Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/aaa77b-9a09-4f0a-a885-3176f0999dda/1/f4pKk0Lm2hf9XhjSAj3KhO_GxYM.roa
File: f4pKk0Lm2hf9XhjSAj3KhO_GxYM.roa (raw, json)
Hash identifier: BbtjbFAB4rbTaob6d7upiIEycWju6cSJUNJBNeQW7Ds=
Subject key identifier: 7F:8A:4A:93:42:E6:DA:17:FD:5E:18:D2:02:3D:CA:84:EF:C6:C5:83
Certificate issuer: /CN=bea1890c305b0f2da420b01697e3bf23d485ab64
Certificate serial: 0187909E882C27BF65151AA13B241768153A
Authority key identifier: BE:A1:89:0C:30:5B:0F:2D:A4:20:B0:16:97:E3:BF:23:D4:85:AB:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vqGJDDBbDy2kILAWl-O_I9SFq2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/aaa77b-9a09-4f0a-a885-3176f0999dda/1/f4pKk0Lm2hf9XhjSAj3KhO_GxYM.roa
Signing time: Mon 17 Apr 2023 19:08:41 +0000
ROA not before: Mon 17 Apr 2023 19:08:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210477
IP address blocks: 185.216.191.0/24 maxlen: 24
146.19.17.0/24 maxlen: 24
2a12:b500::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 28 Apr 2023 16:57:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:90:9e:88:2c:27:bf:65:15:1a:a1:3b:24:17:68:15:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bea1890c305b0f2da420b01697e3bf23d485ab64
Validity
Not Before: Apr 17 19:08:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f8a4a9342e6da17fd5e18d2023dca84efc6c583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d5:80:1f:4f:22:f6:09:fc:cc:bd:e5:e6:38:
ef:13:0b:82:7b:2b:47:4a:9d:a5:bd:d7:0d:40:76:
6f:1f:4e:46:28:a4:fb:2a:7c:e7:10:38:4f:45:bf:
de:19:79:2f:c1:2a:09:bf:29:54:0d:33:d3:b2:d5:
39:96:24:bd:25:15:85:96:26:6a:04:9f:55:3f:c5:
03:8d:88:17:4a:1d:1c:5c:ad:e5:7d:fa:c5:e5:d9:
21:23:ac:f0:f5:68:d2:d7:63:c8:64:4e:4f:38:d8:
44:73:2d:97:7c:b5:8a:cb:ad:e7:ec:58:ca:22:ad:
20:b8:63:0e:39:fc:9f:f3:25:35:75:23:1c:a1:17:
9d:b7:f9:60:12:ae:27:93:d9:5a:01:ac:68:ef:77:
d8:91:37:49:11:9d:49:cf:6b:02:23:0c:33:cd:c3:
ac:56:01:62:92:b6:74:5f:9c:de:29:1c:aa:1e:68:
0b:b3:57:6c:ab:74:6e:61:71:9c:92:82:d6:1d:5e:
47:19:cc:e8:4d:36:e7:a9:ca:71:51:56:ad:c4:53:
d3:18:33:74:fa:af:84:f0:64:e3:c8:f7:7a:04:7d:
08:cf:c3:47:df:2c:d2:a6:50:9f:7f:d8:09:99:57:
30:1e:3e:c7:26:8b:6d:8f:2e:01:a3:a0:39:b5:37:
8b:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:8A:4A:93:42:E6:DA:17:FD:5E:18:D2:02:3D:CA:84:EF:C6:C5:83
X509v3 Authority Key Identifier:
keyid:BE:A1:89:0C:30:5B:0F:2D:A4:20:B0:16:97:E3:BF:23:D4:85:AB:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vqGJDDBbDy2kILAWl-O_I9SFq2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/aaa77b-9a09-4f0a-a885-3176f0999dda/1/f4pKk0Lm2hf9XhjSAj3KhO_GxYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/aaa77b-9a09-4f0a-a885-3176f0999dda/1/vqGJDDBbDy2kILAWl-O_I9SFq2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.17.0/24
