Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/a2a52c-136a-43a8-967c-f6d966ca4f07/1/I1lRyEjEWI5s7mBgar5w9AYannE.roa
File: I1lRyEjEWI5s7mBgar5w9AYannE.roa (raw, json)
Hash identifier: kb3dc1j34n1qxFso7dX1ZBZ3ThyG1iQkz+AQm/x8c+8=
Subject key identifier: 23:59:51:C8:48:C4:58:8E:6C:EE:60:60:6A:BE:70:F4:06:1A:9E:71
Certificate issuer: /CN=088e0321271332afc77e4c8579f0e5559cc09c50
Certificate serial: 0188B98074D4FFA5F89B00F61A7E2DD882C9
Authority key identifier: 08:8E:03:21:27:13:32:AF:C7:7E:4C:85:79:F0:E5:55:9C:C0:9C:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CI4DIScTMq_HfkyFefDlVZzAnFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/a2a52c-136a-43a8-967c-f6d966ca4f07/1/I1lRyEjEWI5s7mBgar5w9AYannE.roa
Signing time: Wed 14 Jun 2023 10:43:03 +0000
ROA not before: Wed 14 Jun 2023 10:43:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207104
IP address blocks: 185.163.158.0/24 maxlen: 24
185.163.157.0/24 maxlen: 24
185.163.156.0/24 maxlen: 24
185.163.159.0/24 maxlen: 24
2a0a:400:3000::/36 maxlen: 36
2a0a:400:2000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 14 Jun 2023 11:06:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b9:80:74:d4:ff:a5:f8:9b:00:f6:1a:7e:2d:d8:82:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088e0321271332afc77e4c8579f0e5559cc09c50
Validity
Not Before: Jun 14 10:43:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=235951c848c4588e6cee60606abe70f4061a9e71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:7c:0a:5a:c1:d2:21:cb:8d:d3:7c:fa:59:ca:
e4:24:7a:f6:51:89:fa:8e:6f:e1:e0:c5:ba:2f:f0:
84:43:65:50:0b:cb:c7:46:02:87:4a:78:d7:7a:36:
86:9c:f5:40:e7:c9:81:aa:e5:46:c8:25:d1:fb:67:
a0:93:11:32:f5:2b:ff:a2:79:b0:17:9a:fc:ce:1c:
ca:90:5b:d1:1a:22:2f:5a:00:15:63:86:ce:f1:36:
01:fc:bd:b2:66:e7:3b:99:89:65:27:af:77:bc:a1:
a5:fb:1d:a4:57:65:35:44:00:35:17:76:aa:b8:ea:
a5:51:0b:b6:fe:8d:7f:b7:fc:19:eb:20:84:26:15:
14:be:00:6e:c5:8d:97:30:44:65:38:4d:59:42:bf:
2a:9e:ce:5a:fc:ee:43:50:bc:37:64:5b:48:32:ab:
33:b8:95:95:d0:93:46:60:28:16:46:99:36:b0:c7:
f2:dd:1f:bd:70:8f:f0:a5:a0:83:fb:45:b0:4b:84:
0f:32:b3:c7:53:40:41:40:fd:74:56:93:4e:4f:c0:
38:64:11:e8:8a:71:e0:f2:8e:6c:8a:f8:ff:2c:31:
e0:45:26:d4:5d:ee:45:c8:90:42:ed:39:0b:72:1d:
fb:92:f1:00:ea:19:b2:b8:9e:df:b3:8d:ad:0b:38:
ae:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:59:51:C8:48:C4:58:8E:6C:EE:60:60:6A:BE:70:F4:06:1A:9E:71
X509v3 Authority Key Identifier:
keyid:08:8E:03:21:27:13:32:AF:C7:7E:4C:85:79:F0:E5:55:9C:C0:9C:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CI4DIScTMq_HfkyFefDlVZzAnFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/a2a52c-136a-43a8-967c-f6d966ca4f07/1/I1lRyEjEWI5s7mBgar5w9AYannE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/a2a52c-136a-43a8-967c-f6d966ca4f07/1/CI4DIScTMq_HfkyFefDlVZzAnFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.156.0/22
