Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/008f91-aee3-4408-8393-14b76b76f2bb/1/xy5NR14wy-mA_bTe0yPViZC90_I.roa
File: xy5NR14wy-mA_bTe0yPViZC90_I.roa (raw, json)
Hash identifier: Dhuq6ZX+psaEjR2vNftnEY2HgoUwUh7MuWM9Ju+CXwE=
Subject key identifier: C7:2E:4D:47:5E:30:CB:E9:80:FD:B4:DE:D3:23:D5:89:90:BD:D3:F2
Certificate issuer: /CN=aa679589c1c48897d09b2d4fed7a66044a876ea3
Certificate serial: 01856F42B68CD9E3925E4B7B319C9F39C821
Authority key identifier: AA:67:95:89:C1:C4:88:97:D0:9B:2D:4F:ED:7A:66:04:4A:87:6E:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qmeVicHEiJfQmy1P7XpmBEqHbqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/008f91-aee3-4408-8393-14b76b76f2bb/1/xy5NR14wy-mA_bTe0yPViZC90_I.roa
Signing time: Sun 01 Jan 2023 21:35:21 +0000
ROA not before: Sun 01 Jan 2023 21:35:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20771
IP address blocks: 185.163.200.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:b6:8c:d9:e3:92:5e:4b:7b:31:9c:9f:39:c8:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa679589c1c48897d09b2d4fed7a66044a876ea3
Validity
Not Before: Jan 1 21:35:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c72e4d475e30cbe980fdb4ded323d58990bdd3f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:57:a7:98:64:58:3e:91:ab:ec:41:f7:59:e4:
8a:0c:4d:93:f8:f1:ce:8a:9e:9c:c3:2d:9a:7b:05:
1d:0e:b9:e7:2b:b1:e8:79:68:75:32:c8:9a:fb:a5:
5a:68:ed:26:89:89:83:b3:c2:40:42:96:8d:8d:9f:
19:b4:92:ff:9b:9c:81:e6:ce:3a:b6:8e:da:c8:b8:
e4:d1:e1:68:ab:9d:94:e2:a2:b3:2b:fe:ad:42:59:
00:4e:20:fc:99:6e:28:be:b1:c8:8d:da:b0:3a:21:
b2:b6:6a:ac:7f:ae:5b:65:5f:4c:a9:37:94:b8:dd:
04:70:3a:e9:b1:22:e2:de:90:5c:b0:4a:09:74:08:
16:7c:61:a2:96:1f:a4:d5:6e:9d:cc:8c:cb:44:9e:
0f:c1:87:cf:db:ae:31:7a:df:fc:5b:1a:8a:9e:ca:
a6:cd:07:32:b8:92:a2:58:8e:5f:a4:87:aa:5a:1e:
14:14:66:61:fd:54:38:54:93:84:86:a8:d9:a5:a6:
45:bc:7d:c9:58:ca:d5:3e:cf:1c:bf:59:46:32:09:
33:41:77:4b:56:87:e5:e1:83:48:49:b9:30:d4:eb:
38:b0:a0:60:6c:d9:c2:b1:6c:0b:9d:eb:ad:26:2c:
7e:a2:77:92:04:8f:a5:b2:d1:72:ba:6d:36:d6:d9:
cf:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:2E:4D:47:5E:30:CB:E9:80:FD:B4:DE:D3:23:D5:89:90:BD:D3:F2
X509v3 Authority Key Identifier:
keyid:AA:67:95:89:C1:C4:88:97:D0:9B:2D:4F:ED:7A:66:04:4A:87:6E:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qmeVicHEiJfQmy1P7XpmBEqHbqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/008f91-aee3-4408-8393-14b76b76f2bb/1/xy5NR14wy-mA_bTe0yPViZC90_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/008f91-aee3-4408-8393-14b76b76f2bb/1/qmeVicHEiJfQmy1P7XpmBEqHbqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.200.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:15:c6:9f:e7:48:24:dc:e4:ea:3c:10:16:a4:0b:e9:2c:ad:
