Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/ae5488-119d-40aa-ae40-8330e7e32e19/1/1-oX0RQ80MEPx9QNK5lu5XYaxYTo.roa
File: 1-oX0RQ80MEPx9QNK5lu5XYaxYTo.roa (raw, json)
Hash identifier: B2DAxGWZtHMQVcSvL8UgQVMjYpfAskHRjqOyqRXvFU4=
Subject key identifier: FA:85:F4:45:0F:34:30:43:F1:F5:03:4A:E6:5B:B9:5D:86:B1:61:3A
Certificate issuer: /CN=40a249eadeb2a928fe0c2e75c918248b5a1a28b9
Certificate serial: 01856D4AC17ABD195CBE7B6168B3AA395746
Authority key identifier: 40:A2:49:EA:DE:B2:A9:28:FE:0C:2E:75:C9:18:24:8B:5A:1A:28:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QKJJ6t6yqSj-DC51yRgki1oaKLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/ae5488-119d-40aa-ae40-8330e7e32e19/1/1-oX0RQ80MEPx9QNK5lu5XYaxYTo.roa
Signing time: Sun 01 Jan 2023 12:24:53 +0000
ROA not before: Sun 01 Jan 2023 12:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48137
IP address blocks: 84.11.248.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:c1:7a:bd:19:5c:be:7b:61:68:b3:aa:39:57:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40a249eadeb2a928fe0c2e75c918248b5a1a28b9
Validity
Not Before: Jan 1 12:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa85f4450f343043f1f5034ae65bb95d86b1613a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8a:ef:3e:ee:45:6c:3a:be:9f:c0:f2:fe:13:
ba:1f:bc:8f:b2:f0:cb:b2:69:d3:04:6c:30:c2:bf:
ee:50:97:68:e4:84:2c:02:d0:af:06:8e:db:12:51:
4a:b8:63:ab:df:60:ac:38:03:5e:3d:4c:74:0d:43:
c4:ab:17:80:d6:a7:89:d7:86:76:b9:ee:6d:60:95:
e2:e4:f3:4c:c3:f9:90:4e:5b:f8:d1:0e:97:79:0b:
65:79:42:ff:fd:93:4a:97:4f:dc:4e:8d:04:7b:ad:
8a:af:a7:35:b9:fe:f7:80:ac:24:eb:36:64:df:30:
e9:40:fa:21:9a:4d:0d:84:4c:7a:eb:af:ed:94:98:
c6:33:ac:c5:e4:66:61:c6:d3:7e:bc:1b:1c:d6:83:
bc:91:cc:b0:3f:ae:bb:cc:b6:8b:dc:02:fd:f0:36:
f5:93:e2:52:27:4b:dc:5b:a7:cf:92:db:3b:ec:d7:
ca:67:70:a7:f2:5e:7f:f0:49:cd:95:62:90:90:28:
dd:91:41:f3:91:b9:00:03:61:21:af:da:b7:8d:ce:
a3:76:36:3e:6a:66:5b:3e:72:35:1b:58:59:f4:44:
ea:c2:18:37:cd:32:c6:c7:58:d8:f6:ad:56:65:bc:
4e:97:02:e9:10:a0:cc:1f:cb:11:68:26:d0:b6:19:
fa:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:85:F4:45:0F:34:30:43:F1:F5:03:4A:E6:5B:B9:5D:86:B1:61:3A
X509v3 Authority Key Identifier:
keyid:40:A2:49:EA:DE:B2:A9:28:FE:0C:2E:75:C9:18:24:8B:5A:1A:28:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QKJJ6t6yqSj-DC51yRgki1oaKLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/ae5488-119d-40aa-ae40-8330e7e32e19/1/1-oX0RQ80MEPx9QNK5lu5XYaxYTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/ae5488-119d-40aa-ae40-8330e7e32e19/1/QKJJ6t6yqSj-DC51yRgki1oaKLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.11.248.0/24
