Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/wKthJOtQspeW5abP9Z_ZB3i3nsA.roa
File: wKthJOtQspeW5abP9Z_ZB3i3nsA.roa (raw, json)
Hash identifier: HDEVsrUwmdpPVbY6yHo0adrap/5pafOZ3w6CWsW+HOA=
Subject key identifier: C0:AB:61:24:EB:50:B2:97:96:E5:A6:CF:F5:9F:D9:07:78:B7:9E:C0
Certificate issuer: /CN=dc4e453affe895b6452b84027437c5c00fd37067
Certificate serial: 018573039AA9E36849108BD6F5E8560D20BC
Authority key identifier: DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/wKthJOtQspeW5abP9Z_ZB3i3nsA.roa
Signing time: Mon 02 Jan 2023 15:04:54 +0000
ROA not before: Mon 02 Jan 2023 15:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201255
IP address blocks: 185.179.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:03:9a:a9:e3:68:49:10:8b:d6:f5:e8:56:0d:20:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc4e453affe895b6452b84027437c5c00fd37067
Validity
Not Before: Jan 2 15:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0ab6124eb50b29796e5a6cff59fd90778b79ec0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:01:fa:dc:03:85:4c:a4:f0:8a:34:5e:f5:52:
ef:98:4f:e8:d5:28:03:d4:16:c7:c5:76:19:16:83:
72:a4:7b:64:6e:0e:a4:3a:13:06:39:c1:70:fd:0d:
3c:cf:c0:86:40:16:e1:64:44:f5:f3:57:79:1b:e7:
bb:6c:e2:e1:dd:cd:6f:f8:74:3d:59:23:37:58:e8:
a4:c9:42:87:45:ff:c3:5c:ee:69:80:01:a9:7a:4c:
dd:44:97:ee:ec:e6:85:b5:12:d0:bc:79:d3:0f:aa:
02:22:85:08:59:97:77:64:17:ad:c9:33:21:ee:fd:
b6:94:05:ed:5d:39:29:52:aa:db:5d:9d:05:db:d7:
a2:94:f6:4e:2d:6c:b3:4a:d2:40:f6:57:29:98:f8:
e9:53:06:48:10:cc:dc:0c:f7:30:3e:98:1e:37:c7:
4a:43:4a:d8:47:bb:2e:8d:2a:d8:fe:4a:cf:7a:cc:
2c:f0:d1:38:59:57:c8:92:c9:67:a8:8e:a3:07:bc:
fd:d8:33:ff:82:1a:32:e8:11:4d:33:61:c4:52:6c:
ff:29:5d:92:89:a9:66:81:94:8c:73:c5:bd:cb:22:
ce:bb:62:ad:81:00:03:59:5a:5d:14:0b:3e:be:7a:
0c:e4:32:9d:48:c3:49:43:f6:9a:fc:18:e3:34:58:
bd:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:AB:61:24:EB:50:B2:97:96:E5:A6:CF:F5:9F:D9:07:78:B7:9E:C0
X509v3 Authority Key Identifier:
keyid:DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/wKthJOtQspeW5abP9Z_ZB3i3nsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3E5FOv_olbZFK4QCdDfFwA_TcGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.179.42.0/24
Signature Algorithm: sha256WithRSAEncryption
02:42:af:78:c2:02:5e:41:d5:fd:e2:e3:cc:a2:ce:43:44:c5:
50:94:c3:35:95:f5:e3:99:3d:1f:0b:1e:59:d8:b1:d5:19:c4:
7a:83:e6:0e:69:8b:c3:7e:6e:dc:e5:02:c3:bd:d7:6f:7c:f5:
58:f6:b8:56:21:3a:d4:0f:49:2d:3d:05:4d:41:02:0f:ad:d2:
6f:43:8f:11:8b:9f:48:6b:7a:f3:07:68:e9:ca:3a:01:43:45:
76:bb:d9:89:1d:74:5a:e1:a4:d1:a3:13:61:9f:fa:a4:bb:f2:
80:9a:9e:89:0e:03:75:db:02:c7:cb:7c:0f:32:40:5e:09:d2:
eb:c1:72:49:53:db:1d:04:4b:0e:b3:13:f6:1f:a9:c2:0b:bf:
d8:2b:36:69:7a:74:0f:a1:51:09:fb:35:1d:c3:75:f8:01:a3:
5e:d7:33:55:b8:47:06:f2:ed:13:c2:a8:01:d8:08:e0:8a:49:
c3:4d:db:fc:02:03:f0:0e:f7:ce:42:0f:99:3b:8b:63:c2:9a:
b2:a0:1c:56:b8:af:59:be:30:c3:54:a6:7d:52:d0:86:c2:b0:
b5:d9:58:06:2a:14:0f:12:c9:28:ed:b9:de:20:86:81:34:60:
54:98:ae:45:96:38:38:7e:bc:39:a7:66:75:e7:a9:3a:ab:b9:
26:f8:b4:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzA5qp42hJEIvW9ehWDSC8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNGU0NTNhZmZlODk1YjY0NTJiODQwMjc0MzdjNWMwMGZk
MzcwNjcwHhcNMjMwMTAyMTUwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGFiNjEyNGViNTBiMjk3OTZlNWE2Y2ZmNTlmZDkwNzc4Yjc5ZWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwH63AOFTKTwijRe9VLvmE/o1SgD
1BbHxXYZFoNypHtkbg6kOhMGOcFw/Q08z8CGQBbhZET181d5G+e7bOLh3c1v+HQ9
WSM3WOikyUKHRf/DXO5pgAGpekzdRJfu7OaFtRLQvHnTD6oCIoUIWZd3ZBetyTMh
7v22lAXtXTkpUqrbXZ0F29eilPZOLWyzStJA9lcpmPjpUwZIEMzcDPcwPpgeN8dK
Q0rYR7sujSrY/krPesws8NE4WVfIkslnqI6jB7z92DP/ghoy6BFNM2HEUmz/KV2S
ialmgZSMc8W9yyLOu2KtgQADWVpdFAs+vnoM5DKdSMNJQ/aa/BjjNFi9ZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMCrYSTrULKXluWmz/Wf2Qd4t57AMB8GA1UdIwQY
MBaAFNxORTr/6JW2RSuEAnQ3xcAP03BnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEt
MTgyMjg2N2UxNTk2LzEvd0t0aEpPdFFzcGVXNWFiUDlaX1pCM2kzbnNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEtMTgyMjg2N2UxNTk2
LzEvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubMqMA0G
CSqGSIb3DQEBCwUAA4IBAQACQq94wgJeQdX94uPMos5DRMVQlMM1lfXjmT0fCx5Z
2LHVGcR6g+YOaYvDfm7c5QLDvddvfPVY9rhWITrUD0ktPQVNQQIPrdJvQ48Ri59I
a3rzB2jpyjoBQ0V2u9mJHXRa4aTRoxNhn/qku/KAmp6JDgN12wLHy3wPMkBeCdLr
wXJJU9sdBEsOsxP2H6nCC7/YKzZpenQPoVEJ+zUdw3X4AaNe1zNVuEcG8u0TwqgB
2AjgiknDTdv8AgPwDvfOQg+ZO4tjwpqyoBxWuK9ZvjDDVKZ9UtCGwrC12VgGKhQP
Esko7bneIIaBNGBUmK5Fljg4frw5p2Z156k6q7km+LQg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:46 2024 by rpki-client on console-fra.rpki-client.org