Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/kByO3T83DjxTcVvKFzvHPxRzOgw.roa
File: kByO3T83DjxTcVvKFzvHPxRzOgw.roa (raw, json)
Hash identifier: YNGP57fZ7m9MNTT188EPxywRNYMDwg0lv1Dqrp0Wr9o=
Subject key identifier: 90:1C:8E:DD:3F:37:0E:3C:53:71:5B:CA:17:3B:C7:3F:14:73:3A:0C
Certificate issuer: /CN=30d58e40c6d91f3729e57e3344d308b5992fe46e
Certificate serial: 0191BE1BDDBF3B4681EFD1B4EC97228A6007
Authority key identifier: 30:D5:8E:40:C6:D9:1F:37:29:E5:7E:33:44:D3:08:B5:99:2F:E4:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MNWOQMbZHzcp5X4zRNMItZkv5G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/kByO3T83DjxTcVvKFzvHPxRzOgw.roa
Signing time: Wed 04 Sep 2024 17:36:22 +0000
ROA not before: Wed 04 Sep 2024 17:36:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.130.49.0/24 maxlen: 24
2a13:141:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:be:1b:dd:bf:3b:46:81:ef:d1:b4:ec:97:22:8a:60:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30d58e40c6d91f3729e57e3344d308b5992fe46e
Validity
Not Before: Sep 4 17:36:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=901c8edd3f370e3c53715bca173bc73f14733a0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f7:3f:b7:60:46:91:d7:e8:84:ad:f2:06:5d:
0b:a4:f8:20:b0:a8:8a:67:56:54:5f:e1:b9:f9:d7:
28:6d:98:ec:80:12:4f:85:e6:f9:04:3d:02:1e:15:
86:ae:9f:5e:ba:f5:47:9b:df:4e:85:9a:53:ac:d2:
bf:6e:87:83:18:b9:ed:27:f8:aa:40:83:3c:65:d6:
c6:8c:f3:3d:d0:96:fd:7e:82:da:99:bf:6a:a5:cd:
ab:e4:74:74:5d:ec:4c:6e:c3:2e:99:be:2c:19:93:
25:7e:5b:99:35:7a:b5:36:54:7d:5d:d0:5b:83:25:
b4:37:a4:30:14:ac:06:d4:1a:4e:52:bc:af:c3:6d:
dc:46:d8:30:ea:6c:7e:a2:ff:f8:88:94:64:72:c5:
a7:3f:29:b6:2e:a8:9b:40:a5:15:d5:f4:90:c4:cd:
56:47:40:fb:1e:94:02:4a:9a:02:e8:2a:65:c7:2f:
22:b4:a2:63:1d:d5:16:fe:cf:2b:b3:3b:39:48:59:
63:8d:cc:95:dd:a7:f1:15:5c:d3:fa:09:dc:34:66:
8c:71:5f:cd:0e:84:91:73:e9:38:d1:e6:b2:d9:8b:
9d:0a:d0:ff:41:55:bf:fe:a4:7c:32:ec:90:4f:34:
f8:60:15:4e:4f:46:dc:99:24:03:59:43:17:23:3e:
bb:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:1C:8E:DD:3F:37:0E:3C:53:71:5B:CA:17:3B:C7:3F:14:73:3A:0C
X509v3 Authority Key Identifier:
keyid:30:D5:8E:40:C6:D9:1F:37:29:E5:7E:33:44:D3:08:B5:99:2F:E4:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MNWOQMbZHzcp5X4zRNMItZkv5G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/kByO3T83DjxTcVvKFzvHPxRzOgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/MNWOQMbZHzcp5X4zRNMItZkv5G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.130.49.0/24
IPv6:
2a13:141:3::/48
Signature Algorithm: sha256WithRSAEncryption