Signature Algorithm: sha256WithRSAEncryption
66:00:fd:29:fb:27:34:49:69:3d:d2:9f:d1:45:b7:28:8a:51:
e8:bb:34:81:30:98:df:29:07:f2:cd:55:5f:09:cb:00:8c:de:
2c:41:a5:75:2e:26:0d:50:64:1e:28:df:11:9b:26:c7:32:ed:
46:a1:7b:ad:fa:5f:88:cd:22:84:8e:c2:6f:01:38:97:6a:b5:
13:a0:2f:9f:ca:bb:99:a7:19:93:19:4f:34:c8:10:80:bd:2c:
b3:55:3a:76:60:59:15:9f:89:6b:75:da:10:f0:cb:a6:6a:be:
6b:32:a4:d8:bc:7c:20:7c:8e:38:91:fd:e6:27:83:30:cc:28:
70:33:e0:8f:d8:23:ce:35:b6:1c:bb:4b:08:43:f0:9a:82:b5:
b7:21:8c:e7:56:7e:4b:97:17:60:14:e5:86:c7:97:5c:70:30:
f4:62:df:f2:e1:23:92:25:f3:1e:be:45:3a:34:7b:5d:f2:35:
41:46:55:c1:8e:2c:cd:7f:9f:12:08:c4:63:f9:66:7e:6d:2e:
1d:7d:51:2c:4e:a4:e9:a3:14:e5:42:06:32:10:cf:74:d0:d7:
7f:42:19:53:e5:11:c6:22:6d:a5:17:e6:9f:fe:e6:51:c5:01:
f8:fa:67:e5:7e:58:53:b8:26:9f:67:fe:76:b5:65:bb:15:21:
0c:a2:8b:f2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtSsF6vRlcvnthaLOqOVdGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYTI0OWVhZGViMmE5MjhmZTBjMmU3NWM5MTgyNDhiNWEx
YTI4YjkwHhcNMjMwMTAxMTIyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTg1ZjQ0NTBmMzQzMDQzZjFmNTAzNGFlNjViYjk1ZDg2YjE2MTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4rvPu5FbDq+n8Dy/hO6H7yPsvDL
smnTBGwwwr/uUJdo5IQsAtCvBo7bElFKuGOr32CsOANePUx0DUPEqxeA1qeJ14Z2
ue5tYJXi5PNMw/mQTlv40Q6XeQtleUL//ZNKl0/cTo0Ee62Kr6c1uf73gKwk6zZk
3zDpQPohmk0NhEx666/tlJjGM6zF5GZhxtN+vBsc1oO8kcywP667zLaL3AL98Db1
k+JSJ0vcW6fPkts77NfKZ3Cn8l5/8EnNlWKQkCjdkUHzkbkAA2Ehr9q3jc6jdjY+
amZbPnI1G1hZ9ETqwhg3zTLGx1jY9q1WZbxOlwLpEKDMH8sRaCbQthn6UQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPqF9EUPNDBD8fUDSuZbuV2GsWE6MB8GA1UdIwQY
MBaAFECiSeresqko/gwudckYJItaGii5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUtKSjZ0NnlxU2otREM1MXlSZ2tpMW9hS0xrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hZTU0ODgtMTE5ZC00MGFhLWFlNDAt
ODMzMGU3ZTMyZTE5LzEvMS1vWDBSUTgwTUVQeDlRTks1bHU1WFlheFlUby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzgvYWU1NDg4LTExOWQtNDBhYS1hZTQwLTgzMzBlN2UzMmUx
OS8xL1FLSko2dDZ5cVNqLURDNTF5UmdraTFvYUtMay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFQL+DAN
BgkqhkiG9w0BAQsFAAOCAQEAZgD9KfsnNElpPdKf0UW3KIpR6Ls0gTCY3ykH8s1V
XwnLAIzeLEGldS4mDVBkHijfEZsmxzLtRqF7rfpfiM0ihI7CbwE4l2q1E6Avn8q7
macZkxlPNMgQgL0ss1U6dmBZFZ+Ja3XaEPDLpmq+azKk2Lx8IHyOOJH95ieDMMwo
cDPgj9gjzjW2HLtLCEPwmoK1tyGM51Z+S5cXYBTlhseXXHAw9GLf8uEjkiXzHr5F
OjR7XfI1QUZVwY4szX+fEgjEY/lmfm0uHX1RLE6k6aMU5UIGMhDPdNDXf0IZU+UR
xiJtpRfmn/7mUcUB+Ppn5X5YU7gmn2f+drVluxUhDKKL8g==
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:34 2024 by rpki-client on console-fra.rpki-client.org