Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RbPmXguAiintB1wd1jY24RydKDw.roa
File: RbPmXguAiintB1wd1jY24RydKDw.roa (raw, json)
Hash identifier: oIhzMipUG9Ja8mInyw/vs1qc5tGHRkp93nExw4X6Ps0=
Subject key identifier: 45:B3:E6:5E:0B:80:8A:29:ED:07:5C:1D:D6:36:36:E1:1C:9D:28:3C
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 018CC8DF93D33C351709BB2F3B8D03C7AEAB
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RbPmXguAiintB1wd1jY24RydKDw.roa
Signing time: Tue 02 Jan 2024 06:32:24 +0000
ROA not before: Tue 02 Jan 2024 06:32:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 185.158.248.0/24 maxlen: 24
2a0b:7140:7::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Apr 2024 08:27:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:93:d3:3c:35:17:09:bb:2f:3b:8d:03:c7:ae:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Jan 2 06:32:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45b3e65e0b808a29ed075c1dd63636e11c9d283c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:8d:c1:f4:98:72:13:50:01:98:0e:6b:40:e3:
22:06:62:a0:47:ef:5d:10:de:b8:a9:ea:11:3b:3b:
78:ba:ae:3c:34:8f:59:db:90:54:db:fc:c0:f7:33:
53:79:bb:ba:b6:bc:47:67:5e:5d:b6:ae:c2:e9:4f:
24:40:40:61:79:5a:1a:eb:55:d9:81:56:ba:59:0f:
f2:ee:a4:c3:bc:48:f8:ac:4a:53:26:6e:a8:f5:a0:
9b:72:3e:b0:a7:f3:19:a6:f7:9a:01:14:7b:44:c9:
05:5a:71:0c:90:73:25:38:62:3f:b2:a7:bf:84:41:
26:c2:2b:8d:3f:82:8a:28:8a:45:cc:d7:36:37:03:
77:c3:b9:bb:34:52:1c:c6:40:77:65:39:93:f5:be:
13:b1:92:30:3c:6e:65:00:78:cf:1d:a7:cb:c5:6e:
c7:22:03:02:ee:17:5c:c9:82:5c:ad:99:c7:fd:c5:
42:ea:59:ab:38:7a:19:c6:56:e1:1b:2b:c9:b2:b6:
c5:85:4a:85:4f:db:0a:bb:c6:d8:05:db:74:da:85:
2f:89:4a:fc:ef:42:5c:fc:2b:54:d2:f6:de:96:09:
fa:d4:cf:4d:37:fe:c4:87:b9:a8:ba:a1:45:97:45:
19:13:f5:cf:eb:71:7e:4a:75:2f:0e:a1:08:0d:fd:
2b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:B3:E6:5E:0B:80:8A:29:ED:07:5C:1D:D6:36:36:E1:1C:9D:28:3C
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RbPmXguAiintB1wd1jY24RydKDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.158.248.0/24
IPv6:
2a0b:7140:7::/48
Signature Algorithm: sha256WithRSAEncryption
15:05:5f:ba:d1:0c:7d:18:2a:04:45:e0:76:9b:01:ed:0e:dd:
4b:64:e9:bf:e8:0b:8d:08:6a:66:a6:dd:7c:d0:4c:55:41:53:
f8:33:df:97:9a:6b:e3:d1:6e:f1:17:24:f7:92:ac:82:5b:e3:
ba:c9:24:98:b4:9c:74:d0:8b:09:6d:c4:b7:62:50:5f:85:4f:
64:b9:41:8b:c6:f8:2a:67:e5:5e:be:89:fc:16:b7:bd:08:6f:
41:d6:2f:3e:c4:58:9e:4a:12:2b:1f:f2:83:ee:a8:29:2d:83:
1a:4a:5f:56:09:4b:8b:9f:84:18:f1:15:10:8e:68:4e:7a:35:
c0:3f:5e:c8:b0:dd:4f:4e:1e:81:d3:19:76:3d:fb:2d:7c:1a:
c5:90:f2:4d:c6:a7:3b:47:0f:1e:28:3c:94:c1:8d:54:01:53:
1f:62:10:25:ee:60:46:50:f4:43:26:cb:bf:4b:15:55:37:dc:
fb:15:41:8a:be:fc:14:f6:8c:97:ff:7f:2a:29:81:dd:17:b3:
5a:e2:6c:d9:79:46:05:94:eb:26:fc:cd:9c:bf:7e:e3:18:c3:
3f:8d:a5:3b:9d:13:40:0c:ff:15:10:90:56:9b:85:cb:7c:c3:
61:53:a4:32:73:5d:d3:76:a9:41:9f:0b:6c:77:56:66:03:8f:
c9:f8:44:37
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzI35PTPDUXCbsvO40Dx66rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjQwMTAyMDYzMjI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWIzZTY1ZTBiODA4YTI5ZWQwNzVjMWRkNjM2MzZlMTFjOWQyODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmo3B9JhyE1ABmA5rQOMiBmKgR+9d
EN64qeoROzt4uq48NI9Z25BU2/zA9zNTebu6trxHZ15dtq7C6U8kQEBheVoa61XZ
gVa6WQ/y7qTDvEj4rEpTJm6o9aCbcj6wp/MZpveaARR7RMkFWnEMkHMlOGI/sqe/
hEEmwiuNP4KKKIpFzNc2NwN3w7m7NFIcxkB3ZTmT9b4TsZIwPG5lAHjPHafLxW7H
IgMC7hdcyYJcrZnH/cVC6lmrOHoZxlbhGyvJsrbFhUqFT9sKu8bYBdt02oUviUr8
70Jc/CtU0vbelgn61M9NN/7Eh7mouqFFl0UZE/XP63F+SnUvDqEIDf0r3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEWz5l4LgIop7QdcHdY2NuEcnSg8MB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvUmJQbVhndUFpaW50QjF3ZDFqWTI0UnlkS0R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuZ74MA8E
AgACMAkDBwAqC3FAAAcwDQYJKoZIhvcNAQELBQADggEBABUFX7rRDH0YKgRF4Hab
Ae0O3Utk6b/oC40Iamam3XzQTFVBU/gz35eaa+PRbvEXJPeSrIJb47rJJJi0nHTQ
iwltxLdiUF+FT2S5QYvG+Cpn5V6+ifwWt70Ib0HWLz7EWJ5KEisf8oPuqCktgxpK
X1YJS4ufhBjxFRCOaE56NcA/Xsiw3U9OHoHTGXY9+y18GsWQ8k3GpztHDx4oPJTB
jVQBUx9iECXuYEZQ9EMmy79LFVU33PsVQYq+/BT2jJf/fyopgd0Xs1ribNl5RgWU
6yb8zZy/fuMYwz+NpTudE0AM/xUQkFabhct8w2FTpDJzXdN2qUGfC2x3VmYDj8n4
RDc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:02 2024 by rpki-client on console-fra.rpki-client.org