Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/f52cea-3f41-482b-8ce8-2e2548310df3/1/1-Lf_9yqqUr7updqNOeN0a0G0IPQ.roa
File: 1-Lf_9yqqUr7updqNOeN0a0G0IPQ.roa (raw, json)
Hash identifier: BOOCWRApgoJoYTEpVdUWM7F9gnId6Mk53HoWcJ/eNm8=
Subject key identifier: F8:B7:FF:F7:2A:AA:52:BE:EE:A5:DA:8D:39:E3:74:6B:41:B4:20:F4
Certificate issuer: /CN=bb61df71f97461c6b3b4548fdcfecd77b679030f
Certificate serial: 01856F0B6417AC29B47396826A87209A3091
Authority key identifier: BB:61:DF:71:F9:74:61:C6:B3:B4:54:8F:DC:FE:CD:77:B6:79:03:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u2Hfcfl0YcaztFSP3P7Nd7Z5Aw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/f52cea-3f41-482b-8ce8-2e2548310df3/1/1-Lf_9yqqUr7updqNOeN0a0G0IPQ.roa
Signing time: Sun 01 Jan 2023 20:34:55 +0000
ROA not before: Sun 01 Jan 2023 20:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203682
IP address blocks: 185.4.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:64:17:ac:29:b4:73:96:82:6a:87:20:9a:30:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb61df71f97461c6b3b4548fdcfecd77b679030f
Validity
Not Before: Jan 1 20:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8b7fff72aaa52beeea5da8d39e3746b41b420f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:cc:43:fb:15:fc:9c:54:83:1a:99:22:dd:9a:
f0:7a:c8:42:fe:fb:8b:0d:ab:d0:96:b3:b5:0d:96:
a2:4e:ad:52:6d:52:ea:5f:2e:38:7e:a3:c0:33:08:
f5:fa:26:8d:39:2f:74:fe:da:7e:5f:54:44:24:b1:
37:4a:c3:b4:8e:bc:49:9c:3d:c4:cb:a1:c8:5c:61:
35:57:da:24:30:42:df:32:11:04:d4:fd:7f:1c:b4:
f8:0d:6a:bd:1f:af:6f:70:a3:e7:0b:b8:a2:d1:f9:
c8:87:62:5b:bd:e0:33:72:2b:e8:db:bd:80:0e:c9:
a4:15:17:9d:20:ae:3d:8d:74:d1:b0:dc:a1:b8:db:
2c:34:40:f2:54:47:e4:c1:34:5e:0e:54:1b:8e:f3:
49:bf:e4:fe:4d:ca:97:8e:28:5b:67:a8:24:42:db:
34:5b:3e:b3:67:c4:a7:00:41:f3:82:30:62:e6:ce:
8f:43:0a:47:00:a0:f5:58:e7:78:5b:30:5f:54:03:
e2:26:d6:7b:c3:98:31:53:7a:b4:1d:ad:40:39:de:
79:cc:f8:dd:17:d7:c1:53:82:5e:70:27:40:5c:4d:
25:2c:db:15:e5:77:4a:bc:3e:95:98:26:01:34:2e:
d3:f9:be:bc:db:9d:46:45:d0:2d:29:ef:03:b1:24:
ba:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:B7:FF:F7:2A:AA:52:BE:EE:A5:DA:8D:39:E3:74:6B:41:B4:20:F4
X509v3 Authority Key Identifier:
keyid:BB:61:DF:71:F9:74:61:C6:B3:B4:54:8F:DC:FE:CD:77:B6:79:03:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u2Hfcfl0YcaztFSP3P7Nd7Z5Aw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/f52cea-3f41-482b-8ce8-2e2548310df3/1/1-Lf_9yqqUr7updqNOeN0a0G0IPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/f52cea-3f41-482b-8ce8-2e2548310df3/1/u2Hfcfl0YcaztFSP3P7Nd7Z5Aw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.15.0/24
