Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/735d37-391a-4aa2-ac83-0b36ac8e23c7/1/rliKl5cANdgJSFhXO-4i0TucjDE.roa
File: rliKl5cANdgJSFhXO-4i0TucjDE.roa (raw, json)
Hash identifier: 1A2QtPws7IM1SnHldwRZbat/X4ZWysaBojFduTlh3f8=
Subject key identifier: AE:58:8A:97:97:00:35:D8:09:48:58:57:3B:EE:22:D1:3B:9C:8C:31
Certificate issuer: /CN=0e36a05fae760691f70cfb5b4f6249947abade87
Certificate serial: 01856F4B67F3CE89C5E3B1DE98E4CC361972
Authority key identifier: 0E:36:A0:5F:AE:76:06:91:F7:0C:FB:5B:4F:62:49:94:7A:BA:DE:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DjagX652BpH3DPtbT2JJlHq63oc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/735d37-391a-4aa2-ac83-0b36ac8e23c7/1/rliKl5cANdgJSFhXO-4i0TucjDE.roa
Signing time: Sun 01 Jan 2023 21:44:50 +0000
ROA not before: Sun 01 Jan 2023 21:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3290
IP address blocks: 185.124.245.0/24 maxlen: 24
185.124.246.0/24 maxlen: 24
185.124.244.0/24 maxlen: 24
185.124.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:67:f3:ce:89:c5:e3:b1:de:98:e4:cc:36:19:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e36a05fae760691f70cfb5b4f6249947abade87
Validity
Not Before: Jan 1 21:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae588a97970035d8094858573bee22d13b9c8c31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f0:ec:20:6b:65:85:59:6a:c5:e6:a9:4c:37:
1f:be:48:2e:25:88:64:55:4f:c6:89:c6:e7:77:1e:
e4:e8:3b:cb:be:5f:05:cf:bc:39:b7:40:d6:16:48:
1d:5f:15:6e:c3:8a:fd:c2:fb:3f:d6:e6:c8:86:44:
30:e9:68:73:1a:2f:38:93:72:0b:fa:11:5c:1f:89:
6e:27:4b:ed:9c:ae:fb:a1:66:0e:8f:6a:cb:da:e2:
f6:b8:a8:94:f3:88:ee:eb:b5:40:f8:9e:ba:c9:5a:
8d:3a:43:aa:b2:b7:9a:38:18:07:6d:64:a7:be:70:
99:02:38:46:97:75:15:63:a6:8c:39:66:49:c8:aa:
56:bd:ec:28:f0:58:ab:99:67:c0:64:63:50:0e:d4:
72:fb:b9:db:f7:cc:5f:e3:90:30:de:15:b4:12:d3:
f7:6c:6a:56:57:ce:99:45:06:74:b2:9c:12:10:4c:
04:b0:19:de:b0:a8:00:ce:62:d5:8f:81:7e:d1:97:
71:01:bb:8b:f3:37:a2:51:e0:f0:19:42:9f:04:1c:
62:db:ae:93:9c:75:c1:5c:97:ec:18:c6:d0:22:cf:
e5:c5:8d:7d:cb:c9:9f:8f:b5:da:7a:99:86:14:79:
53:78:71:9b:e2:74:72:4c:94:9f:1b:f2:e3:3b:2e:
47:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:58:8A:97:97:00:35:D8:09:48:58:57:3B:EE:22:D1:3B:9C:8C:31
X509v3 Authority Key Identifier:
keyid:0E:36:A0:5F:AE:76:06:91:F7:0C:FB:5B:4F:62:49:94:7A:BA:DE:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DjagX652BpH3DPtbT2JJlHq63oc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/735d37-391a-4aa2-ac83-0b36ac8e23c7/1/rliKl5cANdgJSFhXO-4i0TucjDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/735d37-391a-4aa2-ac83-0b36ac8e23c7/1/DjagX652BpH3DPtbT2JJlHq63oc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.244.0/22
