Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/kUs8UVQKcpWkGWDky6F9tchkb0I.roa
File: kUs8UVQKcpWkGWDky6F9tchkb0I.roa (raw, json)
Hash identifier: OHn+4VbShVfhHbgfjP4Tg/NMciZqZaw/1u6iFgBG2V8=
Subject key identifier: 91:4B:3C:51:54:0A:72:95:A4:19:60:E4:CB:A1:7D:B5:C8:64:6F:42
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 018F578F3FB6FEC33B7C6055B4F600D106C1
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/kUs8UVQKcpWkGWDky6F9tchkb0I.roa
Signing time: Wed 08 May 2024 09:35:56 +0000
ROA not before: Wed 08 May 2024 09:35:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47589
IP address blocks: 148.253.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Jul 2024 08:58:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:57:8f:3f:b6:fe:c3:3b:7c:60:55:b4:f6:00:d1:06:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: May 8 09:35:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=914b3c51540a7295a41960e4cba17db5c8646f42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:65:68:0c:cb:b1:98:5d:d0:5d:d6:46:77:82:
29:bb:4b:41:c8:c3:64:db:ab:23:b8:b4:77:0c:5d:
87:33:89:fa:e6:b7:a0:77:79:e8:56:f2:69:0b:d9:
a0:41:bb:9f:b9:9c:73:35:c7:84:ec:ae:db:ce:7f:
db:53:d1:1c:76:b5:ea:6d:12:a0:21:57:48:56:83:
87:3e:f1:97:d7:34:bb:a8:1f:94:20:80:89:48:d1:
6b:50:57:d1:c7:ba:90:63:06:a7:d2:de:3b:b2:3e:
25:fb:ef:79:f1:aa:25:0b:c3:3d:4d:09:0a:fa:fe:
2a:ff:98:f7:82:74:71:02:14:92:86:92:f3:e0:fe:
4a:b9:18:80:df:85:41:ac:af:94:a9:17:1d:10:5f:
02:0e:6d:72:70:a8:b3:06:92:f7:7c:f2:69:ed:a5:
a3:b0:70:a3:38:2a:c9:66:98:e6:7b:1a:35:e9:7c:
3e:25:6f:02:78:e7:fe:1d:63:85:f0:ff:b9:94:14:
e1:10:0e:a3:8f:f2:85:e2:9b:4b:cc:59:8f:59:98:
d4:ec:a9:cf:7f:59:13:c9:71:94:95:ac:f3:c7:6f:
90:f6:82:8d:db:cb:4d:a8:2e:c6:e3:0d:20:93:7d:
a4:87:f8:bb:18:de:84:6f:53:bf:e1:78:20:42:c6:
73:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:4B:3C:51:54:0A:72:95:A4:19:60:E4:CB:A1:7D:B5:C8:64:6F:42
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/kUs8UVQKcpWkGWDky6F9tchkb0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.253.47.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:e4:ca:65:7a:fb:3a:c8:49:9b:8e:dc:0a:5c:e4:ba:7d:1b:
34:a3:31:00:67:1a:81:ed:e7:1a:f4:b9:7c:c5:9e:8f:1f:8b:
8e:fb:22:37:57:1f:4d:57:e4:58:44:4d:4e:04:b8:0e:36:55:
b7:5b:09:57:cc:12:b3:fc:94:47:ad:ae:55:ae:99:58:8b:76:
5c:96:67:5e:5c:98:b9:5e:f7:9c:fa:2d:77:74:da:bb:9f:9e:
c3:8c:91:75:19:ee:81:09:58:a9:07:15:93:28:44:28:99:70:
b5:3d:dc:90:e6:ae:cf:5c:42:2c:4b:59:a4:c2:5d:af:f6:80:
53:7e:e0:f7:fd:50:96:ea:91:06:f8:6a:77:c1:58:e4:df:1e:
bb:61:cc:3e:6a:24:0c:be:50:f8:86:cc:36:0e:9b:ff:cd:e0:
af:0b:07:76:19:2b:51:f7:6f:8b:4a:7f:69:d7:3b:82:f1:51:
5c:46:d5:3a:f9:f3:a4:fe:fd:ae:dc:29:f3:3d:8e:da:c4:7d:
c7:8c:b0:d9:2a:8d:27:b0:9a:d5:25:47:4d:b9:40:91:40:63:
82:1b:12:31:53:eb:1a:b9:83:4a:b1:cb:5a:55:b7:67:0b:0f:
37:a8:e6:38:ea:12:19:bd:6b:05:0e:c2:9d:81:e5:56:3b:ab:
55:01:2c:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9Xjz+2/sM7fGBVtPYA0QbBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjQwNTA4MDkzNTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTRiM2M1MTU0MGE3Mjk1YTQxOTYwZTRjYmExN2RiNWM4NjQ2ZjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WVoDMuxmF3QXdZGd4Ipu0tByMNk
26sjuLR3DF2HM4n65regd3noVvJpC9mgQbufuZxzNceE7K7bzn/bU9EcdrXqbRKg
IVdIVoOHPvGX1zS7qB+UIICJSNFrUFfRx7qQYwan0t47sj4l++958aolC8M9TQkK
+v4q/5j3gnRxAhSShpLz4P5KuRiA34VBrK+UqRcdEF8CDm1ycKizBpL3fPJp7aWj
sHCjOCrJZpjmexo16Xw+JW8CeOf+HWOF8P+5lBThEA6jj/KF4ptLzFmPWZjU7KnP
f1kTyXGUlazzx2+Q9oKN28tNqC7G4w0gk32kh/i7GN6Eb1O/4XggQsZzQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJFLPFFUCnKVpBlg5MuhfbXIZG9CMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEva1VzOFVWUUtjcFdrR1dEa3k2Rjl0Y2hrYjBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAlP0vMA0G
CSqGSIb3DQEBCwUAA4IBAQCn5Mplevs6yEmbjtwKXOS6fRs0ozEAZxqB7eca9Ll8
xZ6PH4uO+yI3Vx9NV+RYRE1OBLgONlW3WwlXzBKz/JRHra5VrplYi3ZclmdeXJi5
Xvec+i13dNq7n57DjJF1Ge6BCVipBxWTKEQomXC1PdyQ5q7PXEIsS1mkwl2v9oBT
fuD3/VCW6pEG+Gp3wVjk3x67Ycw+aiQMvlD4hsw2Dpv/zeCvCwd2GStR92+LSn9p
1zuC8VFcRtU6+fOk/v2u3CnzPY7axH3HjLDZKo0nsJrVJUdNuUCRQGOCGxIxU+sa
uYNKsctaVbdnCw83qOY46hIZvWsFDsKdgeVWO6tVASzj
-----END CERTIFICATE-----
Generated at Tue Jul 9 10:17:55 2024 by rpki-client on console-fra.rpki-client.org