Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/b717c5-a64b-4475-be3e-5da8d677d847/1/eW0z7yARxnBPW7Tnw7CurmKfxec.roa
File: eW0z7yARxnBPW7Tnw7CurmKfxec.roa (raw, json)
Hash identifier: 0VNiFSW2YyEYlaTDWZHG58TnMlbi4YRWywJBnKGVkoM=
Subject key identifier: 79:6D:33:EF:20:11:C6:70:4F:5B:B4:E7:C3:B0:AE:AE:62:9F:C5:E7
Certificate issuer: /CN=9256ebf66b80f08135858d144ced6f785834f5f4
Certificate serial: 0185720C77D10B4C9FA2C657872E07F76E11
Authority key identifier: 92:56:EB:F6:6B:80:F0:81:35:85:8D:14:4C:ED:6F:78:58:34:F5:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/klbr9muA8IE1hY0UTO1veFg09fQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/b717c5-a64b-4475-be3e-5da8d677d847/1/eW0z7yARxnBPW7Tnw7CurmKfxec.roa
Signing time: Mon 02 Jan 2023 10:34:57 +0000
ROA not before: Mon 02 Jan 2023 10:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 4214120002
IP address blocks: 185.168.163.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:77:d1:0b:4c:9f:a2:c6:57:87:2e:07:f7:6e:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9256ebf66b80f08135858d144ced6f785834f5f4
Validity
Not Before: Jan 2 10:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=796d33ef2011c6704f5bb4e7c3b0aeae629fc5e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:29:ea:69:d1:d4:88:7a:5c:78:e2:a8:39:41:
c7:7d:03:b7:9b:43:d5:da:b2:eb:12:e3:6d:2b:ea:
72:72:57:9e:b6:44:49:13:4c:c9:38:8a:d2:f3:17:
10:34:0b:70:14:b9:fb:a2:18:16:25:07:0d:30:77:
40:ee:04:25:c8:3c:7d:6a:27:e4:0e:41:91:47:e7:
cc:f1:cc:dd:ac:ce:d3:7e:05:c0:f8:29:12:4b:61:
f9:3e:0c:08:4e:2e:8d:4e:6a:31:10:b6:ff:7a:a2:
84:7f:a3:8d:ab:1c:58:0d:6b:b0:43:14:a6:53:6d:
03:77:ed:bd:95:9b:d9:a4:49:ca:1e:5e:d6:3f:bd:
2f:b5:20:4b:49:e9:a8:f9:7a:66:a5:83:aa:8e:b8:
44:e5:36:2a:16:1e:78:f4:b5:61:54:33:e5:e3:98:
5e:24:86:f6:8d:e7:e8:ba:cb:0d:db:be:aa:42:a7:
86:fa:96:60:14:a2:b7:66:eb:6e:93:35:2d:85:89:
26:56:fd:b3:cb:08:67:81:8d:e6:4a:b4:6b:95:4f:
76:fe:a5:a2:d6:1e:23:f5:81:05:2a:af:06:f1:c0:
43:a3:3e:56:9c:f1:d7:f1:fa:93:9f:9f:45:85:b1:
36:1f:ec:eb:40:a3:7c:4f:85:23:05:29:57:bb:a2:
c6:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:6D:33:EF:20:11:C6:70:4F:5B:B4:E7:C3:B0:AE:AE:62:9F:C5:E7
X509v3 Authority Key Identifier:
keyid:92:56:EB:F6:6B:80:F0:81:35:85:8D:14:4C:ED:6F:78:58:34:F5:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/klbr9muA8IE1hY0UTO1veFg09fQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/b717c5-a64b-4475-be3e-5da8d677d847/1/eW0z7yARxnBPW7Tnw7CurmKfxec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/b717c5-a64b-4475-be3e-5da8d677d847/1/klbr9muA8IE1hY0UTO1veFg09fQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.168.163.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:10:19:14:ba:f4:4b:c4:ae:45:45:d6:75:1f:a3:c0:a0:85:
