Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/CO_9DCVqyHRNIWv0DZv1Wdd4HT4.roa
File: CO_9DCVqyHRNIWv0DZv1Wdd4HT4.roa (raw, json)
Hash identifier: p2EL/F16SBL0a5Dk/PHxCW3C/rF/CwT/zZ9ZGm47GBA=
Subject key identifier: 08:EF:FD:0C:25:6A:C8:74:4D:21:6B:F4:0D:9B:F5:59:D7:78:1D:3E
Certificate issuer: /CN=71949b47df313cbab9452da98fcc637608a909bd
Certificate serial: 018EBE53477E29ABE54584708037655B19E1
Authority key identifier: 71:94:9B:47:DF:31:3C:BA:B9:45:2D:A9:8F:CC:63:76:08:A9:09:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cZSbR98xPLq5RS2pj8xjdgipCb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/CO_9DCVqyHRNIWv0DZv1Wdd4HT4.roa
Signing time: Mon 08 Apr 2024 15:28:32 +0000
ROA not before: Mon 08 Apr 2024 15:28:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28742
IP address blocks: 185.158.28.0/24 maxlen: 24
185.158.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Apr 2024 18:57:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:be:53:47:7e:29:ab:e5:45:84:70:80:37:65:5b:19:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71949b47df313cbab9452da98fcc637608a909bd
Validity
Not Before: Apr 8 15:28:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08effd0c256ac8744d216bf40d9bf559d7781d3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:7f:7f:48:19:5c:31:8f:68:66:10:7a:b8:3e:
1c:2a:51:38:a3:5d:1f:55:14:47:5a:51:5d:70:d5:
6d:41:30:82:27:aa:cc:bc:80:25:19:c4:74:29:11:
c2:1c:5f:8b:3f:80:3b:32:74:15:b9:73:85:e2:de:
e5:96:de:21:1b:7a:cc:6e:1d:ea:f1:86:c0:5a:17:
8b:40:9f:f4:1d:c1:53:af:44:69:09:8e:f4:b4:c5:
bb:88:4b:dd:13:a7:70:9e:7f:22:2d:5b:c4:06:ff:
b2:99:33:56:e0:c9:d3:7f:41:69:95:e1:41:fc:c0:
4e:ec:00:62:d0:1e:5d:bf:2d:12:73:97:08:20:aa:
8d:93:35:ba:9e:b7:2e:48:93:7f:53:78:ac:22:2d:
57:b0:5c:bf:5c:8f:b0:5c:84:30:a4:2d:6b:ea:ad:
e1:5f:8a:d8:c3:23:ca:63:6a:5e:4b:8b:fb:40:90:
8d:a4:0d:df:d6:3c:55:bd:c0:95:d0:e9:be:11:9c:
ca:f4:27:64:22:6d:14:29:78:2f:11:9d:7a:ed:cb:
9f:a9:f9:83:3a:ad:40:e0:6f:7a:77:6d:f2:ac:f8:
97:fe:e3:9b:8a:29:35:d1:cf:ec:97:f4:f2:b0:c0:
d7:94:c7:f0:6d:7e:42:2a:6e:e2:b7:c6:0b:ba:6e:
ae:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:EF:FD:0C:25:6A:C8:74:4D:21:6B:F4:0D:9B:F5:59:D7:78:1D:3E
X509v3 Authority Key Identifier:
keyid:71:94:9B:47:DF:31:3C:BA:B9:45:2D:A9:8F:CC:63:76:08:A9:09:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cZSbR98xPLq5RS2pj8xjdgipCb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/CO_9DCVqyHRNIWv0DZv1Wdd4HT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/cZSbR98xPLq5RS2pj8xjdgipCb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.158.28.0/23
