Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/1EbKs3GXBci9xdFnwekGwtdMOL4.roa
File: 1EbKs3GXBci9xdFnwekGwtdMOL4.roa (raw, json)
Hash identifier: DbwHjTvCHCF0pE0hvAqNOqhvm1CjddVEpoyoVgILq64=
Subject key identifier: D4:46:CA:B3:71:97:05:C8:BD:C5:D1:67:C1:E9:06:C2:D7:4C:38:BE
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 018572B42655EEE901996EF2B33588614A43
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/1EbKs3GXBci9xdFnwekGwtdMOL4.roa
Signing time: Mon 02 Jan 2023 13:38:06 +0000
ROA not before: Mon 02 Jan 2023 13:38:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209439
IP address blocks: 149.232.189.0/24 maxlen: 24
2a00:8b80::/32 maxlen: 48
2a09:3dc0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:26:55:ee:e9:01:99:6e:f2:b3:35:88:61:4a:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jan 2 13:38:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d446cab3719705c8bdc5d167c1e906c2d74c38be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:02:73:a4:97:fa:b3:53:bf:c3:ca:c5:b7:ca:
bb:fd:c5:46:59:69:78:21:91:15:8e:95:a1:8b:97:
c7:cc:09:d0:ba:c1:c5:50:f7:91:06:75:71:43:8a:
4e:7d:1d:74:40:5d:27:48:04:0f:ad:eb:37:9d:3e:
85:47:c8:c3:8c:5a:e3:77:c6:b8:39:43:45:c7:59:
45:4e:7f:9f:c5:de:c5:9b:dc:52:00:4d:28:36:14:
2d:79:9d:d1:9b:62:c1:6a:9c:60:a4:0a:b8:e7:c9:
db:0f:e8:7d:27:b1:4b:cb:08:f3:88:df:c0:1f:65:
6d:6b:4e:a2:be:22:14:26:53:99:44:1b:db:05:b5:
3e:97:a6:03:e3:e1:60:26:b7:5f:c6:d5:04:d5:00:
eb:14:45:e6:15:e3:42:e9:1d:8b:1a:fb:a0:fb:21:
81:5e:b1:b5:36:3e:0d:c4:de:fc:6a:f7:19:ba:2c:
44:33:4f:fb:49:ae:fe:44:e6:e5:c0:d7:0b:99:e1:
05:d7:23:23:d4:b7:1f:e7:ef:31:fc:45:5d:81:4c:
7b:32:08:16:75:37:b2:05:76:14:85:2d:21:b0:57:
9c:fb:ae:76:fd:fe:09:da:95:86:5d:96:b9:ce:ff:
6c:cc:2d:73:34:b4:8d:94:57:dd:21:ed:8b:fb:fb:
7a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:46:CA:B3:71:97:05:C8:BD:C5:D1:67:C1:E9:06:C2:D7:4C:38:BE
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/1EbKs3GXBci9xdFnwekGwtdMOL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.232.189.0/24
IPv6:
2a00:8b80::/32
2a09:3dc0::/48
Signature Algorithm: sha256WithRSAEncryption
8b:c0:a1:66:d0:28:47:3c:d8:4a:71:38:b8:d6:43:85:70:ee:
2f:4c:e5:4c:1f:a8:34:13:9e:9c:d8:eb:94:f6:de:8f:39:ec:
cc:14:f0:08:07:53:f6:09:29:d0:4e:1c:da:af:e6:a1:8a:05:
1b:cf:b2:a3:1f:6e:01:08:5d:49:62:5a:1e:d7:4d:a6:73:ec:
16:fa:ee:bd:13:bd:5f:3d:56:f5:d1:ee:cd:31:eb:90:94:45:
ab:74:5a:6e:14:e7:c8:2a:80:82:2d:b8:b6:ec:3c:90:d4:af:
66:ba:ab:67:1b:7e:92:95:a8:c3:37:e2:ca:58:73:1c:15:29:
c4:d5:7e:44:6d:b4:67:0e:c7:13:c1:e1:24:c5:d4:7e:dc:85:
b8:5f:8d:6d:ff:89:51:13:50:7b:92:62:30:aa:d5:60:41:c9:
9f:af:07:5a:4f:f7:41:23:ae:73:5a:fe:3a:b5:81:0d:7d:75:
77:e1:8a:7a:c5:d1:0e:60:12:54:6a:5f:04:56:e0:e9:71:35:
76:01:f5:88:44:fb:18:67:72:43:62:dc:d3:44:ee:cc:07:bc:
d6:05:a8:ef:fd:b8:97:6a:94:27:ca:53:9a:8b:4c:c7:e9:4a:
9c:01:e5:d0:aa:d4:24:a7:9d:28:93:98:af:7b:0c:98:48:3d:
a6:b8:48:7b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVytCZV7ukBmW7yszWIYUpDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjMwMTAyMTMzODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDQ2Y2FiMzcxOTcwNWM4YmRjNWQxNjdjMWU5MDZjMmQ3NGMzOGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwJzpJf6s1O/w8rFt8q7/cVGWWl4
IZEVjpWhi5fHzAnQusHFUPeRBnVxQ4pOfR10QF0nSAQPres3nT6FR8jDjFrjd8a4
OUNFx1lFTn+fxd7Fm9xSAE0oNhQteZ3Rm2LBapxgpAq458nbD+h9J7FLywjziN/A
H2Vta06iviIUJlOZRBvbBbU+l6YD4+FgJrdfxtUE1QDrFEXmFeNC6R2LGvug+yGB
XrG1Nj4NxN78avcZuixEM0/7Sa7+ROblwNcLmeEF1yMj1Lcf5+8x/EVdgUx7MggW
dTeyBXYUhS0hsFec+652/f4J2pWGXZa5zv9szC1zNLSNlFfdIe2L+/t6wwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNRGyrNxlwXIvcXRZ8HpBsLXTDi+MB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvMUViS3MzR1hCY2k5eGRGbndla0d3dGRNT0w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAlei9MBYE
AgACMBADBQAqAIuAAwcAKgk9wAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCLwKFm0ChH
PNhKcTi41kOFcO4vTOVMH6g0E56c2OuU9t6POezMFPAIB1P2CSnQThzar+ahigUb
z7KjH24BCF1JYloe102mc+wW+u69E71fPVb10e7NMeuQlEWrdFpuFOfIKoCCLbi2
7DyQ1K9muqtnG36SlajDN+LKWHMcFSnE1X5EbbRnDscTweEkxdR+3IW4X41t/4lR
E1B7kmIwqtVgQcmfrwdaT/dBI65zWv46tYENfXV34Yp6xdEOYBJUal8EVuDpcTV2
AfWIRPsYZ3JDYtzTRO7MB7zWBajv/biXapQnylOai0zH6UqcAeXQqtQkp50ok5iv
ewyYSD2muEh7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:25 2024 by rpki-client on console-ams.rpki-client.org