Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/17490b-09a6-4e38-b084-14b0e8c4e8e7/1/0T5YFOzJudjcmMBRk6UMijleCec.roa
File: 0T5YFOzJudjcmMBRk6UMijleCec.roa (raw, json)
Hash identifier: p4AiXrnOiVJS9gx/AZ7HkeE2ouX/XvSOja4f+IYGU98=
Subject key identifier: D1:3E:58:14:EC:C9:B9:D8:DC:98:C0:51:93:A5:0C:8A:39:5E:09:E7
Certificate issuer: /CN=ac4bdd9e97f210370cc301257ac15faeb8fa524e
Certificate serial: 01857169AF44E707A1498009687D286CACCC
Authority key identifier: AC:4B:DD:9E:97:F2:10:37:0C:C3:01:25:7A:C1:5F:AE:B8:FA:52:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rEvdnpfyEDcMwwElesFfrrj6Uk4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/17490b-09a6-4e38-b084-14b0e8c4e8e7/1/0T5YFOzJudjcmMBRk6UMijleCec.roa
Signing time: Mon 02 Jan 2023 07:37:09 +0000
ROA not before: Mon 02 Jan 2023 07:37:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199708
IP address blocks: 185.48.201.0/24 maxlen: 24
185.48.202.0/23 maxlen: 23
185.48.203.0/24 maxlen: 24
185.48.200.0/23 maxlen: 23
2a04:b280::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:af:44:e7:07:a1:49:80:09:68:7d:28:6c:ac:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac4bdd9e97f210370cc301257ac15faeb8fa524e
Validity
Not Before: Jan 2 07:37:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d13e5814ecc9b9d8dc98c05193a50c8a395e09e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c2:b9:10:0d:1b:6d:20:fb:fd:91:d9:ab:3d:
e9:3f:53:3e:2e:aa:3a:db:3c:d0:47:2a:c0:d7:18:
46:49:bd:90:ad:e0:f1:6b:52:5e:5e:9d:e4:22:ee:
dc:bb:e5:9c:cf:43:f8:e5:36:a6:b8:aa:3a:9a:61:
01:a1:63:e4:60:c6:75:71:ae:04:6d:38:ba:d9:85:
88:29:f2:05:b2:a5:d6:e3:56:23:d4:15:85:ef:3a:
d6:40:95:ff:44:2b:26:36:d2:83:66:9f:98:3c:59:
51:35:b2:1d:39:4e:61:a8:1d:ce:44:32:d7:9d:a8:
08:e9:78:0f:8b:bf:2b:f8:34:78:84:8e:35:22:2f:
29:58:ff:d0:41:d1:58:7d:3a:0e:d6:18:d3:57:dc:
db:ef:dc:17:0d:36:1e:14:f5:d4:42:a7:78:0e:b1:
57:f6:79:3a:06:0e:69:16:da:a2:b7:51:f3:5b:d7:
51:d9:48:36:65:95:ea:fd:2b:88:16:df:00:7f:80:
c3:a5:21:be:64:3b:b1:85:2e:98:55:12:03:7a:9a:
13:dd:65:6e:74:46:71:06:f7:96:5e:af:25:92:76:
c4:be:45:12:9a:b5:0b:74:a9:64:9b:94:e3:cc:6d:
ab:2d:59:31:94:08:79:35:06:d9:f6:20:ca:db:d3:
07:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:3E:58:14:EC:C9:B9:D8:DC:98:C0:51:93:A5:0C:8A:39:5E:09:E7
X509v3 Authority Key Identifier:
keyid:AC:4B:DD:9E:97:F2:10:37:0C:C3:01:25:7A:C1:5F:AE:B8:FA:52:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rEvdnpfyEDcMwwElesFfrrj6Uk4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/17490b-09a6-4e38-b084-14b0e8c4e8e7/1/0T5YFOzJudjcmMBRk6UMijleCec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/17490b-09a6-4e38-b084-14b0e8c4e8e7/1/rEvdnpfyEDcMwwElesFfrrj6Uk4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.48.200.0/22
