Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/4cd4ca-c195-4bc4-bb9f-1031ae1eb032/1/r1K_n-BWIfGPnKXPSHqYH3rdbIk.roa
File: r1K_n-BWIfGPnKXPSHqYH3rdbIk.roa (raw, json)
Hash identifier: d4tFQ5wpbnzrht1Kt1OIql5YPT8ZtxYm05j+58bBTjU=
Subject key identifier: AF:52:BF:9F:E0:56:21:F1:8F:9C:A5:CF:48:7A:98:1F:7A:DD:6C:89
Certificate issuer: /CN=2f8675457594d7e740aaeef2e7d7efd02239c617
Certificate serial: 018CC26D5CAEA015E491FA4292F3353BFA73
Authority key identifier: 2F:86:75:45:75:94:D7:E7:40:AA:EE:F2:E7:D7:EF:D0:22:39:C6:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L4Z1RXWU1-dAqu7y59fv0CI5xhc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/4cd4ca-c195-4bc4-bb9f-1031ae1eb032/1/r1K_n-BWIfGPnKXPSHqYH3rdbIk.roa
Signing time: Mon 01 Jan 2024 00:29:56 +0000
ROA not before: Mon 01 Jan 2024 00:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204915
IP address blocks: 153.92.0.0/24 maxlen: 24
2a02:4780:dead::/48 maxlen: 48
2a02:4780:bad::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 14 Nov 2024 13:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:5c:ae:a0:15:e4:91:fa:42:92:f3:35:3b:fa:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f8675457594d7e740aaeef2e7d7efd02239c617
Validity
Not Before: Jan 1 00:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af52bf9fe05621f18f9ca5cf487a981f7add6c89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b0:30:54:62:b0:a7:26:59:07:ad:73:5f:bd:
d1:a2:e1:59:23:2c:be:37:0b:62:83:9b:bc:03:e0:
07:d2:16:6e:17:75:c7:32:85:9d:8e:08:ba:9e:29:
ce:7c:93:fd:bf:87:dc:0c:f0:93:d1:95:74:03:30:
9f:41:75:88:5b:65:98:90:62:02:e7:12:8e:64:12:
f6:d6:20:3e:bd:34:36:c9:94:e1:db:a4:70:22:19:
5a:bf:d2:b0:85:b4:e6:e0:22:08:db:30:03:c9:98:
48:bd:f3:e9:ce:cc:a7:d1:3a:bd:01:b6:a6:28:4f:
bf:1a:4a:86:53:e3:e7:df:70:b8:0e:e4:58:26:ce:
5c:21:07:28:38:a4:6c:7a:22:f3:b2:65:a6:fe:95:
c8:0a:e4:b9:98:5b:7d:a3:3b:76:90:5c:29:27:6d:
af:b9:e9:19:59:88:64:79:7f:5a:99:c1:65:d3:34:
64:87:8e:2b:5d:69:6b:b2:92:58:e7:6d:f6:72:29:
07:23:b8:ca:ec:29:94:4a:a7:90:42:c2:bf:c9:5b:
fd:2a:ba:9c:4c:ca:06:35:ab:55:c3:6f:a8:c6:13:
f7:5c:f1:9a:95:f8:cc:60:ba:d7:10:df:9c:16:e7:
9a:31:be:5a:e0:73:0f:58:d1:5a:c5:14:ee:a8:e7:
05:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:52:BF:9F:E0:56:21:F1:8F:9C:A5:CF:48:7A:98:1F:7A:DD:6C:89
X509v3 Authority Key Identifier:
keyid:2F:86:75:45:75:94:D7:E7:40:AA:EE:F2:E7:D7:EF:D0:22:39:C6:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L4Z1RXWU1-dAqu7y59fv0CI5xhc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/4cd4ca-c195-4bc4-bb9f-1031ae1eb032/1/r1K_n-BWIfGPnKXPSHqYH3rdbIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/4cd4ca-c195-4bc4-bb9f-1031ae1eb032/1/L4Z1RXWU1-dAqu7y59fv0CI5xhc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.92.0.0/24
