Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/IJIu1gtrONlKlN9qaIaCXpiw0EE.roa
File: IJIu1gtrONlKlN9qaIaCXpiw0EE.roa (raw, json)
Hash identifier: CDM2b2eLdjxS/wtvR7h1VARzUtMoB0u/HDRmDUjJHPY=
Subject key identifier: 20:92:2E:D6:0B:6B:38:D9:4A:94:DF:6A:68:86:82:5E:98:B0:D0:41
Certificate issuer: /CN=cbd4719d72d288a73218d8c1a498823333297e25
Certificate serial: 0186DAFA7B87F3A261BAD2CFA34F8BFF7DD5
Authority key identifier: CB:D4:71:9D:72:D2:88:A7:32:18:D8:C1:A4:98:82:33:33:29:7E:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y9RxnXLSiKcyGNjBpJiCMzMpfiU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/IJIu1gtrONlKlN9qaIaCXpiw0EE.roa
Signing time: Mon 13 Mar 2023 12:38:13 +0000
ROA not before: Mon 13 Mar 2023 12:38:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206611
IP address blocks: 167.160.5.0/24 maxlen: 24
185.98.157.0/24 maxlen: 24
185.181.52.0/22 maxlen: 24
185.181.52.0/24 maxlen: 24
185.181.55.0/24 maxlen: 24
185.181.53.0/24 maxlen: 24
185.181.54.0/24 maxlen: 24
192.161.6.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:da:fa:7b:87:f3:a2:61:ba:d2:cf:a3:4f:8b:ff:7d:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbd4719d72d288a73218d8c1a498823333297e25
Validity
Not Before: Mar 13 12:38:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20922ed60b6b38d94a94df6a6886825e98b0d041
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:6b:ed:47:f2:49:0e:df:bd:66:a9:33:93:c8:
5c:f2:a5:58:18:7d:e0:65:ca:fc:b0:8a:76:b9:b9:
03:6e:14:bd:f5:bf:48:74:13:7d:41:e1:89:e6:fe:
2b:34:09:04:92:1d:2b:80:e3:27:56:be:37:6f:01:
a5:2e:53:2e:c4:08:cd:35:c1:5c:fc:db:35:bb:1a:
e8:1a:99:5b:b8:13:cf:75:a7:67:80:5f:04:5f:81:
da:41:25:a4:c0:d7:a1:6d:e1:f4:47:51:2a:56:b0:
04:cf:3b:ff:5c:a3:e0:51:f7:46:17:4d:1e:3e:18:
77:43:c5:46:f2:42:63:ea:2d:50:b1:c8:8c:a4:66:
89:da:c5:8d:20:2b:83:a8:02:47:fc:8a:d4:4f:43:
37:a9:76:81:9b:ca:8f:a6:d8:85:b7:9e:90:06:3e:
90:79:e9:3f:0b:88:f8:62:6d:c7:6c:66:e6:b0:a6:
bc:d0:ef:11:c0:5d:ed:0a:dd:0b:81:9a:ef:58:d8:
c7:67:f0:cc:64:18:32:7d:c5:a7:cb:79:f9:e0:44:
20:03:9d:67:fe:6d:1b:74:9f:40:f3:f3:18:af:9f:
e3:8b:f7:b8:7d:70:98:44:3f:6b:3a:bd:7d:bb:58:
ca:95:aa:6d:71:5c:08:2e:4b:3d:5a:96:54:6c:65:
39:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:92:2E:D6:0B:6B:38:D9:4A:94:DF:6A:68:86:82:5E:98:B0:D0:41
X509v3 Authority Key Identifier:
keyid:CB:D4:71:9D:72:D2:88:A7:32:18:D8:C1:A4:98:82:33:33:29:7E:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y9RxnXLSiKcyGNjBpJiCMzMpfiU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/IJIu1gtrONlKlN9qaIaCXpiw0EE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/y9RxnXLSiKcyGNjBpJiCMzMpfiU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.160.5.0/24
