Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/b717c5-a64b-4475-be3e-5da8d677d847/1/g2RM6tP1DwsCCovFKzENFsz0qp4.roa
File: g2RM6tP1DwsCCovFKzENFsz0qp4.roa (raw, json)
Hash identifier: MjN+IWtlCPN/rEsTi4wPjnVk1OOZ7xzAHqHndaAPtuw=
Subject key identifier: 83:64:4C:EA:D3:F5:0F:0B:02:0A:8B:C5:2B:31:0D:16:CC:F4:AA:9E
Certificate issuer: /CN=9256ebf66b80f08135858d144ced6f785834f5f4
Certificate serial: 0185720C76E1C513B52CA7FE18513637AC2E
Authority key identifier: 92:56:EB:F6:6B:80:F0:81:35:85:8D:14:4C:ED:6F:78:58:34:F5:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/klbr9muA8IE1hY0UTO1veFg09fQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/b717c5-a64b-4475-be3e-5da8d677d847/1/g2RM6tP1DwsCCovFKzENFsz0qp4.roa
Signing time: Mon 02 Jan 2023 10:34:57 +0000
ROA not before: Mon 02 Jan 2023 10:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5580
IP address blocks: 185.168.160.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:76:e1:c5:13:b5:2c:a7:fe:18:51:36:37:ac:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9256ebf66b80f08135858d144ced6f785834f5f4
Validity
Not Before: Jan 2 10:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83644cead3f50f0b020a8bc52b310d16ccf4aa9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:26:e2:94:fc:cc:8a:ea:62:37:75:35:ca:1a:
16:ec:7d:7f:07:69:04:0d:7d:47:99:8e:de:4b:5b:
8b:62:3e:7f:ff:1d:91:40:e0:14:0a:c8:6b:a3:8d:
b4:08:db:d9:6b:c8:f0:7d:bb:62:1b:79:df:73:7a:
a8:2a:50:39:21:e0:dd:af:30:24:7b:9c:83:09:b9:
70:1f:e7:e9:e3:63:8d:53:d1:1a:67:4c:e2:81:14:
d4:fe:1e:7d:17:99:32:64:73:fc:5c:04:27:cb:8b:
2a:b7:23:de:3f:44:1e:26:95:b5:fd:4c:6f:17:89:
65:6a:9e:94:00:46:de:c7:26:1e:2e:12:3a:a2:15:
9c:ba:6d:5b:38:2c:73:a5:78:6c:f4:08:25:1b:a1:
af:5c:91:0d:5f:d2:61:8a:9c:88:47:d3:11:b6:41:
9d:d7:9a:ed:67:1a:80:d9:47:55:92:64:72:4a:cc:
9a:fc:17:f6:c6:f1:88:be:f9:29:42:38:6e:68:49:
8f:3c:c4:e3:f8:16:11:89:bd:13:9a:6c:f5:2b:9c:
12:57:1d:c1:73:1d:ed:65:41:0b:23:13:1f:f1:66:
0b:70:c6:d4:0b:dc:2f:8d:1a:06:bb:7e:38:27:61:
df:ff:04:1e:ca:b7:a5:56:13:9d:df:b6:1f:52:ac:
a9:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:64:4C:EA:D3:F5:0F:0B:02:0A:8B:C5:2B:31:0D:16:CC:F4:AA:9E
X509v3 Authority Key Identifier:
keyid:92:56:EB:F6:6B:80:F0:81:35:85:8D:14:4C:ED:6F:78:58:34:F5:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/klbr9muA8IE1hY0UTO1veFg09fQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/b717c5-a64b-4475-be3e-5da8d677d847/1/g2RM6tP1DwsCCovFKzENFsz0qp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/b717c5-a64b-4475-be3e-5da8d677d847/1/klbr9muA8IE1hY0UTO1veFg09fQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.168.160.0/22
