Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/72f6cf-9bd4-467a-a92a-5a64a5fc8a64/1/ObPdJ3d1LLuOETcktARfpPtlpdQ.roa
File: ObPdJ3d1LLuOETcktARfpPtlpdQ.roa (raw, json)
Hash identifier: ShGTldgOzQo1kyE12GKOhTONV8R/n5g9ExDmnr3O568=
Subject key identifier: 39:B3:DD:27:77:75:2C:BB:8E:11:37:24:B4:04:5F:A4:FB:65:A5:D4
Certificate issuer: /CN=61a5d217759e861696fc77ed9aa63b94edb3be7d
Certificate serial: 01856F8B7B1599603EAAF6134501557EFBDB
Authority key identifier: 61:A5:D2:17:75:9E:86:16:96:FC:77:ED:9A:A6:3B:94:ED:B3:BE:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YaXSF3WehhaW_HftmqY7lO2zvn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/72f6cf-9bd4-467a-a92a-5a64a5fc8a64/1/ObPdJ3d1LLuOETcktARfpPtlpdQ.roa
Signing time: Sun 01 Jan 2023 22:54:50 +0000
ROA not before: Sun 01 Jan 2023 22:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60632
IP address blocks: 185.27.248.0/24 maxlen: 24
185.27.251.0/24 maxlen: 24
185.27.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:7b:15:99:60:3e:aa:f6:13:45:01:55:7e:fb:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61a5d217759e861696fc77ed9aa63b94edb3be7d
Validity
Not Before: Jan 1 22:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39b3dd2777752cbb8e113724b4045fa4fb65a5d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:10:5d:81:8b:42:38:08:fc:39:cf:cb:c5:57:
4f:40:fd:25:31:7c:d8:da:94:ae:7a:e3:59:fc:95:
94:f2:34:86:87:86:9f:b4:ca:c7:c4:a3:b7:9e:b6:
b1:cc:66:66:84:95:ed:7d:19:42:a8:1d:f8:b9:2c:
4d:5c:f5:90:cc:4d:a2:00:6c:c5:09:8a:31:b9:db:
a3:82:5c:b4:86:b2:9d:33:14:a0:a1:d3:27:c8:07:
7f:e8:84:39:4b:2d:10:e6:59:63:79:49:ec:93:3e:
9f:38:fc:2c:c6:04:52:88:59:9a:55:b4:72:50:b9:
83:4e:d2:1f:f4:83:d4:f0:ba:32:34:0d:d0:f4:bd:
17:dd:32:81:2b:fe:69:c9:af:bf:fd:d2:ef:77:14:
9d:2c:d5:73:7f:8c:41:73:1e:f3:76:4f:36:d5:63:
8c:51:d2:7d:c1:75:c4:f5:35:5f:1d:5d:e6:ec:1a:
57:a2:c4:53:ff:05:d2:38:67:87:3b:22:d5:d0:5f:
6d:14:92:ee:43:7e:0b:8c:03:8e:a6:65:50:52:96:
80:8e:81:29:51:3a:e6:a8:c6:af:2d:82:22:97:5c:
1e:8f:b8:7b:04:d2:d3:4a:e8:f4:6a:f7:4a:b3:29:
c0:44:4d:41:3e:83:18:0d:0c:be:ee:db:02:2c:0d:
21:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:B3:DD:27:77:75:2C:BB:8E:11:37:24:B4:04:5F:A4:FB:65:A5:D4
X509v3 Authority Key Identifier:
keyid:61:A5:D2:17:75:9E:86:16:96:FC:77:ED:9A:A6:3B:94:ED:B3:BE:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YaXSF3WehhaW_HftmqY7lO2zvn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/72f6cf-9bd4-467a-a92a-5a64a5fc8a64/1/ObPdJ3d1LLuOETcktARfpPtlpdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/72f6cf-9bd4-467a-a92a-5a64a5fc8a64/1/YaXSF3WehhaW_HftmqY7lO2zvn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.248.0/24