cb:36:e1:52:52:2b:56:d1:27:05:19:eb:7f:b7:a1:db:07:b4:
50:97:12:07:93:4d:8e:2a:4e:d4:68:9b:a5:f8:0a:a8:2a:33:
f4:34:68:b8:d3:4c:fe:42:ec:65:11:ac:76:60:d0:d5:96:da:
61:30:76:04:25:8a:28:86:9f:bb:2a:72:d9:0d:ac:14:a2:6d:
8d:23:be:63:51:e6:ff:3c:d9:d0:7a:a0:3b:d8:32:79:f0:e1:
7b:2d:ad:a8:da:d5:7f:3e:e5:54:e9:86:e2:b0:19:ea:55:f2:
c0:d5:f2:f5:c8:97:79:7b:9d:e2:df:d2:18:1c:6e:d6:73:8b:
5d:5b:a6:b0:ea:eb:ba:45:dc:d6:a6:35:a3:86:71:cd:bc:40:
a7:83:9c:bf:26:77:b6:6f:b9:f1:aa:6b:66:1e:d8:8d:a4:43:
6c:5d:27:96:fe:af:26:d1:ad:4d:1e:c9:49:0c:ef:47:98:98:
ad:96:3e:c9:76:41:3f:fc:c5:0c:de:4b:ee:76:c2:46:6e:32:
f9:67:3c:1c:d2:49:48:55:69:25:36:98:df:65:23:d6:eb:52:
30:ed:cb:92:5f:65:7b:a3:ce:01:71:a3:a9:1d:9f:4e:22:ad:
87:7a:5c:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyDHfRC0yfosZXhy4H924RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNTZlYmY2NmI4MGYwODEzNTg1OGQxNDRjZWQ2Zjc4NTgz
NGY1ZjQwHhcNMjMwMTAyMTAzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTZkMzNlZjIwMTFjNjcwNGY1YmI0ZTdjM2IwYWVhZTYyOWZjNWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCnqadHUiHpceOKoOUHHfQO3m0PV
2rLrEuNtK+pycleetkRJE0zJOIrS8xcQNAtwFLn7ohgWJQcNMHdA7gQlyDx9aifk
DkGRR+fM8czdrM7TfgXA+CkSS2H5PgwITi6NTmoxELb/eqKEf6ONqxxYDWuwQxSm
U20Dd+29lZvZpEnKHl7WP70vtSBLSemo+XpmpYOqjrhE5TYqFh549LVhVDPl45he
JIb2jefoussN276qQqeG+pZgFKK3ZutukzUthYkmVv2zywhngY3mSrRrlU92/qWi
1h4j9YEFKq8G8cBDoz5WnPHX8fqTn59FhbE2H+zrQKN8T4UjBSlXu6LG9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHltM+8gEcZwT1u058Owrq5in8XnMB8GA1UdIwQY
MBaAFJJW6/ZrgPCBNYWNFEztb3hYNPX0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xicjltdUE4SUUxaFkwVVRPMXZlRmcwOWZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9iNzE3YzUtYTY0Yi00NDc1LWJlM2Ut
NWRhOGQ2NzdkODQ3LzEvZVcwejd5QVJ4bkJQVzdUbnc3Q3VybUtmeGVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9iNzE3YzUtYTY0Yi00NDc1LWJlM2UtNWRhOGQ2NzdkODQ3
LzEva2xicjltdUE4SUUxaFkwVVRPMXZlRmcwOWZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaijMA0G
CSqGSIb3DQEBCwUAA4IBAQCfEBkUuvRLxK5FRdZ1H6PAoIXLNuFSUitW0ScFGet/
t6HbB7RQlxIHk02OKk7UaJul+AqoKjP0NGi400z+QuxlEax2YNDVltphMHYEJYoo
hp+7KnLZDawUom2NI75jUeb/PNnQeqA72DJ58OF7La2o2tV/PuVU6YbisBnqVfLA
1fL1yJd5e53i39IYHG7Wc4tdW6aw6uu6RdzWpjWjhnHNvECng5y/Jne2b7nxqmtm
HtiNpENsXSeW/q8m0a1NHslJDO9HmJitlj7JdkE//MUM3kvudsJGbjL5Zzwc0klI
VWklNpjfZSPW61Iw7cuSX2V7o84BcaOpHZ9OIq2Hely8
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:56 2024 by rpki-client on console-fra.rpki-client.org