Signature Algorithm: sha256WithRSAEncryption
75:71:c7:0e:07:13:43:cc:1c:3f:10:47:60:d3:a9:e8:92:74:
d3:11:8f:74:d8:47:93:0b:07:a5:34:2f:50:42:6f:45:b4:7a:
d6:8a:2a:2f:20:66:f6:4f:70:45:54:26:12:01:b5:c7:1b:7d:
cd:e5:2c:e2:00:73:95:97:80:36:a6:4c:52:43:c3:b9:56:2d:
da:a7:35:72:93:ce:6f:e0:ff:88:c1:33:6a:8f:e6:f5:b9:d9:
c9:a2:23:12:af:4b:51:ea:d3:00:77:ca:80:f1:ad:04:94:cf:
00:29:b5:43:f2:fa:45:98:8e:5a:be:b9:d3:59:41:18:8a:68:
6b:c2:cb:ae:d3:91:53:da:41:92:6d:9a:e2:88:19:b5:74:7f:
f2:3e:29:b6:1a:af:6e:98:ea:52:9a:73:72:5e:f8:6d:b2:f7:
51:3f:99:52:2c:d4:06:8a:e7:f2:f7:0d:48:69:94:42:52:79:
55:0d:c5:fd:d4:24:75:5d:de:e5:41:5c:b1:d7:94:fe:90:ae:
17:22:91:e7:93:09:4a:f9:84:1e:77:73:5c:c1:68:75:a2:df:
f6:1f:ea:10:a2:d5:2b:b5:c8:c5:23:23:e0:a0:45:e3:28:4b:
2e:8b:da:9b:9f:30:9e:e5:3e:b5:91:e8:e6:28:f3:b9:56:5a:
dd:5e:d5:05
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvC2QXrCm0c5aCaocgmjCRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNjFkZjcxZjk3NDYxYzZiM2I0NTQ4ZmRjZmVjZDc3YjY3
OTAzMGYwHhcNMjMwMTAxMjAzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGI3ZmZmNzJhYWE1MmJlZWVhNWRhOGQzOWUzNzQ2YjQxYjQyMGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksxD+xX8nFSDGpki3ZrweshC/vuL
DavQlrO1DZaiTq1SbVLqXy44fqPAMwj1+iaNOS90/tp+X1REJLE3SsO0jrxJnD3E
y6HIXGE1V9okMELfMhEE1P1/HLT4DWq9H69vcKPnC7ii0fnIh2JbveAzcivo272A
DsmkFRedIK49jXTRsNyhuNssNEDyVEfkwTReDlQbjvNJv+T+TcqXjihbZ6gkQts0
Wz6zZ8SnAEHzgjBi5s6PQwpHAKD1WOd4WzBfVAPiJtZ7w5gxU3q0Ha1AOd55zPjd
F9fBU4JecCdAXE0lLNsV5XdKvD6VmCYBNC7T+b68251GRdAtKe8DsSS6TwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPi3//cqqlK+7qXajTnjdGtBtCD0MB8GA1UdIwQY
MBaAFLth33H5dGHGs7RUj9z+zXe2eQMPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTJIZmNmbDBZY2F6dEZTUDNQN05kN1o1QXc4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9mNTJjZWEtM2Y0MS00ODJiLThjZTgt
MmUyNTQ4MzEwZGYzLzEvMS1MZl85eXFxVXI3dXBkcU5PZU4wYTBHMElQUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDEvZjUyY2VhLTNmNDEtNDgyYi04Y2U4LTJlMjU0ODMxMGRm
My8xL3UySGZjZmwwWWNhenRGU1AzUDdOZDdaNUF3OC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkEDzAN
BgkqhkiG9w0BAQsFAAOCAQEAdXHHDgcTQ8wcPxBHYNOp6JJ00xGPdNhHkwsHpTQv
UEJvRbR61ooqLyBm9k9wRVQmEgG1xxt9zeUs4gBzlZeANqZMUkPDuVYt2qc1cpPO
b+D/iMEzao/m9bnZyaIjEq9LUerTAHfKgPGtBJTPACm1Q/L6RZiOWr6501lBGIpo
a8LLrtORU9pBkm2a4ogZtXR/8j4pthqvbpjqUppzcl74bbL3UT+ZUizUBorn8vcN
SGmUQlJ5VQ3F/dQkdV3e5UFcsdeU/pCuFyKR55MJSvmEHndzXMFodaLf9h/qEKLV
K7XIxSMj4KBF4yhLLovam58wnuU+tZHo5ijzuVZa3V7VBQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:04 2024 by rpki-client on console-ams.rpki-client.org