Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/161daf-248f-4e3a-8beb-77efbc362503/1/H4GMqkkRzW_lh3_0l6NOPwzJ7V8.roa
File: H4GMqkkRzW_lh3_0l6NOPwzJ7V8.roa (raw, json)
Hash identifier: OqsOOr9p9jkHpsHQUnjmFt0bEWj4sFgLwOCGeCWG3Lk=
Subject key identifier: 1F:81:8C:AA:49:11:CD:6F:E5:87:7F:F4:97:A3:4E:3F:0C:C9:ED:5F
Certificate issuer: /CN=19ca39890f97f728152bcd85c236d8e5ff460429
Certificate serial: 01857246C09A81BBE47AD6BF60EFD5657050
Authority key identifier: 19:CA:39:89:0F:97:F7:28:15:2B:CD:85:C2:36:D8:E5:FF:46:04:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gco5iQ-X9ygVK82FwjbY5f9GBCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/161daf-248f-4e3a-8beb-77efbc362503/1/H4GMqkkRzW_lh3_0l6NOPwzJ7V8.roa
Signing time: Mon 02 Jan 2023 11:38:37 +0000
ROA not before: Mon 02 Jan 2023 11:38:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 559
IP address blocks: 141.249.0.0/16 maxlen: 24
2001:67c:13c0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:c0:9a:81:bb:e4:7a:d6:bf:60:ef:d5:65:70:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ca39890f97f728152bcd85c236d8e5ff460429
Validity
Not Before: Jan 2 11:38:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f818caa4911cd6fe5877ff497a34e3f0cc9ed5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:41:c7:8c:ba:8e:24:c9:79:83:d9:a1:6f:75:
6d:3c:c5:07:d8:b2:7d:3b:22:ea:47:fe:ed:cc:78:
20:1c:b7:46:4a:75:f3:6f:02:26:c7:0f:05:96:19:
3a:f7:6b:a7:26:4a:1c:ba:7b:81:4d:93:5f:6c:b8:
da:38:52:30:01:8f:57:ba:a1:d3:1a:74:04:b6:ba:
02:73:bc:0e:d2:cb:b6:eb:4f:38:35:47:65:03:2a:
72:5f:3d:26:e4:06:b3:ed:48:5a:cf:ba:ac:d4:41:
b7:7e:ce:e5:05:0f:2e:a8:dc:2d:42:14:7f:4c:6d:
39:f1:c4:68:2e:05:5b:b3:db:c3:97:9b:4b:1e:b1:
1c:8d:b0:da:38:39:24:77:fc:04:c2:3d:03:bf:51:
f8:51:7e:9d:9e:a7:35:ac:bf:09:f3:9c:b5:06:6a:
1f:ec:d2:8c:43:23:af:dc:2a:6b:ce:99:25:7e:32:
01:22:67:b5:22:25:7e:e8:ef:96:72:b8:a8:11:c4:
8f:be:5d:8b:5b:d1:2c:d1:39:9b:0a:9b:49:1e:05:
10:dc:0a:3f:7d:78:99:36:6a:c1:87:4d:0a:99:68:
69:3d:97:b9:24:6c:6d:32:59:ca:19:a2:8b:74:57:
14:51:6a:b0:c4:84:98:c4:72:51:97:c1:1c:a2:f7:
db:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:81:8C:AA:49:11:CD:6F:E5:87:7F:F4:97:A3:4E:3F:0C:C9:ED:5F
X509v3 Authority Key Identifier:
keyid:19:CA:39:89:0F:97:F7:28:15:2B:CD:85:C2:36:D8:E5:FF:46:04:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gco5iQ-X9ygVK82FwjbY5f9GBCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/161daf-248f-4e3a-8beb-77efbc362503/1/H4GMqkkRzW_lh3_0l6NOPwzJ7V8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/161daf-248f-4e3a-8beb-77efbc362503/1/Gco5iQ-X9ygVK82FwjbY5f9GBCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.249.0.0/16
