Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/0FKhVhAow14sa58JpowTK-O3YXQ.roa
File: 0FKhVhAow14sa58JpowTK-O3YXQ.roa (raw, json)
Hash identifier: 1u/PqmPBZSvmpSebdw+SZZQjCq9rbAcdlXCt4tWqalg=
Subject key identifier: D0:52:A1:56:10:28:C3:5E:2C:6B:9F:09:A6:8C:13:2B:E3:B7:61:74
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018CCA2A71EB612C39DD9504EBC9A82E784D
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/0FKhVhAow14sa58JpowTK-O3YXQ.roa
Signing time: Tue 02 Jan 2024 12:33:48 +0000
ROA not before: Tue 02 Jan 2024 12:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 134413
IP address blocks: 185.248.186.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:71:eb:61:2c:39:dd:95:04:eb:c9:a8:2e:78:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 12:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d052a1561028c35e2c6b9f09a68c132be3b76174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:97:f8:f4:b7:3f:fb:31:54:c7:e0:4a:be:08:
1c:fd:86:0d:f8:1a:cc:74:8a:e0:bd:9e:55:ef:74:
ca:a4:2f:6f:35:72:3f:cd:34:bf:81:a8:2d:3c:d2:
1c:59:5c:26:d6:ec:f1:b0:9b:5c:e1:a0:de:61:da:
d6:b4:c3:96:8b:8f:27:12:6e:67:33:41:78:3e:43:
df:fc:45:92:51:72:bd:b9:35:dc:5f:79:32:c3:46:
40:0a:c0:15:9e:bc:8d:61:7b:4a:1e:2e:06:31:7e:
6b:41:be:c4:08:7c:52:21:02:49:bd:99:4c:26:7f:
bc:fc:ba:31:37:f0:c2:ae:e3:f6:60:90:f6:d1:0a:
11:a6:0b:ee:92:71:34:86:6c:9b:71:b2:0d:e2:39:
39:ac:f3:02:3e:62:37:6d:e5:6c:da:1b:bf:82:ca:
e3:a5:00:d0:2a:99:78:8c:33:a7:21:57:ac:a2:8d:
8d:0f:90:f9:71:4f:3c:1a:4b:94:91:d1:f4:10:87:
b5:40:fc:1d:d0:77:e1:d6:8d:27:75:8e:da:ed:d3:
86:2b:7a:73:1f:7b:3b:f2:e4:4f:80:a2:05:c0:93:
b8:d4:48:55:28:02:5c:91:03:cb:a6:34:90:f3:ac:
03:ab:66:29:58:b0:8d:8d:9a:b7:10:4c:28:f9:95:
35:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:52:A1:56:10:28:C3:5E:2C:6B:9F:09:A6:8C:13:2B:E3:B7:61:74
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/0FKhVhAow14sa58JpowTK-O3YXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.186.0/23
Signature Algorithm: sha256WithRSAEncryption
a9:73:b4:4c:c6:95:69:c8:4a:97:c3:3c:23:32:99:bd:fd:1d:
3b:cc:f0:43:be:9f:57:a7:3e:79:13:82:72:6a:36:8a:79:9b:
98:37:b7:d5:1f:8a:67:1f:81:61:e0:29:71:ad:58:d6:b4:a3:
83:07:c1:4b:69:7d:f8:5f:c7:b0:aa:bf:a4:d2:93:9d:db:0a:
e8:76:f3:14:25:e4:76:ae:99:f7:a4:46:c3:97:7d:56:0c:ca:
34:01:95:36:90:75:e3:cf:3b:2c:4d:ae:b6:e0:f3:e7:c4:5e:
f5:0f:34:92:ad:f0:a2:6b:15:e3:36:4b:f5:e6:9a:15:6a:08:
aa:ee:a4:ab:96:2b:e6:86:d6:ae:33:e9:ff:a8:4a:c7:ce:f0:
f4:f7:c7:90:cf:75:6f:ea:1c:85:4b:98:d1:8e:64:c3:c7:af:
4d:a3:6a:a7:98:c6:f4:d1:52:45:0c:b0:6f:bf:20:eb:0d:88:
53:62:f1:fe:2d:f0:8f:1d:15:57:c2:c0:da:e2:ed:9c:d9:f5:
3e:6d:14:92:38:ca:cd:7c:a0:3a:d6:01:9c:3a:fc:7a:bf:6f:
26:47:22:5c:44:da:ef:ed:06:42:b5:a1:a8:fc:3c:36:6c:4c:
3f:fe:13:09:23:0d:f9:78:bf:be:0c:b5:f2:d7:a4:a3:0f:23:
35:51:d7:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKnHrYSw53ZUE68moLnhNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwMTAyMTIzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDUyYTE1NjEwMjhjMzVlMmM2YjlmMDlhNjhjMTMyYmUzYjc2MTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgpf49Lc/+zFUx+BKvggc/YYN+BrM
dIrgvZ5V73TKpC9vNXI/zTS/gagtPNIcWVwm1uzxsJtc4aDeYdrWtMOWi48nEm5n
M0F4PkPf/EWSUXK9uTXcX3kyw0ZACsAVnryNYXtKHi4GMX5rQb7ECHxSIQJJvZlM
Jn+8/LoxN/DCruP2YJD20QoRpgvuknE0hmybcbIN4jk5rPMCPmI3beVs2hu/gsrj
pQDQKpl4jDOnIVesoo2ND5D5cU88GkuUkdH0EIe1QPwd0Hfh1o0ndY7a7dOGK3pz
H3s78uRPgKIFwJO41EhVKAJckQPLpjSQ86wDq2YpWLCNjZq3EEwo+ZU1PwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNBSoVYQKMNeLGufCaaMEyvjt2F0MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvMEZLaFZoQW93MTRzYTU4SnBvd1RLLU8zWVhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBufi6MA0G
CSqGSIb3DQEBCwUAA4IBAQCpc7RMxpVpyEqXwzwjMpm9/R07zPBDvp9Xpz55E4Jy
ajaKeZuYN7fVH4pnH4Fh4ClxrVjWtKODB8FLaX34X8ewqr+k0pOd2wrodvMUJeR2
rpn3pEbDl31WDMo0AZU2kHXjzzssTa624PPnxF71DzSSrfCiaxXjNkv15poVagiq
7qSrlivmhtauM+n/qErHzvD098eQz3Vv6hyFS5jRjmTDx69No2qnmMb00VJFDLBv
vyDrDYhTYvH+LfCPHRVXwsDa4u2c2fU+bRSSOMrNfKA61gGcOvx6v28mRyJcRNrv
7QZCtaGo/Dw2bEw//hMJIw35eL++DLXy16SjDyM1UddB
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:36:55 2025 by rpki-client