Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/321f74-092d-4dff-b335-2054f6e61922/1/oXLnr0corxHIXWO89AonWMLpUcI.roa
File: oXLnr0corxHIXWO89AonWMLpUcI.roa (raw, json)
Hash identifier: Z+LqRQFX1xwyRJGpxqiKm0wh4tEi7TodebYch8JERzE=
Subject key identifier: A1:72:E7:AF:47:28:AF:11:C8:5D:63:BC:F4:0A:27:58:C2:E9:51:C2
Certificate issuer: /CN=1651d3ddc6add483b761ac0476269533fe7ea717
Certificate serial: 01856C783DC3C05BE77260518BC284CC5439
Authority key identifier: 16:51:D3:DD:C6:AD:D4:83:B7:61:AC:04:76:26:95:33:FE:7E:A7:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FlHT3cat1IO3YawEdiaVM_5-pxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/321f74-092d-4dff-b335-2054f6e61922/1/oXLnr0corxHIXWO89AonWMLpUcI.roa
Signing time: Sun 01 Jan 2023 08:34:57 +0000
ROA not before: Sun 01 Jan 2023 08:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202894
IP address blocks: 185.149.251.0/24 maxlen: 24
185.149.250.0/24 maxlen: 24
185.149.249.0/24 maxlen: 24
185.149.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:3d:c3:c0:5b:e7:72:60:51:8b:c2:84:cc:54:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1651d3ddc6add483b761ac0476269533fe7ea717
Validity
Not Before: Jan 1 08:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a172e7af4728af11c85d63bcf40a2758c2e951c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6b:8c:e6:1d:2d:81:73:41:12:f3:b7:77:ac:
c3:e8:41:40:d5:24:06:03:76:11:04:1a:43:b1:da:
62:4e:a3:6a:bc:33:be:61:d2:a0:9e:52:30:62:af:
5d:c3:8c:19:f2:7c:d2:a7:e3:8d:54:8f:ca:44:f9:
d1:9c:b8:b3:dd:25:27:df:5d:7a:8f:da:e6:1a:d5:
30:03:3a:d5:a5:4f:4e:5a:11:38:a6:cb:89:2f:1c:
85:3e:90:d7:58:57:5f:88:b8:d3:cf:f9:62:46:6d:
e0:6d:e8:f1:8f:ef:ce:4f:77:86:04:b2:87:60:4c:
23:87:c5:85:11:88:5b:08:40:65:6b:7e:4f:04:9c:
cb:8f:8b:97:f7:25:f7:d3:82:89:6d:7e:20:29:4e:
a6:d4:07:ae:ae:97:c7:94:63:79:92:d0:7d:9b:7a:
3e:e1:f7:7d:b6:03:85:5a:0a:f6:be:a6:1d:c2:09:
75:6b:93:20:0b:ec:e5:6e:a0:e8:63:03:9e:aa:15:
07:6d:60:a0:e6:1f:30:20:9b:01:2f:45:6c:68:33:
24:d9:07:bd:8a:b0:61:08:e2:83:70:ba:67:b6:e7:
67:ab:00:8f:3c:99:8f:de:08:72:65:76:51:4c:85:
14:52:37:9e:f6:b3:86:04:4b:a2:f4:25:6d:7e:dd:
60:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:72:E7:AF:47:28:AF:11:C8:5D:63:BC:F4:0A:27:58:C2:E9:51:C2
X509v3 Authority Key Identifier:
keyid:16:51:D3:DD:C6:AD:D4:83:B7:61:AC:04:76:26:95:33:FE:7E:A7:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FlHT3cat1IO3YawEdiaVM_5-pxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/321f74-092d-4dff-b335-2054f6e61922/1/oXLnr0corxHIXWO89AonWMLpUcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/321f74-092d-4dff-b335-2054f6e61922/1/FlHT3cat1IO3YawEdiaVM_5-pxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.248.0/22
