Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8b7fe9-5df2-473e-8018-b26341d38c3f/1/1TvV8TdTThEWoU4wA5IYJoQHLjA.roa
File: 1TvV8TdTThEWoU4wA5IYJoQHLjA.roa (raw, json)
Hash identifier: 871qRbIA2a7KzlXdifRW12D3nlztC6W1EnqnFYJYSyE=
Subject key identifier: D5:3B:D5:F1:37:53:4E:11:16:A1:4E:30:03:92:18:26:84:07:2E:30
Certificate issuer: /CN=a82fb9b3418c458cdbc6cfd684514be24ad0c3c9
Certificate serial: 018571A7BA2FEF1F79CCB6199A96007CDA81
Authority key identifier: A8:2F:B9:B3:41:8C:45:8C:DB:C6:CF:D6:84:51:4B:E2:4A:D0:C3:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qC-5s0GMRYzbxs_WhFFL4krQw8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8b7fe9-5df2-473e-8018-b26341d38c3f/1/1TvV8TdTThEWoU4wA5IYJoQHLjA.roa
Signing time: Mon 02 Jan 2023 08:44:55 +0000
ROA not before: Mon 02 Jan 2023 08:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64428
IP address blocks: 185.165.41.0/24 maxlen: 24
185.165.42.0/24 maxlen: 24
185.165.40.0/24 maxlen: 24
185.165.43.0/24 maxlen: 24
185.165.40.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 14 Aug 2023 21:17:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:ba:2f:ef:1f:79:cc:b6:19:9a:96:00:7c:da:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a82fb9b3418c458cdbc6cfd684514be24ad0c3c9
Validity
Not Before: Jan 2 08:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d53bd5f137534e1116a14e300392182684072e30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f8:56:a9:b0:a6:6b:aa:71:ef:eb:0b:d3:bd:
bd:d8:8c:9e:4d:12:2c:dd:1b:89:f6:12:75:30:f4:
0a:c3:7b:b4:de:39:be:ee:e0:23:fa:dc:54:b9:12:
36:44:e4:1f:dd:f7:08:f5:e6:6d:99:e9:b6:46:d5:
c0:86:cf:e2:96:9f:23:5c:e8:5e:45:95:fd:78:ec:
82:03:06:e8:99:75:75:86:61:7a:0d:e2:7c:b2:40:
6b:bb:12:b8:df:a1:33:25:ba:81:82:09:5c:88:d5:
0b:92:83:64:fb:0c:10:eb:de:b2:8b:d8:86:ad:0e:
cd:c7:92:26:13:c0:0f:ec:ab:9f:d4:61:88:c5:73:
70:44:4f:92:89:4b:69:0d:d4:66:39:1b:ca:21:51:
1a:a3:d5:33:a1:cd:dd:41:ba:3c:00:9b:04:38:f5:
57:d9:35:39:b5:45:79:2e:8b:33:89:e5:98:7e:09:
37:2c:ec:23:bc:fb:96:c7:07:28:dc:62:23:93:7f:
f6:14:62:a5:91:d2:50:c0:4d:c9:f6:c7:cc:c9:8a:
ff:23:b4:d0:f4:99:79:2e:09:c0:cc:64:02:d7:e7:
bc:b8:0b:d6:59:50:bd:bf:3b:d3:94:c2:b7:1b:9e:
ea:11:c1:9d:db:c2:ed:aa:84:80:ef:22:66:c7:99:
ac:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:3B:D5:F1:37:53:4E:11:16:A1:4E:30:03:92:18:26:84:07:2E:30
X509v3 Authority Key Identifier:
keyid:A8:2F:B9:B3:41:8C:45:8C:DB:C6:CF:D6:84:51:4B:E2:4A:D0:C3:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qC-5s0GMRYzbxs_WhFFL4krQw8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8b7fe9-5df2-473e-8018-b26341d38c3f/1/1TvV8TdTThEWoU4wA5IYJoQHLjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8b7fe9-5df2-473e-8018-b26341d38c3f/1/qC-5s0GMRYzbxs_WhFFL4krQw8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.40.0/22
