Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/0d4810-902a-4b7d-9818-3cef5625aed6/1/p0qEmmTuzyRLQxwy46Nj-sOTZbM.roa
File: p0qEmmTuzyRLQxwy46Nj-sOTZbM.roa (raw, json)
Hash identifier: BVHQ0zcnCv38yzmY2V4qYbMAxE9knaNwkQA96cHTdF0=
Subject key identifier: A7:4A:84:9A:64:EE:CF:24:4B:43:1C:32:E3:A3:63:FA:C3:93:65:B3
Certificate issuer: /CN=dfa69c3d98385d415405fc6fd30a800363c017c1
Certificate serial: 0185719570AB0AD35BDE1526A1D8F5A53CDC
Authority key identifier: DF:A6:9C:3D:98:38:5D:41:54:05:FC:6F:D3:0A:80:03:63:C0:17:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/36acPZg4XUFUBfxv0wqAA2PAF8E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/0d4810-902a-4b7d-9818-3cef5625aed6/1/p0qEmmTuzyRLQxwy46Nj-sOTZbM.roa
Signing time: Mon 02 Jan 2023 08:24:57 +0000
ROA not before: Mon 02 Jan 2023 08:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44466
IP address blocks: 185.160.162.0/23 maxlen: 24
185.160.160.0/23 maxlen: 24
188.215.109.0/24 maxlen: 24
188.215.110.0/24 maxlen: 24
188.215.111.0/24 maxlen: 24
188.215.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:70:ab:0a:d3:5b:de:15:26:a1:d8:f5:a5:3c:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfa69c3d98385d415405fc6fd30a800363c017c1
Validity
Not Before: Jan 2 08:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a74a849a64eecf244b431c32e3a363fac39365b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2f:55:d7:42:fa:49:49:d8:16:97:d8:31:cf:
06:7f:64:2e:cc:84:f0:9d:f7:57:77:77:68:84:86:
80:94:70:4b:4f:06:82:5c:83:2e:e8:3d:bd:0a:f2:
ca:18:e6:a7:d9:ec:7d:2c:43:3b:b4:69:66:a3:1c:
32:08:7a:50:8e:53:67:32:be:f2:68:bd:62:c4:3e:
d3:45:ec:ca:a5:26:a6:98:c9:5f:05:19:b0:45:93:
1c:99:e5:eb:80:17:38:0e:9e:5c:ff:12:9e:e5:db:
1f:dc:3a:8d:9e:98:e2:3a:58:31:71:f6:7d:54:c1:
fd:42:d7:e5:da:96:d3:ac:44:65:98:22:45:6c:1a:
9a:9b:70:43:49:5e:b4:43:2c:01:b2:e6:6a:9b:23:
bf:ff:9b:3f:f8:2f:3a:50:e1:95:76:eb:8f:c0:84:
75:44:92:e8:c6:6d:58:43:fd:80:0f:51:98:13:b5:
14:d3:ac:d3:6d:20:d3:f3:0c:c5:1b:c7:5f:74:ae:
24:c8:eb:79:48:0b:4e:44:53:50:2b:cf:b1:88:55:
02:d0:99:65:13:f3:56:52:9a:6e:18:6f:c1:e8:87:
b6:fa:2f:41:7c:b0:cc:4c:5b:26:ab:a3:92:3c:1e:
83:0c:01:0e:ec:ce:79:8a:65:27:1c:7d:bb:14:e8:
b7:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:4A:84:9A:64:EE:CF:24:4B:43:1C:32:E3:A3:63:FA:C3:93:65:B3
X509v3 Authority Key Identifier:
keyid:DF:A6:9C:3D:98:38:5D:41:54:05:FC:6F:D3:0A:80:03:63:C0:17:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/36acPZg4XUFUBfxv0wqAA2PAF8E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/0d4810-902a-4b7d-9818-3cef5625aed6/1/p0qEmmTuzyRLQxwy46Nj-sOTZbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/0d4810-902a-4b7d-9818-3cef5625aed6/1/36acPZg4XUFUBfxv0wqAA2PAF8E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.160.0/22
