Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/1-Wa4-sAQCL5r4psRxQhUB7J4a9A.roa
File: 1-Wa4-sAQCL5r4psRxQhUB7J4a9A.roa (raw, json)
Hash identifier: g6uWs01JTrjIsthbeWbnqmRtNVuylu2I9Jxc4tQY0Yc=
Subject key identifier: F9:66:B8:FA:C0:10:08:BE:6B:E2:9B:11:C5:08:54:07:B2:78:6B:D0
Certificate issuer: /CN=e30cc9429b63382e9b1714d21b3c96d2e5ebe257
Certificate serial: 01856B936516147572F41F6A0025BB2B6199
Authority key identifier: E3:0C:C9:42:9B:63:38:2E:9B:17:14:D2:1B:3C:96:D2:E5:EB:E2:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4wzJQptjOC6bFxTSGzyW0uXr4lc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/1-Wa4-sAQCL5r4psRxQhUB7J4a9A.roa
Signing time: Sun 01 Jan 2023 04:24:59 +0000
ROA not before: Sun 01 Jan 2023 04:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201867
IP address blocks: 213.152.250.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:93:65:16:14:75:72:f4:1f:6a:00:25:bb:2b:61:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e30cc9429b63382e9b1714d21b3c96d2e5ebe257
Validity
Not Before: Jan 1 04:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f966b8fac01008be6be29b11c5085407b2786bd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:06:c7:92:fe:eb:51:9e:4e:0d:1b:8c:7d:8d:
9a:4d:94:a0:d1:49:c2:85:08:de:8b:f6:86:b3:d7:
e5:4d:82:a9:fe:73:4b:42:33:30:12:32:47:ab:10:
24:c6:d3:53:ae:70:e4:cf:8e:99:e8:a3:7d:38:10:
21:6a:3f:46:41:cd:0b:b9:b9:9e:1a:11:fe:19:70:
2e:48:fa:29:d2:a5:bf:ce:19:30:cf:99:c9:0d:86:
cf:3d:ee:41:a3:8b:00:95:04:ab:cd:ad:e0:d0:dc:
e8:16:4a:b7:29:5b:06:8a:5f:dc:76:87:78:69:fa:
22:15:2f:b6:54:24:30:49:d6:80:39:6a:34:99:d6:
43:7f:6b:e2:7f:10:b3:ed:40:2e:07:f5:a5:32:2c:
74:9f:b8:fe:58:85:36:b3:a7:73:dd:1a:c0:ab:cd:
a3:ae:d3:b6:76:83:46:0e:05:b6:9d:33:c7:c5:07:
d1:2f:46:26:74:3c:23:28:31:f1:d7:e8:ce:48:9d:
0c:e7:fe:46:c7:b1:d4:4a:64:5f:f9:94:d1:d3:fe:
7b:f1:34:f6:9e:bc:45:48:ef:65:6b:c9:86:99:0f:
48:fa:f9:49:11:d0:ff:b0:7a:c1:59:50:5e:d4:e7:
5a:12:7c:f6:86:ad:c7:95:6b:77:7e:0e:74:2c:93:
9a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:66:B8:FA:C0:10:08:BE:6B:E2:9B:11:C5:08:54:07:B2:78:6B:D0
X509v3 Authority Key Identifier:
keyid:E3:0C:C9:42:9B:63:38:2E:9B:17:14:D2:1B:3C:96:D2:E5:EB:E2:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4wzJQptjOC6bFxTSGzyW0uXr4lc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/1-Wa4-sAQCL5r4psRxQhUB7J4a9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/4wzJQptjOC6bFxTSGzyW0uXr4lc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.152.250.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:fd:29:16:04:79:ca:62:c0:7a:bc:c6:b4:67:c3:ac:c3:f9:
35:60:68:fd:4d:bd:5c:09:1f:3c:6f:8b:5c:4d:15:93:b4:6d:
11:5f:44:5b:ad:dd:f1:ba:9a:cd:77:38:3a:fe:9f:63:46:ab:
1e:03:e2:7b:94:64:77:e1:f2:ea:d4:be:7f:3d:15:5d:15:df:
34:3a:48:35:7c:cf:aa:26:2c:3b:4c:7f:93:5c:ff:a0:80:ad:
fd:f0:40:b8:db:b1:a0:b8:3b:14:ea:4e:ad:a4:6f:f7:46:8a:
88:3a:c9:37:98:89:04:a9:e0:64:44:78:a2:9a:de:ed:88:1b:
ad:23:43:a8:31:66:ea:d2:fd:db:17:14:4a:14:dd:b1:1a:f6:
e3:9b:b3:ce:d2:cc:50:03:45:05:61:4b:b6:62:63:ca:48:57:
98:2f:c9:90:6f:d0:83:75:25:d1:64:e8:da:fc:fe:a2:46:9e:
fe:ee:22:6a:97:97:95:6d:79:dd:3f:f6:96:a3:22:82:87:59:
fe:7e:14:db:62:66:f7:e0:92:ad:24:dd:be:76:3f:c9:0d:ea:
87:ce:04:4e:dc:2b:02:99:ee:1d:3a:a7:e0:ef:c5:66:6b:35:
fe:a1:97:b0:3f:59:f2:77:71:27:cd:6f:07:a8:62:32:1e:56:
f8:d3:dd:e9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVrk2UWFHVy9B9qACW7K2GZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMGNjOTQyOWI2MzM4MmU5YjE3MTRkMjFiM2M5NmQyZTVl
YmUyNTcwHhcNMjMwMTAxMDQyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTY2YjhmYWMwMTAwOGJlNmJlMjliMTFjNTA4NTQwN2IyNzg2YmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgbHkv7rUZ5ODRuMfY2aTZSg0UnC
hQjei/aGs9flTYKp/nNLQjMwEjJHqxAkxtNTrnDkz46Z6KN9OBAhaj9GQc0Lubme
GhH+GXAuSPop0qW/zhkwz5nJDYbPPe5Bo4sAlQSrza3g0NzoFkq3KVsGil/cdod4
afoiFS+2VCQwSdaAOWo0mdZDf2vifxCz7UAuB/WlMix0n7j+WIU2s6dz3RrAq82j
rtO2doNGDgW2nTPHxQfRL0YmdDwjKDHx1+jOSJ0M5/5Gx7HUSmRf+ZTR0/578TT2
nrxFSO9la8mGmQ9I+vlJEdD/sHrBWVBe1OdaEnz2hq3HlWt3fg50LJOa0wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPlmuPrAEAi+a+KbEcUIVAeyeGvQMB8GA1UdIwQY
MBaAFOMMyUKbYzgumxcU0hs8ltLl6+JXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHd6SlFwdGpPQzZiRnhUU0d6eVcwdVhyNGxjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNzMyODctYjFiMS00YWNhLWJkMmUt
ZGI0ZjM1MmU5YWQzLzEvMS1XYTQtc0FRQ0w1cjRwc1J4UWhVQjdKNGE5QS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvYzczMjg3LWIxYjEtNGFjYS1iZDJlLWRiNGYzNTJlOWFk
My8xLzR3ekpRcHRqT0M2YkZ4VFNHenlXMHVYcjRsYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANWY+jAN
BgkqhkiG9w0BAQsFAAOCAQEAWv0pFgR5ymLAerzGtGfDrMP5NWBo/U29XAkfPG+L
XE0Vk7RtEV9EW63d8bqazXc4Ov6fY0arHgPie5Rkd+Hy6tS+fz0VXRXfNDpINXzP
qiYsO0x/k1z/oICt/fBAuNuxoLg7FOpOraRv90aKiDrJN5iJBKngZER4opre7Ygb
rSNDqDFm6tL92xcUShTdsRr245uzztLMUANFBWFLtmJjykhXmC/JkG/Qg3Ul0WTo
2vz+okae/u4iapeXlW153T/2lqMigodZ/n4U22Jm9+CSrSTdvnY/yQ3qh84ETtwr
ApnuHTqn4O/FZms1/qGXsD9Z8ndxJ81vB6hiMh5W+NPd6Q==
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:49:46 2024 by rpki-client on console-fra.rpki-client.org