Signature Algorithm: sha256WithRSAEncryption
63:21:4a:57:e3:49:f8:e4:0f:9b:71:15:66:a6:77:7e:bd:85:
9f:c2:5a:14:1b:86:f9:67:ad:e4:25:69:87:0d:10:bb:cd:bf:
46:b3:d9:03:57:92:e6:11:34:ff:e9:69:b6:fb:b0:af:a5:34:
21:98:c1:35:f9:43:68:19:05:61:31:cb:71:62:23:b1:b7:6f:
8d:e3:37:a4:7c:b8:f2:3d:3d:21:e0:d5:c2:2d:8b:4f:70:76:
45:81:f0:03:56:50:b2:7a:0d:32:53:f2:80:34:88:a5:7a:37:
7e:47:44:0a:12:0f:5d:d7:f6:a6:71:fd:21:fa:4a:73:a3:42:
16:ff:39:d1:92:ba:1c:7d:06:e9:9c:6c:d7:ce:95:cc:47:9e:
d3:6f:91:23:78:ca:e4:9c:78:84:68:6c:3e:12:6e:eb:65:62:
a5:4d:5b:97:e8:8d:9d:95:4c:fa:84:a6:86:c5:83:19:af:53:
07:da:fc:0d:15:d9:a6:92:19:ba:cf:86:ba:81:1f:a0:a8:c3:
40:6f:d2:6b:d9:75:eb:6f:95:c6:d1:b5:c5:00:d0:fa:0b:de:
28:45:f9:21:17:fc:44:7a:e2:18:95:d6:73:fa:d4:01:7d:dd:
d7:38:92:f2:b8:aa:96:0b:aa:53:f1:40:22:0e:a6:ba:0e:c9:
30:8f:7c:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxp7ov7x95zLYZmpYAfNqBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MmZiOWIzNDE4YzQ1OGNkYmM2Y2ZkNjg0NTE0YmUyNGFk
MGMzYzkwHhcNMjMwMTAyMDg0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTNiZDVmMTM3NTM0ZTExMTZhMTRlMzAwMzkyMTgyNjg0MDcyZTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/hWqbCma6px7+sL07292IyeTRIs
3RuJ9hJ1MPQKw3u03jm+7uAj+txUuRI2ROQf3fcI9eZtmem2RtXAhs/ilp8jXOhe
RZX9eOyCAwbomXV1hmF6DeJ8skBruxK436EzJbqBgglciNULkoNk+wwQ696yi9iG
rQ7Nx5ImE8AP7Kuf1GGIxXNwRE+SiUtpDdRmORvKIVEao9Uzoc3dQbo8AJsEOPVX
2TU5tUV5LoszieWYfgk3LOwjvPuWxwco3GIjk3/2FGKlkdJQwE3J9sfMyYr/I7TQ
9Jl5LgnAzGQC1+e8uAvWWVC9vzvTlMK3G57qEcGd28LtqoSA7yJmx5msawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNU71fE3U04RFqFOMAOSGCaEBy4wMB8GA1UdIwQY
MBaAFKgvubNBjEWM28bP1oRRS+JK0MPJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUMtNXMwR01SWXpieHNfV2hGRkw0a3JRdzhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84YjdmZTktNWRmMi00NzNlLTgwMTgt
YjI2MzQxZDM4YzNmLzEvMVR2VjhUZFRUaEVXb1U0d0E1SVlKb1FITGpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84YjdmZTktNWRmMi00NzNlLTgwMTgtYjI2MzQxZDM4YzNm
LzEvcUMtNXMwR01SWXpieHNfV2hGRkw0a3JRdzhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaUoMA0G
CSqGSIb3DQEBCwUAA4IBAQBjIUpX40n45A+bcRVmpnd+vYWfwloUG4b5Z63kJWmH
DRC7zb9Gs9kDV5LmETT/6Wm2+7CvpTQhmME1+UNoGQVhMctxYiOxt2+N4zekfLjy
PT0h4NXCLYtPcHZFgfADVlCyeg0yU/KANIilejd+R0QKEg9d1/amcf0h+kpzo0IW
/znRkrocfQbpnGzXzpXMR57Tb5EjeMrknHiEaGw+Em7rZWKlTVuX6I2dlUz6hKaG
xYMZr1MH2vwNFdmmkhm6z4a6gR+gqMNAb9Jr2XXrb5XG0bXFAND6C94oRfkhF/xE
euIYldZz+tQBfd3XOJLyuKqWC6pT8UAiDqa6Dskwj3xv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:35 2024 by rpki-client on console-ams.rpki-client.org