Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/bb46f5-9ff2-4058-9050-fbdcb1a41467/1/IkR_z1nXyqNfu2i3wxV0Ml5sTSY.roa
File: IkR_z1nXyqNfu2i3wxV0Ml5sTSY.roa (raw, json)
Hash identifier: g8u8tmM9Xo8bt2jBoy/OCGrb34ll5g4xNR1bFj9mRkw=
Subject key identifier: 22:44:7F:CF:59:D7:CA:A3:5F:BB:68:B7:C3:15:74:32:5E:6C:4D:26
Certificate issuer: /CN=4b796f0b3051b5bc814b2e89cb470a3826b2bf00
Certificate serial: 0185710C093D08990FB50F2FD8C2A07FB53A
Authority key identifier: 4B:79:6F:0B:30:51:B5:BC:81:4B:2E:89:CB:47:0A:38:26:B2:BF:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S3lvCzBRtbyBSy6Jy0cKOCayvwA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/bb46f5-9ff2-4058-9050-fbdcb1a41467/1/IkR_z1nXyqNfu2i3wxV0Ml5sTSY.roa
Signing time: Mon 02 Jan 2023 05:54:52 +0000
ROA not before: Mon 02 Jan 2023 05:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199937
IP address blocks: 185.42.68.0/23 maxlen: 23
185.42.71.0/24 maxlen: 24
2a04:8e80::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:09:3d:08:99:0f:b5:0f:2f:d8:c2:a0:7f:b5:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b796f0b3051b5bc814b2e89cb470a3826b2bf00
Validity
Not Before: Jan 2 05:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22447fcf59d7caa35fbb68b7c31574325e6c4d26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:7b:ba:78:0a:4a:1d:db:97:48:b3:dc:25:6b:
64:45:bf:05:91:4c:eb:cc:22:50:58:10:cb:31:93:
c8:b5:d1:fc:16:53:16:8d:b6:14:82:80:6c:a9:d6:
c1:1a:ef:8b:46:c0:e6:94:5f:c3:78:a6:5d:3c:a7:
58:eb:21:e3:df:a2:cf:79:c8:6d:fb:58:9e:2d:29:
7c:fd:78:8e:c3:ce:70:fa:6c:b1:02:b0:21:52:f2:
3a:f0:6d:5f:35:d3:8d:1d:84:7d:6f:fc:45:59:3d:
f4:80:b0:e6:7b:aa:15:c4:16:c8:d9:a7:37:70:0b:
c6:64:60:22:dc:97:52:56:e3:71:5e:9b:04:7d:30:
10:20:2d:d0:c2:64:23:8d:21:f7:74:e8:4c:ed:5a:
69:a7:ed:8c:bd:dd:a5:e0:8b:99:5d:f5:ed:b5:09:
0b:1b:df:73:5c:f8:1b:95:90:bf:bb:12:c3:d9:76:
f4:07:6d:1b:2b:ff:6f:2d:18:d2:1b:f0:8f:34:43:
39:29:91:76:a7:c2:c8:e7:c7:3e:3b:79:62:ea:cb:
88:bb:b5:11:76:b6:1d:96:da:94:e3:2d:f5:65:95:
44:0b:bb:0a:b8:4d:dc:e3:d7:17:d6:2a:9c:26:1e:
6d:66:0b:18:21:f4:66:b9:64:f8:09:9d:22:7f:f8:
e7:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:44:7F:CF:59:D7:CA:A3:5F:BB:68:B7:C3:15:74:32:5E:6C:4D:26
X509v3 Authority Key Identifier:
keyid:4B:79:6F:0B:30:51:B5:BC:81:4B:2E:89:CB:47:0A:38:26:B2:BF:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S3lvCzBRtbyBSy6Jy0cKOCayvwA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/bb46f5-9ff2-4058-9050-fbdcb1a41467/1/IkR_z1nXyqNfu2i3wxV0Ml5sTSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/bb46f5-9ff2-4058-9050-fbdcb1a41467/1/S3lvCzBRtbyBSy6Jy0cKOCayvwA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.68.0/23