Signature Algorithm: sha256WithRSAEncryption
02:43:80:3c:80:47:22:7f:f6:6c:8f:cb:28:a8:41:7f:05:c6:
2a:30:c8:f0:e6:98:67:2f:8b:63:4d:16:3b:f5:bd:16:07:da:
bb:3e:fe:07:28:3f:a9:50:7e:1f:13:a0:6b:36:50:83:1e:36:
23:88:2e:15:36:c3:d8:9b:58:f1:c3:2b:3d:0c:16:a0:10:63:
ab:4c:b2:15:f6:63:25:69:05:03:2f:78:07:74:71:33:78:22:
fb:10:9a:60:35:9e:33:80:33:2d:2d:03:4f:b8:d3:43:f3:a1:
f9:d8:a9:02:e1:e5:09:ce:70:c6:4f:c1:73:21:02:4d:fc:4a:
3e:b1:a8:50:61:1e:b3:09:f9:cc:67:ed:33:10:92:a2:06:6b:
ee:ea:b6:61:89:53:80:e2:13:fc:77:2b:24:4e:c2:70:6a:01:
79:e0:1c:e8:4b:72:ff:ff:c3:74:7c:31:34:a9:2e:a0:ca:9d:
be:3e:3f:96:86:a9:d6:b4:80:64:8d:5e:e6:98:83:e8:70:e3:
43:46:f1:83:25:6c:a3:a3:28:ab:25:84:80:bc:7e:d0:09:7b:
ca:e2:0f:c9:df:04:f2:9d:27:a3:01:97:f4:96:b0:a4:c3:d3:
ed:41:4d:4b:c2:6a:ce:db:62:01:76:2e:e5:a2:69:95:33:ad:
68:31:23:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyDHbhxRO1LKf+GFE2N6wuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNTZlYmY2NmI4MGYwODEzNTg1OGQxNDRjZWQ2Zjc4NTgz
NGY1ZjQwHhcNMjMwMTAyMTAzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzY0NGNlYWQzZjUwZjBiMDIwYThiYzUyYjMxMGQxNmNjZjRhYTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSbilPzMiupiN3U1yhoW7H1/B2kE
DX1HmY7eS1uLYj5//x2RQOAUCshro420CNvZa8jwfbtiG3nfc3qoKlA5IeDdrzAk
e5yDCblwH+fp42ONU9EaZ0zigRTU/h59F5kyZHP8XAQny4sqtyPeP0QeJpW1/Uxv
F4llap6UAEbexyYeLhI6ohWcum1bOCxzpXhs9AglG6GvXJENX9JhipyIR9MRtkGd
15rtZxqA2UdVkmRySsya/Bf2xvGIvvkpQjhuaEmPPMTj+BYRib0Tmmz1K5wSVx3B
cx3tZUELIxMf8WYLcMbUC9wvjRoGu344J2Hf/wQeyrelVhOd37YfUqypXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFINkTOrT9Q8LAgqLxSsxDRbM9KqeMB8GA1UdIwQY
MBaAFJJW6/ZrgPCBNYWNFEztb3hYNPX0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xicjltdUE4SUUxaFkwVVRPMXZlRmcwOWZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9iNzE3YzUtYTY0Yi00NDc1LWJlM2Ut
NWRhOGQ2NzdkODQ3LzEvZzJSTTZ0UDFEd3NDQ292Rkt6RU5Gc3owcXA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9iNzE3YzUtYTY0Yi00NDc1LWJlM2UtNWRhOGQ2NzdkODQ3
LzEva2xicjltdUE4SUUxaFkwVVRPMXZlRmcwOWZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaigMA0G
CSqGSIb3DQEBCwUAA4IBAQACQ4A8gEcif/Zsj8soqEF/BcYqMMjw5phnL4tjTRY7
9b0WB9q7Pv4HKD+pUH4fE6BrNlCDHjYjiC4VNsPYm1jxwys9DBagEGOrTLIV9mMl
aQUDL3gHdHEzeCL7EJpgNZ4zgDMtLQNPuNND86H52KkC4eUJznDGT8FzIQJN/Eo+
sahQYR6zCfnMZ+0zEJKiBmvu6rZhiVOA4hP8dyskTsJwagF54BzoS3L//8N0fDE0
qS6gyp2+Pj+WhqnWtIBkjV7mmIPocONDRvGDJWyjoyirJYSAvH7QCXvK4g/J3wTy
nSejAZf0lrCkw9PtQU1LwmrO22IBdi7lommVM61oMSNj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:18 2024 by rpki-client on console-fra.rpki-client.org