Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/RiKWOglG7v8Z3hyGchLIzQJy9II.roa
File: RiKWOglG7v8Z3hyGchLIzQJy9II.roa (raw, json)
Hash identifier: H91/mPORa/q+3rw8tyz3r3YBifWwJx9TmbKIXkRtkt0=
Subject key identifier: 46:22:96:3A:09:46:EE:FF:19:DE:1C:86:72:12:C8:CD:02:72:F4:82
Certificate issuer: /CN=bb4731884ba0f573fa618b6e7ad503a12c965af3
Certificate serial: 018572B426F05D5A32C6D7527E1B26431A7A
Authority key identifier: BB:47:31:88:4B:A0:F5:73:FA:61:8B:6E:7A:D5:03:A1:2C:96:5A:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u0cxiEug9XP6YYtuetUDoSyWWvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/RiKWOglG7v8Z3hyGchLIzQJy9II.roa
Signing time: Mon 02 Jan 2023 13:38:07 +0000
ROA not before: Mon 02 Jan 2023 13:38:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 195.189.245.0/24 maxlen: 24
185.248.28.0/22 maxlen: 24
2a0d:dd80::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:26:f0:5d:5a:32:c6:d7:52:7e:1b:26:43:1a:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb4731884ba0f573fa618b6e7ad503a12c965af3
Validity
Not Before: Jan 2 13:38:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4622963a0946eeff19de1c867212c8cd0272f482
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a9:43:fa:e9:52:3d:08:81:45:7e:2e:95:f6:
28:10:61:e5:b4:c5:b3:d7:06:ce:5b:4a:45:f6:2e:
44:0d:d1:a3:99:1d:ed:3b:2b:ab:2e:a9:23:9b:9b:
a1:26:b7:e3:04:06:d2:b9:5c:f2:bd:cf:e3:d6:ee:
3e:b0:a7:07:87:6f:42:ce:b3:bb:b9:32:9b:39:98:
1d:19:ae:de:de:88:90:87:75:24:fa:19:3c:6c:9e:
7c:c3:1a:f8:01:f8:67:f5:20:04:19:98:0d:1d:a7:
b0:1e:cd:02:cd:68:60:a0:c7:c1:55:dd:8c:a9:04:
2a:ad:d0:48:ee:2d:b9:96:b0:f7:1e:7a:f3:02:84:
60:5a:4b:89:02:91:9f:1b:4c:3e:76:98:f6:ff:11:
2a:ea:bd:01:c6:5b:2a:70:30:d7:ad:f7:78:8c:a7:
07:96:4a:37:9c:b4:b7:aa:25:8c:b1:07:41:de:1c:
6a:8e:17:a4:2e:88:ab:fc:ab:0b:ca:f7:e0:5e:06:
71:dd:75:9e:10:73:d0:8b:d1:af:61:cf:f1:55:58:
99:2b:33:c5:a7:89:aa:0d:1e:ac:aa:b3:71:71:c9:
58:bc:78:c9:46:ae:72:bb:3f:bc:36:40:8d:86:1a:
e0:9c:b8:22:d6:97:1d:37:5c:a0:4f:c7:54:f2:d6:
98:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:22:96:3A:09:46:EE:FF:19:DE:1C:86:72:12:C8:CD:02:72:F4:82
X509v3 Authority Key Identifier:
keyid:BB:47:31:88:4B:A0:F5:73:FA:61:8B:6E:7A:D5:03:A1:2C:96:5A:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0cxiEug9XP6YYtuetUDoSyWWvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/RiKWOglG7v8Z3hyGchLIzQJy9II.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/u0cxiEug9XP6YYtuetUDoSyWWvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.28.0/22
195.189.245.0/24
IPv6:
2a0d:dd80::/29
