Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/cHL9mosgFJxMd5AYxPfwpYS9hpI.roa
File: cHL9mosgFJxMd5AYxPfwpYS9hpI.roa (raw, json)
Hash identifier: 4cSiZZOOEBBiEaRRQb+Hu/RnyTmTtGbtKquxxA5YKE4=
Subject key identifier: 70:72:FD:9A:8B:20:14:9C:4C:77:90:18:C4:F7:F0:A5:84:BD:86:92
Certificate issuer: /CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Certificate serial: 01857155631BDF084FC16E52952A6B3D29C7
Authority key identifier: 14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/cHL9mosgFJxMd5AYxPfwpYS9hpI.roa
Signing time: Mon 02 Jan 2023 07:14:59 +0000
ROA not before: Mon 02 Jan 2023 07:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42585
IP address blocks: 213.249.64.0/21 maxlen: 24
213.249.92.0/22 maxlen: 24
2a01:448::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 19 Jun 2023 11:22:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:63:1b:df:08:4f:c1:6e:52:95:2a:6b:3d:29:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Validity
Not Before: Jan 2 07:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7072fd9a8b20149c4c779018c4f7f0a584bd8692
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8d:bb:06:2f:ca:3d:ee:62:cf:56:7f:fd:30:
30:1b:5e:91:41:f5:41:1e:e0:20:22:ad:fa:f9:10:
9b:e1:43:be:43:56:86:1c:6d:7c:e7:58:82:3f:a6:
cd:fe:f8:5f:0d:75:0e:58:c7:f8:7b:8f:7a:20:b3:
7a:da:d6:23:d2:23:43:24:eb:7d:33:63:9f:af:73:
c1:e8:27:ab:5b:c2:23:b8:d5:14:3a:05:b8:98:ff:
36:b5:c3:18:0e:37:8a:b1:35:b1:40:02:4a:22:6b:
42:b1:90:94:65:4a:13:e1:62:1d:ea:c1:60:02:42:
30:ee:3a:c7:de:e5:22:80:37:e6:7b:9c:cf:8c:50:
1e:04:96:28:9f:72:97:b7:6b:fb:9e:28:62:86:dc:
34:a7:ad:89:a2:ef:5a:4d:0f:25:7c:f9:20:ca:fb:
9f:43:66:8b:cf:b9:d0:db:60:85:20:97:bb:77:bf:
9a:55:6b:5c:0e:b7:99:3c:f6:f2:17:fc:01:2b:db:
f6:a5:d9:47:52:cf:5f:b9:62:4e:18:fd:7f:d9:fd:
8c:70:7d:a3:04:bc:0c:a4:60:91:a9:6b:b7:76:61:
ad:e5:27:ea:32:d9:00:f7:e7:78:cf:c5:5b:48:f8:
b3:07:d5:2e:61:61:e1:9f:b9:48:79:58:ed:ec:eb:
fb:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:72:FD:9A:8B:20:14:9C:4C:77:90:18:C4:F7:F0:A5:84:BD:86:92
X509v3 Authority Key Identifier:
keyid:14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/cHL9mosgFJxMd5AYxPfwpYS9hpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.249.64.0/21
213.249.92.0/22
IPv6:
2a01:448::/32
Signature Algorithm: sha256WithRSAEncryption
03:eb:ea:39:14:21:7b:b9:de:32:21:9a:ec:8f:23:f4:6a:47:
3b:22:85:6a:8b:24:c6:de:29:40:27:1a:ed:a6:70:21:56:0c:
f0:3d:29:e4:7b:e2:f4:cf:58:a6:8d:f7:91:34:71:ee:f2:39:
1f:2c:2c:40:15:bb:db:ae:d4:3f:0c:be:7d:f6:64:a6:74:a5:
98:40:27:ac:ec:e9:a6:34:92:8d:b9:0c:43:c2:de:38:58:cb:
92:fe:dc:f8:44:ad:29:2a:79:cb:6f:86:e0:15:ec:6c:d5:af:
cf:79:c8:cf:04:9d:81:7d:71:bc:5b:a6:33:c8:0d:36:c9:1a:
2d:bb:ee:2b:aa:be:48:cb:ae:bc:97:30:6d:59:7f:c2:c7:e7:
0c:74:22:06:bf:c8:92:85:89:27:d1:2e:b7:a0:3f:bf:46:c4:
c3:e6:d6:90:49:cc:b5:92:53:63:27:00:5b:bc:3b:06:fc:fd:
cb:12:d6:bf:91:65:7d:a6:73:b8:8a:04:bb:ed:6b:1f:d0:98:
7d:05:d6:3e:ba:65:b0:10:a0:87:32:d7:51:05:15:c2:46:39:
7f:99:45:88:2f:bb:4e:2f:a2:de:46:dc:4c:1a:19:2d:8e:26:
22:09:b7:11:f9:9f:ae:72:05:69:89:ae:c2:d0:4c:10:f8:29:
b5:89:67:65
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxVWMb3whPwW5SlSprPSnHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YmVlMGViZDA2YjRiODEyZjllMTM3MTZlMjVmMWMzYzNk
MTRjYzYwHhcNMjMwMTAyMDcxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDcyZmQ5YThiMjAxNDljNGM3NzkwMThjNGY3ZjBhNTg0YmQ4NjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqo27Bi/KPe5iz1Z//TAwG16RQfVB
HuAgIq36+RCb4UO+Q1aGHG1851iCP6bN/vhfDXUOWMf4e496ILN62tYj0iNDJOt9
M2Ofr3PB6CerW8IjuNUUOgW4mP82tcMYDjeKsTWxQAJKImtCsZCUZUoT4WId6sFg
AkIw7jrH3uUigDfme5zPjFAeBJYon3KXt2v7nihihtw0p62Jou9aTQ8lfPkgyvuf
Q2aLz7nQ22CFIJe7d7+aVWtcDreZPPbyF/wBK9v2pdlHUs9fuWJOGP1/2f2McH2j
BLwMpGCRqWu3dmGt5SfqMtkA9+d4z8VbSPizB9UuYWHhn7lIeVjt7Ov7MwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHBy/ZqLIBScTHeQGMT38KWEvYaSMB8GA1UdIwQY
MBaAFBS+4OvQa0uBL54TcW4l8cPD0UzGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUt
ZDFiYjZiNGRkNzAxLzEvY0hMOW1vc2dGSnhNZDVBWXhQZndwWVM5aHBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUtZDFiYjZiNGRkNzAx
LzEvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQD1flAAwQC
1flcMA0EAgACMAcDBQAqAQRIMA0GCSqGSIb3DQEBCwUAA4IBAQAD6+o5FCF7ud4y
IZrsjyP0akc7IoVqiyTG3ilAJxrtpnAhVgzwPSnke+L0z1imjfeRNHHu8jkfLCxA
FbvbrtQ/DL599mSmdKWYQCes7OmmNJKNuQxDwt44WMuS/tz4RK0pKnnLb4bgFexs
1a/PecjPBJ2BfXG8W6YzyA02yRotu+4rqr5Iy668lzBtWX/Cx+cMdCIGv8iShYkn
0S63oD+/RsTD5taQScy1klNjJwBbvDsG/P3LEta/kWV9pnO4igS77Wsf0Jh9BdY+
umWwEKCHMtdRBRXCRjl/mUWIL7tOL6LeRtxMGhktjiYiCbcR+Z+ucgVpia7C0EwQ
+Cm1iWdl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:56 2024 by rpki-client on console-fra.rpki-client.org