Signature Algorithm: sha256WithRSAEncryption
05:ac:0d:0d:e3:9a:1f:c3:f6:b0:1d:19:df:2b:08:cd:2e:ef:
98:d4:8d:8f:2e:14:53:89:c5:b0:f1:9f:4f:0e:60:59:df:6a:
bf:7e:36:58:12:b3:d1:69:69:33:7b:ad:33:53:4a:f9:bf:b7:
96:a4:b5:88:fc:ed:d0:0d:0c:74:87:26:74:2d:ed:38:9f:f5:
9c:3e:0e:2c:64:a5:30:f9:d4:69:64:7a:00:49:f2:27:e9:6c:
c8:19:84:4b:89:71:fb:e2:6d:22:a9:77:be:93:b0:69:a8:e5:
0c:0d:d8:c7:cc:d1:21:54:e1:44:6d:79:f8:fa:9c:e8:64:28:
d3:dd:33:94:57:24:fc:6d:58:dc:99:de:9b:56:0d:35:3c:cd:
fb:16:fe:3a:e2:2f:8b:f3:06:1c:33:11:ee:78:5e:2e:a9:19:
62:b7:d9:e4:2f:fe:aa:a3:68:9e:0f:67:47:4c:27:cd:fe:b0:
2d:d1:86:8f:7f:01:cd:fc:12:e2:cc:ad:2b:93:44:60:a5:c4:
7f:da:65:aa:1c:fc:5d:94:9b:47:7b:48:11:13:ba:2f:8d:0f:
f7:e9:3f:17:82:a4:c2:f1:c9:d4:70:bf:57:e9:3a:54:62:a4:
63:e9:a3:fc:24:4c:f2:f2:2e:51:92:08:6f:31:8b:7a:84:14:
b8:a4:5f:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvS2fzzonF47HemOTMNhlyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMzZhMDVmYWU3NjA2OTFmNzBjZmI1YjRmNjI0OTk0N2Fi
YWRlODcwHhcNMjMwMTAxMjE0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTU4OGE5Nzk3MDAzNWQ4MDk0ODU4NTczYmVlMjJkMTNiOWM4YzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPDsIGtlhVlqxeapTDcfvkguJYhk
VU/Gicbndx7k6DvLvl8Fz7w5t0DWFkgdXxVuw4r9wvs/1ubIhkQw6WhzGi84k3IL
+hFcH4luJ0vtnK77oWYOj2rL2uL2uKiU84ju67VA+J66yVqNOkOqsreaOBgHbWSn
vnCZAjhGl3UVY6aMOWZJyKpWvewo8FirmWfAZGNQDtRy+7nb98xf45Aw3hW0EtP3
bGpWV86ZRQZ0spwSEEwEsBnesKgAzmLVj4F+0ZdxAbuL8zeiUeDwGUKfBBxi266T
nHXBXJfsGMbQIs/lxY19y8mfj7XaepmGFHlTeHGb4nRyTJSfG/LjOy5HYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK5YipeXADXYCUhYVzvuItE7nIwxMB8GA1UdIwQY
MBaAFA42oF+udgaR9wz7W09iSZR6ut6HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGphZ1g2NTJCcEgzRFB0YlQySkpsSHE2M29jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny83MzVkMzctMzkxYS00YWEyLWFjODMt
MGIzNmFjOGUyM2M3LzEvcmxpS2w1Y0FOZGdKU0ZoWE8tNGkwVHVjakRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny83MzVkMzctMzkxYS00YWEyLWFjODMtMGIzNmFjOGUyM2M3
LzEvRGphZ1g2NTJCcEgzRFB0YlQySkpsSHE2M29jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXz0MA0G
CSqGSIb3DQEBCwUAA4IBAQAFrA0N45ofw/awHRnfKwjNLu+Y1I2PLhRTicWw8Z9P
DmBZ32q/fjZYErPRaWkze60zU0r5v7eWpLWI/O3QDQx0hyZ0Le04n/WcPg4sZKUw
+dRpZHoASfIn6WzIGYRLiXH74m0iqXe+k7BpqOUMDdjHzNEhVOFEbXn4+pzoZCjT
3TOUVyT8bVjcmd6bVg01PM37Fv464i+L8wYcMxHueF4uqRlit9nkL/6qo2ieD2dH
TCfN/rAt0YaPfwHN/BLizK0rk0RgpcR/2mWqHPxdlJtHe0gRE7ovjQ/36T8XgqTC
8cnUcL9X6TpUYqRj6aP8JEzy8i5RkghvMYt6hBS4pF8a
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:28 2024 by rpki-client on console-ams.rpki-client.org