Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/d88aae-68c3-4909-9f8a-07e83cd5b60d/1/duvbYRiPFvrft3wGkByNTOjKiIw.roa
File: duvbYRiPFvrft3wGkByNTOjKiIw.roa (raw, json)
Hash identifier: +TEphDcsF1EUCHJ1WvQRtPiHyqYzFXAH0eWKfDwhpvE=
Subject key identifier: 76:EB:DB:61:18:8F:16:FA:DF:B7:7C:06:90:1C:8D:4C:E8:CA:88:8C
Certificate issuer: /CN=3a3149da0a12bdbf1bef598b0463090780206ce0
Certificate serial: 018EC77672BFDA891FE845F9B4C6F01A3865
Authority key identifier: 3A:31:49:DA:0A:12:BD:BF:1B:EF:59:8B:04:63:09:07:80:20:6C:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OjFJ2goSvb8b71mLBGMJB4AgbOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/d88aae-68c3-4909-9f8a-07e83cd5b60d/1/duvbYRiPFvrft3wGkByNTOjKiIw.roa
Signing time: Wed 10 Apr 2024 10:03:32 +0000
ROA not before: Wed 10 Apr 2024 10:03:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5404
IP address blocks: 185.69.160.0/22 maxlen: 22
185.69.160.0/24 maxlen: 24
185.69.161.0/24 maxlen: 24
185.69.162.0/24 maxlen: 24
185.69.163.0/24 maxlen: 24
2a02:16a8::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 16 Apr 2024 12:22:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c7:76:72:bf:da:89:1f:e8:45:f9:b4:c6:f0:1a:38:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a3149da0a12bdbf1bef598b0463090780206ce0
Validity
Not Before: Apr 10 10:03:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76ebdb61188f16fadfb77c06901c8d4ce8ca888c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:10:92:6d:9c:54:eb:8d:55:8f:5e:8e:16:a3:
8a:5b:6a:5f:0b:48:1a:51:52:c9:87:41:58:3f:b2:
84:9e:7d:e6:1c:b5:7d:d1:3c:ce:1a:ff:9d:8b:31:
39:cc:82:4e:00:49:4b:1e:27:40:f9:68:1d:1d:c2:
93:f9:cd:d2:f0:c8:c5:1d:76:81:4a:66:d4:92:72:
ef:9f:c6:db:94:21:00:25:90:15:25:0d:34:eb:b9:
7b:d7:32:d0:0f:2a:8e:96:ce:e6:22:8e:00:51:8d:
13:ea:38:28:e0:a3:a7:ab:42:34:43:b2:5e:70:50:
95:96:73:d9:89:0f:30:de:ed:b1:f7:e4:c3:1d:22:
49:6e:0c:e9:dd:4c:c2:ff:7b:aa:bd:13:8a:f2:16:
6d:69:98:f2:e0:b2:14:b0:42:3f:1c:7d:b7:6b:37:
60:64:28:94:a2:90:a9:9b:ab:51:0c:b7:cc:01:ce:
eb:51:13:69:b3:f4:05:94:16:73:a2:7c:15:80:eb:
a8:56:65:f0:9c:49:28:d5:74:02:4d:9f:c2:0e:9c:
fc:7f:d5:40:f6:09:bf:b2:f9:da:b4:3d:a6:20:2b:
91:31:97:d6:79:52:f1:9f:11:89:6e:13:6a:5a:f0:
f0:e4:15:df:0d:5b:57:cb:e1:e8:b8:4a:9b:3d:b7:
66:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:EB:DB:61:18:8F:16:FA:DF:B7:7C:06:90:1C:8D:4C:E8:CA:88:8C
X509v3 Authority Key Identifier:
keyid:3A:31:49:DA:0A:12:BD:BF:1B:EF:59:8B:04:63:09:07:80:20:6C:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OjFJ2goSvb8b71mLBGMJB4AgbOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/d88aae-68c3-4909-9f8a-07e83cd5b60d/1/duvbYRiPFvrft3wGkByNTOjKiIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/d88aae-68c3-4909-9f8a-07e83cd5b60d/1/OjFJ2goSvb8b71mLBGMJB4AgbOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.160.0/22
