Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/T4r7ehHWZFTA3luDjdTgYYK_bEg.roa
File: T4r7ehHWZFTA3luDjdTgYYK_bEg.roa (raw, json)
Hash identifier: +FTwBsLYDy3+I+qE8F+Oa96qmYh1ezdf8ZuzFI6ztIs=
Subject key identifier: 4F:8A:FB:7A:11:D6:64:54:C0:DE:5B:83:8D:D4:E0:61:82:BF:6C:48
Certificate issuer: /CN=002647c801fb58fcfaac135bb48f5e61fea7e566
Certificate serial: 018FDCA74FB6471BBE4AA1FB29FC75B313DF
Authority key identifier: 00:26:47:C8:01:FB:58:FC:FA:AC:13:5B:B4:8F:5E:61:FE:A7:E5:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ACZHyAH7WPz6rBNbtI9eYf6n5WY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/T4r7ehHWZFTA3luDjdTgYYK_bEg.roa
Signing time: Mon 03 Jun 2024 05:51:43 +0000
ROA not before: Mon 03 Jun 2024 05:51:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.148.68.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:dc:a7:4f:b6:47:1b:be:4a:a1:fb:29:fc:75:b3:13:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=002647c801fb58fcfaac135bb48f5e61fea7e566
Validity
Not Before: Jun 3 05:51:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f8afb7a11d66454c0de5b838dd4e06182bf6c48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:56:1b:94:b3:f2:fb:a0:09:d2:76:a8:0f:b9:
57:ff:2c:7d:35:25:b9:c3:de:a0:22:ad:c9:ed:bd:
27:5c:9c:fb:b3:ff:81:d4:88:1d:a9:1d:e6:73:66:
8f:0d:3e:1a:77:b1:ae:d4:0c:09:ca:d4:3c:b6:59:
f0:8a:89:cd:e9:70:86:eb:1d:50:37:22:78:62:de:
91:69:ec:c9:23:f7:c6:47:ac:a7:af:ff:a4:b4:b1:
65:e6:95:b7:26:41:a7:32:21:f8:25:71:ae:59:47:
6e:24:32:50:9d:d6:52:50:c3:7b:9d:da:84:ff:c4:
e4:42:f1:d9:2c:d8:e8:c7:8d:ca:f9:af:cf:a3:2a:
84:e2:93:36:37:24:2f:e9:c7:da:52:99:3c:3a:d0:
d7:4a:d3:74:de:34:45:c2:e9:69:22:d7:26:a4:09:
af:f4:f3:5b:b7:78:08:f6:c3:62:20:9e:f7:90:32:
aa:d0:35:d1:9c:53:54:32:56:7c:ec:f9:f4:bb:34:
51:84:f2:90:42:15:d1:a0:60:be:a7:13:68:fc:3e:
14:7c:57:f9:4b:98:d4:b5:a0:5e:0e:c2:b6:95:66:
88:14:fc:cd:ba:f0:f1:76:b1:4b:c4:92:70:08:d1:
80:72:0d:b3:b2:25:3b:c6:8a:a3:c4:70:dd:85:83:
74:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:8A:FB:7A:11:D6:64:54:C0:DE:5B:83:8D:D4:E0:61:82:BF:6C:48
X509v3 Authority Key Identifier:
keyid:00:26:47:C8:01:FB:58:FC:FA:AC:13:5B:B4:8F:5E:61:FE:A7:E5:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ACZHyAH7WPz6rBNbtI9eYf6n5WY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/T4r7ehHWZFTA3luDjdTgYYK_bEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/ACZHyAH7WPz6rBNbtI9eYf6n5WY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.148.68.0/23
Signature Algorithm: sha256WithRSAEncryption