185.216.191.0/24
IPv6:
2a12:b500::/32
Signature Algorithm: sha256WithRSAEncryption
3f:58:6a:24:7e:c1:14:ab:58:ed:93:0c:b4:39:92:92:47:26:
bf:bd:6e:16:79:99:0a:cd:58:a0:ac:b5:3a:43:a3:e1:ed:5a:
bc:bc:60:51:9a:a8:e4:3a:bc:e3:99:72:00:33:5f:82:c0:62:
0f:b5:92:cd:81:05:40:c5:9f:ce:6a:55:b1:31:0c:a9:dd:4b:
d9:48:5b:fe:4b:b9:5a:02:f7:84:79:2d:6c:37:25:d7:0b:64:
9e:87:d6:35:4c:7e:fb:84:d1:7f:08:88:ce:0e:ea:c7:09:76:
de:be:d0:0a:1f:e3:55:aa:66:2e:53:71:c2:0d:53:60:b7:1d:
d5:76:27:51:11:b6:97:e2:9d:9b:98:73:c0:74:e9:cb:f9:3f:
5e:a7:ac:2a:2f:86:0b:01:51:49:05:c4:36:c6:73:5d:55:9f:
9c:a6:36:ff:51:07:29:63:b7:52:52:0c:41:bf:c3:64:71:ee:
1d:99:cc:47:45:9e:5d:cc:b3:03:73:fd:da:92:db:d2:3e:7a:
b9:aa:7a:df:79:54:b3:4d:a2:c4:57:79:a2:54:ed:e9:a8:ef:
0e:35:e4:f2:3e:ea:53:b0:c2:c2:06:a6:90:2c:d6:54:16:df:
a7:b8:10:62:ea:1c:5e:bd:98:c8:f5:c7:77:90:b9:87:ee:7f:
49:f3:3d:9c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYeQnogsJ79lFRqhOyQXaBU6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlYTE4OTBjMzA1YjBmMmRhNDIwYjAxNjk3ZTNiZjIzZDQ4
NWFiNjQwHhcNMjMwNDE3MTkwODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjhhNGE5MzQyZTZkYTE3ZmQ1ZTE4ZDIwMjNkY2E4NGVmYzZjNTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9WAH08i9gn8zL3l5jjvEwuCeytH
Sp2lvdcNQHZvH05GKKT7KnznEDhPRb/eGXkvwSoJvylUDTPTstU5liS9JRWFliZq
BJ9VP8UDjYgXSh0cXK3lffrF5dkhI6zw9WjS12PIZE5PONhEcy2XfLWKy63n7FjK
Iq0guGMOOfyf8yU1dSMcoRedt/lgEq4nk9laAaxo73fYkTdJEZ1Jz2sCIwwzzcOs
VgFikrZ0X5zeKRyqHmgLs1dsq3RuYXGckoLWHV5HGczoTTbnqcpxUVatxFPTGDN0
+q+E8GTjyPd6BH0Iz8NH3yzSplCff9gJmVcwHj7HJottjy4Bo6A5tTeLAQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFH+KSpNC5toX/V4Y0gI9yoTvxsWDMB8GA1UdIwQY
MBaAFL6hiQwwWw8tpCCwFpfjvyPUhatkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnFHSkREQmJEeTJrSUxBV2wtT19JOVNGcTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9hYWE3N2ItOWEwOS00ZjBhLWE4ODUt
MzE3NmYwOTk5ZGRhLzEvZjRwS2swTG0yaGY5WGhqU0FqM0toT19HeFlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9hYWE3N2ItOWEwOS00ZjBhLWE4ODUtMzE3NmYwOTk5ZGRh
LzEvdnFHSkREQmJEeTJrSUxBV2wtT19JOVNGcTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAkhMRAwQA
udi/MA0EAgACMAcDBQAqErUAMA0GCSqGSIb3DQEBCwUAA4IBAQA/WGokfsEUq1jt
kwy0OZKSRya/vW4WeZkKzVigrLU6Q6Ph7Vq8vGBRmqjkOrzjmXIAM1+CwGIPtZLN
gQVAxZ/OalWxMQyp3UvZSFv+S7laAveEeS1sNyXXC2Seh9Y1TH77hNF/CIjODurH
CXbevtAKH+NVqmYuU3HCDVNgtx3VdidREbaX4p2bmHPAdOnL+T9ep6wqL4YLAVFJ
BcQ2xnNdVZ+cpjb/UQcpY7dSUgxBv8Nkce4dmcxHRZ5dzLMDc/3aktvSPnq5qnrf
eVSzTaLEV3miVO3pqO8ONeTyPupTsMLCBqaQLNZUFt+nuBBi6hxevZjI9cd3kLmH
7n9J8z2c
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:08 2024 by rpki-client on console-ams.rpki-client.org