IPv6:
2a0a:400:2000::/35
Signature Algorithm: sha256WithRSAEncryption
a6:ef:42:d9:ee:53:fb:2f:6a:dd:f5:f2:4c:dc:8d:52:19:10:
5b:18:c2:db:01:51:88:7b:15:00:e5:48:37:b5:22:88:47:35:
74:0c:ed:e9:b0:b4:a1:5f:10:57:a6:c4:80:ea:c2:47:7f:c1:
4c:22:c5:c6:ed:4d:12:76:c7:ba:89:9e:ed:0d:9a:e8:a0:7f:
e7:7c:d9:8e:81:69:73:a2:f5:77:2d:69:35:a4:d0:de:d7:d9:
d8:18:93:80:c0:f5:76:b0:2f:47:fc:8d:1d:84:c1:46:44:07:
b1:48:65:94:67:3f:6c:25:c2:74:3f:23:4c:57:70:fa:21:fb:
f7:88:26:41:b6:0f:1b:e7:86:68:31:86:64:aa:b5:a5:11:c1:
e2:ed:5c:e4:d5:70:85:83:0c:06:19:80:94:d0:af:fd:5b:f5:
de:01:8c:46:e7:45:28:ea:98:b4:a4:d8:35:c5:de:60:50:18:
76:83:5d:f4:c8:d6:58:43:6d:51:56:07:6a:ea:3e:69:6d:e1:
af:c6:dd:30:84:d9:55:71:80:05:89:da:f7:b9:a3:80:ed:24:
21:fb:e1:79:07:7f:84:02:50:a6:e5:bf:f0:06:94:59:b7:90:
6e:19:e0:3a:ab:39:83:7c:92:79:5f:e2:6f:e7:a0:26:27:17:
69:5d:17:3a
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYi5gHTU/6X4mwD2Gn4t2ILJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4OGUwMzIxMjcxMzMyYWZjNzdlNGM4NTc5ZjBlNTU1OWNj
MDljNTAwHhcNMjMwNjE0MTA0MzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzU5NTFjODQ4YzQ1ODhlNmNlZTYwNjA2YWJlNzBmNDA2MWE5ZTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XwKWsHSIcuN03z6WcrkJHr2UYn6
jm/h4MW6L/CEQ2VQC8vHRgKHSnjXejaGnPVA58mBquVGyCXR+2egkxEy9Sv/onmw
F5r8zhzKkFvRGiIvWgAVY4bO8TYB/L2yZuc7mYllJ693vKGl+x2kV2U1RAA1F3aq
uOqlUQu2/o1/t/wZ6yCEJhUUvgBuxY2XMERlOE1ZQr8qns5a/O5DULw3ZFtIMqsz
uJWV0JNGYCgWRpk2sMfy3R+9cI/wpaCD+0WwS4QPMrPHU0BBQP10VpNOT8A4ZBHo
inHg8o5sivj/LDHgRSbUXe5FyJBC7TkLch37kvEA6hmyuJ7fs42tCziuQQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFCNZUchIxFiObO5gYGq+cPQGGp5xMB8GA1UdIwQY
MBaAFAiOAyEnEzKvx35MhXnw5VWcwJxQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0k0RElTY1RNcV9IZmt5RmVmRGxWWnpBbkZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9hMmE1MmMtMTM2YS00M2E4LTk2N2Mt
ZjZkOTY2Y2E0ZjA3LzEvSTFsUnlFakVXSTVzN21CZ2FyNXc5QVlhbm5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9hMmE1MmMtMTM2YS00M2E4LTk2N2MtZjZkOTY2Y2E0ZjA3
LzEvQ0k0RElTY1RNcV9IZmt5RmVmRGxWWnpBbkZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCuaOcMA4E
AgACMAgDBgUqCgQAIDANBgkqhkiG9w0BAQsFAAOCAQEApu9C2e5T+y9q3fXyTNyN
UhkQWxjC2wFRiHsVAOVIN7UiiEc1dAzt6bC0oV8QV6bEgOrCR3/BTCLFxu1NEnbH
uome7Q2a6KB/53zZjoFpc6L1dy1pNaTQ3tfZ2BiTgMD1drAvR/yNHYTBRkQHsUhl
lGc/bCXCdD8jTFdw+iH794gmQbYPG+eGaDGGZKq1pRHB4u1c5NVwhYMMBhmAlNCv
/Vv13gGMRudFKOqYtKTYNcXeYFAYdoNd9MjWWENtUVYHauo+aW3hr8bdMITZVXGA
BYna97mjgO0kIfvheQd/hAJQpuW/8AaUWbeQbhngOqs5g3ySeV/ib+egJicXaV0X
Og==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:48 2024 by rpki-client on console-fra.rpki-client.org