IPv6:
2a04:b280::/29
Signature Algorithm: sha256WithRSAEncryption
10:dd:3d:e7:f1:17:ad:eb:2d:df:47:f1:75:1d:49:8d:2a:ac:
ec:f2:b6:d0:f7:3b:a3:0d:9a:92:ef:84:48:41:44:fd:ff:bc:
87:19:61:3c:ea:20:17:4e:08:6a:16:c3:54:ca:1e:0c:98:d4:
03:30:f1:8e:48:a0:2f:85:d5:f9:8a:55:be:bf:c8:e5:e7:17:
e5:00:40:40:f5:ff:ae:57:58:89:8e:45:cf:c0:46:84:f5:c6:
5d:71:a5:6b:58:2c:fc:ae:75:b4:6c:87:e7:39:e5:bd:41:ef:
7c:61:cc:a3:d0:b9:6f:b2:8d:84:2c:4f:6a:77:50:a2:8e:be:
1a:72:66:90:70:b8:f9:61:40:11:6b:84:c5:3f:dc:11:f0:29:
80:44:6c:06:18:7f:d2:1a:94:15:93:6f:fa:93:74:19:bf:90:
08:85:4f:b5:cf:e4:b3:75:2e:9e:63:a4:11:bb:29:57:e8:61:
4f:a7:87:47:fa:b2:02:80:e0:0d:61:6b:03:7e:56:b3:55:38:
85:14:ad:21:30:28:22:1b:d7:49:43:93:b7:b1:a6:a4:da:43:
0c:70:e8:58:66:c6:b2:ce:26:e3:55:61:9e:b6:bb:53:df:e4:
67:43:a7:55:68:ad:be:df:c2:d3:0f:7a:34:51:c5:9c:9d:a8:
5f:83:8e:5f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxaa9E5wehSYAJaH0obKzMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjNGJkZDllOTdmMjEwMzcwY2MzMDEyNTdhYzE1ZmFlYjhm
YTUyNGUwHhcNMjMwMTAyMDczNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTNlNTgxNGVjYzliOWQ4ZGM5OGMwNTE5M2E1MGM4YTM5NWUwOWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8K5EA0bbSD7/ZHZqz3pP1M+Lqo6
2zzQRyrA1xhGSb2QreDxa1JeXp3kIu7cu+Wcz0P45TamuKo6mmEBoWPkYMZ1ca4E
bTi62YWIKfIFsqXW41Yj1BWF7zrWQJX/RCsmNtKDZp+YPFlRNbIdOU5hqB3ORDLX
nagI6XgPi78r+DR4hI41Ii8pWP/QQdFYfToO1hjTV9zb79wXDTYeFPXUQqd4DrFX
9nk6Bg5pFtqit1HzW9dR2Ug2ZZXq/SuIFt8Af4DDpSG+ZDuxhS6YVRIDepoT3WVu
dEZxBveWXq8lknbEvkUSmrULdKlkm5TjzG2rLVkxlAh5NQbZ9iDK29MHIQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNE+WBTsybnY3JjAUZOlDIo5XgnnMB8GA1UdIwQY
MBaAFKxL3Z6X8hA3DMMBJXrBX664+lJOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckV2ZG5wZnlFRGNNd3dFbGVzRmZycmo2VWs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8xNzQ5MGItMDlhNi00ZTM4LWIwODQt
MTRiMGU4YzRlOGU3LzEvMFQ1WUZPekp1ZGpjbU1CUms2VU1pamxlQ2VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8xNzQ5MGItMDlhNi00ZTM4LWIwODQtMTRiMGU4YzRlOGU3
LzEvckV2ZG5wZnlFRGNNd3dFbGVzRmZycmo2VWs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTDIMA0E
AgACMAcDBQMqBLKAMA0GCSqGSIb3DQEBCwUAA4IBAQAQ3T3n8Ret6y3fR/F1HUmN
Kqzs8rbQ9zujDZqS74RIQUT9/7yHGWE86iAXTghqFsNUyh4MmNQDMPGOSKAvhdX5
ilW+v8jl5xflAEBA9f+uV1iJjkXPwEaE9cZdcaVrWCz8rnW0bIfnOeW9Qe98Ycyj
0Llvso2ELE9qd1Cijr4acmaQcLj5YUARa4TFP9wR8CmARGwGGH/SGpQVk2/6k3QZ
v5AIhU+1z+SzdS6eY6QRuylX6GFPp4dH+rICgOANYWsDflazVTiFFK0hMCgiG9dJ
Q5O3saak2kMMcOhYZsayzibjVWGetrtT3+RnQ6dVaK2+38LTD3o0UcWcnahfg45f
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:20 2024 by rpki-client on console-fra.rpki-client.org