Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/xQmALbkaJOjlb8WBNjwJAOgnD0k.roa
File: xQmALbkaJOjlb8WBNjwJAOgnD0k.roa (raw, json)
Hash identifier: FH2fdhbmE4g7nD83UG5py5mFIwCikoaEJm1+XiJ0Kk8=
Subject key identifier: C5:09:80:2D:B9:1A:24:E8:E5:6F:C5:81:36:3C:09:00:E8:27:0F:49
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 018A9436773E01BB757196A2E6F908815C81
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/xQmALbkaJOjlb8WBNjwJAOgnD0k.roa
Signing time: Thu 14 Sep 2023 15:01:51 +0000
ROA not before: Thu 14 Sep 2023 15:01:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 185.148.243.0/24 maxlen: 24
185.148.241.0/24 maxlen: 24
185.169.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 17 Sep 2023 21:08:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:94:36:77:3e:01:bb:75:71:96:a2:e6:f9:08:81:5c:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: Sep 14 15:01:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c509802db91a24e8e56fc581363c0900e8270f49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:65:61:32:c6:60:ab:36:56:19:c9:75:06:41:
c3:de:e1:0b:88:ad:97:8a:b7:fd:d0:03:b4:92:38:
bb:8f:f0:1e:57:4c:e7:85:c4:9e:bb:ea:d7:e7:72:
8b:40:5d:c8:89:76:55:f8:67:07:27:cb:a4:dc:d4:
3e:1c:a5:dd:32:59:23:46:f8:57:1a:ac:3a:7d:b8:
64:b6:30:54:4e:5a:1e:a6:14:1f:b9:4c:8f:5f:0e:
b2:e8:a7:29:6c:e3:5a:c5:f8:e6:dc:37:fe:b6:6d:
80:c2:c9:7a:bb:66:e0:21:ac:6e:a9:a7:61:dd:ad:
6c:ff:01:a3:6b:48:fc:b1:9a:6b:2f:c5:19:ae:1f:
7a:68:27:dd:cf:51:d1:e5:1f:45:d7:ab:1e:40:64:
5d:18:86:95:0b:9e:54:6c:94:a6:a5:5d:88:a5:07:
c4:fe:f1:4d:ab:cb:37:23:00:a7:2b:0a:96:6d:16:
c3:63:cc:da:a3:2c:f4:29:8c:6d:ab:49:1d:91:4c:
ea:d2:7d:65:23:79:e7:91:9d:af:75:b0:ab:8b:02:
17:f2:8d:ed:a5:7a:89:c1:4e:40:fa:60:67:01:a8:
4a:ae:76:b1:75:70:42:5f:66:03:bd:2c:bc:99:0d:
5f:9a:10:cb:ca:21:ed:02:e7:94:7f:26:be:81:f7:
74:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:09:80:2D:B9:1A:24:E8:E5:6F:C5:81:36:3C:09:00:E8:27:0F:49
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/xQmALbkaJOjlb8WBNjwJAOgnD0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.148.241.0/24
185.148.243.0/24
185.169.183.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:64:48:2e:f8:6d:1e:12:c8:95:fd:41:fc:fc:45:b3:41:7f:
f2:7b:dc:ce:03:f7:fd:2c:0b:b1:53:19:d3:81:f5:4c:98:97:
5e:cf:fd:b7:68:2f:2e:d4:d3:da:df:55:4c:50:f3:c6:58:0b:
de:0b:75:f5:62:1c:0d:71:a1:ea:37:c6:3f:0c:ff:23:58:ee:
6f:d7:23:4f:e9:0c:48:e3:2c:3c:81:45:00:b6:8f:71:66:8e:
b9:db:79:a5:ed:06:c3:1b:b7:57:2d:8e:8c:28:fc:93:79:f7:
9a:4f:d5:7a:42:22:f6:14:24:30:ad:4b:f8:e2:ff:76:76:3e:
7d:a6:9c:ad:c5:7b:8e:73:0b:6d:45:e3:a3:4e:29:a3:99:8a:
ce:db:b7:3e:83:b3:19:d8:15:c1:e2:6d:6f:3f:ae:d5:8d:34:
4b:52:e4:f0:b9:96:78:1b:e5:95:fc:ad:d7:58:c0:36:93:de:
0c:0c:f7:d1:71:eb:6c:94:24:df:64:1d:52:d9:98:c3:ae:4f:
1b:33:e3:4c:5c:00:53:e0:3f:33:68:e6:a8:9d:bc:ad:12:5e:
a0:8e:19:92:51:b1:56:fd:54:99:df:12:e3:8c:81:1c:e5:47:
13:04:00:07:87:93:ff:19:3c:eb:ce:c5:eb:68:d9:48:29:76:
bb:51:72:de
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYqUNnc+Abt1cZai5vkIgVyBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjMwOTE0MTUwMTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTA5ODAyZGI5MWEyNGU4ZTU2ZmM1ODEzNjNjMDkwMGU4MjcwZjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2VhMsZgqzZWGcl1BkHD3uELiK2X
irf90AO0kji7j/AeV0znhcSeu+rX53KLQF3IiXZV+GcHJ8uk3NQ+HKXdMlkjRvhX
Gqw6fbhktjBUTloephQfuUyPXw6y6KcpbONaxfjm3Df+tm2Awsl6u2bgIaxuqadh
3a1s/wGja0j8sZprL8UZrh96aCfdz1HR5R9F16seQGRdGIaVC55UbJSmpV2IpQfE
/vFNq8s3IwCnKwqWbRbDY8zaoyz0KYxtq0kdkUzq0n1lI3nnkZ2vdbCriwIX8o3t
pXqJwU5A+mBnAahKrnaxdXBCX2YDvSy8mQ1fmhDLyiHtAueUfya+gfd0LQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMUJgC25GiTo5W/FgTY8CQDoJw9JMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEveFFtQUxia2FKT2psYjhXQk5qd0pBT2duRDBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuZTxAwQA
uZTzAwQAuam3MA0GCSqGSIb3DQEBCwUAA4IBAQDFZEgu+G0eEsiV/UH8/EWzQX/y
e9zOA/f9LAuxUxnTgfVMmJdez/23aC8u1NPa31VMUPPGWAveC3X1YhwNcaHqN8Y/
DP8jWO5v1yNP6QxI4yw8gUUAto9xZo6523ml7QbDG7dXLY6MKPyTefeaT9V6QiL2
FCQwrUv44v92dj59ppytxXuOcwttReOjTimjmYrO27c+g7MZ2BXB4m1vP67VjTRL
UuTwuZZ4G+WV/K3XWMA2k94MDPfRcetslCTfZB1S2ZjDrk8bM+NMXABT4D8zaOao
nbytEl6gjhmSUbFW/VSZ3xLjjIEc5UcTBAAHh5P/GTzrzsXraNlIKXa7UXLe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:49 2024 by rpki-client on console-fra.rpki-client.org