Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/dHRxWYZS_rtFpkpuQalxSVxXI-k.roa
File: dHRxWYZS_rtFpkpuQalxSVxXI-k.roa (raw, json)
Hash identifier: sSvUFn+NGwx5X4/SctGT7WtD+L7kDU6vVdoeEzlK/Qw=
Subject key identifier: 74:74:71:59:86:52:FE:BB:45:A6:4A:6E:41:A9:71:49:5C:57:23:E9
Certificate issuer: /CN=f1bd02ea44a9bee35b63d1ab3e25b14f19a35a55
Certificate serial: 018570DE3A9DA588CBB84F7636FA585AF1DC
Authority key identifier: F1:BD:02:EA:44:A9:BE:E3:5B:63:D1:AB:3E:25:B1:4F:19:A3:5A:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8b0C6kSpvuNbY9GrPiWxTxmjWlU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/dHRxWYZS_rtFpkpuQalxSVxXI-k.roa
Signing time: Mon 02 Jan 2023 05:04:50 +0000
ROA not before: Mon 02 Jan 2023 05:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41436
IP address blocks: 185.167.98.0/24 maxlen: 24
185.167.96.0/24 maxlen: 24
185.167.97.0/24 maxlen: 24
185.167.99.0/24 maxlen: 24
185.229.225.0/24 maxlen: 24
185.229.224.0/24 maxlen: 24
185.229.227.0/24 maxlen: 24
113.30.188.0/24 maxlen: 24
113.30.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:3a:9d:a5:88:cb:b8:4f:76:36:fa:58:5a:f1:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1bd02ea44a9bee35b63d1ab3e25b14f19a35a55
Validity
Not Before: Jan 2 05:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=747471598652febb45a64a6e41a971495c5723e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ef:0a:69:d4:6e:b1:86:65:9d:aa:80:9b:7d:
8c:15:e1:45:ea:db:16:af:8a:48:02:1e:fb:aa:b0:
fc:77:1e:47:a2:32:b0:a2:59:2e:d1:66:cf:17:e9:
33:b4:0d:4f:ce:c4:da:7d:d8:79:0f:ef:57:5f:26:
42:a6:c3:32:a2:82:ef:00:35:44:cc:bc:15:2e:ba:
fc:eb:92:ba:20:57:31:09:25:e1:fe:fd:b5:bb:7c:
e5:06:4f:c5:ce:b0:a2:60:94:b5:55:fd:36:28:a3:
35:8b:9d:c8:50:c2:ff:04:ae:32:af:ab:09:6e:0d:
91:45:00:fb:85:0d:ca:37:21:4d:21:4a:90:2f:ab:
f5:d5:dd:3d:80:16:ba:c4:55:a3:60:fc:6a:13:66:
82:b6:43:bd:3c:e0:a6:f1:54:47:5b:d5:b8:db:bc:
fe:36:90:0d:3b:9c:2c:1f:bb:90:c7:6d:db:15:d4:
e9:36:6b:d3:7e:c6:ab:18:7f:2b:88:ef:23:e1:c4:
08:4a:d4:97:2a:24:2f:2b:61:4f:5b:8e:e7:8b:f4:
c4:42:d1:ab:fa:13:a9:d1:82:9b:a9:82:23:08:ce:
eb:d0:0b:61:b8:95:be:73:14:91:16:1b:99:0b:a5:
76:86:83:b4:6e:43:ef:9e:5b:ea:56:09:62:81:40:
d1:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:74:71:59:86:52:FE:BB:45:A6:4A:6E:41:A9:71:49:5C:57:23:E9
X509v3 Authority Key Identifier:
keyid:F1:BD:02:EA:44:A9:BE:E3:5B:63:D1:AB:3E:25:B1:4F:19:A3:5A:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b0C6kSpvuNbY9GrPiWxTxmjWlU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/dHRxWYZS_rtFpkpuQalxSVxXI-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/8b0C6kSpvuNbY9GrPiWxTxmjWlU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
