Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d3df26-3db5-4539-8030-f2ce77e3191e/1/a8h1Df5U6YbGuDsSyWfxuaE70dM.roa
File: a8h1Df5U6YbGuDsSyWfxuaE70dM.roa (raw, json)
Hash identifier: I6fiqI3OfydmlzBFy62HnzjkeDYnHxFtdm+2etYbVtw=
Subject key identifier: 6B:C8:75:0D:FE:54:E9:86:C6:B8:3B:12:C9:67:F1:B9:A1:3B:D1:D3
Certificate issuer: /CN=4e2a299f182a1fd51d4b0362997af7aaae0d6be9
Certificate serial: 01856BEECD44923A7AD7752C168EFA846D9C
Authority key identifier: 4E:2A:29:9F:18:2A:1F:D5:1D:4B:03:62:99:7A:F7:AA:AE:0D:6B:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TiopnxgqH9UdSwNimXr3qq4Na-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d3df26-3db5-4539-8030-f2ce77e3191e/1/a8h1Df5U6YbGuDsSyWfxuaE70dM.roa
Signing time: Sun 01 Jan 2023 06:04:50 +0000
ROA not before: Sun 01 Jan 2023 06:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2072
IP address blocks: 185.4.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ee:cd:44:92:3a:7a:d7:75:2c:16:8e:fa:84:6d:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e2a299f182a1fd51d4b0362997af7aaae0d6be9
Validity
Not Before: Jan 1 06:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6bc8750dfe54e986c6b83b12c967f1b9a13bd1d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0f:ff:ec:09:8a:4f:65:64:00:d9:87:e7:5e:
0e:8a:63:44:7e:c9:98:23:56:d6:94:22:23:dd:3c:
ea:c6:74:60:34:0f:b7:ea:03:a0:cf:43:1f:c4:3a:
4b:4d:b0:6c:ad:d8:c4:0f:4b:04:8e:9b:da:fb:aa:
4a:ac:f3:43:83:97:4b:e4:42:de:6a:22:71:e6:b0:
56:e9:8a:fa:d1:3c:57:c3:bc:82:88:27:74:68:6c:
54:2d:ef:fd:76:b8:50:45:ac:7a:51:63:38:0e:27:
33:7d:85:fc:2e:1b:0d:4d:db:04:58:1b:a6:31:09:
39:5b:24:79:7b:36:d6:36:b0:28:3e:7c:5a:7f:c1:
34:fd:66:78:1c:2f:0b:ad:93:5f:68:81:6f:33:7d:
e6:ee:42:a4:22:f3:29:8f:67:e1:df:b4:91:40:1f:
b5:db:bf:8d:64:80:6d:66:76:d3:b5:54:65:9b:0e:
fe:69:e9:11:87:09:48:15:db:33:64:d5:76:9f:2c:
a5:ca:41:c6:b5:b9:a2:2f:ee:a1:44:1f:72:f4:c7:
88:6e:ff:b5:e3:0d:df:7e:9b:a8:5e:94:48:d8:f5:
ac:00:7a:99:30:93:4a:b5:67:92:6f:be:c1:0c:ec:
0b:ac:e4:74:54:2c:35:cc:7d:85:46:1a:2c:a2:2b:
c7:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:C8:75:0D:FE:54:E9:86:C6:B8:3B:12:C9:67:F1:B9:A1:3B:D1:D3
X509v3 Authority Key Identifier:
keyid:4E:2A:29:9F:18:2A:1F:D5:1D:4B:03:62:99:7A:F7:AA:AE:0D:6B:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TiopnxgqH9UdSwNimXr3qq4Na-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d3df26-3db5-4539-8030-f2ce77e3191e/1/a8h1Df5U6YbGuDsSyWfxuaE70dM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d3df26-3db5-4539-8030-f2ce77e3191e/1/TiopnxgqH9UdSwNimXr3qq4Na-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.251.0/24