e0:b6:11:7f:2e:39:8a:f8:8b:09:7f:5c:4c:b5:5b:93:31:f5:
7e:a9:00:33:10:b6:7d:48:7a:19:f2:af:ac:f1:3e:0d:28:d9:
37:19:96:a7:d2:e8:ba:95:14:48:de:44:89:4c:29:0b:45:5d:
93:34:b1:4c:6d:0f:33:e0:ff:4c:5f:e7:5b:cc:e0:9f:a5:08:
45:75:b5:af:72:50:39:d1:ae:13:4c:71:56:98:9f:dd:9e:de:
41:a0:2d:6d:08:ca:02:66:4d:3f:9e:81:be:0a:8b:22:b9:0d:
53:a0:c8:7e:b7:65:8c:70:9b:1e:2a:e2:aa:b1:bb:f4:59:6f:
5f:30:42:95:a9:1e:8d:d6:e9:da:8b:fe:fb:9b:65:09:97:d8:
77:ea:0a:83:67:aa:0e:b0:4b:6e:1f:dc:54:05:9f:fc:a4:c0:
33:75:cc:57:8e:ab:19:bf:66:db:ce:de:d8:12:a6:ff:65:7a:
1e:7b:c9:95:ba:70:d4:80:d6:84:fd:9d:be:7d:de:be:9c:b0:
a4:bc:7b:cd:f6:aa:a0:d1:61:f6:de:f3:33:12:9b:cc:2f:b3:
ca:a0:dd:4d:4d:24:d0:b9:7d:e9:aa:d1:16:49:f2:01:a6:0e:
0c:d2:c1:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQraM2eOSXkt7MZyfOcghMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNjc5NTg5YzFjNDg4OTdkMDliMmQ0ZmVkN2E2NjA0NGE4
NzZlYTMwHhcNMjMwMTAxMjEzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzJlNGQ0NzVlMzBjYmU5ODBmZGI0ZGVkMzIzZDU4OTkwYmRkM2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVenmGRYPpGr7EH3WeSKDE2T+PHO
ip6cwy2aewUdDrnnK7HoeWh1Msia+6VaaO0miYmDs8JAQpaNjZ8ZtJL/m5yB5s46
to7ayLjk0eFoq52U4qKzK/6tQlkATiD8mW4ovrHIjdqwOiGytmqsf65bZV9MqTeU
uN0EcDrpsSLi3pBcsEoJdAgWfGGilh+k1W6dzIzLRJ4PwYfP264xet/8WxqKnsqm
zQcyuJKiWI5fpIeqWh4UFGZh/VQ4VJOEhqjZpaZFvH3JWMrVPs8cv1lGMgkzQXdL
Vofl4YNISbkw1Os4sKBgbNnCsWwLneutJix+oneSBI+lstFyum021tnPvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMcuTUdeMMvpgP203tMj1YmQvdPyMB8GA1UdIwQY
MBaAFKpnlYnBxIiX0JstT+16ZgRKh26jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW1lVmljSEVpSmZRbXkxUDdYcG1CRXFIYnFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8wMDhmOTEtYWVlMy00NDA4LTgzOTMt
MTRiNzZiNzZmMmJiLzEveHk1TlIxNHd5LW1BX2JUZTB5UFZpWkM5MF9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8wMDhmOTEtYWVlMy00NDA4LTgzOTMtMTRiNzZiNzZmMmJi
LzEvcW1lVmljSEVpSmZRbXkxUDdYcG1CRXFIYnFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaPIMA0G
CSqGSIb3DQEBCwUAA4IBAQCrFcaf50gk3OTqPBAWpAvpLK3gthF/LjmK+IsJf1xM
tVuTMfV+qQAzELZ9SHoZ8q+s8T4NKNk3GZan0ui6lRRI3kSJTCkLRV2TNLFMbQ8z
4P9MX+dbzOCfpQhFdbWvclA50a4TTHFWmJ/dnt5BoC1tCMoCZk0/noG+CosiuQ1T
oMh+t2WMcJseKuKqsbv0WW9fMEKVqR6N1unai/77m2UJl9h36gqDZ6oOsEtuH9xU
BZ/8pMAzdcxXjqsZv2bbzt7YEqb/ZXoee8mVunDUgNaE/Z2+fd6+nLCkvHvN9qqg
0WH23vMzEpvML7PKoN1NTSTQuX3pqtEWSfIBpg4M0sG0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:16 2024 by rpki-client on console-fra.rpki-client.org