113.30.188.0/23
185.167.96.0/22
185.229.224.0/23
185.229.227.0/24
Signature Algorithm: sha256WithRSAEncryption
45:03:1c:53:36:1c:c1:bb:ca:f5:b4:83:70:31:8a:28:2b:39:
78:01:79:b5:fb:eb:36:9e:5c:25:b8:41:2d:ca:c4:86:18:c7:
77:30:21:e3:59:f8:ff:6f:7a:47:dd:ba:e6:98:d6:8c:d5:8c:
32:f5:34:5d:f4:ec:0f:ea:24:b6:5f:35:3c:ae:ab:5c:c9:4b:
e7:e4:09:82:97:1a:b9:3a:e7:79:56:d4:6c:09:40:eb:aa:e4:
d3:58:5f:34:70:04:e1:bf:1f:c8:8d:98:60:86:1e:ee:07:cd:
27:92:3d:6c:32:b7:1a:4a:af:f8:f8:4d:3a:fb:9b:85:50:77:
95:81:db:22:dc:53:87:4f:4d:ef:c8:5e:14:98:5b:c7:65:43:
a9:3d:41:03:64:75:36:0e:62:16:de:16:63:34:ff:45:a3:9e:
02:7a:03:3e:00:29:e2:31:02:a1:9e:b2:06:8e:55:2b:da:c3:
bd:4a:d7:44:69:02:c7:4c:27:1b:07:e0:5b:9b:70:49:77:b8:
33:41:9b:f8:2b:91:11:78:1f:fb:89:18:dd:49:93:90:d0:ec:
41:ef:39:1f:60:54:47:7a:e9:12:3e:99:69:74:5c:6e:ed:d3:
f1:9a:75:91:19:a1:dc:34:43:91:28:cb:9a:d3:10:19:71:f5:
c6:98:3f:68
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVw3jqdpYjLuE92NvpYWvHcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxYmQwMmVhNDRhOWJlZTM1YjYzZDFhYjNlMjViMTRmMTlh
MzVhNTUwHhcNMjMwMTAyMDUwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDc0NzE1OTg2NTJmZWJiNDVhNjRhNmU0MWE5NzE0OTVjNTcyM2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtO8KadRusYZlnaqAm32MFeFF6tsW
r4pIAh77qrD8dx5HojKwolku0WbPF+kztA1PzsTafdh5D+9XXyZCpsMyooLvADVE
zLwVLrr865K6IFcxCSXh/v21u3zlBk/FzrCiYJS1Vf02KKM1i53IUML/BK4yr6sJ
bg2RRQD7hQ3KNyFNIUqQL6v11d09gBa6xFWjYPxqE2aCtkO9POCm8VRHW9W427z+
NpANO5wsH7uQx23bFdTpNmvTfsarGH8riO8j4cQIStSXKiQvK2FPW47ni/TEQtGr
+hOp0YKbqYIjCM7r0AthuJW+cxSRFhuZC6V2hoO0bkPvnlvqVgligUDRtwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHR0cVmGUv67RaZKbkGpcUlcVyPpMB8GA1UdIwQY
MBaAFPG9AupEqb7jW2PRqz4lsU8Zo1pVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGIwQzZrU3B2dU5iWTlHclBpV3hUeG1qV2xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9iNjliYmEtNzIwMC00ZjUyLWI2MzEt
ZmUwYTY1OGQ5ZGVkLzEvZEhSeFdZWlNfcnRGcGtwdVFhbHhTVnhYSS1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9iNjliYmEtNzIwMC00ZjUyLWI2MzEtZmUwYTY1OGQ5ZGVk
LzEvOGIwQzZrU3B2dU5iWTlHclBpV3hUeG1qV2xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBcR68AwQC
uadgAwQBueXgAwQAueXjMA0GCSqGSIb3DQEBCwUAA4IBAQBFAxxTNhzBu8r1tINw
MYooKzl4AXm1++s2nlwluEEtysSGGMd3MCHjWfj/b3pH3brmmNaM1Ywy9TRd9OwP
6iS2XzU8rqtcyUvn5AmClxq5Oud5VtRsCUDrquTTWF80cAThvx/IjZhghh7uB80n
kj1sMrcaSq/4+E06+5uFUHeVgdsi3FOHT03vyF4UmFvHZUOpPUEDZHU2DmIW3hZj
NP9Fo54CegM+ACniMQKhnrIGjlUr2sO9StdEaQLHTCcbB+Bbm3BJd7gzQZv4K5ER
eB/7iRjdSZOQ0OxB7zkfYFRHeukSPplpdFxu7dPxmnWRGaHcNEORKMua0xAZcfXG
mD9o
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:14 2024 by rpki-client on console-ams.rpki-client.org