Signature Algorithm: sha256WithRSAEncryption
61:87:68:d2:4b:5a:30:d3:fb:b4:98:5a:24:df:f0:59:0b:e7:
59:51:c5:c7:0b:f3:59:ed:22:f4:29:cd:5b:25:ba:d0:92:07:
bc:8e:8e:bb:59:69:f7:86:c7:ff:00:35:92:92:33:03:56:48:
83:6c:26:ec:d2:54:3c:e4:02:00:b4:54:e8:13:d7:8c:5c:66:
f4:e9:82:64:43:ef:be:e4:ac:af:48:21:b1:ee:70:34:03:52:
6d:6b:dc:c1:0b:ca:13:55:9b:02:2e:00:06:5b:3f:4c:e2:9a:
1d:33:66:65:00:f9:ad:bf:2e:5e:98:28:72:8a:1c:0d:d0:cf:
98:c1:ba:b4:71:6e:29:e6:dd:d9:86:b2:c1:34:f8:0f:1c:5d:
d0:c4:9d:cc:ec:98:42:f8:24:4e:bc:bb:9c:58:15:6b:62:41:
91:7f:4b:f1:e5:2b:e5:4c:45:c4:d2:b1:d7:ac:75:51:65:53:
eb:97:dd:88:43:58:bc:22:69:2f:75:33:5e:64:b3:0e:87:0d:
0a:f5:2e:5d:1c:0b:70:24:fb:94:34:ea:32:74:c0:7f:9b:4d:
67:26:2c:b4:62:4c:4b:90:f7:f7:ed:c1:68:ba:73:fc:e7:25:
6c:5d:fd:3d:0b:a0:03:7a:94:e2:0f:20:f5:52:95:35:41:ff:
ee:74:8b:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr7s1Ekjp613UsFo76hG2cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMmEyOTlmMTgyYTFmZDUxZDRiMDM2Mjk5N2FmN2FhYWUw
ZDZiZTkwHhcNMjMwMTAxMDYwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmM4NzUwZGZlNTRlOTg2YzZiODNiMTJjOTY3ZjFiOWExM2JkMWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Q//7AmKT2VkANmH514OimNEfsmY
I1bWlCIj3TzqxnRgNA+36gOgz0MfxDpLTbBsrdjED0sEjpva+6pKrPNDg5dL5ELe
aiJx5rBW6Yr60TxXw7yCiCd0aGxULe/9drhQRax6UWM4DiczfYX8LhsNTdsEWBum
MQk5WyR5ezbWNrAoPnxaf8E0/WZ4HC8LrZNfaIFvM33m7kKkIvMpj2fh37SRQB+1
27+NZIBtZnbTtVRlmw7+aekRhwlIFdszZNV2nyylykHGtbmiL+6hRB9y9MeIbv+1
4w3ffpuoXpRI2PWsAHqZMJNKtWeSb77BDOwLrOR0VCw1zH2FRhosoivHewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGvIdQ3+VOmGxrg7Esln8bmhO9HTMB8GA1UdIwQY
MBaAFE4qKZ8YKh/VHUsDYpl696quDWvpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGlvcG54Z3FIOVVkU3dOaW1YcjNxcTROYS1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kM2RmMjYtM2RiNS00NTM5LTgwMzAt
ZjJjZTc3ZTMxOTFlLzEvYThoMURmNVU2WWJHdURzU3lXZnh1YUU3MGRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kM2RmMjYtM2RiNS00NTM5LTgwMzAtZjJjZTc3ZTMxOTFl
LzEvVGlvcG54Z3FIOVVkU3dOaW1YcjNxcTROYS1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQT7MA0G
CSqGSIb3DQEBCwUAA4IBAQBhh2jSS1ow0/u0mFok3/BZC+dZUcXHC/NZ7SL0Kc1b
JbrQkge8jo67WWn3hsf/ADWSkjMDVkiDbCbs0lQ85AIAtFToE9eMXGb06YJkQ+++
5KyvSCGx7nA0A1Jta9zBC8oTVZsCLgAGWz9M4podM2ZlAPmtvy5emChyihwN0M+Y
wbq0cW4p5t3ZhrLBNPgPHF3QxJ3M7JhC+CROvLucWBVrYkGRf0vx5SvlTEXE0rHX
rHVRZVPrl92IQ1i8ImkvdTNeZLMOhw0K9S5dHAtwJPuUNOoydMB/m01nJiy0YkxL
kPf37cFounP85yVsXf09C6ADepTiDyD1UpU1Qf/udIuw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:23 2024 by rpki-client on console-ams.rpki-client.org