188.215.108.0/22
Signature Algorithm: sha256WithRSAEncryption
88:8d:1a:3b:d2:9d:35:70:1e:8b:0a:48:a1:eb:4c:c2:e7:3a:
9c:da:4a:6c:30:06:f8:a5:52:a9:a2:d6:19:df:8d:3f:9f:78:
6a:20:b6:29:5a:ec:fe:f9:b3:58:c2:b1:3a:cd:76:e5:67:fd:
82:3c:3e:0e:59:fc:36:aa:fe:1e:a2:40:c6:3a:de:5a:c7:11:
8b:64:45:36:4a:3b:58:8b:2a:0f:dc:a8:57:d4:0e:19:b7:7f:
4e:8f:18:61:2b:2a:ce:b3:93:bd:5c:a4:23:59:2e:56:1e:ba:
5b:e1:ab:df:33:5e:e5:e3:8d:4f:2f:89:39:9c:fd:07:e3:02:
cc:78:fd:70:12:44:19:d4:53:cd:df:c0:a6:70:99:e2:52:d6:
3c:e7:5e:80:ce:f1:6c:0a:46:51:2f:5b:a3:bc:83:29:96:4e:
76:61:5f:9b:a6:61:d0:dc:13:ee:83:00:41:39:9f:2f:5d:2a:
96:46:6f:7c:ea:66:52:9b:59:85:16:21:5b:b5:c0:cf:b2:89:
06:e3:bf:f4:88:d3:e4:ce:12:f5:3c:6a:b5:c0:3b:88:35:4f:
a4:5d:2e:ab:65:12:9a:11:e4:40:01:79:a8:68:d1:42:cf:4b:
91:07:6b:50:45:68:e1:7e:cd:30:12:f0:ac:f2:1d:6f:c0:d9:
bc:0b:05:d6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxlXCrCtNb3hUmodj1pTzcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYTY5YzNkOTgzODVkNDE1NDA1ZmM2ZmQzMGE4MDAzNjNj
MDE3YzEwHhcNMjMwMTAyMDgyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzRhODQ5YTY0ZWVjZjI0NGI0MzFjMzJlM2EzNjNmYWMzOTM2NWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApC9V10L6SUnYFpfYMc8Gf2QuzITw
nfdXd3dohIaAlHBLTwaCXIMu6D29CvLKGOan2ex9LEM7tGlmoxwyCHpQjlNnMr7y
aL1ixD7TRezKpSammMlfBRmwRZMcmeXrgBc4Dp5c/xKe5dsf3DqNnpjiOlgxcfZ9
VMH9Qtfl2pbTrERlmCJFbBqam3BDSV60QywBsuZqmyO//5s/+C86UOGVduuPwIR1
RJLoxm1YQ/2AD1GYE7UU06zTbSDT8wzFG8dfdK4kyOt5SAtORFNQK8+xiFUC0Jll
E/NWUppuGG/B6Ie2+i9BfLDMTFsmq6OSPB6DDAEO7M55imUnHH27FOi3/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKdKhJpk7s8kS0McMuOjY/rDk2WzMB8GA1UdIwQY
MBaAFN+mnD2YOF1BVAX8b9MKgANjwBfBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzZhY1BaZzRYVUZVQmZ4djB3cUFBMlBBRjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy8wZDQ4MTAtOTAyYS00YjdkLTk4MTgt
M2NlZjU2MjVhZWQ2LzEvcDBxRW1tVHV6eVJMUXh3eTQ2Tmotc09UWmJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy8wZDQ4MTAtOTAyYS00YjdkLTk4MTgtM2NlZjU2MjVhZWQ2
LzEvMzZhY1BaZzRYVUZVQmZ4djB3cUFBMlBBRjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuaCgAwQC
vNdsMA0GCSqGSIb3DQEBCwUAA4IBAQCIjRo70p01cB6LCkih60zC5zqc2kpsMAb4
pVKpotYZ340/n3hqILYpWuz++bNYwrE6zXblZ/2CPD4OWfw2qv4eokDGOt5axxGL
ZEU2SjtYiyoP3KhX1A4Zt39OjxhhKyrOs5O9XKQjWS5WHrpb4avfM17l441PL4k5
nP0H4wLMeP1wEkQZ1FPN38CmcJniUtY8516AzvFsCkZRL1ujvIMplk52YV+bpmHQ
3BPugwBBOZ8vXSqWRm986mZSm1mFFiFbtcDPsokG47/0iNPkzhL1PGq1wDuINU+k
XS6rZRKaEeRAAXmoaNFCz0uRB2tQRWjhfs0wEvCs8h1vwNm8CwXW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:03 2024 by rpki-client on console-ams.rpki-client.org