IPv6:
2a02:4780:bad::/48
2a02:4780:dead::/48
Signature Algorithm: sha256WithRSAEncryption
b8:75:50:4a:bc:73:c2:d6:93:33:ee:02:1e:21:66:c1:e2:de:
dd:d5:31:f1:7b:ab:94:c2:17:0e:6a:62:74:47:da:21:0e:f6:
3d:34:40:d9:42:15:7a:f2:84:70:25:ae:a6:9c:9c:61:b2:3e:
22:74:9f:2d:38:95:be:77:75:73:b3:04:0b:07:95:2a:94:ba:
ce:97:c0:77:f4:4d:cf:06:3a:23:69:7f:8e:ce:2c:e7:db:ee:
51:68:8e:0b:d1:c5:4b:60:d0:1f:13:e0:be:aa:ba:48:82:96:
78:ec:3c:ea:4d:84:8c:08:67:a1:a2:48:fd:c8:5a:0d:d9:06:
ca:b7:74:ac:7a:1d:91:70:9a:3e:b4:09:16:85:f5:6e:39:60:
08:09:b5:2b:63:3d:04:6d:be:64:cb:6a:e4:5a:ba:65:93:f3:
d5:f9:db:79:6f:10:f3:b5:e1:9e:cb:85:6b:92:5f:d9:17:d8:
c9:c5:ad:bb:48:f6:47:b4:19:b9:2b:2e:d2:c8:4f:01:f4:0d:
89:ca:d9:e6:71:a5:94:29:15:dd:c6:10:d6:cf:29:ec:6a:17:
ee:a4:48:44:8f:ea:f4:3d:b0:a6:c1:63:f8:f1:17:a7:14:49:
db:16:39:ed:77:04:92:c0:3d:9e:bd:2f:f1:4b:26:fa:ad:59:
02:ce:45:6c
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzCbVyuoBXkkfpCkvM1O/pzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmODY3NTQ1NzU5NGQ3ZTc0MGFhZWVmMmU3ZDdlZmQwMjIz
OWM2MTcwHhcNMjQwMTAxMDAyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjUyYmY5ZmUwNTYyMWYxOGY5Y2E1Y2Y0ODdhOTgxZjdhZGQ2Yzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7AwVGKwpyZZB61zX73RouFZIyy+
Nwtig5u8A+AH0hZuF3XHMoWdjgi6ninOfJP9v4fcDPCT0ZV0AzCfQXWIW2WYkGIC
5xKOZBL21iA+vTQ2yZTh26RwIhlav9KwhbTm4CII2zADyZhIvfPpzsyn0Tq9Abam
KE+/GkqGU+Pn33C4DuRYJs5cIQcoOKRseiLzsmWm/pXICuS5mFt9ozt2kFwpJ22v
uekZWYhkeX9amcFl0zRkh44rXWlrspJY5232cikHI7jK7CmUSqeQQsK/yVv9Krqc
TMoGNatVw2+oxhP3XPGalfjMYLrXEN+cFueaMb5a4HMPWNFaxRTuqOcFKQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFK9Sv5/gViHxj5ylz0h6mB963WyJMB8GA1UdIwQY
MBaAFC+GdUV1lNfnQKru8ufX79AiOcYXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDRaMVJYV1UxLWRBcXU3eTU5ZnYwQ0k1eGhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80Y2Q0Y2EtYzE5NS00YmM0LWJiOWYt
MTAzMWFlMWViMDMyLzEvcjFLX24tQldJZkdQbktYUFNIcVlIM3JkYklrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80Y2Q0Y2EtYzE5NS00YmM0LWJiOWYtMTAzMWFlMWViMDMy
LzEvTDRaMVJYV1UxLWRBcXU3eTU5ZnYwQ0k1eGhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAmVwAMBgE
AgACMBIDBwAqAkeAC60DBwAqAkeA3q0wDQYJKoZIhvcNAQELBQADggEBALh1UEq8
c8LWkzPuAh4hZsHi3t3VMfF7q5TCFw5qYnRH2iEO9j00QNlCFXryhHAlrqacnGGy
PiJ0ny04lb53dXOzBAsHlSqUus6XwHf0Tc8GOiNpf47OLOfb7lFojgvRxUtg0B8T
4L6qukiClnjsPOpNhIwIZ6GiSP3IWg3ZBsq3dKx6HZFwmj60CRaF9W45YAgJtStj
PQRtvmTLauRaumWT89X523lvEPO14Z7LhWuSX9kX2MnFrbtI9ke0GbkrLtLITwH0
DYnK2eZxpZQpFd3GENbPKexqF+6kSESP6vQ9sKbBY/jxF6cUSdsWOe13BJLAPZ69
L/FLJvqtWQLORWw=
-----END CERTIFICATE-----
Generated at Thu Nov 14 16:41:13 2024 by rpki-client on console-fra.rpki-client.org