Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/4drDaD0FDkPH8rXep3I9FEJNYfo.roa
File: 4drDaD0FDkPH8rXep3I9FEJNYfo.roa (raw, json)
Hash identifier: +w4U1wSi+W8jScABFvJ1s6ipzRRJWql5x9jGNKL10wA=
Subject key identifier: E1:DA:C3:68:3D:05:0E:43:C7:F2:B5:DE:A7:72:3D:14:42:4D:61:FA
Certificate issuer: /CN=2dc81d24c45ddaa345f9064de29fbca7b129a52c
Certificate serial: 018572BA66A84290BAFC61EB2C90B9AB5239
Authority key identifier: 2D:C8:1D:24:C4:5D:DA:A3:45:F9:06:4D:E2:9F:BC:A7:B1:29:A5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LcgdJMRd2qNF-QZN4p-8p7EppSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/4drDaD0FDkPH8rXep3I9FEJNYfo.roa
Signing time: Mon 02 Jan 2023 13:44:56 +0000
ROA not before: Mon 02 Jan 2023 13:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 185.14.239.0/24 maxlen: 24
185.14.237.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:66:a8:42:90:ba:fc:61:eb:2c:90:b9:ab:52:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dc81d24c45ddaa345f9064de29fbca7b129a52c
Validity
Not Before: Jan 2 13:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1dac3683d050e43c7f2b5dea7723d14424d61fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:aa:9f:79:38:d4:cd:49:0e:03:eb:5b:b4:29:
b7:c7:fc:ab:77:ec:7a:42:44:13:97:8f:d7:49:8b:
18:df:88:dc:56:17:8d:54:82:a6:1d:fa:28:10:7d:
f0:af:c5:e6:4d:f7:42:2d:94:7c:6e:e1:30:c9:0e:
0a:4e:73:95:42:9d:c1:0a:fb:fc:13:d5:86:19:0a:
39:5f:1a:ad:a1:07:dd:d1:3b:4f:a5:bc:c8:a0:61:
84:63:9d:ce:48:1e:75:e6:02:66:e0:60:9f:5f:ec:
b0:17:92:9f:b9:49:fa:60:5a:0f:fa:3f:2b:ab:82:
01:b5:60:91:62:ad:41:bd:aa:6d:d4:ee:1e:1a:95:
7f:46:94:ee:4a:dd:44:7d:6e:c3:12:01:9a:d8:a4:
8c:67:91:f4:60:88:f9:d8:0e:59:f3:45:47:49:ae:
2b:76:a2:aa:23:e0:92:e5:78:9e:98:35:07:d1:ee:
ae:07:7d:4e:f8:42:ea:80:ce:f4:92:23:0a:01:e4:
48:84:16:03:c5:49:7b:6e:6b:51:30:18:96:ff:83:
87:bc:19:19:02:d9:15:d2:f9:6c:19:89:08:46:3e:
a1:2c:25:4e:62:bb:36:e3:1f:71:2d:0d:0d:44:fc:
23:30:1b:6f:9c:eb:88:61:6b:e2:b9:54:e1:a7:d3:
62:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:DA:C3:68:3D:05:0E:43:C7:F2:B5:DE:A7:72:3D:14:42:4D:61:FA
X509v3 Authority Key Identifier:
keyid:2D:C8:1D:24:C4:5D:DA:A3:45:F9:06:4D:E2:9F:BC:A7:B1:29:A5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LcgdJMRd2qNF-QZN4p-8p7EppSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/4drDaD0FDkPH8rXep3I9FEJNYfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/LcgdJMRd2qNF-QZN4p-8p7EppSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.237.0/24
