Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/IFvO5DJfUX4xMVvy42Ax_Lq0fGQ.roa
File: IFvO5DJfUX4xMVvy42Ax_Lq0fGQ.roa (raw, json)
Hash identifier: kRXBnXlQcdQQ3x3aLMQ1IzAco6gVN0onz2hit26ivmU=
Subject key identifier: 20:5B:CE:E4:32:5F:51:7E:31:31:5B:F2:E3:60:31:FC:BA:B4:7C:64
Certificate issuer: /CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Certificate serial: 01887CF2E1715EB71D3E68D6C896D98C5A24
Authority key identifier: 37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/IFvO5DJfUX4xMVvy42Ax_Lq0fGQ.roa
Signing time: Fri 02 Jun 2023 16:31:12 +0000
ROA not before: Fri 02 Jun 2023 16:31:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198318
IP address blocks: 185.148.224.0/23 maxlen: 24
2a07:6200:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7c:f2:e1:71:5e:b7:1d:3e:68:d6:c8:96:d9:8c:5a:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Validity
Not Before: Jun 2 16:31:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=205bcee4325f517e31315bf2e36031fcbab47c64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:be:49:88:7d:f1:aa:f4:e0:ae:e7:c0:4a:e2:
f6:2c:51:dc:a2:13:a2:ee:42:5d:15:3b:b4:42:eb:
26:ee:86:12:68:dc:ed:c6:4d:c7:cc:5e:91:6d:2d:
e4:46:7a:0a:cc:dd:26:fa:c5:f6:29:9f:53:e5:85:
8a:73:f0:ae:4b:8d:93:93:78:98:17:ac:3e:aa:36:
20:e3:8f:21:b5:ac:d8:2d:bb:7c:f9:8e:a9:2c:b2:
1b:93:2d:ce:c4:bf:79:a4:81:bf:81:c3:89:c7:a0:
4d:c8:88:03:ac:8b:68:39:11:46:b1:6e:37:55:6e:
8a:81:c1:55:b7:66:29:64:de:4c:b4:46:3d:2d:6b:
78:ff:90:0e:fc:a4:cf:3f:33:dc:6e:df:72:50:bd:
fe:d3:b9:33:9a:38:83:9c:ee:cf:cc:75:41:d7:03:
7a:29:59:0b:bb:bc:c5:fa:19:13:02:8f:9e:13:4b:
a9:c0:6e:56:14:7a:ea:52:5b:01:b3:3d:35:ce:d7:
94:ba:11:74:b2:db:cd:9b:09:7a:8b:52:e8:0b:b8:
fa:58:0d:2c:5a:d0:54:e1:d8:74:74:71:c5:5c:c0:
75:45:d1:84:ad:b2:62:72:84:ab:e2:b6:e4:e2:e6:
6a:5e:76:f4:0e:b9:cb:6e:42:f7:03:e5:b0:26:85:
53:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:5B:CE:E4:32:5F:51:7E:31:31:5B:F2:E3:60:31:FC:BA:B4:7C:64
X509v3 Authority Key Identifier:
keyid:37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/IFvO5DJfUX4xMVvy42Ax_Lq0fGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.148.224.0/23
IPv6:
2a07:6200:1::/48
Signature Algorithm: sha256WithRSAEncryption
2f:d3:31:3e:f5:b7:70:41:c4:f0:a3:97:43:36:7a:81:e6:39:
ec:7f:97:ce:e3:13:7b:dc:9d:e0:c5:d0:23:95:42:06:62:50:
2f:af:46:d4:fd:13:4b:10:26:77:ac:4e:a8:f0:db:f1:38:e0:
18:35:14:2d:6e:b5:ce:6b:91:0f:8a:8c:14:4e:46:df:82:0e:
7a:73:c4:a9:7f:c0:d8:d5:eb:f9:3d:a1:49:a3:06:be:fe:56:
79:84:70:e9:2f:68:e3:91:d2:ee:0f:f6:0b:81:96:2e:9b:57:
d4:21:38:13:b0:12:1c:36:4c:2b:21:74:0d:60:d3:2d:ec:db:
6e:e3:21:c4:07:fc:30:bf:84:6b:b6:24:3e:27:b8:b6:36:42:
3e:02:f2:a2:4c:ad:e9:ef:20:89:d3:e4:8c:73:46:60:de:4c:
44:a8:f4:79:ed:24:e8:8f:07:51:cc:2c:4e:36:7e:38:b7:b4:
74:d5:fd:99:c7:2b:8d:5e:83:55:ec:89:63:d4:7b:4f:84:58:
33:cd:80:cf:66:37:64:c1:63:8f:e2:4a:be:a7:26:99:e0:5a:
5c:0f:d2:57:78:81:a1:dc:fa:c3:b0:e0:b4:49:2f:ba:15:f8:
0f:d0:28:6b:fa:d6:c3:b8:22:33:87:2a:60:18:2f:be:1d:04:
e4:30:c2:48
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYh88uFxXrcdPmjWyJbZjFokMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3OTQ5YWM4NGQwYjg2OTEwZjRmZDNjZjU5NjI5MjdkODM0
NTBhZWIwHhcNMjMwNjAyMTYzMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDViY2VlNDMyNWY1MTdlMzEzMTViZjJlMzYwMzFmY2JhYjQ3YzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo75JiH3xqvTgrufASuL2LFHcohOi
7kJdFTu0Qusm7oYSaNztxk3HzF6RbS3kRnoKzN0m+sX2KZ9T5YWKc/CuS42Tk3iY
F6w+qjYg448htazYLbt8+Y6pLLIbky3OxL95pIG/gcOJx6BNyIgDrItoORFGsW43
VW6KgcFVt2YpZN5MtEY9LWt4/5AO/KTPPzPcbt9yUL3+07kzmjiDnO7PzHVB1wN6
KVkLu7zF+hkTAo+eE0upwG5WFHrqUlsBsz01zteUuhF0stvNmwl6i1LoC7j6WA0s
WtBU4dh0dHHFXMB1RdGErbJicoSr4rbk4uZqXnb0DrnLbkL3A+WwJoVT+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCBbzuQyX1F+MTFb8uNgMfy6tHxkMB8GA1UdIwQY
MBaAFDeUmshNC4aRD0/Tz1likn2DRQrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgt
YTRkYjM5NmM4OTg3LzEvSUZ2TzVESmZVWDR4TVZ2eTQyQXhfTHEwZkdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgtYTRkYjM5NmM4OTg3
LzEvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuZTgMA8E
AgACMAkDBwAqB2IAAAEwDQYJKoZIhvcNAQELBQADggEBAC/TMT71t3BBxPCjl0M2
eoHmOex/l87jE3vcneDF0COVQgZiUC+vRtT9E0sQJnesTqjw2/E44Bg1FC1utc5r
kQ+KjBRORt+CDnpzxKl/wNjV6/k9oUmjBr7+VnmEcOkvaOOR0u4P9guBli6bV9Qh
OBOwEhw2TCshdA1g0y3s227jIcQH/DC/hGu2JD4nuLY2Qj4C8qJMrenvIInT5Ixz
RmDeTESo9HntJOiPB1HMLE42fji3tHTV/ZnHK41eg1XsiWPUe0+EWDPNgM9mN2TB
Y4/iSr6nJpngWlwP0ld4gaHc+sOw4LRJL7oV+A/QKGv61sO4IjOHKmAYL74dBOQw
wkg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:51 2024 by rpki-client on console-fra.rpki-client.org