IPv6:
2001:67c:13c0::/48
Signature Algorithm: sha256WithRSAEncryption
91:56:75:35:72:26:c5:a1:7f:67:54:2a:f4:95:17:2e:51:d7:
f7:f3:0e:eb:10:cd:9f:45:eb:e5:da:9d:ab:98:a4:8f:d0:df:
3f:3c:5e:49:46:83:86:5d:d1:59:c2:4d:42:11:59:85:6c:c7:
b0:96:a2:9c:81:a9:c4:8a:5b:9f:18:94:98:38:da:f5:75:68:
96:ac:58:e6:f4:bc:99:51:4d:f8:01:aa:b1:4d:e6:85:a7:0e:
b5:36:01:f9:bd:6e:ce:63:28:6b:22:ed:5a:b4:47:2b:54:42:
3f:7d:fb:a7:76:dc:ee:56:b4:76:44:2b:27:3a:7a:bd:f4:a6:
97:60:e1:fd:22:92:f9:91:c5:14:bc:05:1d:19:e7:a5:d5:a4:
38:6a:e0:65:dd:a4:ce:24:90:b8:b0:b5:c3:38:c6:55:80:c7:
c8:ad:b4:4b:3d:48:32:1b:1b:6a:e3:b6:6d:05:21:12:42:13:
26:5e:7c:bd:ff:97:b7:39:76:ea:12:50:d6:12:d9:5f:9e:37:
16:0c:de:76:9b:26:cb:ac:20:e2:08:3a:32:1f:9a:2e:df:88:
14:74:b7:b4:27:54:fd:df:0b:f8:e2:03:11:92:76:8d:9f:8c:
d8:10:bd:49:db:b6:0d:e8:9e:5d:d8:e2:d4:14:e5:d7:4f:65:
66:73:bd:d9
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVyRsCagbvketa/YO/VZXBQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5Y2EzOTg5MGY5N2Y3MjgxNTJiY2Q4NWMyMzZkOGU1ZmY0
NjA0MjkwHhcNMjMwMTAyMTEzODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjgxOGNhYTQ5MTFjZDZmZTU4NzdmZjQ5N2EzNGUzZjBjYzllZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUHHjLqOJMl5g9mhb3VtPMUH2LJ9
OyLqR/7tzHggHLdGSnXzbwImxw8Flhk692unJkocunuBTZNfbLjaOFIwAY9XuqHT
GnQEtroCc7wO0su26084NUdlAypyXz0m5Aaz7Uhaz7qs1EG3fs7lBQ8uqNwtQhR/
TG058cRoLgVbs9vDl5tLHrEcjbDaODkkd/wEwj0Dv1H4UX6dnqc1rL8J85y1Bmof
7NKMQyOv3CprzpklfjIBIme1IiV+6O+WcrioEcSPvl2LW9Es0TmbCptJHgUQ3Ao/
fXiZNmrBh00KmWhpPZe5JGxtMlnKGaKLdFcUUWqwxISYxHJRl8EcovfbpwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFB+BjKpJEc1v5Yd/9JejTj8Mye1fMB8GA1UdIwQY
MBaAFBnKOYkPl/coFSvNhcI22OX/RgQpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2NvNWlRLVg5eWdWSzgyRndqYlk1ZjlHQkNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8xNjFkYWYtMjQ4Zi00ZTNhLThiZWIt
NzdlZmJjMzYyNTAzLzEvSDRHTXFra1J6V19saDNfMGw2Tk9Qd3pKN1Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8xNjFkYWYtMjQ4Zi00ZTNhLThiZWItNzdlZmJjMzYyNTAz
LzEvR2NvNWlRLVg5eWdWSzgyRndqYlk1ZjlHQkNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjALBAIAATAFAwMAjfkwDwQC
AAIwCQMHACABBnwTwDANBgkqhkiG9w0BAQsFAAOCAQEAkVZ1NXImxaF/Z1Qq9JUX
LlHX9/MO6xDNn0Xr5dqdq5ikj9DfPzxeSUaDhl3RWcJNQhFZhWzHsJainIGpxIpb
nxiUmDja9XVolqxY5vS8mVFN+AGqsU3mhacOtTYB+b1uzmMoayLtWrRHK1RCP337
p3bc7la0dkQrJzp6vfSml2Dh/SKS+ZHFFLwFHRnnpdWkOGrgZd2kziSQuLC1wzjG
VYDHyK20Sz1IMhsbauO2bQUhEkITJl58vf+Xtzl26hJQ1hLZX543Fgzedpsmy6wg
4gg6Mh+aLt+IFHS3tCdU/d8L+OIDEZJ2jZ+M2BC9Sdu2DeieXdji1BTl109lZnO9
2Q==
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:26 2024 by rpki-client on console-ams.rpki-client.org