Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/ct5nq-pubiGkF-7uuKvElbOe1wc.roa
File: ct5nq-pubiGkF-7uuKvElbOe1wc.roa (raw, json)
Hash identifier: jrjQ4yzdNUZsh6cKgSbv/65mo6hdos93iWCTZR1clIg=
Subject key identifier: 72:DE:67:AB:EA:6E:6E:21:A4:17:EE:EE:B8:AB:C4:95:B3:9E:D7:07
Certificate issuer: /CN=a71a2a2db4d7418e9bf4f93c8c046a0161663c62
Certificate serial: 018CC649DADB4D89CD738AF9A8A3915DA8CC
Authority key identifier: A7:1A:2A:2D:B4:D7:41:8E:9B:F4:F9:3C:8C:04:6A:01:61:66:3C:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pxoqLbTXQY6b9Pk8jARqAWFmPGI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/ct5nq-pubiGkF-7uuKvElbOe1wc.roa
Signing time: Mon 01 Jan 2024 18:29:38 +0000
ROA not before: Mon 01 Jan 2024 18:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.157.51.0/24 maxlen: 24
185.157.50.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 09:22:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:da:db:4d:89:cd:73:8a:f9:a8:a3:91:5d:a8:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a71a2a2db4d7418e9bf4f93c8c046a0161663c62
Validity
Not Before: Jan 1 18:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72de67abea6e6e21a417eeeeb8abc495b39ed707
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:96:23:f1:04:cc:8d:9a:85:24:bd:d2:b4:dd:
7a:f9:c1:06:36:94:db:7e:5b:57:b1:97:13:1d:0f:
2c:42:ce:31:c0:e2:d8:28:e4:06:49:5f:12:a4:58:
b0:7d:0a:ac:40:e0:d0:e8:63:c5:9f:b3:bc:6a:dc:
76:da:99:eb:cd:b7:a1:09:ba:26:a9:35:15:b5:bf:
15:08:65:0a:04:12:32:90:fa:9b:4c:be:71:7a:35:
b7:9c:5f:33:93:03:67:1a:58:a6:6f:fd:b3:e5:49:
4c:11:45:b1:df:8c:30:4e:85:eb:d1:32:cc:a9:80:
b4:32:3a:b3:3d:88:9d:83:8c:66:ce:b2:86:2f:12:
a9:df:69:1a:a9:5f:c3:b3:3b:c3:9d:1a:97:46:9a:
76:6a:0b:a8:2a:b2:21:5e:eb:9e:bc:87:57:41:4a:
25:f8:bc:5d:e3:d5:12:20:97:dc:dc:56:21:77:51:
c5:f7:7e:9a:ed:2d:a8:25:06:4d:07:f0:5a:59:64:
32:51:1f:49:7f:59:f0:96:ba:9d:96:7f:16:ed:7a:
91:ae:8f:6b:25:1d:8b:78:0d:83:50:dd:c6:4a:f5:
6e:ff:45:83:25:97:12:ac:48:fe:00:7a:fe:3c:69:
c0:91:d8:32:19:51:b7:6f:80:2a:2d:3d:8d:06:32:
da:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:DE:67:AB:EA:6E:6E:21:A4:17:EE:EE:B8:AB:C4:95:B3:9E:D7:07
X509v3 Authority Key Identifier:
keyid:A7:1A:2A:2D:B4:D7:41:8E:9B:F4:F9:3C:8C:04:6A:01:61:66:3C:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxoqLbTXQY6b9Pk8jARqAWFmPGI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/ct5nq-pubiGkF-7uuKvElbOe1wc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/pxoqLbTXQY6b9Pk8jARqAWFmPGI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.50.0/23
