Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/chl_4f-FxVxYMP8xKKkHtp-xzeo.roa
File: chl_4f-FxVxYMP8xKKkHtp-xzeo.roa (raw, json)
Hash identifier: +PxhaB+3aUYeCdfyFBLT1iBZP17W0exPRjHPmuZLCyw=
Subject key identifier: 72:19:7F:E1:FF:85:C5:5C:58:30:FF:31:28:A9:07:B6:9F:B1:CD:EA
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 01878149AAE29D8BFDF56BD62C2384EF12A4
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/chl_4f-FxVxYMP8xKKkHtp-xzeo.roa
Signing time: Fri 14 Apr 2023 19:41:41 +0000
ROA not before: Fri 14 Apr 2023 19:41:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 185.148.243.0/24 maxlen: 24
185.148.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Jul 2023 17:08:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:81:49:aa:e2:9d:8b:fd:f5:6b:d6:2c:23:84:ef:12:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: Apr 14 19:41:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72197fe1ff85c55c5830ff3128a907b69fb1cdea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:91:be:ee:cc:2b:8d:22:9f:06:29:ac:87:2d:
e3:a7:bc:e6:81:28:86:09:a7:59:76:cb:04:3d:5a:
80:18:d3:0a:a7:83:88:c7:c4:d1:6b:42:98:56:f8:
68:94:00:b4:6c:fc:97:64:f0:d5:52:12:2a:61:62:
f5:fb:bf:11:53:98:bd:9e:98:84:7b:7e:ab:1d:70:
6b:23:bf:93:48:a1:f5:62:ab:ea:ce:73:63:24:44:
b0:61:dd:78:c4:54:89:5a:72:e5:24:e9:f0:8c:b9:
b9:f1:f6:10:d2:97:79:eb:ab:9c:cc:87:b1:0b:ad:
da:72:ef:ec:76:e3:85:ef:74:dd:c4:29:aa:30:de:
d6:02:83:0a:6f:47:34:66:e2:1e:eb:46:02:1a:63:
d3:83:3d:75:c8:1d:41:b1:7d:31:99:8b:2d:9d:41:
1e:15:f9:a5:21:fd:c0:53:0a:ed:91:6a:8d:56:0c:
72:65:2b:da:a1:63:55:04:99:fa:dd:e5:42:10:1b:
37:b1:a7:55:21:cc:1f:75:21:53:b0:32:f0:0b:34:
36:58:53:3f:5f:12:f8:06:52:a4:5c:77:18:78:0e:
aa:8b:aa:3b:28:c9:38:d5:2c:7b:00:f5:b7:dd:df:
2f:75:cd:8e:8b:f9:db:af:b0:0d:8b:85:6c:9e:09:
eb:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:19:7F:E1:FF:85:C5:5C:58:30:FF:31:28:A9:07:B6:9F:B1:CD:EA
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/chl_4f-FxVxYMP8xKKkHtp-xzeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.148.241.0/24
185.148.243.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:e7:db:1e:ae:8c:80:6d:35:bf:82:63:7c:6d:be:bc:4a:c0:
39:33:a3:71:07:2b:f0:78:34:97:60:1e:27:fe:5e:e8:d1:8e:
a5:a1:40:a2:77:33:da:e3:a5:dd:3d:f6:69:9a:ee:1e:b2:e4:
b2:9f:34:ec:ab:0d:fc:4b:cd:54:3c:df:02:2a:cf:f9:dc:25:
b8:fc:cf:ec:38:b5:9b:69:3d:00:74:55:35:fd:95:92:a6:02:
30:85:22:6f:12:ab:88:83:50:58:62:fd:34:da:5f:65:c5:ac:
d2:26:98:4a:1f:08:79:e1:d5:86:d2:df:98:db:51:34:51:b3:
e5:d4:96:eb:0b:22:dd:e5:73:ba:f3:6b:0e:1c:f3:63:6d:2b:
42:30:d7:64:ed:92:7c:b2:55:ef:49:8b:4c:2b:25:b6:4c:22:
75:7f:41:70:82:bf:74:b8:2e:ac:83:87:2f:6f:ed:db:92:8b:
99:8b:5d:fd:f8:0a:86:33:6b:33:ce:ac:a9:69:9b:1e:0d:0e:
98:21:e0:35:41:e9:5b:6c:a3:b6:38:0f:07:d1:9b:a2:ab:34:
7a:84:4f:3b:00:da:09:11:20:2f:00:ec:6a:29:55:85:16:f2:
36:05:f0:d7:05:4c:bf:9d:1a:78:3b:c9:fa:ae:69:a1:4a:fe:
b3:73:93:88
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYeBSarinYv99WvWLCOE7xKkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjMwNDE0MTk0MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjE5N2ZlMWZmODVjNTVjNTgzMGZmMzEyOGE5MDdiNjlmYjFjZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5G+7swrjSKfBimshy3jp7zmgSiG
CadZdssEPVqAGNMKp4OIx8TRa0KYVvholAC0bPyXZPDVUhIqYWL1+78RU5i9npiE
e36rHXBrI7+TSKH1YqvqznNjJESwYd14xFSJWnLlJOnwjLm58fYQ0pd566uczIex
C63acu/sduOF73TdxCmqMN7WAoMKb0c0ZuIe60YCGmPTgz11yB1BsX0xmYstnUEe
FfmlIf3AUwrtkWqNVgxyZSvaoWNVBJn63eVCEBs3sadVIcwfdSFTsDLwCzQ2WFM/
XxL4BlKkXHcYeA6qi6o7KMk41Sx7APW33d8vdc2Oi/nbr7ANi4Vsngnr9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHIZf+H/hcVcWDD/MSipB7afsc3qMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvY2hsXzRmLUZ4VnhZTVA4eEtLa0h0cC14emVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuZTxAwQA
uZTzMA0GCSqGSIb3DQEBCwUAA4IBAQBs59seroyAbTW/gmN8bb68SsA5M6NxByvw
eDSXYB4n/l7o0Y6loUCidzPa46XdPfZpmu4esuSynzTsqw38S81UPN8CKs/53CW4
/M/sOLWbaT0AdFU1/ZWSpgIwhSJvEquIg1BYYv002l9lxazSJphKHwh54dWG0t+Y
21E0UbPl1JbrCyLd5XO682sOHPNjbStCMNdk7ZJ8slXvSYtMKyW2TCJ1f0Fwgr90
uC6sg4cvb+3bkouZi139+AqGM2szzqypaZseDQ6YIeA1QelbbKO2OA8H0ZuiqzR6
hE87ANoJESAvAOxqKVWFFvI2BfDXBUy/nRp4O8n6rmmhSv6zc5OI
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:45 2024 by rpki-client on console-ams.rpki-client.org