Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/3830c8-802f-4846-b6e5-1aadaba80072/1/VnXS8hdfC7tWEND-kZpw4EUK5Rs.roa
File: VnXS8hdfC7tWEND-kZpw4EUK5Rs.roa (raw, json)
Hash identifier: cJKBNSodrpgeZYSpX76c+OnAa2C+MXQcnQfrN/5c+Fk=
Subject key identifier: 56:75:D2:F2:17:5F:0B:BB:56:10:D0:FE:91:9A:70:E0:45:0A:E5:1B
Certificate issuer: /CN=b0e25bcc5530b6f46f3d11cb8113f219a46dfdab
Certificate serial: 0185719E7FE8FE37DE91C7B66F9A283ADA38
Authority key identifier: B0:E2:5B:CC:55:30:B6:F4:6F:3D:11:CB:81:13:F2:19:A4:6D:FD:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sOJbzFUwtvRvPRHLgRPyGaRt_as.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/3830c8-802f-4846-b6e5-1aadaba80072/1/VnXS8hdfC7tWEND-kZpw4EUK5Rs.roa
Signing time: Mon 02 Jan 2023 08:34:50 +0000
ROA not before: Mon 02 Jan 2023 08:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208869
IP address blocks: 185.248.146.0/24 maxlen: 24
2a12:6bc0::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9e:7f:e8:fe:37:de:91:c7:b6:6f:9a:28:3a:da:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0e25bcc5530b6f46f3d11cb8113f219a46dfdab
Validity
Not Before: Jan 2 08:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5675d2f2175f0bbb5610d0fe919a70e0450ae51b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:7e:c1:a6:27:1f:43:b2:c9:8b:bb:8e:6a:10:
27:01:1f:52:57:2e:05:48:b3:ed:9f:79:c8:4b:5b:
db:2b:09:09:18:ea:55:77:98:6b:a6:64:fc:2b:12:
95:73:82:2e:c4:50:a4:83:d7:62:3f:55:2d:19:6c:
69:7e:31:d5:dc:81:36:ef:b1:2b:08:01:7d:2f:7d:
ce:ce:73:36:b8:1a:33:2b:a1:89:c1:cd:73:05:4d:
9d:0d:25:fe:52:06:10:97:02:5c:63:b2:33:c6:aa:
59:95:01:92:ed:32:af:4a:69:2d:31:ce:1d:d0:89:
e0:b1:43:dc:22:3f:2f:0b:da:68:57:4e:bb:25:9c:
3d:59:10:4d:33:2a:58:a7:e8:0d:a2:06:6e:fd:28:
f2:2e:58:61:95:9c:3e:9f:23:e2:32:75:df:73:ff:
7f:c6:32:10:92:72:20:ed:fd:1a:01:a1:7f:c2:1a:
bd:5c:c1:ac:5b:bd:a0:02:b7:68:79:78:36:35:76:
4b:60:47:c5:45:c4:28:d3:b4:a0:e2:b1:7a:1c:e2:
9b:0e:7d:6f:fb:7e:9e:cd:aa:a0:29:2b:7a:a6:8b:
91:7f:e4:02:9a:ed:06:7a:6c:45:05:65:20:a9:30:
9e:4d:b6:c7:10:86:a6:a6:6c:87:d7:83:08:09:f9:
ee:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:75:D2:F2:17:5F:0B:BB:56:10:D0:FE:91:9A:70:E0:45:0A:E5:1B
X509v3 Authority Key Identifier:
keyid:B0:E2:5B:CC:55:30:B6:F4:6F:3D:11:CB:81:13:F2:19:A4:6D:FD:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sOJbzFUwtvRvPRHLgRPyGaRt_as.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/3830c8-802f-4846-b6e5-1aadaba80072/1/VnXS8hdfC7tWEND-kZpw4EUK5Rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/3830c8-802f-4846-b6e5-1aadaba80072/1/sOJbzFUwtvRvPRHLgRPyGaRt_as.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.146.0/24