44:b0:a7:16:07:6e:e3:bd:67:2c:f2:1d:47:0c:17:a8:d4:84:
e2:7b:05:73:97:7e:0e:0c:d2:4e:56:d8:00:4d:9f:cc:59:e5:
bf:c9:bb:fe:7f:89:50:07:a2:70:18:e2:e1:73:7e:7b:62:86:
4a:f3:66:00:ff:11:04:bc:0e:85:3f:3c:db:89:f0:c6:9e:13:
fc:10:d2:be:40:d8:d8:f9:a1:91:09:7d:86:ca:42:eb:21:a9:
3d:ab:c3:b1:04:53:52:17:83:5d:74:38:cf:0a:4d:16:48:24:
d4:63:e1:92:5e:3c:7f:4d:73:93:62:76:47:a8:fa:63:15:8e:
a2:ff:fa:a5:77:5b:b6:ea:9c:96:02:15:22:ea:5c:92:a7:59:
54:61:1c:ef:ce:69:87:2b:ed:1c:de:31:0c:03:ae:c2:1d:e4:
eb:3e:bc:f2:87:76:ff:55:a3:26:7c:38:e4:83:cd:ae:14:04:
e4:92:ef:01:3f:9f:1c:4b:d1:1e:46:ca:a4:56:7f:0a:e4:d8:
79:19:6c:6b:6d:94:c6:31:07:8d:03:76:30:73:dc:18:58:0c:
9b:83:1b:94:b2:f6:13:38:4f:e8:43:e7:1b:31:96:57:fc:16:
b5:87:f4:1d:f2:0c:d8:16:fe:e6:25:e2:ac:02:9a:69:94:96:
a6:65:af:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/cp0+2Rxu+SqH7Kfx1sxPfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMjY0N2M4MDFmYjU4ZmNmYWFjMTM1YmI0OGY1ZTYxZmVh
N2U1NjYwHhcNMjQwNjAzMDU1MTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjhhZmI3YTExZDY2NDU0YzBkZTViODM4ZGQ0ZTA2MTgyYmY2YzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlYblLPy+6AJ0naoD7lX/yx9NSW5
w96gIq3J7b0nXJz7s/+B1IgdqR3mc2aPDT4ad7Gu1AwJytQ8tlnwionN6XCG6x1Q
NyJ4Yt6RaezJI/fGR6ynr/+ktLFl5pW3JkGnMiH4JXGuWUduJDJQndZSUMN7ndqE
/8TkQvHZLNjox43K+a/PoyqE4pM2NyQv6cfaUpk8OtDXStN03jRFwulpItcmpAmv
9PNbt3gI9sNiIJ73kDKq0DXRnFNUMlZ87Pn0uzRRhPKQQhXRoGC+pxNo/D4UfFf5
S5jUtaBeDsK2lWaIFPzNuvDxdrFLxJJwCNGAcg2zsiU7xoqjxHDdhYN0mQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE+K+3oR1mRUwN5bg43U4GGCv2xIMB8GA1UdIwQY
MBaAFAAmR8gB+1j8+qwTW7SPXmH+p+VmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUNaSHlBSDdXUHo2ckJOYnRJOWVZZjZuNVdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jZmMwNmYtODJiZS00OWZiLWJjODIt
OTRlZmJmNWNlY2Q0LzEvVDRyN2VoSFdaRlRBM2x1RGpkVGdZWUtfYkVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jZmMwNmYtODJiZS00OWZiLWJjODItOTRlZmJmNWNlY2Q0
LzEvQUNaSHlBSDdXUHo2ckJOYnRJOWVZZjZuNVdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuZREMA0G
CSqGSIb3DQEBCwUAA4IBAQBEsKcWB27jvWcs8h1HDBeo1ITiewVzl34ODNJOVtgA
TZ/MWeW/ybv+f4lQB6JwGOLhc357YoZK82YA/xEEvA6FPzzbifDGnhP8ENK+QNjY
+aGRCX2GykLrIak9q8OxBFNSF4NddDjPCk0WSCTUY+GSXjx/TXOTYnZHqPpjFY6i
//qld1u26pyWAhUi6lySp1lUYRzvzmmHK+0c3jEMA67CHeTrPrzyh3b/VaMmfDjk
g82uFATkku8BP58cS9EeRsqkVn8K5Nh5GWxrbZTGMQeNA3Ywc9wYWAybgxuUsvYT
OE/oQ+cbMZZX/Ba1h/Qd8gzYFv7mJeKsAppplJamZa+k
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:54:42 2025 by rpki-client