185.98.157.0/24
185.181.52.0/22
192.161.6.0/23
Signature Algorithm: sha256WithRSAEncryption
04:7d:5a:f4:8e:9d:d1:ff:91:9b:be:8e:5c:85:c1:79:e9:d0:
d9:00:16:4c:3a:a7:ee:6e:42:af:0c:1f:d1:0e:32:60:a9:ce:
c3:5b:5a:58:ae:53:8f:4a:98:1f:cf:4d:b0:44:7d:4b:f7:d1:
17:0d:6f:1e:87:e7:7f:02:85:54:2e:c5:64:7b:f0:00:58:52:
3e:40:7b:d8:48:7a:52:bc:76:1c:2f:0e:4b:1f:e6:ee:53:40:
f2:3e:3d:3b:49:09:f2:0d:27:44:25:4a:12:3b:c8:77:1a:06:
e5:91:3d:51:71:09:d2:3a:35:d0:21:e9:58:19:96:96:b0:61:
f8:eb:db:05:70:98:ac:46:36:05:01:4d:b1:7e:c4:b3:d0:5c:
a1:3f:6e:68:2e:4f:f9:e0:56:01:37:57:c1:a2:5d:97:4b:77:
ec:71:59:b1:0b:94:9f:e0:a8:35:e2:0f:d6:13:06:4d:6a:f0:
8c:23:ee:84:87:ac:e9:24:bb:40:5d:a6:c3:de:38:a9:b2:e9:
b8:1d:1a:a5:dd:40:74:14:7a:20:61:bf:e9:47:90:bf:c6:98:
9c:13:c6:ba:85:7f:e8:13:59:6c:94:2f:83:2c:09:3e:e5:22:
10:16:87:d8:86:38:a4:77:ce:e0:be:7f:78:b4:7e:a3:7a:2e:
32:f2:e6:b8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYba+nuH86JhutLPo0+L/33VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZDQ3MTlkNzJkMjg4YTczMjE4ZDhjMWE0OTg4MjMzMzMy
OTdlMjUwHhcNMjMwMzEzMTIzODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDkyMmVkNjBiNmIzOGQ5NGE5NGRmNmE2ODg2ODI1ZTk4YjBkMDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGvtR/JJDt+9Zqkzk8hc8qVYGH3g
Zcr8sIp2ubkDbhS99b9IdBN9QeGJ5v4rNAkEkh0rgOMnVr43bwGlLlMuxAjNNcFc
/Ns1uxroGplbuBPPdadngF8EX4HaQSWkwNehbeH0R1EqVrAEzzv/XKPgUfdGF00e
Phh3Q8VG8kJj6i1QsciMpGaJ2sWNICuDqAJH/IrUT0M3qXaBm8qPptiFt56QBj6Q
eek/C4j4Ym3HbGbmsKa80O8RwF3tCt0LgZrvWNjHZ/DMZBgyfcWny3n54EQgA51n
/m0bdJ9A8/MYr5/ji/e4fXCYRD9rOr19u1jKlaptcVwILks9WpZUbGU5VwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCCSLtYLazjZSpTfamiGgl6YsNBBMB8GA1UdIwQY
MBaAFMvUcZ1y0oinMhjYwaSYgjMzKX4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTlSeG5YTFNpS2N5R05qQnBKaUNNek1wZmlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kYzhjMGQtZjhjMy00MDZjLWI3OWUt
YjQ5MmQ2ZmY0ODNmLzEvSUpJdTFndHJPTmxLbE45cWFJYUNYcGl3MEVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kYzhjMGQtZjhjMy00MDZjLWI3OWUtYjQ5MmQ2ZmY0ODNm
LzEveTlSeG5YTFNpS2N5R05qQnBKaUNNek1wZmlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAp6AFAwQA
uWKdAwQCubU0AwQBwKEGMA0GCSqGSIb3DQEBCwUAA4IBAQAEfVr0jp3R/5Gbvo5c
hcF56dDZABZMOqfubkKvDB/RDjJgqc7DW1pYrlOPSpgfz02wRH1L99EXDW8eh+d/
AoVULsVke/AAWFI+QHvYSHpSvHYcLw5LH+buU0DyPj07SQnyDSdEJUoSO8h3Ggbl
kT1RcQnSOjXQIelYGZaWsGH469sFcJisRjYFAU2xfsSz0FyhP25oLk/54FYBN1fB
ol2XS3fscVmxC5Sf4Kg14g/WEwZNavCMI+6Eh6zpJLtAXabD3jipsum4HRql3UB0
FHogYb/pR5C/xpicE8a6hX/oE1lslC+DLAk+5SIQFofYhjikd87gvn94tH6jei4y
8ua4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:14 2024 by rpki-client on console-fra.rpki-client.org