Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/a0d73d-6564-4142-a6ee-83e73cb25ea5/1/xG42ab_Q4bTcqPzTi38C1tKVR3o.roa
File: xG42ab_Q4bTcqPzTi38C1tKVR3o.roa (raw, json)
Hash identifier: bhhkDp34kprLsP0S6HABhPAVscKse12U5DmNgoVCDGQ=
Subject key identifier: C4:6E:36:69:BF:D0:E1:B4:DC:A8:FC:D3:8B:7F:02:D6:D2:95:47:7A
Certificate issuer: /CN=bc4e21b27d6f84ebdd888c68e79ce555c846dacb
Certificate serial: 01856F30246E17D6777845D7059979EB4CFD
Authority key identifier: BC:4E:21:B2:7D:6F:84:EB:DD:88:8C:68:E7:9C:E5:55:C8:46:DA:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vE4hsn1vhOvdiIxo55zlVchG2ss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/a0d73d-6564-4142-a6ee-83e73cb25ea5/1/xG42ab_Q4bTcqPzTi38C1tKVR3o.roa
Signing time: Sun 01 Jan 2023 21:15:04 +0000
ROA not before: Sun 01 Jan 2023 21:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.151.44.0/23 maxlen: 23
185.151.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:24:6e:17:d6:77:78:45:d7:05:99:79:eb:4c:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc4e21b27d6f84ebdd888c68e79ce555c846dacb
Validity
Not Before: Jan 1 21:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c46e3669bfd0e1b4dca8fcd38b7f02d6d295477a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:00:d7:f8:de:f8:b2:4a:f6:3c:ea:48:d6:54:
e3:d1:7c:52:b3:71:38:3c:96:16:74:ce:05:5a:2a:
40:3a:38:36:37:cb:1f:e3:e1:d9:f9:da:9a:01:fc:
56:89:71:9e:72:9e:c1:92:f1:1d:83:75:5d:ab:0c:
d3:74:c6:ff:77:15:ee:6c:31:d4:99:fe:f2:b0:ca:
f7:75:41:9b:ff:64:92:41:f7:4d:79:1e:9f:1b:e7:
ee:b5:d5:7f:5b:b4:ed:04:a7:6f:a5:64:21:b3:1f:
bc:a8:19:b7:89:b4:67:15:cc:d4:8e:19:e6:fe:d9:
59:e2:e9:bc:5f:07:ef:59:6f:2c:76:62:93:02:38:
88:57:d6:2a:69:a9:d2:64:26:4c:cd:71:03:24:af:
59:fd:04:f5:62:c2:12:b9:3f:51:ce:85:15:45:d6:
b4:40:b4:3d:c5:24:54:89:f9:4f:61:c7:0e:04:17:
58:de:04:54:a5:fa:99:0c:37:ea:3f:43:11:1d:6a:
ec:cb:fe:21:51:5a:f8:79:4c:e8:23:5c:34:db:8a:
40:98:b9:86:4d:7c:9d:80:73:02:f3:57:74:21:fe:
b1:77:cc:69:5c:5a:2a:5e:04:fa:31:35:17:f2:01:
f4:60:f3:f8:84:81:72:ed:c5:5a:8a:41:5f:8f:d0:
c7:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:6E:36:69:BF:D0:E1:B4:DC:A8:FC:D3:8B:7F:02:D6:D2:95:47:7A
X509v3 Authority Key Identifier:
keyid:BC:4E:21:B2:7D:6F:84:EB:DD:88:8C:68:E7:9C:E5:55:C8:46:DA:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vE4hsn1vhOvdiIxo55zlVchG2ss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/a0d73d-6564-4142-a6ee-83e73cb25ea5/1/xG42ab_Q4bTcqPzTi38C1tKVR3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/a0d73d-6564-4142-a6ee-83e73cb25ea5/1/vE4hsn1vhOvdiIxo55zlVchG2ss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.151.44.0/23