IPv6:
2a12:6bc0::/29
Signature Algorithm: sha256WithRSAEncryption
84:59:01:c1:14:7c:6a:a9:fe:66:9f:5e:fc:7c:8a:19:a3:2f:
c1:90:7a:50:8f:a7:c3:12:3e:11:67:77:07:e3:4b:9e:83:e9:
8e:95:e7:32:ad:d8:8c:31:5a:d0:ba:d4:69:b1:f1:8d:cf:4a:
ef:d5:de:80:5e:e7:7b:36:cc:c5:73:f4:a0:e6:91:f8:80:b7:
d7:0f:4a:0e:bb:4c:0c:ae:82:15:12:27:da:83:54:36:6d:39:
12:20:45:7a:b5:d5:a0:09:e4:81:6d:40:ca:11:e6:81:f8:be:
48:17:55:28:b0:5b:b2:7a:c6:e3:73:ef:e5:e6:57:7f:81:62:
81:19:8b:c3:ab:06:da:b8:98:89:46:9d:97:39:42:3d:a6:3f:
9c:fe:68:3a:f8:bd:85:c8:2d:26:2c:ac:e0:cc:64:1c:f2:fd:
44:80:05:4a:ea:85:31:bb:b2:bf:78:ce:cc:8c:7c:d3:33:af:
82:f9:ad:9d:c8:32:9b:4c:cb:0f:e4:f7:16:c4:8e:36:09:a5:
9e:01:3e:27:2e:c2:ff:d3:e2:60:14:11:27:79:20:76:9a:9f:
00:0d:42:d1:eb:87:8a:d3:0c:d9:7d:71:63:22:7a:68:dd:88:
2e:f0:23:e5:61:75:61:98:4f:70:b3:59:7e:37:ec:80:c3:8b:
0f:5a:79:78
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxnn/o/jfekce2b5ooOto4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZTI1YmNjNTUzMGI2ZjQ2ZjNkMTFjYjgxMTNmMjE5YTQ2
ZGZkYWIwHhcNMjMwMTAyMDgzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Njc1ZDJmMjE3NWYwYmJiNTYxMGQwZmU5MTlhNzBlMDQ1MGFlNTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk37BpicfQ7LJi7uOahAnAR9SVy4F
SLPtn3nIS1vbKwkJGOpVd5hrpmT8KxKVc4IuxFCkg9diP1UtGWxpfjHV3IE277Er
CAF9L33OznM2uBozK6GJwc1zBU2dDSX+UgYQlwJcY7IzxqpZlQGS7TKvSmktMc4d
0IngsUPcIj8vC9poV067JZw9WRBNMypYp+gNogZu/SjyLlhhlZw+nyPiMnXfc/9/
xjIQknIg7f0aAaF/whq9XMGsW72gArdoeXg2NXZLYEfFRcQo07Sg4rF6HOKbDn1v
+36ezaqgKSt6pouRf+QCmu0GemxFBWUgqTCeTbbHEIampmyH14MICfnuUwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFZ10vIXXwu7VhDQ/pGacOBFCuUbMB8GA1UdIwQY
MBaAFLDiW8xVMLb0bz0Ry4ET8hmkbf2rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc09KYnpGVXd0dlJ2UFJITGdSUHlHYVJ0X2FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8zODMwYzgtODAyZi00ODQ2LWI2ZTUt
MWFhZGFiYTgwMDcyLzEvVm5YUzhoZGZDN3RXRU5ELWtacHc0RVVLNVJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8zODMwYzgtODAyZi00ODQ2LWI2ZTUtMWFhZGFiYTgwMDcy
LzEvc09KYnpGVXd0dlJ2UFJITGdSUHlHYVJ0X2FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAufiSMA0E
AgACMAcDBQMqEmvAMA0GCSqGSIb3DQEBCwUAA4IBAQCEWQHBFHxqqf5mn178fIoZ
oy/BkHpQj6fDEj4RZ3cH40ueg+mOlecyrdiMMVrQutRpsfGNz0rv1d6AXud7NszF
c/Sg5pH4gLfXD0oOu0wMroIVEifag1Q2bTkSIEV6tdWgCeSBbUDKEeaB+L5IF1Uo
sFuyesbjc+/l5ld/gWKBGYvDqwbauJiJRp2XOUI9pj+c/mg6+L2FyC0mLKzgzGQc
8v1EgAVK6oUxu7K/eM7MjHzTM6+C+a2dyDKbTMsP5PcWxI42CaWeAT4nLsL/0+Jg
FBEneSB2mp8ADULR64eK0wzZfXFjInpo3Ygu8CPlYXVhmE9ws1l+N+yAw4sPWnl4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:53 2024 by rpki-client on console-fra.rpki-client.org