Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/5d6167-f02b-44db-b565-0e4382310ca5/1/yHe4h98bYEwqoUE-fPDcnnv5prI.roa
File: yHe4h98bYEwqoUE-fPDcnnv5prI.roa (raw, json)
Hash identifier: rIsFRH3oD1rIbU4Dth5uSS30ISC0z8ZvYy4P1cm6DN0=
Subject key identifier: C8:77:B8:87:DF:1B:60:4C:2A:A1:41:3E:7C:F0:DC:9E:7B:F9:A6:B2
Certificate issuer: /CN=1bef5aa14d3140c7c7c4988f19da9431eb1a40f1
Certificate serial: 01856B77D25A9341CA60A58C25AB1B7861FD
Authority key identifier: 1B:EF:5A:A1:4D:31:40:C7:C7:C4:98:8F:19:DA:94:31:EB:1A:40:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-9aoU0xQMfHxJiPGdqUMesaQPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/5d6167-f02b-44db-b565-0e4382310ca5/1/yHe4h98bYEwqoUE-fPDcnnv5prI.roa
Signing time: Sun 01 Jan 2023 03:54:52 +0000
ROA not before: Sun 01 Jan 2023 03:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49796
IP address blocks: 185.167.72.3/32 maxlen: 32
185.167.72.254/32 maxlen: 32
185.167.72.253/32 maxlen: 32
185.167.72.13/32 maxlen: 32
185.167.74.0/23 maxlen: 23
185.167.74.0/24 maxlen: 24
185.167.72.0/24 maxlen: 24
185.167.72.0/23 maxlen: 23
185.167.72.0/22 maxlen: 22
185.167.75.0/24 maxlen: 24
185.167.73.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:77:d2:5a:93:41:ca:60:a5:8c:25:ab:1b:78:61:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bef5aa14d3140c7c7c4988f19da9431eb1a40f1
Validity
Not Before: Jan 1 03:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c877b887df1b604c2aa1413e7cf0dc9e7bf9a6b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:4a:47:af:70:84:3c:1b:2d:3e:55:21:5c:f1:
7f:8e:b7:91:ac:26:c2:c4:b4:d2:ae:33:04:8d:90:
fe:3a:dd:f6:1f:bd:49:c8:52:10:d2:d8:4f:69:b5:
29:0d:b4:53:83:0d:8f:43:7a:22:f5:e1:3c:34:fb:
81:69:af:10:6a:8e:86:5b:bd:c3:d7:ee:17:52:46:
2c:2e:cf:32:16:f5:99:1f:da:9c:24:61:9a:29:9e:
bc:61:b8:2d:6b:91:d6:78:88:20:d9:95:a4:cd:9b:
1e:1b:0c:83:3d:b0:61:77:d3:af:a3:a6:28:4a:c9:
c8:73:e9:64:60:31:df:46:b8:1c:70:d4:c1:3a:07:
85:b7:7b:b8:4d:f3:fc:61:7c:04:f1:43:23:47:82:
48:d5:54:f0:fc:91:03:53:39:aa:d8:f7:3a:f4:45:
e0:22:c7:a0:a8:73:7a:fc:c8:c0:b2:51:26:e7:14:
70:26:f0:72:e0:7d:b3:76:25:08:24:e3:df:98:06:
53:b2:a7:b8:ab:23:02:7c:25:29:47:ab:dd:10:6a:
d0:cd:fe:28:2a:c1:0d:9f:3d:7b:a0:0d:a1:65:e8:
0e:fc:22:6a:1f:8d:b2:b3:88:89:67:db:39:24:bf:
92:9a:cb:1a:f5:1d:53:be:4f:ee:cb:90:1b:5b:2f:
c4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:77:B8:87:DF:1B:60:4C:2A:A1:41:3E:7C:F0:DC:9E:7B:F9:A6:B2
X509v3 Authority Key Identifier:
keyid:1B:EF:5A:A1:4D:31:40:C7:C7:C4:98:8F:19:DA:94:31:EB:1A:40:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-9aoU0xQMfHxJiPGdqUMesaQPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5d6167-f02b-44db-b565-0e4382310ca5/1/yHe4h98bYEwqoUE-fPDcnnv5prI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5d6167-f02b-44db-b565-0e4382310ca5/1/G-9aoU0xQMfHxJiPGdqUMesaQPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.72.0/22
