Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/Aq5oNSZuLcRO3D6AEO9MDlEu82I.roa
File: Aq5oNSZuLcRO3D6AEO9MDlEu82I.roa (raw, json)
Hash identifier: oIfSmFgcy3Xw2p/+GJJzL+F0QRpRteBpzwE9hw5+zoY=
Subject key identifier: 02:AE:68:35:26:6E:2D:C4:4E:DC:3E:80:10:EF:4C:0E:51:2E:F3:62
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 018B666F5E2F4043258E7970D154DDE0F42D
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/Aq5oNSZuLcRO3D6AEO9MDlEu82I.roa
Signing time: Wed 25 Oct 2023 10:44:16 +0000
ROA not before: Wed 25 Oct 2023 10:44:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 185.148.243.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:66:6f:5e:2f:40:43:25:8e:79:70:d1:54:dd:e0:f4:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: Oct 25 10:44:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02ae6835266e2dc44edc3e8010ef4c0e512ef362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:9d:a8:1c:08:25:6b:b5:c6:69:7c:11:b0:8b:
5b:6e:4b:3d:30:81:28:f2:46:fb:14:fc:13:fc:4a:
a9:10:3b:89:79:af:1a:69:f4:cd:7c:7a:c1:c3:10:
3b:25:b5:6b:d1:b7:90:90:00:3e:19:0c:b5:0c:ff:
b6:4a:c3:f8:e5:97:b6:70:3a:e1:8b:e1:2e:6d:09:
3e:d2:40:96:17:99:7e:eb:9a:9e:6b:e3:00:6b:59:
e4:8d:59:d1:db:18:9d:62:ec:b6:78:dc:7f:bb:3e:
cb:da:4e:52:d6:6e:2c:e2:64:8d:60:75:3f:30:74:
90:0e:87:31:cc:62:4e:f4:78:3a:b4:61:b6:8c:2c:
95:72:c2:33:9b:27:39:ce:2f:20:fa:1d:27:56:40:
ab:b8:21:78:23:35:97:9c:c7:02:ab:01:b8:2a:f0:
9f:39:d5:85:83:28:2c:71:3a:2d:fe:80:30:27:d5:
d5:c3:c9:a2:9f:bf:ca:60:96:9c:14:84:0c:da:db:
8b:84:cd:e4:71:89:ad:33:08:a9:9d:05:7f:6e:17:
19:1f:55:a3:e5:47:06:1d:64:a5:13:ad:d6:e7:ac:
19:ac:7c:c1:84:96:be:4d:56:47:8a:5d:26:2e:43:
e5:0b:01:44:e2:7d:5e:75:a3:d6:7b:b9:aa:d2:8a:
15:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:AE:68:35:26:6E:2D:C4:4E:DC:3E:80:10:EF:4C:0E:51:2E:F3:62
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/Aq5oNSZuLcRO3D6AEO9MDlEu82I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.148.243.0/24
Signature Algorithm: sha256WithRSAEncryption
03:bf:8a:10:73:47:87:cb:22:1e:d0:7a:d1:e7:73:04:aa:ad:
b6:c4:95:60:39:f3:9d:61:15:cb:49:7e:8a:62:d5:8a:13:ff:
40:b7:a9:70:22:25:62:af:ec:46:64:68:48:7d:cb:65:4e:53:
74:9f:01:6d:df:82:bd:b6:a0:0a:3f:a0:67:09:1d:ca:eb:05:
fa:a0:13:4a:87:c0:f7:75:4c:ee:59:2c:52:7f:5e:f9:3a:97:
63:94:c8:e9:86:01:06:a7:fe:76:fe:47:5b:66:09:17:0c:e5:
c5:03:88:49:3f:40:59:02:0a:8f:2d:b3:b2:b7:2b:3f:d4:66:
0f:72:69:5f:9a:f3:60:fa:39:78:38:7a:03:2c:e1:84:0e:0f:
d2:d5:7d:2e:42:61:d7:e5:6b:fe:28:eb:2d:eb:cf:ed:2e:cd:
e0:06:33:90:1b:69:4a:42:af:af:9d:5f:77:24:73:32:ca:6a:
1d:bd:e5:40:8c:84:36:43:38:d1:78:10:64:33:8d:93:a2:ff:
23:ae:2c:46:33:79:f7:9f:bb:be:d3:1e:34:14:48:c2:9d:72:
f0:e1:0f:f5:5a:c2:0e:43:96:72:8e:0a:0b:85:62:97:65:78:
35:38:a1:c5:a5:3c:ce:c9:92:fb:f6:e3:ab:18:6c:09:a1:67:
eb:63:19:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtmb14vQEMljnlw0VTd4PQtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjMxMDI1MTA0NDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmFlNjgzNTI2NmUyZGM0NGVkYzNlODAxMGVmNGMwZTUxMmVmMzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnp2oHAgla7XGaXwRsItbbks9MIEo
8kb7FPwT/EqpEDuJea8aafTNfHrBwxA7JbVr0beQkAA+GQy1DP+2SsP45Ze2cDrh
i+EubQk+0kCWF5l+65qea+MAa1nkjVnR2xidYuy2eNx/uz7L2k5S1m4s4mSNYHU/
MHSQDocxzGJO9Hg6tGG2jCyVcsIzmyc5zi8g+h0nVkCruCF4IzWXnMcCqwG4KvCf
OdWFgygscTot/oAwJ9XVw8min7/KYJacFIQM2tuLhM3kcYmtMwipnQV/bhcZH1Wj
5UcGHWSlE63W56wZrHzBhJa+TVZHil0mLkPlCwFE4n1edaPWe7mq0ooVXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAKuaDUmbi3ETtw+gBDvTA5RLvNiMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvQXE1b05TWnVMY1JPM0Q2QUVPOU1EbEV1ODJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZTzMA0G
CSqGSIb3DQEBCwUAA4IBAQADv4oQc0eHyyIe0HrR53MEqq22xJVgOfOdYRXLSX6K
YtWKE/9At6lwIiVir+xGZGhIfctlTlN0nwFt34K9tqAKP6BnCR3K6wX6oBNKh8D3
dUzuWSxSf175OpdjlMjphgEGp/52/kdbZgkXDOXFA4hJP0BZAgqPLbOytys/1GYP
cmlfmvNg+jl4OHoDLOGEDg/S1X0uQmHX5Wv+KOst68/tLs3gBjOQG2lKQq+vnV93
JHMyymodveVAjIQ2QzjReBBkM42Tov8jrixGM3n3n7u+0x40FEjCnXLw4Q/1WsIO
Q5ZyjgoLhWKXZXg1OKHFpTzOyZL79uOrGGwJoWfrYxlB
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:13:42 2024 by rpki-client on console-ams.rpki-client.org