Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/c425fd-980a-4646-a162-9c2914ef8753/1/CgeEdP6d4EVQmCd3oUeSOXUG-6U.roa
File: CgeEdP6d4EVQmCd3oUeSOXUG-6U.roa (raw, json)
Hash identifier: RUUNFaVyBaWQg0hbdQuWngoar3Yuh99txFGIzifRGts=
Subject key identifier: 0A:07:84:74:FE:9D:E0:45:50:98:27:77:A1:47:92:39:75:06:FB:A5
Certificate issuer: /CN=454bef73c5a47687b2b5c5276b0dbc070bb9cb50
Certificate serial: 01856F42C37CA96C3247B5F6CF2E753E4E8F
Authority key identifier: 45:4B:EF:73:C5:A4:76:87:B2:B5:C5:27:6B:0D:BC:07:0B:B9:CB:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RUvvc8WkdoeytcUnaw28Bwu5y1A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/c425fd-980a-4646-a162-9c2914ef8753/1/CgeEdP6d4EVQmCd3oUeSOXUG-6U.roa
Signing time: Sun 01 Jan 2023 21:35:24 +0000
ROA not before: Sun 01 Jan 2023 21:35:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41171
IP address blocks: 185.253.3.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:c3:7c:a9:6c:32:47:b5:f6:cf:2e:75:3e:4e:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=454bef73c5a47687b2b5c5276b0dbc070bb9cb50
Validity
Not Before: Jan 1 21:35:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a078474fe9de04550982777a14792397506fba5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:05:32:02:ad:34:9a:cf:0a:65:a9:6d:8b:4e:
6e:46:69:18:cb:52:55:e5:fe:ab:08:5e:f9:67:fb:
b9:d8:f0:26:e1:b3:8e:42:f7:4c:99:e4:78:08:a1:
fe:96:2c:8b:2e:ab:d8:23:5c:95:13:1a:8d:bd:6d:
fd:74:dc:b9:bd:d0:2c:95:d5:af:e6:2e:16:99:a3:
73:50:b9:74:f2:da:df:55:22:3e:70:0d:18:3c:7e:
09:fd:ca:9f:f9:bd:66:0e:00:c6:e2:f3:ec:35:5f:
06:e0:8c:76:dc:47:5c:6c:c4:cf:0e:96:c6:61:1d:
03:21:ae:75:bf:7d:17:4e:7f:99:c5:88:d1:3d:4a:
c0:28:75:39:6d:ea:26:8a:e3:91:f7:cd:6a:eb:5e:
93:ad:89:8b:a4:b5:ea:db:d9:8e:15:63:5c:24:84:
cd:d3:5b:21:6c:5f:c1:77:a4:73:89:63:c2:68:38:
ce:72:00:de:d8:c3:77:46:75:ce:04:21:d0:c4:2c:
f5:6c:30:da:5f:31:b4:70:1c:57:ae:f4:7b:d7:54:
f1:7d:85:f5:cc:c0:94:40:2e:5e:88:ee:97:66:04:
3c:63:96:50:b8:24:d7:4d:48:83:38:b2:9d:e7:39:
ff:4c:aa:fa:00:08:ad:c3:76:a2:63:61:6d:51:f4:
84:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:07:84:74:FE:9D:E0:45:50:98:27:77:A1:47:92:39:75:06:FB:A5
X509v3 Authority Key Identifier:
keyid:45:4B:EF:73:C5:A4:76:87:B2:B5:C5:27:6B:0D:BC:07:0B:B9:CB:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RUvvc8WkdoeytcUnaw28Bwu5y1A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/c425fd-980a-4646-a162-9c2914ef8753/1/CgeEdP6d4EVQmCd3oUeSOXUG-6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/c425fd-980a-4646-a162-9c2914ef8753/1/RUvvc8WkdoeytcUnaw28Bwu5y1A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.3.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:00:95:c1:1f:36:8d:2c:aa:17:c8:91:44:5a:42:8d:13:f3:
91:d4:5e:9b:d2:35:db:08:ae:3d:c1:02:f9:73:c5:d5:5a:f5:
5f:2e:9b:cb:c3:f9:b4:19:b8:a7:4a:61:8f:ad:15:0a:5e:80:
c2:11:fb:75:a7:d5:01:05:0f:6c:ef:3e:3a:d1:6d:5a:fc:43:
cc:cd:15:c6:5d:de:37:1a:29:f0:03:ba:05:dd:01:94:7b:bf:
76:1a:95:49:3c:65:fb:ff:ae:13:38:57:f9:48:24:ee:4d:d1:
ad:57:c8:91:c9:8d:7f:39:3a:81:f0:35:75:5d:97:5f:69:32:
fa:2a:c1:83:e2:bb:01:d5:a4:84:d2:c1:be:a6:1c:5b:7e:4b:
e5:96:ab:c2:3c:9a:db:2b:10:0b:6d:6c:f4:4b:02:7c:fb:b5:
41:c8:2e:db:9f:fb:f0:ad:cb:07:ad:3a:65:b2:cc:e6:a1:75:
78:ae:8c:3d:51:b2:8d:8c:c2:a6:60:59:f9:ad:6f:d3:c4:0d:
9e:2f:75:4f:f0:03:20:d2:59:30:4a:d9:82:0a:44:2a:60:89:
1f:ca:f1:6d:e9:77:88:e6:02:8f:ed:a1:c4:63:c6:5c:23:35:
82:ad:63:c0:1d:3c:62:29:c7:c3:4e:29:c8:96:8b:ee:e2:02:
fe:11:93:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQsN8qWwyR7X2zy51Pk6PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NGJlZjczYzVhNDc2ODdiMmI1YzUyNzZiMGRiYzA3MGJi
OWNiNTAwHhcNMjMwMTAxMjEzNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTA3ODQ3NGZlOWRlMDQ1NTA5ODI3NzdhMTQ3OTIzOTc1MDZmYmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAUyAq00ms8KZalti05uRmkYy1JV
5f6rCF75Z/u52PAm4bOOQvdMmeR4CKH+liyLLqvYI1yVExqNvW39dNy5vdAsldWv
5i4WmaNzULl08trfVSI+cA0YPH4J/cqf+b1mDgDG4vPsNV8G4Ix23EdcbMTPDpbG
YR0DIa51v30XTn+ZxYjRPUrAKHU5beomiuOR981q616TrYmLpLXq29mOFWNcJITN
01shbF/Bd6RziWPCaDjOcgDe2MN3RnXOBCHQxCz1bDDaXzG0cBxXrvR711TxfYX1
zMCUQC5eiO6XZgQ8Y5ZQuCTXTUiDOLKd5zn/TKr6AAitw3aiY2FtUfSEiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAoHhHT+neBFUJgnd6FHkjl1BvulMB8GA1UdIwQY
MBaAFEVL73PFpHaHsrXFJ2sNvAcLuctQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlV2dmM4V2tkb2V5dGNVbmF3MjhCd3U1eTFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9jNDI1ZmQtOTgwYS00NjQ2LWExNjIt
OWMyOTE0ZWY4NzUzLzEvQ2dlRWRQNmQ0RVZRbUNkM29VZVNPWFVHLTZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9jNDI1ZmQtOTgwYS00NjQ2LWExNjItOWMyOTE0ZWY4NzUz
LzEvUlV2dmM4V2tkb2V5dGNVbmF3MjhCd3U1eTFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf0DMA0G
CSqGSIb3DQEBCwUAA4IBAQCbAJXBHzaNLKoXyJFEWkKNE/OR1F6b0jXbCK49wQL5
c8XVWvVfLpvLw/m0GbinSmGPrRUKXoDCEft1p9UBBQ9s7z460W1a/EPMzRXGXd43
GinwA7oF3QGUe792GpVJPGX7/64TOFf5SCTuTdGtV8iRyY1/OTqB8DV1XZdfaTL6
KsGD4rsB1aSE0sG+phxbfkvllqvCPJrbKxALbWz0SwJ8+7VByC7bn/vwrcsHrTpl
sszmoXV4row9UbKNjMKmYFn5rW/TxA2eL3VP8AMg0lkwStmCCkQqYIkfyvFt6XeI
5gKP7aHEY8ZcIzWCrWPAHTxiKcfDTinIlovu4gL+EZOZ
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:06 2024 by rpki-client on console-fra.rpki-client.org