Signature Algorithm: sha256WithRSAEncryption
97:f5:19:48:d7:26:9f:94:a1:77:45:fc:a8:1c:86:a6:5e:af:
1b:91:bc:a8:fb:66:fd:82:1b:ae:1e:34:37:44:22:b6:1a:73:
56:c3:84:3e:a8:15:94:8d:25:01:1a:68:57:a3:f4:b8:c0:dd:
56:20:e0:5e:76:78:34:1e:08:fb:d4:01:bb:93:24:12:cb:c2:
dc:de:e7:e2:85:87:ae:94:ea:e2:12:b9:e8:9a:58:66:02:2f:
d4:25:01:16:99:0e:dc:ea:27:dc:44:61:a5:a6:f5:e8:13:7f:
03:c1:a0:2b:9f:9c:a2:75:19:f9:12:92:5f:42:ef:0b:68:e7:
f6:3c:8f:f2:28:df:f5:88:fa:95:3a:41:1c:54:41:5c:d0:d4:
03:3e:d4:bf:c8:55:ac:53:64:45:99:17:f6:a0:51:bb:8c:bd:
f3:f2:18:60:9b:28:19:50:c6:1b:f8:5c:05:b9:7b:c7:5f:d2:
a0:44:7b:fd:5e:d1:96:c9:d4:fa:81:0f:63:b6:5c:dd:1e:02:
2d:4b:35:85:26:22:43:98:7b:a5:78:8f:fe:c5:e1:9e:1a:45:
20:05:63:b5:fb:80:68:9d:9e:1f:66:ee:72:92:12:26:d7:6b:
d4:bd:be:d8:c5:2c:75:f5:99:0d:d4:26:83:60:27:bf:b3:c0:
6b:e9:22:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSdrbTYnNc4r5qKORXajMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MWEyYTJkYjRkNzQxOGU5YmY0ZjkzYzhjMDQ2YTAxNjE2
NjNjNjIwHhcNMjQwMTAxMTgyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmRlNjdhYmVhNmU2ZTIxYTQxN2VlZWViOGFiYzQ5NWIzOWVkNzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZYj8QTMjZqFJL3StN16+cEGNpTb
fltXsZcTHQ8sQs4xwOLYKOQGSV8SpFiwfQqsQODQ6GPFn7O8atx22pnrzbehCbom
qTUVtb8VCGUKBBIykPqbTL5xejW3nF8zkwNnGlimb/2z5UlMEUWx34wwToXr0TLM
qYC0MjqzPYidg4xmzrKGLxKp32kaqV/DszvDnRqXRpp2aguoKrIhXuuevIdXQUol
+Lxd49USIJfc3FYhd1HF936a7S2oJQZNB/BaWWQyUR9Jf1nwlrqdln8W7XqRro9r
JR2LeA2DUN3GSvVu/0WDJZcSrEj+AHr+PGnAkdgyGVG3b4AqLT2NBjLa2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHLeZ6vqbm4hpBfu7rirxJWzntcHMB8GA1UdIwQY
MBaAFKcaKi2010GOm/T5PIwEagFhZjxiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhvcUxiVFhRWTZiOVBrOGpBUnFBV0ZtUEdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9iN2FiZGYtM2JlMS00NjQyLTlmM2Ut
ZjFmMGI5NTk4ZjMyLzEvY3Q1bnEtcHViaUdrRi03dXVLdkVsYk9lMXdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9iN2FiZGYtM2JlMS00NjQyLTlmM2UtZjFmMGI5NTk4ZjMy
LzEvcHhvcUxiVFhRWTZiOVBrOGpBUnFBV0ZtUEdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuZ0yMA0G
CSqGSIb3DQEBCwUAA4IBAQCX9RlI1yaflKF3RfyoHIamXq8bkbyo+2b9ghuuHjQ3
RCK2GnNWw4Q+qBWUjSUBGmhXo/S4wN1WIOBedng0Hgj71AG7kyQSy8Lc3ufihYeu
lOriErnomlhmAi/UJQEWmQ7c6ifcRGGlpvXoE38DwaArn5yidRn5EpJfQu8LaOf2
PI/yKN/1iPqVOkEcVEFc0NQDPtS/yFWsU2RFmRf2oFG7jL3z8hhgmygZUMYb+FwF
uXvHX9KgRHv9XtGWydT6gQ9jtlzdHgItSzWFJiJDmHuleI/+xeGeGkUgBWO1+4Bo
nZ4fZu5ykhIm12vUvb7YxSx19ZkN1CaDYCe/s8Br6SI5
-----END CERTIFICATE-----
Generated at Mon Jan 22 12:18:58 2024 by rpki-client on console-fra.rpki-client.org