Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/aa4NZRd1cKp25GBP9Bc_px0_hfo.roa
File: aa4NZRd1cKp25GBP9Bc_px0_hfo.roa (raw, json)
Hash identifier: ymACiqvkOIwGaNOGdvu1he0kNC3tF8lQcCmbjwIo+Fk=
Subject key identifier: 69:AE:0D:65:17:75:70:AA:76:E4:60:4F:F4:17:3F:A7:1D:3F:85:FA
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 0185729ECB1ECA21C016830387D002A751AD
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/aa4NZRd1cKp25GBP9Bc_px0_hfo.roa
Signing time: Mon 02 Jan 2023 13:14:47 +0000
ROA not before: Mon 02 Jan 2023 13:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 185.148.243.0/24 maxlen: 24
185.148.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jan 2023 18:49:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:cb:1e:ca:21:c0:16:83:03:87:d0:02:a7:51:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: Jan 2 13:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69ae0d65177570aa76e4604ff4173fa71d3f85fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:84:57:56:82:f5:93:bb:0a:44:0f:70:d4:16:
0b:a9:89:3f:0c:f8:69:c7:73:00:11:c3:74:78:2f:
e3:2e:8b:38:db:fa:c5:e8:16:6a:08:83:70:fd:3f:
5d:fa:6f:8c:4c:94:a7:9b:b2:02:17:5d:15:f7:e7:
1a:92:48:ee:7c:d4:78:27:26:39:dd:0e:a1:9d:73:
bd:06:6b:8e:2e:36:38:1d:80:9c:3a:ce:7c:4d:b0:
e2:5a:7a:89:ba:69:b2:84:30:41:bd:7b:97:e1:2e:
24:28:d7:53:33:54:9a:d2:58:ea:fb:5f:47:60:0e:
87:14:50:e5:3a:76:af:77:16:d0:e3:4d:f2:fe:ad:
9c:74:0d:23:05:d0:11:f8:85:fd:7f:e4:15:61:33:
da:5d:75:d2:6d:78:1b:b2:8a:6d:8c:71:67:41:00:
97:21:a0:d1:29:78:be:e0:cc:d5:f2:5b:fc:32:aa:
ee:ed:f2:bb:2d:97:fa:d2:9b:52:e6:20:c7:a8:e9:
27:01:d5:75:24:17:d9:4c:af:db:d5:b6:4f:6d:d5:
a5:32:55:16:9e:1f:69:c8:ac:8f:64:32:63:4b:9c:
94:aa:58:86:15:d7:1d:4f:37:2a:85:b6:5f:12:f7:
5d:aa:a0:86:9e:ca:0e:e0:45:94:e1:16:58:5e:44:
75:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:AE:0D:65:17:75:70:AA:76:E4:60:4F:F4:17:3F:A7:1D:3F:85:FA
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/aa4NZRd1cKp25GBP9Bc_px0_hfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.148.241.0/24
185.148.243.0/24
Signature Algorithm: sha256WithRSAEncryption
12:d2:de:85:b1:7d:dc:1d:60:52:db:6d:8e:bf:14:d7:df:42:
3c:c1:5b:49:6b:d4:64:11:96:c1:10:bf:87:75:ce:37:9e:91:
4c:69:0c:3e:e4:60:89:df:7c:a1:66:19:d2:ff:db:a6:6e:c9:
45:60:38:f3:09:0e:76:76:91:65:0e:ad:16:74:f0:ec:41:ce:
5f:ef:58:c7:61:f8:35:c2:ff:d9:3a:ce:56:04:b0:2b:7a:b4:
59:c3:00:8b:e6:de:1e:a9:14:13:6e:69:c9:63:57:9e:d8:f9:
db:9c:6b:bb:ce:4b:38:48:2d:8a:72:62:57:32:ad:e3:22:f2:
1a:11:36:8c:9c:4f:81:a0:80:50:b8:c2:4c:a3:e9:40:85:37:
d3:c8:58:05:68:cf:c0:a9:60:0b:6d:80:f6:c2:cb:7c:2a:de:
e6:f5:37:b0:7d:cd:70:ae:80:7c:b8:d5:d7:a6:fd:d7:02:54:
08:87:fb:69:1c:e1:9d:6e:67:4b:f7:0f:ae:0f:7e:d1:5f:3f:
7a:70:ea:a0:4a:de:8c:d6:42:9f:98:17:09:59:59:17:ed:64:
e1:d5:96:bb:9f:4f:f2:25:29:9c:57:fc:b8:44:27:23:1a:15:
46:b8:5b:5b:4f:63:ae:06:7f:25:4a:52:09:04:0d:26:88:ff:
4c:61:44:c3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVynsseyiHAFoMDh9ACp1GtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjMwMTAyMTMxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWFlMGQ2NTE3NzU3MGFhNzZlNDYwNGZmNDE3M2ZhNzFkM2Y4NWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA54RXVoL1k7sKRA9w1BYLqYk/DPhp
x3MAEcN0eC/jLos42/rF6BZqCINw/T9d+m+MTJSnm7ICF10V9+cakkjufNR4JyY5
3Q6hnXO9BmuOLjY4HYCcOs58TbDiWnqJummyhDBBvXuX4S4kKNdTM1Sa0ljq+19H
YA6HFFDlOnavdxbQ403y/q2cdA0jBdAR+IX9f+QVYTPaXXXSbXgbsoptjHFnQQCX
IaDRKXi+4MzV8lv8Mqru7fK7LZf60ptS5iDHqOknAdV1JBfZTK/b1bZPbdWlMlUW
nh9pyKyPZDJjS5yUqliGFdcdTzcqhbZfEvddqqCGnsoO4EWU4RZYXkR1GQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGmuDWUXdXCqduRgT/QXP6cdP4X6MB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvYWE0TlpSZDFjS3AyNUdCUDlCY19weDBfaGZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuZTxAwQA
uZTzMA0GCSqGSIb3DQEBCwUAA4IBAQAS0t6FsX3cHWBS222OvxTX30I8wVtJa9Rk
EZbBEL+Hdc43npFMaQw+5GCJ33yhZhnS/9umbslFYDjzCQ52dpFlDq0WdPDsQc5f
71jHYfg1wv/ZOs5WBLArerRZwwCL5t4eqRQTbmnJY1ee2PnbnGu7zks4SC2KcmJX
Mq3jIvIaETaMnE+BoIBQuMJMo+lAhTfTyFgFaM/AqWALbYD2wst8Kt7m9Tewfc1w
roB8uNXXpv3XAlQIh/tpHOGdbmdL9w+uD37RXz96cOqgSt6M1kKfmBcJWVkX7WTh
1Za7n0/yJSmcV/y4RCcjGhVGuFtbT2OuBn8lSlIJBA0miP9MYUTD
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:45 2024 by rpki-client on console-ams.rpki-client.org