Signature Algorithm: sha256WithRSAEncryption
14:e5:e4:03:cd:1b:df:2a:b6:8e:a5:fc:ef:d0:95:ec:f1:8e:
6f:a0:df:27:ca:32:9b:c9:6b:9d:26:cf:6f:c8:8c:11:c4:61:
f3:0c:16:f4:1c:f7:f9:23:2f:0b:12:2e:15:f2:ba:42:b3:0b:
b4:d7:42:86:b2:35:31:9e:70:2a:ea:a0:f6:63:84:0c:3b:2d:
22:6c:b6:8b:03:a3:d7:f1:09:5d:25:14:44:d4:ac:ea:d5:2b:
9a:ec:80:7a:24:05:59:e7:41:1b:43:ce:35:cb:77:22:a5:93:
30:96:b2:6b:aa:d2:de:2e:4f:0f:b9:8e:2b:f0:db:6b:39:71:
73:98:df:35:70:28:41:e1:e7:6d:28:99:5b:ca:28:6c:c5:5e:
c0:40:87:81:3d:e7:c9:14:f4:1f:b0:0f:61:80:0c:c9:8e:7c:
82:18:0d:db:ed:a9:d5:35:30:d1:7e:c6:a1:f3:22:51:58:cf:
92:bd:5d:84:22:f2:0f:29:47:6c:67:92:ff:de:23:6a:34:a6:
e7:d2:3e:1c:6d:8a:74:2c:dc:14:3c:b5:f9:f8:81:5f:d3:e2:
b5:1b:6c:e3:b3:ba:82:9f:ce:ee:ac:8a:49:60:38:39:9a:10:
98:8f:93:ed:37:6d:1b:59:0b:f6:f8:10:66:df:2a:8f:43:2a:
a7:53:50:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6+U0d+KavlRYRwgDdlWxnhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxOTQ5YjQ3ZGYzMTNjYmFiOTQ1MmRhOThmY2M2Mzc2MDhh
OTA5YmQwHhcNMjQwNDA4MTUyODMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGVmZmQwYzI1NmFjODc0NGQyMTZiZjQwZDliZjU1OWQ3NzgxZDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgX9/SBlcMY9oZhB6uD4cKlE4o10f
VRRHWlFdcNVtQTCCJ6rMvIAlGcR0KRHCHF+LP4A7MnQVuXOF4t7llt4hG3rMbh3q
8YbAWheLQJ/0HcFTr0RpCY70tMW7iEvdE6dwnn8iLVvEBv+ymTNW4MnTf0FpleFB
/MBO7ABi0B5dvy0Sc5cIIKqNkzW6nrcuSJN/U3isIi1XsFy/XI+wXIQwpC1r6q3h
X4rYwyPKY2peS4v7QJCNpA3f1jxVvcCV0Om+EZzK9CdkIm0UKXgvEZ167cufqfmD
Oq1A4G96d23yrPiX/uObiik10c/sl/TysMDXlMfwbX5CKm7it8YLum6uqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAjv/Qwlash0TSFr9A2b9VnXeB0+MB8GA1UdIwQY
MBaAFHGUm0ffMTy6uUUtqY/MY3YIqQm9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1pTYlI5OHhQTHE1UlMycGo4eGpkZ2lwQ2IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iMzNhNzgtYTUxZS00NmU0LTg2NDgt
MDA2NmY1NDFmYWVhLzEvQ09fOURDVnF5SFJOSVd2MERadjFXZGQ0SFQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iMzNhNzgtYTUxZS00NmU0LTg2NDgtMDA2NmY1NDFmYWVh
LzEvY1pTYlI5OHhQTHE1UlMycGo4eGpkZ2lwQ2IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuZ4cMA0G
CSqGSIb3DQEBCwUAA4IBAQAU5eQDzRvfKraOpfzv0JXs8Y5voN8nyjKbyWudJs9v
yIwRxGHzDBb0HPf5Iy8LEi4V8rpCswu010KGsjUxnnAq6qD2Y4QMOy0ibLaLA6PX
8QldJRRE1Kzq1Sua7IB6JAVZ50EbQ841y3cipZMwlrJrqtLeLk8PuY4r8NtrOXFz
mN81cChB4edtKJlbyihsxV7AQIeBPefJFPQfsA9hgAzJjnyCGA3b7anVNTDRfsah
8yJRWM+SvV2EIvIPKUdsZ5L/3iNqNKbn0j4cbYp0LNwUPLX5+IFf0+K1G2zjs7qC
n87urIpJYDg5mhCYj5PtN20bWQv2+BBm3yqPQyqnU1D4
-----END CERTIFICATE-----
Generated at Tue Apr 23 22:12:09 2024 by rpki-client on console-ams.rpki-client.org