185.14.239.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:95:72:bb:15:85:d4:e3:8a:9b:0e:84:4e:0c:42:c1:39:08:
f9:a3:b2:5d:8e:0f:c5:d5:23:99:aa:1d:c2:f1:f9:0c:cb:ca:
7d:e9:e5:5f:f2:f8:c8:f5:24:b1:0f:78:32:c1:f6:a3:33:c7:
97:40:e2:10:8c:e1:50:0e:d3:be:11:37:00:4d:86:f5:52:67:
82:66:55:56:65:b1:ac:ab:87:e7:9f:f9:0f:f7:fd:53:49:b3:
f7:4d:56:15:a2:fa:01:89:fc:3c:58:c0:a8:7e:a1:f3:67:36:
e2:41:59:55:c6:11:90:42:aa:a9:7e:6e:a1:fd:d3:51:90:d4:
a3:19:87:fe:30:b5:d9:53:66:6c:84:ff:cb:11:12:37:5d:ff:
09:8e:dc:26:6b:0c:e8:37:9b:db:3e:0a:d2:64:b7:c0:d1:6f:
be:b7:5f:fb:fc:2e:e0:fb:2e:be:d6:31:75:d2:a5:f6:11:fb:
cb:92:60:fc:d9:e4:3f:1b:29:6d:85:bd:d4:6c:f1:d4:9f:95:
f3:83:3f:d0:09:d5:b4:28:2e:23:18:0e:b4:15:66:70:df:36:
2a:42:68:7b:08:e7:3b:f5:db:da:51:77:89:53:c6:53:bf:d1:
a3:dc:4a:76:94:0a:b1:c8:5a:aa:c8:d9:42:6f:5f:c2:17:8f:
ed:2f:f9:76
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyumaoQpC6/GHrLJC5q1I5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkYzgxZDI0YzQ1ZGRhYTM0NWY5MDY0ZGUyOWZiY2E3YjEy
OWE1MmMwHhcNMjMwMTAyMTM0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWRhYzM2ODNkMDUwZTQzYzdmMmI1ZGVhNzcyM2QxNDQyNGQ2MWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaqfeTjUzUkOA+tbtCm3x/yrd+x6
QkQTl4/XSYsY34jcVheNVIKmHfooEH3wr8XmTfdCLZR8buEwyQ4KTnOVQp3BCvv8
E9WGGQo5XxqtoQfd0TtPpbzIoGGEY53OSB515gJm4GCfX+ywF5KfuUn6YFoP+j8r
q4IBtWCRYq1Bvapt1O4eGpV/RpTuSt1EfW7DEgGa2KSMZ5H0YIj52A5Z80VHSa4r
dqKqI+CS5XiemDUH0e6uB31O+ELqgM70kiMKAeRIhBYDxUl7bmtRMBiW/4OHvBkZ
AtkV0vlsGYkIRj6hLCVOYrs24x9xLQ0NRPwjMBtvnOuIYWviuVThp9Ni/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOHaw2g9BQ5Dx/K13qdyPRRCTWH6MB8GA1UdIwQY
MBaAFC3IHSTEXdqjRfkGTeKfvKexKaUsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGNnZEpNUmQycU5GLVFaTjRwLThwN0VwcFN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iZjNkYjUtYTMzZi00MzExLWFjZDkt
MmZjYzBiNzQ5YjMyLzEvNGRyRGFEMEZEa1BIOHJYZXAzSTlGRUpOWWZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iZjNkYjUtYTMzZi00MzExLWFjZDktMmZjYzBiNzQ5YjMy
LzEvTGNnZEpNUmQycU5GLVFaTjRwLThwN0VwcFN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuQ7tAwQA
uQ7vMA0GCSqGSIb3DQEBCwUAA4IBAQBblXK7FYXU44qbDoRODELBOQj5o7Jdjg/F
1SOZqh3C8fkMy8p96eVf8vjI9SSxD3gywfajM8eXQOIQjOFQDtO+ETcATYb1UmeC
ZlVWZbGsq4fnn/kP9/1TSbP3TVYVovoBifw8WMCofqHzZzbiQVlVxhGQQqqpfm6h
/dNRkNSjGYf+MLXZU2ZshP/LERI3Xf8JjtwmawzoN5vbPgrSZLfA0W++t1/7/C7g
+y6+1jF10qX2EfvLkmD82eQ/Gylthb3UbPHUn5Xzgz/QCdW0KC4jGA60FWZw3zYq
Qmh7COc79dvaUXeJU8ZTv9Gj3Ep2lAqxyFqqyNlCb1/CF4/tL/l2
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:30 2024 by rpki-client on console-fra.rpki-client.org