Signature Algorithm: sha256WithRSAEncryption
77:21:3f:42:11:6f:59:75:bd:b0:e7:6f:e5:6b:76:27:f4:bf:
42:aa:5a:99:cb:6a:18:39:55:6b:12:12:17:8f:e2:b5:a4:95:
db:12:13:dd:7a:36:b8:c8:f2:51:1f:fe:64:92:32:48:47:ec:
4d:9c:91:c1:51:63:88:ed:62:e4:3e:a1:d4:4e:8f:c9:65:3c:
2f:9f:bb:cb:03:eb:a3:d0:a6:2e:7e:01:b9:74:65:be:cd:7c:
0e:9d:4b:73:ea:07:1b:ee:e7:53:e9:cb:2e:35:65:ba:e3:b5:
bd:d0:4b:d7:65:e9:d1:79:db:19:62:14:61:8b:2d:8f:7f:76:
9a:45:5a:62:10:f1:e8:2f:5c:82:da:2c:1f:d9:28:5c:f1:9d:
c3:f1:23:fd:aa:91:41:d5:5e:81:c0:24:11:50:74:4e:27:f2:
0b:09:7e:bd:e9:41:17:89:a3:76:4d:2b:84:5b:db:45:a5:04:
bf:9f:a0:d6:68:c0:7d:c3:2d:95:c3:27:15:47:11:21:cf:6e:
ba:f8:78:be:49:c1:63:1e:02:67:8d:19:62:e5:7d:e2:45:02:
85:73:37:76:02:ca:98:2a:bb:99:36:b8:8a:ab:73:25:e8:fd:
f5:6e:08:cf:5e:79:73:b0:06:09:50:a9:f2:73:f4:72:7d:da:
a5:26:9a:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVseD3DwFvncmBRi8KEzFQ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NTFkM2RkYzZhZGQ0ODNiNzYxYWMwNDc2MjY5NTMzZmU3
ZWE3MTcwHhcNMjMwMTAxMDgzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTcyZTdhZjQ3MjhhZjExYzg1ZDYzYmNmNDBhMjc1OGMyZTk1MWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2uM5h0tgXNBEvO3d6zD6EFA1SQG
A3YRBBpDsdpiTqNqvDO+YdKgnlIwYq9dw4wZ8nzSp+ONVI/KRPnRnLiz3SUn3116
j9rmGtUwAzrVpU9OWhE4psuJLxyFPpDXWFdfiLjTz/liRm3gbejxj+/OT3eGBLKH
YEwjh8WFEYhbCEBla35PBJzLj4uX9yX304KJbX4gKU6m1AeurpfHlGN5ktB9m3o+
4fd9tgOFWgr2vqYdwgl1a5MgC+zlbqDoYwOeqhUHbWCg5h8wIJsBL0VsaDMk2Qe9
irBhCOKDcLpntudnqwCPPJmP3ghyZXZRTIUUUjee9rOGBEui9CVtft1ghwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKFy569HKK8RyF1jvPQKJ1jC6VHCMB8GA1UdIwQY
MBaAFBZR093GrdSDt2GsBHYmlTP+fqcXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmxIVDNjYXQxSU8zWWF3RWRpYVZNXzUtcHhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8zMjFmNzQtMDkyZC00ZGZmLWIzMzUt
MjA1NGY2ZTYxOTIyLzEvb1hMbnIwY29yeEhJWFdPODlBb25XTUxwVWNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8zMjFmNzQtMDkyZC00ZGZmLWIzMzUtMjA1NGY2ZTYxOTIy
LzEvRmxIVDNjYXQxSU8zWWF3RWRpYVZNXzUtcHhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZX4MA0G
CSqGSIb3DQEBCwUAA4IBAQB3IT9CEW9Zdb2w52/la3Yn9L9CqlqZy2oYOVVrEhIX
j+K1pJXbEhPdeja4yPJRH/5kkjJIR+xNnJHBUWOI7WLkPqHUTo/JZTwvn7vLA+uj
0KYufgG5dGW+zXwOnUtz6gcb7udT6csuNWW647W90EvXZenRedsZYhRhiy2Pf3aa
RVpiEPHoL1yC2iwf2Shc8Z3D8SP9qpFB1V6BwCQRUHROJ/ILCX696UEXiaN2TSuE
W9tFpQS/n6DWaMB9wy2VwycVRxEhz266+Hi+ScFjHgJnjRli5X3iRQKFczd2AsqY
KruZNriKq3Ml6P31bgjPXnlzsAYJUKnyc/RyfdqlJpoj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:32 2024 by rpki-client on console-fra.rpki-client.org