyd84nHERhdo6jYZHUZrmUD2BbHmqdDwN9KPVDF
AyZHdeesdbGc169VEfHXwkr3iXnjrso9mzdjsvQnNlrUdX7MvOiSixm+lnR5yR/y
ehsVTZ43jGrmYP7cAXEpWcyaGndr2yAwMOoTCl1QqU7exOLKAPsKnKe87QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNasTyPJWnyTV6vOikqHF+Ja8JJMMB8GA1UdIwQY
MBaAFO8OyBucZTuONAUI/4SNsGbjZ3KwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3c3SUc1eGxPNDQwQlFqX2hJMndadU5uY3JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy80ZjEwODctMmYxYi00YWI1LWFlNzEt
MjZjZGM1NTY0NGQ0LzEvMXF4UEk4bGFmSk5YcTg2S1NvY1g0bHJ3a2t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy80ZjEwODctMmYxYi00YWI1LWFlNzEtMjZjZGM1NTY0NGQ0
LzEvN3c3SUc1eGxPNDQwQlFqX2hJMndadU5uY3JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuWugAwQA
wW+qMA0GCSqGSIb3DQEBCwUAA4IBAQAJhtsQXvaHG9QeaBwPGOFS3re77XDrWJbE
MQys0RmcwqXVuTe1zwbxJAXFQFVD4D5zC2GotZDy0pyeYeG/0Ard1GFliU3LNok/
CsNYqFN8f33oobahRurKHk9L6TWSyuM7z5jVe+AXhHKE3/Lrf1YvhsouSkJ2Pn76
gSsjG/Z9GNqGaFLD+SsTW+JOwollS5oOCQT2QqgiTCPZZjZ9gE7IaHvNR8svTC8p
LGy9CD7j9aulufmGQFpSIwfg3I4Qge97SsqewSLJ/fbAe2Rce7fESR4PxZz7heB8
1rmNJu8BlpwYFLNop2jo4EvlvUYUC82lAgXWBkZBiz1kMs6shWPu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:42 2024 by rpki-client on console-fra.rpki-client.org