Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/b717c5-a64b-4475-be3e-5da8d677d847/1/qs4MwoasWEe5jetCR9VuTXkPLwc.roa
File: qs4MwoasWEe5jetCR9VuTXkPLwc.roa (raw, json)
Hash identifier: nnD/nlJrCkg+th6JA/VGn9YjCMuyR7xg2LBGZjXG+z0=
Subject key identifier: AA:CE:0C:C2:86:AC:58:47:B9:8D:EB:42:47:D5:6E:4D:79:0F:2F:07
Certificate issuer: /CN=9256ebf66b80f08135858d144ced6f785834f5f4
Certificate serial: 0185720C773328F3F7EE516122FD3286B158
Authority key identifier: 92:56:EB:F6:6B:80:F0:81:35:85:8D:14:4C:ED:6F:78:58:34:F5:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/klbr9muA8IE1hY0UTO1veFg09fQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/b717c5-a64b-4475-be3e-5da8d677d847/1/qs4MwoasWEe5jetCR9VuTXkPLwc.roa
Signing time: Mon 02 Jan 2023 10:34:57 +0000
ROA not before: Mon 02 Jan 2023 10:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35421
IP address blocks: 185.168.160.0/22 maxlen: 24
185.168.160.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:77:33:28:f3:f7:ee:51:61:22:fd:32:86:b1:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9256ebf66b80f08135858d144ced6f785834f5f4
Validity
Not Before: Jan 2 10:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aace0cc286ac5847b98deb4247d56e4d790f2f07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:16:55:28:23:bd:27:ed:ef:7c:31:17:43:7c:
32:1f:35:3c:ac:73:d8:5f:98:2c:ef:78:35:8a:1d:
30:01:08:7a:78:8c:1d:20:fe:72:36:63:67:21:08:
8d:53:84:d9:a0:5d:ca:aa:df:d3:03:6a:3b:4a:97:
6f:8f:1d:40:e4:22:44:a9:a9:fc:fa:31:72:76:a1:
1b:91:5e:13:73:1b:f4:5b:f9:05:42:f7:e0:bd:ab:
d7:64:16:20:ca:f5:9c:1e:69:0c:eb:83:de:6e:04:
87:b6:27:f8:cf:ba:44:2d:b4:bb:90:a1:04:0d:b0:
42:39:cb:db:e6:8e:10:2b:d5:db:19:c2:07:22:f0:
83:a6:2d:21:fa:98:30:3d:3b:a1:15:9a:04:5d:99:
bf:de:75:63:3f:1e:79:33:7c:95:04:7e:d0:ba:5c:
41:99:5f:df:84:be:06:ff:b6:aa:88:6c:af:98:a9:
61:46:6a:ac:3e:2a:a2:2e:36:f9:5c:04:09:35:fe:
ff:89:01:9a:05:74:e1:16:55:8f:14:bf:3c:79:fa:
e1:88:d3:ed:f6:85:91:da:b2:0b:ba:1e:9f:2d:ac:
52:db:af:97:c6:f1:15:c6:e5:ad:08:2a:b0:82:fd:
c2:dd:94:86:5d:24:46:77:c9:cb:db:b5:83:68:71:
08:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:CE:0C:C2:86:AC:58:47:B9:8D:EB:42:47:D5:6E:4D:79:0F:2F:07
X509v3 Authority Key Identifier:
keyid:92:56:EB:F6:6B:80:F0:81:35:85:8D:14:4C:ED:6F:78:58:34:F5:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/klbr9muA8IE1hY0UTO1veFg09fQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/b717c5-a64b-4475-be3e-5da8d677d847/1/qs4MwoasWEe5jetCR9VuTXkPLwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/b717c5-a64b-4475-be3e-5da8d677d847/1/klbr9muA8IE1hY0UTO1veFg09fQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.168.160.0/22
