Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/0TFUEYgbyRaBz_kuPNqNk72qD6M.roa
File: 0TFUEYgbyRaBz_kuPNqNk72qD6M.roa (raw, json)
Hash identifier: 0JBj9rH7W+lHIDDY44Nez1U5wVFhEEaI4reP2Xkrd4A=
Subject key identifier: D1:31:54:11:88:1B:C9:16:81:CF:F9:2E:3C:DA:8D:93:BD:AA:0F:A3
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01856F1DD33632DC1AAB9E1B2FFC491F1ABE
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/0TFUEYgbyRaBz_kuPNqNk72qD6M.roa
Signing time: Sun 01 Jan 2023 20:55:03 +0000
ROA not before: Sun 01 Jan 2023 20:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47553
IP address blocks: 185.254.72.0/24 maxlen: 24
185.213.150.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:d3:36:32:dc:1a:ab:9e:1b:2f:fc:49:1f:1a:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 1 20:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1315411881bc91681cff92e3cda8d93bdaa0fa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:34:8f:9d:55:50:7a:79:73:1d:c9:01:4a:a7:
d5:d0:51:20:dd:9b:a7:19:96:0b:c1:cb:51:19:f4:
65:71:e0:b8:1a:e7:cc:3d:bd:b6:2e:dc:53:42:6d:
48:0e:f8:ae:82:90:18:df:8b:26:2e:47:52:34:aa:
01:88:5f:63:6a:9d:5b:19:25:f7:fc:13:94:d7:05:
86:c5:d1:7c:00:4d:f7:e4:06:cb:1a:74:0a:51:68:
de:23:df:08:d6:d9:7e:3d:6d:da:70:ca:2d:d0:29:
e0:22:71:f2:71:24:52:b8:c7:f1:b0:e7:b7:f4:32:
f1:d3:b5:75:22:77:a0:7c:ff:fb:13:2b:ee:c9:07:
85:da:ed:06:13:10:1d:6f:9e:43:45:83:8b:e8:5c:
f8:c3:39:1b:64:ab:f5:71:ea:a4:e0:57:a3:ba:52:
6f:f9:b2:f3:d7:8f:7a:00:21:8e:b9:e7:c0:c0:54:
39:3d:bb:63:97:71:d5:f6:4f:7d:c3:05:e9:51:65:
b7:bb:64:61:1d:30:24:8c:44:2a:d8:38:4b:45:0f:
19:e7:e6:61:4c:e7:60:0d:ed:21:f1:1d:59:0c:b3:
08:24:c2:4f:38:e7:02:d1:40:3f:e7:22:b3:a6:7c:
10:87:1e:70:8f:16:dd:96:5f:5b:4a:63:66:9e:67:
a3:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:31:54:11:88:1B:C9:16:81:CF:F9:2E:3C:DA:8D:93:BD:AA:0F:A3
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/0TFUEYgbyRaBz_kuPNqNk72qD6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.150.0/24
185.254.72.0/24
Signature Algorithm: sha256WithRSAEncryption
03:58:89:36:96:d0:80:cd:1d:42:19:16:35:3b:95:ef:3d:83:
ba:2c:d9:7d:48:dc:28:17:02:29:3e:73:15:a6:f8:25:59:01:
05:3d:47:16:53:26:61:48:71:9d:1d:a8:68:08:30:a8:a0:ee:
b2:7a:00:ab:1f:0d:2c:61:f6:5e:58:67:f7:6e:20:b3:b1:44:
1d:1c:b0:f3:8d:b6:f6:f3:2c:9f:cb:0b:80:83:42:b2:1d:62:
70:e2:ef:06:fa:f1:41:af:aa:5e:57:46:07:24:48:e0:13:b6:
21:0b:37:a1:69:14:54:f6:14:81:7a:2e:ba:eb:9b:4b:cb:9b:
ed:13:da:a9:b8:bd:ed:52:92:79:9e:7e:4e:0f:10:8a:32:6e:
1e:cc:6a:f7:43:76:da:26:a4:64:f3:9e:85:fe:a0:6f:3a:15:
95:9e:bd:db:0b:c8:48:17:a7:fe:03:1b:cc:f1:91:c9:89:f5:
a2:a2:77:91:9b:81:8f:50:fa:3b:eb:04:0d:d4:7c:e5:04:02:
89:22:40:06:f1:77:f2:86:4c:f0:ea:c0:97:12:c0:98:a8:90:
c2:dc:71:3f:2f:9f:9a:b2:f0:4f:68:59:57:20:69:21:f6:7c:
7e:08:28:08:48:e2:f7:60:a7:e0:5e:ed:a3:3b:31:33:ce:3a:
55:56:65:6b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvHdM2Mtwaq54bL/xJHxq+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMwMTAxMjA1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTMxNTQxMTg4MWJjOTE2ODFjZmY5MmUzY2RhOGQ5M2JkYWEwZmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjSPnVVQenlzHckBSqfV0FEg3Zun
GZYLwctRGfRlceC4GufMPb22LtxTQm1IDviugpAY34smLkdSNKoBiF9jap1bGSX3
/BOU1wWGxdF8AE335AbLGnQKUWjeI98I1tl+PW3acMot0CngInHycSRSuMfxsOe3
9DLx07V1InegfP/7EyvuyQeF2u0GExAdb55DRYOL6Fz4wzkbZKv1ceqk4FejulJv
+bLz1496ACGOuefAwFQ5Pbtjl3HV9k99wwXpUWW3u2RhHTAkjEQq2DhLRQ8Z5+Zh
TOdgDe0h8R1ZDLMIJMJPOOcC0UA/5yKzpnwQhx5wjxbdll9bSmNmnmejrQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNExVBGIG8kWgc/5LjzajZO9qg+jMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvMFRGVUVZZ2J5UmFCel9rdVBOcU5rNzJxRDZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudWWAwQA
uf5IMA0GCSqGSIb3DQEBCwUAA4IBAQADWIk2ltCAzR1CGRY1O5XvPYO6LNl9SNwo
FwIpPnMVpvglWQEFPUcWUyZhSHGdHahoCDCooO6yegCrHw0sYfZeWGf3biCzsUQd
HLDzjbb28yyfywuAg0KyHWJw4u8G+vFBr6peV0YHJEjgE7YhCzehaRRU9hSBei66
65tLy5vtE9qpuL3tUpJ5nn5ODxCKMm4ezGr3Q3baJqRk856F/qBvOhWVnr3bC8hI
F6f+AxvM8ZHJifWioneRm4GPUPo76wQN1HzlBAKJIkAG8Xfyhkzw6sCXEsCYqJDC
3HE/L5+asvBPaFlXIGkh9nx+CCgISOL3YKfgXu2jOzEzzjpVVmVr
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:42 2024 by rpki-client on console-ams.rpki-client.org