Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/b7ca89-70f2-408f-a4e4-b4a0cb8ed821/1/wZDZFx6HYFtE7QX7KqEKHsvpL_s.roa
File: wZDZFx6HYFtE7QX7KqEKHsvpL_s.roa (raw, json)
Hash identifier: 5biWAHDuNpziRqIHDW6r1JUb7j0KGwPaJhLh9ZtDNKs=
Subject key identifier: C1:90:D9:17:1E:87:60:5B:44:ED:05:FB:2A:A1:0A:1E:CB:E9:2F:FB
Certificate issuer: /CN=6d650af172444b52116a7a67d74aac7df8a55e1c
Certificate serial: 018CC56E519F6FD9575669359CFCBAD7530E
Authority key identifier: 6D:65:0A:F1:72:44:4B:52:11:6A:7A:67:D7:4A:AC:7D:F8:A5:5E:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWUK8XJES1IRanpn10qsffilXhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/b7ca89-70f2-408f-a4e4-b4a0cb8ed821/1/wZDZFx6HYFtE7QX7KqEKHsvpL_s.roa
Signing time: Mon 01 Jan 2024 14:29:50 +0000
ROA not before: Mon 01 Jan 2024 14:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43129
IP address blocks: 185.190.249.0/24 maxlen: 24
2a0a:11c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 14 Apr 2024 17:23:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:51:9f:6f:d9:57:56:69:35:9c:fc:ba:d7:53:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d650af172444b52116a7a67d74aac7df8a55e1c
Validity
Not Before: Jan 1 14:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c190d9171e87605b44ed05fb2aa10a1ecbe92ffb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:19:7e:1c:a4:b0:a3:ef:f1:e1:10:4a:7c:3b:
9a:6a:d5:1a:bc:41:b4:13:fd:2f:c8:33:b3:45:71:
4d:79:60:b8:81:d0:e0:b7:03:7d:62:ab:20:d4:fe:
c2:5e:08:3c:6e:a4:72:a0:23:56:28:a6:5d:38:54:
7f:c0:10:af:eb:f5:84:f0:1d:e4:4a:56:d8:9e:77:
e6:43:90:fb:32:6f:56:71:33:c7:68:f6:2a:35:a9:
09:3b:70:9e:2a:df:47:ce:8b:99:b2:84:0d:c8:77:
72:b6:70:4f:b9:43:fe:0a:97:59:1f:48:12:fb:92:
f5:26:49:45:40:c8:01:94:f8:f5:e0:fb:c9:ae:d2:
37:d9:89:49:76:16:48:04:a5:65:4a:c1:56:4b:18:
1a:59:2f:3b:5f:80:ac:67:79:6a:6a:18:77:60:8d:
37:ac:a4:fa:e2:31:6a:4b:fd:75:f3:68:5a:af:30:
b2:ba:ee:50:6b:2d:a9:07:63:fd:9b:aa:61:f3:7f:
4d:ca:2a:17:74:22:d2:50:e4:85:11:5c:c0:52:00:
52:6b:ca:e1:7e:e4:e4:86:00:51:33:90:c1:01:61:
51:55:f5:27:8a:50:4a:b8:77:69:4f:85:49:ca:3e:
1d:37:48:27:74:bb:29:23:03:13:89:e8:f6:c4:63:
7f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:90:D9:17:1E:87:60:5B:44:ED:05:FB:2A:A1:0A:1E:CB:E9:2F:FB
X509v3 Authority Key Identifier:
keyid:6D:65:0A:F1:72:44:4B:52:11:6A:7A:67:D7:4A:AC:7D:F8:A5:5E:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWUK8XJES1IRanpn10qsffilXhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/b7ca89-70f2-408f-a4e4-b4a0cb8ed821/1/wZDZFx6HYFtE7QX7KqEKHsvpL_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/b7ca89-70f2-408f-a4e4-b4a0cb8ed821/1/bWUK8XJES1IRanpn10qsffilXhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.249.0/24