185.151.47.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:5f:8d:ff:ac:62:05:40:fc:30:43:9a:1d:d6:28:c7:ab:18:
14:2b:84:a1:2c:48:d3:7f:fb:e4:fd:72:05:19:75:44:e3:d4:
c2:85:32:b3:5d:20:cd:82:9e:c6:3f:76:08:85:70:a9:43:91:
11:57:8d:88:99:25:93:7b:4b:98:c7:3c:e8:65:fd:bc:53:fa:
69:ff:12:c7:46:b7:c0:b4:95:3d:11:20:d3:80:6b:69:95:82:
3f:e9:30:7e:05:47:29:72:34:cb:b2:c5:cf:06:62:83:12:e4:
3a:8d:89:6b:47:35:8d:bd:68:b5:8f:c3:d3:0b:f3:f9:f2:86:
c2:b0:f7:71:81:c0:30:f3:92:c0:fa:0d:0f:68:c1:fe:46:b1:
57:33:53:a2:5f:23:80:91:23:e9:b4:87:89:51:60:88:bc:84:
0b:b8:f7:f2:bd:af:ed:b8:df:ca:09:b7:ab:46:bf:4f:59:9b:
ff:37:ac:e7:63:e3:50:a9:62:a4:fb:5d:ed:8e:fa:c1:5e:b3:
52:05:46:1a:37:bc:51:1c:cf:62:b9:09:b8:32:82:93:dc:1d:
0e:12:fd:98:dc:d4:4e:9f:e5:a2:3c:bd:6e:a9:2a:8f:36:1b:
c5:da:b9:b7:ed:df:1a:28:61:c2:d5:c7:b7:24:39:47:f9:33:
c1:db:5e:1a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvMCRuF9Z3eEXXBZl560z9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNGUyMWIyN2Q2Zjg0ZWJkZDg4OGM2OGU3OWNlNTU1Yzg0
NmRhY2IwHhcNMjMwMTAxMjExNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDZlMzY2OWJmZDBlMWI0ZGNhOGZjZDM4YjdmMDJkNmQyOTU0NzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogDX+N74skr2POpI1lTj0XxSs3E4
PJYWdM4FWipAOjg2N8sf4+HZ+dqaAfxWiXGecp7BkvEdg3VdqwzTdMb/dxXubDHU
mf7ysMr3dUGb/2SSQfdNeR6fG+futdV/W7TtBKdvpWQhsx+8qBm3ibRnFczUjhnm
/tlZ4um8XwfvWW8sdmKTAjiIV9YqaanSZCZMzXEDJK9Z/QT1YsISuT9RzoUVRda0
QLQ9xSRUiflPYccOBBdY3gRUpfqZDDfqP0MRHWrsy/4hUVr4eUzoI1w024pAmLmG
TXydgHMC81d0If6xd8xpXFoqXgT6MTUX8gH0YPP4hIFy7cVaikFfj9DHYQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMRuNmm/0OG03Kj804t/AtbSlUd6MB8GA1UdIwQY
MBaAFLxOIbJ9b4Tr3YiMaOec5VXIRtrLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkU0aHNuMXZoT3ZkaUl4bzU1emxWY2hHMnNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9hMGQ3M2QtNjU2NC00MTQyLWE2ZWUt
ODNlNzNjYjI1ZWE1LzEveEc0MmFiX1E0YlRjcVB6VGkzOEMxdEtWUjNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9hMGQ3M2QtNjU2NC00MTQyLWE2ZWUtODNlNzNjYjI1ZWE1
LzEvdkU0aHNuMXZoT3ZkaUl4bzU1emxWY2hHMnNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuZcsAwQA
uZcvMA0GCSqGSIb3DQEBCwUAA4IBAQC/X43/rGIFQPwwQ5od1ijHqxgUK4ShLEjT
f/vk/XIFGXVE49TChTKzXSDNgp7GP3YIhXCpQ5ERV42ImSWTe0uYxzzoZf28U/pp
/xLHRrfAtJU9ESDTgGtplYI/6TB+BUcpcjTLssXPBmKDEuQ6jYlrRzWNvWi1j8PT
C/P58obCsPdxgcAw85LA+g0PaMH+RrFXM1OiXyOAkSPptIeJUWCIvIQLuPfyva/t
uN/KCberRr9PWZv/N6znY+NQqWKk+13tjvrBXrNSBUYaN7xRHM9iuQm4MoKT3B0O
Ev2Y3NROn+WiPL1uqSqPNhvF2rm37d8aKGHC1ce3JDlH+TPB214a
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:01 2024 by rpki-client on console-fra.rpki-client.org