26:b9:cc:8d:f0:5e:0c:c6:74:8a:85:b7:70:f4:6b:0f:f4:21:
a8:fe:93:18:52:c7:62:a7:f0:e9:95:eb:82:dc:73:10:1b:ae:
e2:a6:ef:22:08:cd:5a:85:60:d3:cf:e1:f8:24:8f:8a:d9:05:
fd:b4:98:69:e6:a6:fc:5e:d0:8d:ca:42:ea:2c:61:cd:f1:35:
99:eb:00:db:cc:cd:4c:d3:a6:f9:24:17:16:2e:12:0f:dd:55:
b7:db:54:02:b0:b8:cb:36:ee:4e:4c:e1:16:99:df:a3:63:b2:
9b:88:96:ba:d3:c9:79:19:5d:76:bd:61:ae:93:45:28:2e:f7:
d8:5c:75:ed:47:6f:05:02:7f:72:e4:7e:fb:f1:39:8b:a6:89:
6f:ff:2c:8c:77:c5:0a:c4:23:3b:b0:83:b7:98:d0:6a:0e:35:
37:68:47:5f:d1:5f:83:97:19:c8:2f:11:21:f2:e7:04:79:c9:
48:3a:a2:9d:d0:ac:dc:62:78:de:7a:93:67:c9:7f:48:b6:5b:
24:2e:3e:0b:a2:45:3c:42:94:12:06:79:cf:ef:98:79:cb:bc:
21:34:b2:43:ee:f5:d7:b4:f1:03:b7:b1:3a:28:c1:c8:3e:a1:
46:b4:c7:e0:4b:24:36:f8:d5:48:a0:08:bc:e0:04:ea:1f:bf:
4a:a9:59:68
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZG+G92/O0aB79G07JciimAHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZDU4ZTQwYzZkOTFmMzcyOWU1N2UzMzQ0ZDMwOGI1OTky
ZmU0NmUwHhcNMjQwOTA0MTczNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDFjOGVkZDNmMzcwZTNjNTM3MTViY2ExNzNiYzczZjE0NzMzYTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPc/t2BGkdfohK3yBl0LpPggsKiK
Z1ZUX+G5+dcobZjsgBJPheb5BD0CHhWGrp9euvVHm99OhZpTrNK/boeDGLntJ/iq
QIM8ZdbGjPM90Jb9foLamb9qpc2r5HR0XexMbsMumb4sGZMlfluZNXq1NlR9XdBb
gyW0N6QwFKwG1BpOUryvw23cRtgw6mx+ov/4iJRkcsWnPym2LqibQKUV1fSQxM1W
R0D7HpQCSpoC6Cplxy8itKJjHdUW/s8rszs5SFljjcyV3afxFVzT+gncNGaMcV/N
DoSRc+k40eay2YudCtD/QVW//qR8MuyQTzT4YBVOT0bcmSQDWUMXIz67PwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJAcjt0/Nw48U3Fbyhc7xz8UczoMMB8GA1UdIwQY
MBaAFDDVjkDG2R83KeV+M0TTCLWZL+RuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU5XT1FNYlpIemNwNVg0elJOTUl0Wmt2NUc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy82MjVhMzAtM2E2Yi00NjYxLTg0MGEt
ZjgyYjcwZDhhMGE3LzEva0J5TzNUODNEanhUY1Z2S0Z6dkhQeFJ6T2d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy82MjVhMzAtM2E2Yi00NjYxLTg0MGEtZjgyYjcwZDhhMGE3
LzEvTU5XT1FNYlpIemNwNVg0elJOTUl0Wmt2NUc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuYIxMA8E
AgACMAkDBwAqEwFBAAMwDQYJKoZIhvcNAQELBQADggEBACa5zI3wXgzGdIqFt3D0
aw/0Iaj+kxhSx2Kn8OmV64LccxAbruKm7yIIzVqFYNPP4fgkj4rZBf20mGnmpvxe
0I3KQuosYc3xNZnrANvMzUzTpvkkFxYuEg/dVbfbVAKwuMs27k5M4RaZ36NjspuI
lrrTyXkZXXa9Ya6TRSgu99hcde1HbwUCf3LkfvvxOYumiW//LIx3xQrEIzuwg7eY
0GoONTdoR1/RX4OXGcgvESHy5wR5yUg6op3QrNxieN56k2fJf0i2WyQuPguiRTxC
lBIGec/vmHnLvCE0skPu9de08QO3sToowcg+oUa0x+BLJDb41UigCLzgBOofv0qp
WWg=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:07:50 2025 by rpki-client