IPv6:
2a0a:11c0::/29
Signature Algorithm: sha256WithRSAEncryption
28:05:45:22:7c:d2:dd:ad:32:a1:3f:fc:93:54:d9:42:7d:36:
0b:be:0b:8c:f9:e8:3b:66:34:16:3a:8b:aa:48:a8:4c:a0:00:
3e:64:86:2f:c4:59:23:ed:42:66:5a:0f:88:be:d5:a3:5c:fa:
f5:32:2f:2c:08:31:de:65:fd:1b:a4:2d:77:a6:d8:76:61:47:
54:e7:f0:39:69:8b:20:89:ae:b7:55:1c:63:b9:8f:21:fb:d5:
d5:c5:bc:06:a7:e2:e2:ce:09:b5:f5:22:8f:6b:64:e3:6d:15:
e6:41:af:35:58:c4:6f:c7:02:74:f4:50:54:1b:1f:b4:fd:ce:
63:5f:80:e2:2c:28:e3:5e:1c:02:87:8d:f3:05:ef:0e:3b:25:
61:20:46:c8:c2:55:8a:1c:c6:ef:a9:b9:1f:3a:cd:8d:4c:f5:
fa:c0:28:cd:70:21:f4:12:0a:6f:be:70:38:c5:06:28:6c:5e:
0b:17:58:f6:8b:48:20:f9:3e:1a:12:c9:89:e1:44:42:49:b2:
6d:7c:0c:92:74:f3:08:83:b4:94:fb:da:08:d1:42:e0:e3:d0:
03:b4:9e:06:55:4a:cb:0e:2e:d3:75:8f:a1:78:39:7d:22:7a:
04:58:01:a6:6f:b2:06:9e:d4:1b:1b:ba:1f:2f:67:27:10:e2:
b7:ae:c2:e5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFblGfb9lXVmk1nPy611MOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjUwYWYxNzI0NDRiNTIxMTZhN2E2N2Q3NGFhYzdkZjhh
NTVlMWMwHhcNMjQwMTAxMTQyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTkwZDkxNzFlODc2MDViNDRlZDA1ZmIyYWExMGExZWNiZTkyZmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhl+HKSwo+/x4RBKfDuaatUavEG0
E/0vyDOzRXFNeWC4gdDgtwN9Yqsg1P7CXgg8bqRyoCNWKKZdOFR/wBCv6/WE8B3k
SlbYnnfmQ5D7Mm9WcTPHaPYqNakJO3CeKt9HzouZsoQNyHdytnBPuUP+CpdZH0gS
+5L1JklFQMgBlPj14PvJrtI32YlJdhZIBKVlSsFWSxgaWS87X4CsZ3lqahh3YI03
rKT64jFqS/1182harzCyuu5Qay2pB2P9m6ph839NyioXdCLSUOSFEVzAUgBSa8rh
fuTkhgBRM5DBAWFRVfUnilBKuHdpT4VJyj4dN0gndLspIwMTiej2xGN/8wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMGQ2Rceh2BbRO0F+yqhCh7L6S/7MB8GA1UdIwQY
MBaAFG1lCvFyREtSEWp6Z9dKrH34pV4cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYldVSzhYSkVTMUlSYW5wbjEwcXNmZmlsWGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9iN2NhODktNzBmMi00MDhmLWE0ZTQt
YjRhMGNiOGVkODIxLzEvd1pEWkZ4NkhZRnRFN1FYN0txRUtIc3ZwTF9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9iN2NhODktNzBmMi00MDhmLWE0ZTQtYjRhMGNiOGVkODIx
LzEvYldVSzhYSkVTMUlSYW5wbjEwcXNmZmlsWGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAub75MA0E
AgACMAcDBQMqChHAMA0GCSqGSIb3DQEBCwUAA4IBAQAoBUUifNLdrTKhP/yTVNlC
fTYLvguM+eg7ZjQWOouqSKhMoAA+ZIYvxFkj7UJmWg+IvtWjXPr1Mi8sCDHeZf0b
pC13pth2YUdU5/A5aYsgia63VRxjuY8h+9XVxbwGp+Lizgm19SKPa2TjbRXmQa81
WMRvxwJ09FBUGx+0/c5jX4DiLCjjXhwCh43zBe8OOyVhIEbIwlWKHMbvqbkfOs2N
TPX6wCjNcCH0EgpvvnA4xQYobF4LF1j2i0gg+T4aEsmJ4URCSbJtfAySdPMIg7SU
+9oI0ULg49ADtJ4GVUrLDi7TdY+heDl9InoEWAGmb7IGntQbG7ofL2cnEOK3rsLl
-----END CERTIFICATE-----
Generated at Sun Apr 14 18:09:15 2024 by rpki-client on console-ams.rpki-client.org