185.27.250.0/23
Signature Algorithm: sha256WithRSAEncryption
89:cb:ae:c5:9c:d9:8c:eb:93:4f:e5:0a:e6:e7:3a:81:a5:ac:
52:c1:bc:cf:d6:24:7c:4b:7b:35:fb:a3:98:c1:86:a5:ad:74:
0c:23:ea:9a:bd:f0:ca:72:85:7f:7a:ec:61:91:37:59:e3:22:
e7:33:5a:4e:6f:93:8f:d6:b7:02:a9:e1:c2:04:14:e9:2e:6f:
46:f2:c9:1c:93:32:3a:62:16:17:a8:75:2a:f4:1f:6e:c1:b1:
7b:be:57:fe:6f:a2:64:09:95:d6:21:9c:05:a8:79:84:25:58:
69:27:a7:53:05:59:ee:7b:b7:e8:67:cc:10:2f:09:cf:18:46:
aa:24:e4:89:ba:f2:ed:25:ec:5f:a8:0b:5e:4b:b4:ad:96:bf:
87:e6:cf:b9:04:13:5d:b8:90:23:64:90:36:2f:08:02:64:30:
ff:c3:37:56:e1:d8:98:44:f1:08:21:29:16:98:ee:ba:1a:06:
b5:5b:68:8b:11:0d:b8:25:0e:3c:1e:5d:d4:7b:26:44:ea:55:
6b:f5:50:35:59:23:72:da:65:ea:16:46:f7:e0:72:5e:55:a2:
24:eb:e4:6e:c2:fa:b8:99:79:35:ae:8b:53:01:ea:f7:0c:27:
17:f9:c0:db:8d:ae:86:6f:ac:fe:bf:f1:e4:c8:07:dd:41:73:
02:ff:30:01
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvi3sVmWA+qvYTRQFVfvvbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYTVkMjE3NzU5ZTg2MTY5NmZjNzdlZDlhYTYzYjk0ZWRi
M2JlN2QwHhcNMjMwMTAxMjI1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWIzZGQyNzc3NzUyY2JiOGUxMTM3MjRiNDA0NWZhNGZiNjVhNWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixBdgYtCOAj8Oc/LxVdPQP0lMXzY
2pSueuNZ/JWU8jSGh4aftMrHxKO3nraxzGZmhJXtfRlCqB34uSxNXPWQzE2iAGzF
CYoxudujgly0hrKdMxSgodMnyAd/6IQ5Sy0Q5lljeUnskz6fOPwsxgRSiFmaVbRy
ULmDTtIf9IPU8LoyNA3Q9L0X3TKBK/5pya+//dLvdxSdLNVzf4xBcx7zdk821WOM
UdJ9wXXE9TVfHV3m7BpXosRT/wXSOGeHOyLV0F9tFJLuQ34LjAOOpmVQUpaAjoEp
UTrmqMavLYIil1wej7h7BNLTSuj0avdKsynARE1BPoMYDQy+7tsCLA0hTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDmz3Sd3dSy7jhE3JLQEX6T7ZaXUMB8GA1UdIwQY
MBaAFGGl0hd1noYWlvx37ZqmO5Tts759MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWFYU0YzV2VoaGFXX0hmdG1xWTdsTzJ6dm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS83MmY2Y2YtOWJkNC00NjdhLWE5MmEt
NWE2NGE1ZmM4YTY0LzEvT2JQZEozZDFMTHVPRVRja3RBUmZwUHRscGRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS83MmY2Y2YtOWJkNC00NjdhLWE5MmEtNWE2NGE1ZmM4YTY0
LzEvWWFYU0YzV2VoaGFXX0hmdG1xWTdsTzJ6dm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuRv4AwQB
uRv6MA0GCSqGSIb3DQEBCwUAA4IBAQCJy67FnNmM65NP5Qrm5zqBpaxSwbzP1iR8
S3s1+6OYwYalrXQMI+qavfDKcoV/euxhkTdZ4yLnM1pOb5OP1rcCqeHCBBTpLm9G
8skckzI6YhYXqHUq9B9uwbF7vlf+b6JkCZXWIZwFqHmEJVhpJ6dTBVnue7foZ8wQ
LwnPGEaqJOSJuvLtJexfqAteS7Stlr+H5s+5BBNduJAjZJA2LwgCZDD/wzdW4diY
RPEIISkWmO66Gga1W2iLEQ24JQ48Hl3UeyZE6lVr9VA1WSNy2mXqFkb34HJeVaIk
6+Ruwvq4mXk1rotTAer3DCcX+cDbja6Gb6z+v/HkyAfdQXMC/zAB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:46 2024 by rpki-client on console-fra.rpki-client.org