Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/DeN5dJcGprpskn6Z1hgJJxfjtXg.roa
File: DeN5dJcGprpskn6Z1hgJJxfjtXg.roa (raw, json)
Hash identifier: cXVlAohBVKegomqYkt82Eg2yxONeSZdMcFQ1XQvYjik=
Subject key identifier: 0D:E3:79:74:97:06:A6:BA:6C:92:7E:99:D6:18:09:27:17:E3:B5:78
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 0186E28DC5C84391BFCF2C08D1023AD12DCB
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/DeN5dJcGprpskn6Z1hgJJxfjtXg.roa
Signing time: Tue 14 Mar 2023 23:56:27 +0000
ROA not before: Tue 14 Mar 2023 23:56:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 185.158.248.0/24 maxlen: 24
2a0b:7140:7::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e2:8d:c5:c8:43:91:bf:cf:2c:08:d1:02:3a:d1:2d:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Mar 14 23:56:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0de379749706a6ba6c927e99d618092717e3b578
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:5e:2a:f6:84:04:57:90:74:c2:dc:80:df:c9:
0e:4c:20:48:9d:51:51:4f:22:49:82:db:f7:39:10:
6c:54:58:11:fd:84:dc:f7:8f:d2:a3:f7:62:06:0a:
89:b5:b2:87:0c:ef:35:bd:61:2b:19:e2:68:ec:b6:
ce:62:e2:60:3c:54:74:7b:73:4e:f9:17:f4:8c:1a:
f9:11:a9:f1:32:90:c0:59:67:8b:00:d7:ac:29:16:
95:68:db:28:02:5a:9e:4d:11:80:44:cf:2b:d0:0f:
96:5a:9d:0a:1e:55:a9:57:bd:8c:29:ae:00:e4:92:
40:f2:dd:79:1c:8f:c7:62:5d:8c:13:5c:07:8f:b3:
43:fa:f1:f6:1f:46:ec:5d:79:8e:5d:d4:c4:ad:8a:
4e:2c:06:c7:f1:9b:c8:6d:cb:47:35:89:c7:28:68:
d2:65:07:ae:7e:94:8f:33:5a:63:03:a1:3a:df:6f:
a6:43:4f:e9:f7:cb:75:36:ef:3f:12:d9:75:fb:2b:
4e:92:18:58:5c:7b:86:c2:06:ba:41:9e:8e:1c:f8:
71:04:dc:9c:73:6b:89:2c:23:43:63:a4:9d:7b:f8:
1f:7f:86:14:14:db:27:bb:1c:62:0c:27:d6:a6:76:
3c:95:d4:0b:13:b2:12:46:4c:70:a4:e7:b4:2f:fa:
bf:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:E3:79:74:97:06:A6:BA:6C:92:7E:99:D6:18:09:27:17:E3:B5:78
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/DeN5dJcGprpskn6Z1hgJJxfjtXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.158.248.0/24
IPv6:
2a0b:7140:7::/48
Signature Algorithm: sha256WithRSAEncryption
6f:a9:cf:74:97:c9:70:56:30:8d:5e:df:23:fe:4b:33:ed:b9:
ea:f5:00:f9:14:7d:8e:dd:e3:77:5e:f7:e3:be:83:c1:58:03:
51:01:8b:7b:a1:96:b3:dc:f8:72:4a:49:59:28:5d:d9:4f:0c:
f0:b2:75:7f:37:ab:59:ec:f7:25:08:11:80:12:41:da:a0:ba:
5c:1c:14:34:66:54:d6:f5:9b:34:e8:04:9f:0a:b3:e8:83:d9:
37:86:1e:64:df:68:e5:9f:b6:d3:80:9c:71:8a:9c:6c:ab:ed:
1a:c5:e7:87:8f:08:53:f7:56:76:e2:17:33:82:9b:36:05:ee:
50:c3:16:9f:d8:63:4a:d8:b3:e4:7f:f7:5f:0e:7a:90:5d:74:
47:6f:01:57:3d:ab:e4:22:1e:5f:cc:38:88:47:7d:77:38:8a:
84:7e:69:5b:f7:4c:4a:62:87:4a:65:4f:45:b8:ec:aa:b9:92:
2d:f0:2b:18:2b:a2:5e:21:19:f6:78:3b:22:c2:f3:f2:73:02:
4e:15:d1:c6:ab:6d:37:d3:56:af:52:e2:cd:34:51:a2:1e:f4:
92:ee:7c:10:9b:90:c3:30:ed:b2:7b:9d:fb:da:ff:9d:63:52:
b4:08:59:db:2c:4b:81:e2:19:33:e3:fc:8c:3c:82:41:85:07:
e8:24:28:16
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbijcXIQ5G/zywI0QI60S3LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjMwMzE0MjM1NjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGUzNzk3NDk3MDZhNmJhNmM5MjdlOTlkNjE4MDkyNzE3ZTNiNTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA814q9oQEV5B0wtyA38kOTCBInVFR
TyJJgtv3ORBsVFgR/YTc94/So/diBgqJtbKHDO81vWErGeJo7LbOYuJgPFR0e3NO
+Rf0jBr5EanxMpDAWWeLANesKRaVaNsoAlqeTRGARM8r0A+WWp0KHlWpV72MKa4A
5JJA8t15HI/HYl2ME1wHj7ND+vH2H0bsXXmOXdTErYpOLAbH8ZvIbctHNYnHKGjS
ZQeufpSPM1pjA6E632+mQ0/p98t1Nu8/Etl1+ytOkhhYXHuGwga6QZ6OHPhxBNyc
c2uJLCNDY6Sde/gff4YUFNsnuxxiDCfWpnY8ldQLE7ISRkxwpOe0L/q/AwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA3jeXSXBqa6bJJ+mdYYCScX47V4MB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvRGVONWRKY0dwcnBza242WjFoZ0pKeGZqdFhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuZ74MA8E
AgACMAkDBwAqC3FAAAcwDQYJKoZIhvcNAQELBQADggEBAG+pz3SXyXBWMI1e3yP+
SzPtuer1APkUfY7d43de9+O+g8FYA1EBi3uhlrPc+HJKSVkoXdlPDPCydX83q1ns
9yUIEYASQdqgulwcFDRmVNb1mzToBJ8Ks+iD2TeGHmTfaOWfttOAnHGKnGyr7RrF
54ePCFP3VnbiFzOCmzYF7lDDFp/YY0rYs+R/918OepBddEdvAVc9q+QiHl/MOIhH
fXc4ioR+aVv3TEpih0plT0W47Kq5ki3wKxgrol4hGfZ4OyLC8/JzAk4V0carbTfT
Vq9S4s00UaIe9JLufBCbkMMw7bJ7nfva/51jUrQIWdssS4HiGTPj/Iw8gkGFB+gk
KBY=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:08 2024 by rpki-client on console-ams.rpki-client.org