IPv6:
2a02:16a8::/32
Signature Algorithm: sha256WithRSAEncryption
05:bd:6f:72:77:35:72:23:f6:81:60:fc:35:99:75:fa:c8:61:
8d:01:e1:0b:92:ce:90:68:f1:a4:66:ca:9d:04:13:d8:cb:1f:
30:fc:c8:6b:1c:d7:f2:59:db:bf:46:fe:28:52:df:ea:f5:5a:
cd:9c:b9:2e:46:f1:76:eb:13:57:f5:c2:05:bf:b2:59:b7:2f:
d7:53:2e:f8:e2:e9:27:36:70:f2:d6:7b:54:64:8b:bd:4b:a0:
65:31:98:26:b3:fc:df:47:0e:c7:32:d1:06:bf:f1:93:87:eb:
1e:36:96:58:e1:1f:b4:04:62:9a:42:3c:19:5c:d5:46:21:ae:
5d:65:93:e6:cf:ac:1b:d4:46:32:71:40:26:60:db:2b:88:0e:
fc:a6:8a:55:95:90:4c:3d:48:79:c0:c3:dd:82:31:b3:a8:85:
75:a4:0f:3c:10:85:63:88:9f:d3:7c:e2:3b:3d:fa:46:45:a0:
9d:30:35:18:23:ce:ff:76:77:01:96:39:38:31:89:9e:9d:d8:
b2:bb:31:d9:12:95:bb:5b:63:be:0c:f2:6d:62:72:d5:74:a9:
63:41:87:40:40:97:62:71:96:18:6e:de:63:f0:08:1b:90:3a:
9e:7a:26:0c:a1:be:46:12:a0:1e:49:24:7a:d7:e3:91:aa:82:
3f:9a:1e:b2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY7HdnK/2okf6EX5tMbwGjhlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMzE0OWRhMGExMmJkYmYxYmVmNTk4YjA0NjMwOTA3ODAy
MDZjZTAwHhcNMjQwNDEwMTAwMzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmViZGI2MTE4OGYxNmZhZGZiNzdjMDY5MDFjOGQ0Y2U4Y2E4ODhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhCSbZxU641Vj16OFqOKW2pfC0ga
UVLJh0FYP7KEnn3mHLV90TzOGv+dizE5zIJOAElLHidA+WgdHcKT+c3S8MjFHXaB
SmbUknLvn8bblCEAJZAVJQ0067l71zLQDyqOls7mIo4AUY0T6jgo4KOnq0I0Q7Je
cFCVlnPZiQ8w3u2x9+TDHSJJbgzp3UzC/3uqvROK8hZtaZjy4LIUsEI/HH23azdg
ZCiUopCpm6tRDLfMAc7rURNps/QFlBZzonwVgOuoVmXwnEko1XQCTZ/CDpz8f9VA
9gm/svnatD2mICuRMZfWeVLxnxGJbhNqWvDw5BXfDVtXy+HouEqbPbdmBwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHbr22EYjxb637d8BpAcjUzoyoiMMB8GA1UdIwQY
MBaAFDoxSdoKEr2/G+9ZiwRjCQeAIGzgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2pGSjJnb1N2YjhiNzFtTEJHTUpCNEFnYk9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9kODhhYWUtNjhjMy00OTA5LTlmOGEt
MDdlODNjZDViNjBkLzEvZHV2YllSaVBGdnJmdDN3R2tCeU5UT2pLaUl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9kODhhYWUtNjhjMy00OTA5LTlmOGEtMDdlODNjZDViNjBk
LzEvT2pGSjJnb1N2YjhiNzFtTEJHTUpCNEFnYk9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUWgMA0E
AgACMAcDBQAqAhaoMA0GCSqGSIb3DQEBCwUAA4IBAQAFvW9ydzVyI/aBYPw1mXX6
yGGNAeELks6QaPGkZsqdBBPYyx8w/MhrHNfyWdu/Rv4oUt/q9VrNnLkuRvF26xNX
9cIFv7JZty/XUy744uknNnDy1ntUZIu9S6BlMZgms/zfRw7HMtEGv/GTh+seNpZY
4R+0BGKaQjwZXNVGIa5dZZPmz6wb1EYycUAmYNsriA78popVlZBMPUh5wMPdgjGz
qIV1pA88EIVjiJ/TfOI7PfpGRaCdMDUYI87/dncBljk4MYmendiyuzHZEpW7W2O+
DPJtYnLVdKljQYdAQJdicZYYbt5j8AgbkDqeeiYMob5GEqAeSSR61+ORqoI/mh6y
-----END CERTIFICATE-----
Generated at Tue Apr 16 16:50:22 2024 by rpki-client on console-ams.rpki-client.org