Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/RCP3CQ4Atdcj7tz1cQsKRWGjb5s.roa
File: RCP3CQ4Atdcj7tz1cQsKRWGjb5s.roa (raw, json)
Hash identifier: ZMbnG6WAJulEbDCYCFhapmpKFNzKRHsCmnQthZtA1uA=
Subject key identifier: 44:23:F7:09:0E:00:B5:D7:23:EE:DC:F5:71:0B:0A:45:61:A3:6F:9B
Certificate issuer: /CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb
Certificate serial: 018CC8701D2F86E43C2FC3B6034ADBECA3A6
Authority key identifier: 28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/RCP3CQ4Atdcj7tz1cQsKRWGjb5s.roa
Signing time: Tue 02 Jan 2024 04:30:39 +0000
ROA not before: Tue 02 Jan 2024 04:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202140
IP address blocks: 185.249.143.0/24 maxlen: 24
185.249.140.0/24 maxlen: 24
185.249.140.0/22 maxlen: 22
185.249.141.0/24 maxlen: 24
185.249.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Oct 2024 11:19:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:1d:2f:86:e4:3c:2f:c3:b6:03:4a:db:ec:a3:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb
Validity
Not Before: Jan 2 04:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4423f7090e00b5d723eedcf5710b0a4561a36f9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:be:84:b7:7a:d3:e8:a2:23:e6:a0:00:5a:eb:
fe:ec:d7:ba:42:bc:9c:f7:d8:1e:1c:6c:71:f7:06:
31:53:25:85:fd:48:42:65:c9:3f:db:40:a2:74:70:
f0:0d:9f:d1:5f:ef:c3:f0:93:c5:9e:99:1b:42:c8:
ff:3d:66:5f:c6:63:72:a8:89:58:bb:50:6d:e7:c9:
5e:e7:e0:f4:e8:16:76:cd:b1:cf:b2:96:30:24:f5:
be:ff:0f:50:6e:2b:42:1f:13:b2:79:1d:cc:70:8d:
78:68:15:42:51:c2:67:5f:f8:b2:58:a6:72:4d:8a:
3b:bc:6a:c7:76:a2:e3:b7:67:a3:5a:92:10:b5:4a:
ba:82:11:10:54:4f:97:8e:45:22:34:0f:2b:00:0e:
c4:2c:79:70:5a:a6:b6:ae:57:e1:20:bd:32:b8:a3:
c7:cb:22:93:43:e9:11:75:25:84:6e:0d:24:b1:4c:
d4:e1:c2:61:65:8e:67:6e:54:f1:bd:db:6b:c2:2e:
8c:9e:85:95:64:a0:23:18:34:1d:42:60:69:5f:4f:
c4:29:ca:59:98:8b:9c:ea:21:13:f3:3e:a8:17:48:
e0:c4:fa:51:e9:c1:98:09:82:b7:1b:18:bb:cb:6f:
20:48:40:f7:2c:e6:b0:be:19:ee:5c:cd:91:cc:87:
ab:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:23:F7:09:0E:00:B5:D7:23:EE:DC:F5:71:0B:0A:45:61:A3:6F:9B
X509v3 Authority Key Identifier:
keyid:28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/RCP3CQ4Atdcj7tz1cQsKRWGjb5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.140.0/22
Signature Algorithm: sha256WithRSAEncryption
af:73:9f:3e:ca:81:21:a1:74:88:02:9f:22:78:8a:4e:fe:6b:
08:9e:b8:0c:b3:ec:55:62:c2:51:c2:0a:a2:a8:56:eb:37:87:
65:78:7b:47:06:e8:60:2a:68:26:38:41:21:9f:76:80:fb:c5:
c4:22:8d:88:2b:cd:d7:15:86:5d:65:c4:a7:b5:94:5a:fb:fd:
e6:4c:45:42:61:1b:b1:b4:ff:6f:4c:78:ca:46:a4:d3:09:8e:
7b:d0:13:e4:56:d9:48:14:04:1f:79:a1:bc:68:78:12:cd:2b:
23:b0:a4:ee:71:4c:86:bf:02:c0:e7:96:ea:46:aa:35:00:e6:
33:f7:2a:14:db:18:db:29:6a:c8:29:36:11:05:0e:a1:c5:08:
07:d2:fb:3d:99:34:26:f6:4d:5f:53:43:ba:3b:15:7b:ff:5c:
15:6c:bd:74:32:a3:91:9c:3e:a6:60:9b:60:df:71:ef:88:c6:
ad:dd:4f:19:58:6c:5d:2c:78:ef:3e:82:54:1b:46:5c:f9:e0:
8e:e4:c6:ba:f4:c6:ac:af:7c:cf:d6:ef:b4:3e:27:f0:ce:06:
1b:a0:84:e4:59:23:34:61:25:4a:98:6a:9a:69:1d:83:ad:90:
7b:2e:bc:11:fb:3c:79:d5:bd:6e:26:89:0d:dc:b0:3e:71:9a:
19:fa:eb:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcB0vhuQ8L8O2A0rb7KOmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YmYxZTcyMzIzNzQyYWM0ZDgxMzZhYjZjOGU4NWRmN2Jh
MzdlZWIwHhcNMjQwMTAyMDQzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDIzZjcwOTBlMDBiNWQ3MjNlZWRjZjU3MTBiMGE0NTYxYTM2ZjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8b6Et3rT6KIj5qAAWuv+7Ne6Qryc
99geHGxx9wYxUyWF/UhCZck/20CidHDwDZ/RX+/D8JPFnpkbQsj/PWZfxmNyqIlY
u1Bt58le5+D06BZ2zbHPspYwJPW+/w9QbitCHxOyeR3McI14aBVCUcJnX/iyWKZy
TYo7vGrHdqLjt2ejWpIQtUq6ghEQVE+XjkUiNA8rAA7ELHlwWqa2rlfhIL0yuKPH
yyKTQ+kRdSWEbg0ksUzU4cJhZY5nblTxvdtrwi6MnoWVZKAjGDQdQmBpX0/EKcpZ
mIuc6iET8z6oF0jgxPpR6cGYCYK3Gxi7y28gSED3LOawvhnuXM2RzIerOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEQj9wkOALXXI+7c9XELCkVho2+bMB8GA1UdIwQY
MBaAFCi/HnIyN0KsTYE2q2yOhd97o37rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9iYTZkZjctZjMyNS00MTg0LWE1NGEt
MGM0ODFmMGFkMjBlLzEvUkNQM0NRNEF0ZGNqN3R6MWNRc0tSV0dqYjVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9iYTZkZjctZjMyNS00MTg0LWE1NGEtMGM0ODFmMGFkMjBl
LzEvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufmMMA0G
CSqGSIb3DQEBCwUAA4IBAQCvc58+yoEhoXSIAp8ieIpO/msInrgMs+xVYsJRwgqi
qFbrN4dleHtHBuhgKmgmOEEhn3aA+8XEIo2IK83XFYZdZcSntZRa+/3mTEVCYRux
tP9vTHjKRqTTCY570BPkVtlIFAQfeaG8aHgSzSsjsKTucUyGvwLA55bqRqo1AOYz
9yoU2xjbKWrIKTYRBQ6hxQgH0vs9mTQm9k1fU0O6OxV7/1wVbL10MqORnD6mYJtg
33HviMat3U8ZWGxdLHjvPoJUG0Zc+eCO5Ma69Masr3zP1u+0PifwzgYboITkWSM0
YSVKmGqaaR2DrZB7LrwR+zx51b1uJokN3LA+cZoZ+utM
-----END CERTIFICATE-----
Generated at Tue Oct 29 14:33:53 2024 by rpki-client on console-ams.rpki-client.org