Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hT4Du7rVW_TQFrIZd0fH4zLnWHE.roa
File: hT4Du7rVW_TQFrIZd0fH4zLnWHE.roa (raw, json)
Hash identifier: Mhy93CrhJYXuOj/SIwiUwbTObcNHoFuXGLch8O56GOw=
Subject key identifier: 85:3E:03:BB:BA:D5:5B:F4:D0:16:B2:19:77:47:C7:E3:32:E7:58:71
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0189C1192A995946D94241792E0F15174ADF
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hT4Du7rVW_TQFrIZd0fH4zLnWHE.roa
Signing time: Fri 04 Aug 2023 15:09:59 +0000
ROA not before: Fri 04 Aug 2023 15:09:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.248.132.0/24 maxlen: 24
2a0e:97c0:b33::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c1:19:2a:99:59:46:d9:42:41:79:2e:0f:15:17:4a:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 4 15:09:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=853e03bbbad55bf4d016b2197747c7e332e75871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e8:67:71:92:56:73:bd:37:24:c2:aa:d7:35:
c9:fe:ea:63:82:ea:b4:72:85:59:87:22:5b:62:70:
f0:92:46:99:17:a8:4d:47:26:13:29:25:2d:c8:44:
f3:30:ea:b9:0a:7d:18:7e:22:f0:b4:c8:f4:8c:b7:
c5:09:d7:b8:a9:03:6d:cf:68:93:7d:ae:9d:94:49:
ea:6e:42:80:eb:28:06:1c:87:b1:18:b8:cb:ad:b9:
95:19:e0:48:1a:74:57:2c:e0:71:5c:eb:03:ea:e1:
41:0a:2c:8d:19:13:08:b0:44:5a:3c:2d:de:75:82:
b3:1e:e2:7c:cc:b1:19:16:30:89:c9:7f:7d:59:c0:
0d:23:7e:38:0b:e0:cb:84:1e:39:46:b4:5f:cc:d9:
c0:3d:52:ea:22:76:85:e7:6a:36:f9:f6:62:12:8c:
98:e2:cd:a7:52:78:49:c6:86:22:cf:0b:9f:b4:62:
d0:aa:d0:9b:34:60:62:48:c2:9f:c2:ab:9d:6b:42:
4b:d7:b1:4f:32:01:ea:5f:a3:95:17:66:a4:ef:8a:
35:f6:cf:6c:3f:a9:a7:bb:56:bf:33:8b:b6:b4:60:
18:2c:50:55:c8:fb:ca:37:55:1d:9c:3c:94:d3:04:
ae:16:ea:a7:a5:5e:e5:fb:21:29:a1:15:ac:77:e4:
4e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:3E:03:BB:BA:D5:5B:F4:D0:16:B2:19:77:47:C7:E3:32:E7:58:71
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hT4Du7rVW_TQFrIZd0fH4zLnWHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.132.0/24
IPv6:
2a0e:97c0:b33::/48
Signature Algorithm: sha256WithRSAEncryption
b5:c1:67:9e:6e:fd:9b:f1:43:cd:32:24:ac:f4:b8:72:9b:6a:
42:05:30:4e:6d:7d:02:9c:84:ce:3b:1d:86:f4:a4:6c:f3:4d:
6a:17:3f:f6:24:93:92:02:14:e6:85:af:ca:61:01:4f:88:51:
e7:5e:8e:dd:9c:58:ef:45:7a:ec:33:51:e0:60:5f:89:15:97:
33:cc:21:7a:dc:a3:30:06:bc:85:1f:5f:2c:77:61:19:06:67:
34:19:67:dd:42:74:c1:72:24:e1:09:72:67:7e:29:04:75:83:
e7:aa:2b:ca:eb:a9:2c:f3:d3:20:8a:f9:e5:46:6d:76:06:86:
41:d4:d0:c5:36:37:e7:07:7a:f3:8c:6f:99:ed:c7:97:1a:dc:
45:cc:79:d8:75:ec:a4:d0:51:b3:89:e1:ac:9b:bf:b1:2a:9e:
29:f0:19:4f:ee:4b:4a:73:5a:ed:75:8b:c8:4c:33:cc:8d:89:
08:e4:b0:39:22:c4:39:fa:87:42:eb:e7:cb:51:04:2c:5b:3a:
5e:c1:e7:2c:91:a5:e6:21:ad:c7:a0:09:e2:51:bb:f5:aa:f0:
71:6d:ef:1b:7d:10:9d:2e:a3:e7:e3:85:8e:a2:94:70:ef:26:
29:90:85:f0:57:54:d7:e9:56:51:70:88:c9:05:7a:2b:b1:e6:
9e:8c:92:5d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnBGSqZWUbZQkF5Lg8VF0rfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwODA0MTUwOTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTNlMDNiYmJhZDU1YmY0ZDAxNmIyMTk3NzQ3YzdlMzMyZTc1ODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuhncZJWc703JMKq1zXJ/upjguq0
coVZhyJbYnDwkkaZF6hNRyYTKSUtyETzMOq5Cn0YfiLwtMj0jLfFCde4qQNtz2iT
fa6dlEnqbkKA6ygGHIexGLjLrbmVGeBIGnRXLOBxXOsD6uFBCiyNGRMIsERaPC3e
dYKzHuJ8zLEZFjCJyX99WcANI344C+DLhB45RrRfzNnAPVLqInaF52o2+fZiEoyY
4s2nUnhJxoYizwuftGLQqtCbNGBiSMKfwquda0JL17FPMgHqX6OVF2ak74o19s9s
P6mnu1a/M4u2tGAYLFBVyPvKN1UdnDyU0wSuFuqnpV7l+yEpoRWsd+RO/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIU+A7u61Vv00BayGXdHx+My51hxMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaFQ0RHU3clZXX1RRRnJJWmQwZkg0ekxuV0hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAufiEMA8E
AgACMAkDBwAqDpfACzMwDQYJKoZIhvcNAQELBQADggEBALXBZ55u/ZvxQ80yJKz0
uHKbakIFME5tfQKchM47HYb0pGzzTWoXP/Ykk5ICFOaFr8phAU+IUedejt2cWO9F
euwzUeBgX4kVlzPMIXrcozAGvIUfXyx3YRkGZzQZZ91CdMFyJOEJcmd+KQR1g+eq
K8rrqSzz0yCK+eVGbXYGhkHU0MU2N+cHevOMb5ntx5ca3EXMedh17KTQUbOJ4ayb
v7EqninwGU/uS0pzWu11i8hMM8yNiQjksDkixDn6h0Lr58tRBCxbOl7B5yyRpeYh
rcegCeJRu/Wq8HFt7xt9EJ0uo+fjhY6ilHDvJimQhfBXVNfpVlFwiMkFeiux5p6M
kl0=
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:32 2024 by rpki-client on console-fra.rpki-client.org