Signature Algorithm: sha256WithRSAEncryption
59:76:ca:5a:a9:a0:6d:7a:8e:80:d7:12:75:d4:de:f4:fa:f9:
4a:74:3d:e5:90:9e:0d:8e:57:40:d5:a1:ee:39:aa:90:76:c6:
c4:1e:2a:bc:fe:75:ee:07:e4:65:33:47:38:20:9b:db:fb:d6:
7f:22:17:3d:2d:64:58:8e:7f:c8:31:40:b0:8a:84:ce:34:18:
7a:3f:c5:a9:d4:b7:7d:ba:39:a6:ef:51:51:14:9a:e9:90:75:
a5:6b:66:cc:34:2d:b7:28:34:65:00:c8:eb:a5:2e:14:8a:16:
89:41:41:ef:5a:5d:1d:cc:b3:29:17:09:90:2c:8e:31:10:23:
48:6a:b9:47:21:82:42:15:73:6e:6f:5e:5d:aa:07:dc:54:27:
17:52:21:f8:34:67:fc:0a:9d:da:fe:cf:6a:49:1c:90:e6:62:
0c:ad:f8:fd:fe:32:e2:67:3a:a4:6e:87:81:53:2a:bc:39:38:
c8:72:09:d7:13:0b:49:e3:39:64:06:f9:de:f1:04:2a:cd:2f:
3f:1b:b6:f4:6c:93:62:da:99:d2:d2:5d:a4:ec:4c:7b:be:8e:
95:ce:06:44:a7:c2:80:bd:07:69:4b:54:a5:65:1f:d3:5c:3e:
6f:90:e2:15:8b:af:82:02:05:5e:4d:9d:78:e4:00:38:b7:6c:
b0:67:96:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrd9Jak0HKYKWMJasbeGH9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZWY1YWExNGQzMTQwYzdjN2M0OTg4ZjE5ZGE5NDMxZWIx
YTQwZjEwHhcNMjMwMTAxMDM1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODc3Yjg4N2RmMWI2MDRjMmFhMTQxM2U3Y2YwZGM5ZTdiZjlhNmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkpHr3CEPBstPlUhXPF/jreRrCbC
xLTSrjMEjZD+Ot32H71JyFIQ0thPabUpDbRTgw2PQ3oi9eE8NPuBaa8Qao6GW73D
1+4XUkYsLs8yFvWZH9qcJGGaKZ68Ybgta5HWeIgg2ZWkzZseGwyDPbBhd9Ovo6Yo
SsnIc+lkYDHfRrgccNTBOgeFt3u4TfP8YXwE8UMjR4JI1VTw/JEDUzmq2Pc69EXg
IsegqHN6/MjAslEm5xRwJvBy4H2zdiUIJOPfmAZTsqe4qyMCfCUpR6vdEGrQzf4o
KsENnz17oA2hZegO/CJqH42ys4iJZ9s5JL+Smssa9R1Tvk/uy5AbWy/EmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMh3uIffG2BMKqFBPnzw3J57+aayMB8GA1UdIwQY
MBaAFBvvWqFNMUDHx8SYjxnalDHrGkDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRy05YW9VMHhRTWZIeEppUEdkcVVNZXNhUVBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC81ZDYxNjctZjAyYi00NGRiLWI1NjUt
MGU0MzgyMzEwY2E1LzEveUhlNGg5OGJZRXdxb1VFLWZQRGNubnY1cHJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC81ZDYxNjctZjAyYi00NGRiLWI1NjUtMGU0MzgyMzEwY2E1
LzEvRy05YW9VMHhRTWZIeEppUEdkcVVNZXNhUVBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuadIMA0G
CSqGSIb3DQEBCwUAA4IBAQBZdspaqaBteo6A1xJ11N70+vlKdD3lkJ4NjldA1aHu
OaqQdsbEHiq8/nXuB+RlM0c4IJvb+9Z/Ihc9LWRYjn/IMUCwioTONBh6P8Wp1Ld9
ujmm71FRFJrpkHWla2bMNC23KDRlAMjrpS4UihaJQUHvWl0dzLMpFwmQLI4xECNI
arlHIYJCFXNub15dqgfcVCcXUiH4NGf8Cp3a/s9qSRyQ5mIMrfj9/jLiZzqkboeB
Uyq8OTjIcgnXEwtJ4zlkBvne8QQqzS8/G7b0bJNi2pnS0l2k7Ex7vo6VzgZEp8KA
vQdpS1SlZR/TXD5vkOIVi6+CAgVeTZ145AA4t2ywZ5aS
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:34 2024 by rpki-client on console-ams.rpki-client.org