Signature Algorithm: sha256WithRSAEncryption
15:5f:22:90:55:b3:9f:37:17:ea:50:5c:41:ba:8a:2c:61:23:
ff:a7:ae:1a:d3:6c:2b:5f:3e:86:61:ce:61:ff:e0:9a:d4:91:
48:08:ce:01:e8:89:66:3b:be:00:d8:0d:90:59:d0:0b:fa:88:
f8:46:e7:9a:d8:b5:52:ed:5c:1f:12:82:1f:78:ff:9e:50:1c:
f3:c9:b0:be:2f:c9:eb:7f:54:f3:79:40:46:9d:e5:53:cc:07:
9d:95:ce:20:80:5e:db:f9:f1:21:30:c0:ce:45:68:14:0b:f4:
e6:0d:a6:97:08:8c:e0:4e:4f:b6:54:b4:47:ba:e4:55:2b:49:
ff:4d:b6:c3:f1:8f:70:d5:68:c3:97:59:21:54:ee:64:49:0a:
87:d3:36:4b:98:a4:a1:81:ef:62:f4:bb:50:78:50:0b:94:41:
36:28:27:37:b0:6a:75:d1:84:13:0c:1c:08:b2:cf:11:3e:87:
01:b0:73:82:3c:bb:7d:9b:f6:de:97:71:0d:9c:5c:4c:12:c4:
69:1a:0c:72:00:5e:55:e4:76:ef:b2:bd:c9:b4:c5:97:25:62:
c2:39:f5:a9:57:d7:d1:1d:87:57:c5:c5:93:19:79:01:4d:9d:
5f:83:43:32:e5:de:b7:4c:7f:12:32:33:86:f0:d6:a5:58:9e:
d9:25:05:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyDHczKPP37lFhIv0yhrFYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNTZlYmY2NmI4MGYwODEzNTg1OGQxNDRjZWQ2Zjc4NTgz
NGY1ZjQwHhcNMjMwMTAyMTAzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWNlMGNjMjg2YWM1ODQ3Yjk4ZGViNDI0N2Q1NmU0ZDc5MGYyZjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhZVKCO9J+3vfDEXQ3wyHzU8rHPY
X5gs73g1ih0wAQh6eIwdIP5yNmNnIQiNU4TZoF3Kqt/TA2o7Spdvjx1A5CJEqan8
+jFydqEbkV4Tcxv0W/kFQvfgvavXZBYgyvWcHmkM64PebgSHtif4z7pELbS7kKEE
DbBCOcvb5o4QK9XbGcIHIvCDpi0h+pgwPTuhFZoEXZm/3nVjPx55M3yVBH7QulxB
mV/fhL4G/7aqiGyvmKlhRmqsPiqiLjb5XAQJNf7/iQGaBXThFlWPFL88efrhiNPt
9oWR2rILuh6fLaxS26+XxvEVxuWtCCqwgv3C3ZSGXSRGd8nL27WDaHEIRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKrODMKGrFhHuY3rQkfVbk15Dy8HMB8GA1UdIwQY
MBaAFJJW6/ZrgPCBNYWNFEztb3hYNPX0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xicjltdUE4SUUxaFkwVVRPMXZlRmcwOWZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9iNzE3YzUtYTY0Yi00NDc1LWJlM2Ut
NWRhOGQ2NzdkODQ3LzEvcXM0TXdvYXNXRWU1amV0Q1I5VnVUWGtQTHdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9iNzE3YzUtYTY0Yi00NDc1LWJlM2UtNWRhOGQ2NzdkODQ3
LzEva2xicjltdUE4SUUxaFkwVVRPMXZlRmcwOWZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaigMA0G
CSqGSIb3DQEBCwUAA4IBAQAVXyKQVbOfNxfqUFxBuoosYSP/p64a02wrXz6GYc5h
/+Ca1JFICM4B6IlmO74A2A2QWdAL+oj4Ruea2LVS7VwfEoIfeP+eUBzzybC+L8nr
f1TzeUBGneVTzAedlc4ggF7b+fEhMMDORWgUC/TmDaaXCIzgTk+2VLRHuuRVK0n/
TbbD8Y9w1WjDl1khVO5kSQqH0zZLmKShge9i9LtQeFALlEE2KCc3sGp10YQTDBwI
ss8RPocBsHOCPLt9m/bel3ENnFxMEsRpGgxyAF5V5Hbvsr3JtMWXJWLCOfWpV9fR
HYdXxcWTGXkBTZ1fg0My5d63TH8SMjOG8NalWJ7ZJQV/
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:56 2024 by rpki-client on console-fra.rpki-client.org