Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/2_Zi3Ina5kMKSOI72bqay99os_I.roa
File: 2_Zi3Ina5kMKSOI72bqay99os_I.roa (raw, json)
Hash identifier: hla5MldOAqeqlHdhBwjTkkuM2CR4N7gtT1SGlUAe2QQ=
Subject key identifier: DB:F6:62:DC:89:DA:E6:43:0A:48:E2:3B:D9:BA:9A:CB:DF:68:B3:F2
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 018CC94E733DD87ECA33D7CFE3265A8671DC
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/2_Zi3Ina5kMKSOI72bqay99os_I.roa
Signing time: Tue 02 Jan 2024 08:33:30 +0000
ROA not before: Tue 02 Jan 2024 08:33:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213323
IP address blocks: 185.248.139.0/24 maxlen: 24
2a0b:fb40::/46 maxlen: 46
Validation: Failed, certificate revoked on Thu 22 Feb 2024 09:15:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:73:3d:d8:7e:ca:33:d7:cf:e3:26:5a:86:71:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 2 08:33:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dbf662dc89dae6430a48e23bd9ba9acbdf68b3f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:15:92:7b:88:32:60:e5:1f:ca:88:64:97:16:
eb:56:1f:5c:fb:16:ea:52:ff:f9:b2:54:95:07:b7:
aa:60:dc:45:a4:c6:3d:bc:bd:a0:32:4f:81:ef:d3:
2b:a9:df:61:1a:b4:f1:45:09:0c:4a:ed:82:28:5d:
27:f1:dd:9f:f1:d9:20:c8:c8:f5:ed:79:59:c6:82:
5f:dc:1e:5e:fb:c4:ee:6d:eb:c5:c7:9d:d4:91:88:
07:b0:f9:45:3d:6d:3a:88:08:02:66:ff:54:5b:8c:
3f:73:4d:3e:d2:d6:2f:30:9a:5b:fc:cd:b7:aa:6c:
32:45:83:0e:b0:cf:38:3c:ed:fc:76:20:4c:6a:61:
0b:ee:1f:47:37:0b:c6:8a:4d:f1:f0:73:f0:b9:d5:
ab:72:ab:d9:b9:af:5e:cf:95:07:4a:01:28:07:9f:
ea:45:2e:dc:02:27:22:79:fd:0e:53:b2:ca:72:c2:
d0:67:5b:f6:7c:18:ef:9a:cd:26:d5:93:df:d7:cf:
42:2d:2c:39:a1:4a:31:2d:f7:29:2f:6f:2c:b5:13:
85:8b:2b:3b:8d:01:b5:a9:c7:75:d0:15:68:57:bb:
47:b3:83:8b:46:2e:2f:61:ea:59:6b:9e:2b:f2:e8:
e1:d4:52:c8:44:d5:2a:53:6b:30:29:85:d4:1e:d1:
44:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:F6:62:DC:89:DA:E6:43:0A:48:E2:3B:D9:BA:9A:CB:DF:68:B3:F2
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/2_Zi3Ina5kMKSOI72bqay99os_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.139.0/24
IPv6:
2a0b:fb40::/46
Signature Algorithm: sha256WithRSAEncryption
80:14:7a:c9:d4:48:c2:7a:33:50:41:d1:5a:90:83:ff:65:43:
a1:88:97:76:0f:21:1e:5f:ec:98:47:52:1d:b0:f5:86:f8:bb:
5b:09:47:da:65:d0:a7:b8:29:62:cf:b6:fa:ac:d1:c6:84:ea:
6d:9b:9a:7d:34:78:f6:7f:b2:9d:d3:50:5d:37:a5:a3:34:a2:
9d:ec:2c:59:d6:7e:a0:c9:d4:26:a8:37:67:cb:80:6d:b8:61:
cc:31:65:75:ec:20:46:b4:eb:74:e3:2b:de:c9:1a:75:7f:4d:
15:a0:d3:f3:62:29:f3:18:50:f2:3e:70:ae:72:6a:2e:ca:cc:
76:95:a1:26:5d:60:ad:8a:38:0b:fb:83:b9:58:e4:65:94:60:
a3:b1:29:b0:de:30:dd:08:e6:8e:85:e9:15:53:11:52:c7:27:
fe:44:44:1b:fa:5e:36:6d:05:e5:7f:47:1e:24:50:24:de:88:
2b:90:61:a0:a6:be:ec:78:ec:f2:8d:52:c6:88:f7:04:c6:2c:
d9:7a:19:63:d7:0d:ed:7c:58:65:52:52:d4:b4:29:de:05:95:
3c:f2:10:e2:db:6c:0b:17:5b:bf:0c:11:18:3f:01:e8:47:3a:
ec:6b:f7:8f:d4:1c:f2:db:8d:ff:c7:e3:c0:e0:a1:67:a6:68:
79:83:37:a1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzJTnM92H7KM9fP4yZahnHcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjQwMTAyMDgzMzMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmY2NjJkYzg5ZGFlNjQzMGE0OGUyM2JkOWJhOWFjYmRmNjhiM2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBWSe4gyYOUfyohklxbrVh9c+xbq
Uv/5slSVB7eqYNxFpMY9vL2gMk+B79Mrqd9hGrTxRQkMSu2CKF0n8d2f8dkgyMj1
7XlZxoJf3B5e+8TubevFx53UkYgHsPlFPW06iAgCZv9UW4w/c00+0tYvMJpb/M23
qmwyRYMOsM84PO38diBMamEL7h9HNwvGik3x8HPwudWrcqvZua9ez5UHSgEoB5/q
RS7cAicief0OU7LKcsLQZ1v2fBjvms0m1ZPf189CLSw5oUoxLfcpL28stROFiys7
jQG1qcd10BVoV7tHs4OLRi4vYepZa54r8ujh1FLIRNUqU2swKYXUHtFEKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNv2YtyJ2uZDCkjiO9m6msvfaLPyMB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvMl9aaTNJbmE1a01LU09JNzJicWF5OTlvc19JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAufiLMA8E
AgACMAkDBwIqC/tAAAAwDQYJKoZIhvcNAQELBQADggEBAIAUesnUSMJ6M1BB0VqQ
g/9lQ6GIl3YPIR5f7JhHUh2w9Yb4u1sJR9pl0Ke4KWLPtvqs0caE6m2bmn00ePZ/
sp3TUF03paM0op3sLFnWfqDJ1CaoN2fLgG24YcwxZXXsIEa063TjK97JGnV/TRWg
0/NiKfMYUPI+cK5yai7KzHaVoSZdYK2KOAv7g7lY5GWUYKOxKbDeMN0I5o6F6RVT
EVLHJ/5ERBv6XjZtBeV/Rx4kUCTeiCuQYaCmvux47PKNUsaI9wTGLNl6GWPXDe18
WGVSUtS0Kd4FlTzyEOLbbAsXW78MERg/AehHOuxr94/UHPLbjf/H48DgoWemaHmD
N6E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:42 2024 by rpki-client on console-ams.rpki-client.org