185.42.71.0/24
IPv6:
2a04:8e80::/48
Signature Algorithm: sha256WithRSAEncryption
0b:0d:75:76:63:6a:d4:f5:83:ed:81:82:ec:81:3a:20:21:33:
89:d6:32:ab:79:6b:50:31:6c:31:15:0d:d9:21:f6:e4:2b:a2:
82:90:bb:37:bf:ff:b5:d2:40:cc:3b:83:d0:2b:62:7a:19:19:
9d:6d:51:c5:e6:2c:70:1e:29:4b:26:a4:67:e7:ca:bf:a0:33:
f1:49:76:49:ed:7a:71:25:80:58:aa:f3:ca:83:5b:01:8f:05:
c8:d1:6d:7d:88:9b:af:c8:92:e8:f9:65:84:81:52:ce:0c:36:
9b:2c:34:f5:83:d1:4e:61:f0:38:f2:34:e0:67:e1:e5:a5:59:
a8:f3:9c:be:22:64:1e:1e:4c:7c:90:b6:79:ed:cc:46:e0:bd:
1e:20:b3:61:7d:9c:63:b9:19:85:32:34:6a:d5:5c:ec:20:b1:
48:4e:c9:6b:95:23:7b:ce:29:a7:1e:4d:1a:f8:9a:d0:09:11:
f3:bb:d9:b3:de:55:c5:ef:08:8f:15:b1:5d:a2:32:20:5a:a9:
71:c0:21:a9:fa:60:44:d1:14:8b:b6:60:a0:5c:8b:ae:3b:df:
22:a3:3c:ec:44:61:6a:aa:87:d5:12:5b:e8:73:ab:b8:b3:57:
e2:d1:c3:f1:0c:42:0e:f2:db:ca:52:7a:64:81:7e:b0:10:b7:
c4:7d:aa:aa
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVxDAk9CJkPtQ8v2MKgf7U6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNzk2ZjBiMzA1MWI1YmM4MTRiMmU4OWNiNDcwYTM4MjZi
MmJmMDAwHhcNMjMwMTAyMDU1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjQ0N2ZjZjU5ZDdjYWEzNWZiYjY4YjdjMzE1NzQzMjVlNmM0ZDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3nu6eApKHduXSLPcJWtkRb8FkUzr
zCJQWBDLMZPItdH8FlMWjbYUgoBsqdbBGu+LRsDmlF/DeKZdPKdY6yHj36LPecht
+1ieLSl8/XiOw85w+myxArAhUvI68G1fNdONHYR9b/xFWT30gLDme6oVxBbI2ac3
cAvGZGAi3JdSVuNxXpsEfTAQIC3QwmQjjSH3dOhM7Vppp+2Mvd2l4IuZXfXttQkL
G99zXPgblZC/uxLD2Xb0B20bK/9vLRjSG/CPNEM5KZF2p8LI58c+O3li6suIu7UR
drYdltqU4y31ZZVEC7sKuE3c49cX1iqcJh5tZgsYIfRmuWT4CZ0if/jnSQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFCJEf89Z18qjX7tot8MVdDJebE0mMB8GA1UdIwQY
MBaAFEt5bwswUbW8gUsuictHCjgmsr8AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzNsdkN6QlJ0YnlCU3k2SnkwY0tPQ2F5dndBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9iYjQ2ZjUtOWZmMi00MDU4LTkwNTAt
ZmJkY2IxYTQxNDY3LzEvSWtSX3oxblh5cU5mdTJpM3d4VjBNbDVzVFNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9iYjQ2ZjUtOWZmMi00MDU4LTkwNTAtZmJkY2IxYTQxNDY3
LzEvUzNsdkN6QlJ0YnlCU3k2SnkwY0tPQ2F5dndBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBuSpEAwQA
uSpHMA8EAgACMAkDBwAqBI6AAAAwDQYJKoZIhvcNAQELBQADggEBAAsNdXZjatT1
g+2BguyBOiAhM4nWMqt5a1AxbDEVDdkh9uQrooKQuze//7XSQMw7g9ArYnoZGZ1t
UcXmLHAeKUsmpGfnyr+gM/FJdkntenElgFiq88qDWwGPBcjRbX2Im6/Ikuj5ZYSB
Us4MNpssNPWD0U5h8DjyNOBn4eWlWajznL4iZB4eTHyQtnntzEbgvR4gs2F9nGO5
GYUyNGrVXOwgsUhOyWuVI3vOKaceTRr4mtAJEfO72bPeVcXvCI8VsV2iMiBaqXHA
Ian6YETRFIu2YKBci6473yKjPOxEYWqqh9USW+hzq7izV+LRw/EMQg7y28pSemSB
frAQt8R9qqo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:07 2024 by rpki-client on console-fra.rpki-client.org