Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/1-WgGpkQxAmTeCE9QN2XfaDtQx1g.roa
File: 1-WgGpkQxAmTeCE9QN2XfaDtQx1g.roa (raw, json)
Hash identifier: SxSM7IK9S79l70ItBxQ3MgKi4s84APC0dFHZJymHvFc=
Subject key identifier: F9:68:06:A6:44:31:02:64:DE:08:4F:50:37:65:DF:68:3B:50:C7:58
Certificate issuer: /CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Certificate serial: 0192B4A3A80A84BE0F24BFCC8494B947B23F
Authority key identifier: B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/1-WgGpkQxAmTeCE9QN2XfaDtQx1g.roa
Signing time: Tue 22 Oct 2024 14:31:17 +0000
ROA not before: Tue 22 Oct 2024 14:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.129.16.0/24 maxlen: 24
185.129.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Oct 2024 18:21:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b4:a3:a8:0a:84:be:0f:24:bf:cc:84:94:b9:47:b2:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Validity
Not Before: Oct 22 14:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f96806a644310264de084f503765df683b50c758
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:be:bd:74:dd:f3:a6:44:ae:f0:07:f5:72:31:
cc:ee:1d:e2:34:42:8d:02:20:b7:66:60:32:fc:20:
b6:70:f3:89:d0:16:d1:7e:42:61:09:d3:db:3c:21:
55:eb:9c:5d:a5:80:b1:e1:8e:4c:63:77:72:43:23:
91:c2:c0:65:a0:92:f9:b6:64:b9:62:44:ba:75:23:
89:31:98:35:35:cc:a5:c4:59:bb:d7:38:c4:76:c2:
5b:36:ec:21:36:2a:78:65:e6:dd:18:19:6a:90:fe:
ae:be:e6:fb:02:25:71:04:e5:dd:ab:a2:78:3b:13:
cd:07:c5:8b:b4:6e:05:00:20:68:92:86:b7:87:7b:
11:dc:f5:7e:e8:e4:1a:cc:44:1b:8e:0c:a0:ed:38:
2b:1e:9a:cd:07:c3:46:fe:ee:fe:6e:1e:84:4b:53:
0b:94:61:99:ec:c9:67:a8:39:47:92:9c:05:a6:fa:
5b:e8:77:1b:db:7a:68:f8:8a:cb:23:49:99:24:05:
a8:06:db:83:58:ce:c5:f6:be:78:51:83:58:8d:0b:
b2:30:cb:e9:5b:49:1d:21:9f:61:cd:c8:b6:5c:ce:
de:80:57:eb:4c:c2:58:82:e9:93:33:11:e1:95:d6:
06:8a:24:be:a9:d4:53:18:b2:c6:90:e1:4c:55:ec:
8c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:68:06:A6:44:31:02:64:DE:08:4F:50:37:65:DF:68:3B:50:C7:58
X509v3 Authority Key Identifier:
keyid:B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/1-WgGpkQxAmTeCE9QN2XfaDtQx1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/tKIIXH3jtZgha4n7Dysdkw3mbBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.16.0/23
Signature Algorithm: sha256WithRSAEncryption
a3:ff:f8:af:b2:cb:c8:48:98:bf:d6:7d:93:dd:ad:94:5a:45:
7b:0a:b9:d0:7c:ca:11:04:43:35:6e:bd:64:07:64:f9:80:d3:
07:cd:2a:1e:56:86:39:7c:db:50:2d:2a:48:ba:aa:79:8a:f8:
43:21:83:02:bf:20:30:90:6b:90:49:43:64:9b:f0:14:75:c5:
51:ae:00:a9:6f:e3:44:77:b5:9c:5f:d3:81:02:12:37:f0:fe:
89:47:24:f5:a8:73:93:c9:15:09:84:98:d0:ef:2e:93:cd:f1:
7c:b9:c3:d0:c0:7c:4e:40:c3:2a:44:cd:60:7e:0a:d3:30:8e:
d7:36:0b:01:6c:db:f3:b0:fb:c3:22:01:fb:b2:18:d9:40:ae:
e1:09:ca:60:d9:a7:e8:89:c9:8b:f5:50:99:cf:f8:7d:1a:69:
1e:04:52:98:6f:0b:c4:67:cd:8f:45:e1:46:ab:06:cc:56:7f:
88:bf:9c:6b:a6:d3:3e:1f:ad:af:2f:6e:f6:02:55:b6:46:b5:
b7:ba:6a:ae:a1:c3:ef:17:56:c5:9a:18:01:03:93:28:32:d8:
30:6c:9c:48:ba:35:af:be:ed:0a:ab:10:43:98:af:ba:93:f0:
08:2d:e6:23:09:cd:c3:61:5b:86:f6:16:47:c4:74:4b:05:1f:
22:75:9b:fb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZK0o6gKhL4PJL/MhJS5R7I/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTIwODVjN2RlM2I1OTgyMTZiODlmYjBmMmIxZDkzMGRl
NjZjMTkwHhcNMjQxMDIyMTQzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTY4MDZhNjQ0MzEwMjY0ZGUwODRmNTAzNzY1ZGY2ODNiNTBjNzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAur69dN3zpkSu8Af1cjHM7h3iNEKN
AiC3ZmAy/CC2cPOJ0BbRfkJhCdPbPCFV65xdpYCx4Y5MY3dyQyORwsBloJL5tmS5
YkS6dSOJMZg1NcylxFm71zjEdsJbNuwhNip4ZebdGBlqkP6uvub7AiVxBOXdq6J4
OxPNB8WLtG4FACBokoa3h3sR3PV+6OQazEQbjgyg7TgrHprNB8NG/u7+bh6ES1ML
lGGZ7MlnqDlHkpwFpvpb6Hcb23po+IrLI0mZJAWoBtuDWM7F9r54UYNYjQuyMMvp
W0kdIZ9hzci2XM7egFfrTMJYgumTMxHhldYGiiS+qdRTGLLGkOFMVeyMhwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPloBqZEMQJk3ghPUDdl32g7UMdYMB8GA1UdIwQY
MBaAFLSiCFx947WYIWuJ+w8rHZMN5mwZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAt
MzExNzk4OTYwMWFkLzEvMS1XZ0dwa1F4QW1UZUNFOVFOMlhmYUR0UXgxZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2QvZDY1MTNkLTJkNTMtNDAyMi04MzYwLTMxMTc5ODk2MDFh
ZC8xL3RLSUlYSDNqdFpnaGE0bjdEeXNka3czbWJCay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbmBEDAN
BgkqhkiG9w0BAQsFAAOCAQEAo//4r7LLyEiYv9Z9k92tlFpFewq50HzKEQRDNW69
ZAdk+YDTB80qHlaGOXzbUC0qSLqqeYr4QyGDAr8gMJBrkElDZJvwFHXFUa4AqW/j
RHe1nF/TgQISN/D+iUck9ahzk8kVCYSY0O8uk83xfLnD0MB8TkDDKkTNYH4K0zCO
1zYLAWzb87D7wyIB+7IY2UCu4QnKYNmn6InJi/VQmc/4fRppHgRSmG8LxGfNj0Xh
RqsGzFZ/iL+ca6bTPh+try9u9gJVtka1t7pqrqHD7xdWxZoYAQOTKDLYMGycSLo1
r77tCqsQQ5ivupPwCC3mIwnNw2FbhvYWR8R0SwUfInWb+w==
-----END CERTIFICATE-----
Generated at Tue Oct 22 20:22:32 2024 by rpki-client on console-fra.rpki-client.org