Signature Algorithm: sha256WithRSAEncryption
92:ca:9d:e6:cc:46:ff:4f:59:96:73:03:24:e5:02:b4:29:06:
d8:fc:2a:c8:88:3c:ee:8f:e6:80:4b:a7:f5:5b:a8:bb:1d:f5:
5f:f9:0a:20:eb:55:00:f1:04:4d:0e:31:90:28:0a:fc:48:ec:
a2:3f:2a:32:84:9c:5a:d8:04:31:f7:ae:f0:8b:c7:22:3f:88:
d1:c0:9e:10:49:19:ec:c7:a4:61:87:51:94:57:5d:7b:a7:37:
2f:3e:90:0a:19:b2:4a:16:cc:b7:7d:80:d3:11:57:14:98:b3:
f2:05:12:9e:a5:6f:46:d1:88:3d:83:bb:18:d1:99:48:3e:8f:
44:de:ea:62:97:30:7b:4e:9c:21:90:f8:1d:a1:51:33:f9:03:
5f:ef:3a:51:ad:37:be:68:b0:0c:d0:67:1f:3e:31:e5:53:c4:
3e:69:9d:b6:cd:fa:04:f4:f3:82:f5:3a:30:df:63:1e:81:18:
c9:95:35:e3:11:fb:9e:65:fd:01:b5:d3:14:e9:af:f8:30:70:
8a:1a:e9:82:11:e4:0c:27:59:c2:3f:b0:3d:91:1d:31:73:a7:
22:9e:cd:e9:d0:02:ac:69:58:68:90:e1:2f:7b:25:a6:5e:14:
02:f5:1f:7d:94:f7:97:22:80:87:ab:8e:b6:fb:00:67:f2:8a:
0e:5e:4b:7b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVytCbwXVoyxtdSfhsmQxp6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNDczMTg4NGJhMGY1NzNmYTYxOGI2ZTdhZDUwM2ExMmM5
NjVhZjMwHhcNMjMwMTAyMTMzODA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjIyOTYzYTA5NDZlZWZmMTlkZTFjODY3MjEyYzhjZDAyNzJmNDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6lD+ulSPQiBRX4ulfYoEGHltMWz
1wbOW0pF9i5EDdGjmR3tOyurLqkjm5uhJrfjBAbSuVzyvc/j1u4+sKcHh29CzrO7
uTKbOZgdGa7e3oiQh3Uk+hk8bJ58wxr4Afhn9SAEGZgNHaewHs0CzWhgoMfBVd2M
qQQqrdBI7i25lrD3HnrzAoRgWkuJApGfG0w+dpj2/xEq6r0BxlsqcDDXrfd4jKcH
lko3nLS3qiWMsQdB3hxqjhekLoir/KsLyvfgXgZx3XWeEHPQi9GvYc/xVViZKzPF
p4mqDR6sqrNxcclYvHjJRq5yuz+8NkCNhhrgnLgi1pcdN1ygT8dU8taY0wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEYiljoJRu7/Gd4chnISyM0CcvSCMB8GA1UdIwQY
MBaAFLtHMYhLoPVz+mGLbnrVA6EsllrzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTBjeGlFdWc5WFA2WVl0dWV0VURvU3lXV3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9jMjEyYTItMzdlOS00YWQ2LWJiZTYt
ODM1YTU4NDJiOTRjLzEvUmlLV09nbEc3djhaM2h5R2NoTEl6UUp5OUlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9jMjEyYTItMzdlOS00YWQ2LWJiZTYtODM1YTU4NDJiOTRj
LzEvdTBjeGlFdWc5WFA2WVl0dWV0VURvU3lXV3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCufgcAwQA
w731MA0EAgACMAcDBQMqDd2AMA0GCSqGSIb3DQEBCwUAA4IBAQCSyp3mzEb/T1mW
cwMk5QK0KQbY/CrIiDzuj+aAS6f1W6i7HfVf+Qog61UA8QRNDjGQKAr8SOyiPyoy
hJxa2AQx967wi8ciP4jRwJ4QSRnsx6Rhh1GUV117pzcvPpAKGbJKFsy3fYDTEVcU
mLPyBRKepW9G0Yg9g7sY0ZlIPo9E3upilzB7TpwhkPgdoVEz+QNf7zpRrTe+aLAM
0GcfPjHlU8Q+aZ22zfoE9POC9Tow32MegRjJlTXjEfueZf0BtdMU6a/4MHCKGumC
EeQMJ1nCP7A9kR0xc6cins3p0AKsaVhokOEveyWmXhQC9R99lPeXIoCHq462+wBn
8ooOXkt7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:10 2024 by rpki-client on console-ams.rpki-client.org