Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/6f598d-a5c5-4c99-a1f0-548263eb6fb4/1/0cVFvH2V_V3cjaaOoUTrJfREnbE.roa
File: 0cVFvH2V_V3cjaaOoUTrJfREnbE.roa (raw, json)
Hash identifier: 3r0boRqpSyVMWwp839RY2bdHzFSf718ZtdENrQer4dA=
Subject key identifier: D1:C5:45:BC:7D:95:FD:5D:DC:8D:A6:8E:A1:44:EB:25:F4:44:9D:B1
Certificate issuer: /CN=7a0a06564d3c717d2d6daa1e833c495976b0bada
Certificate serial: 018571A7C081A8228F328154487237DA94EB
Authority key identifier: 7A:0A:06:56:4D:3C:71:7D:2D:6D:AA:1E:83:3C:49:59:76:B0:BA:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/egoGVk08cX0tbaoegzxJWXawuto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/6f598d-a5c5-4c99-a1f0-548263eb6fb4/1/0cVFvH2V_V3cjaaOoUTrJfREnbE.roa
Signing time: Mon 02 Jan 2023 08:44:57 +0000
ROA not before: Mon 02 Jan 2023 08:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198949
IP address blocks: 149.249.2.0/24 maxlen: 24
149.249.1.0/24 maxlen: 24
149.249.3.0/24 maxlen: 24
149.249.0.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:c0:81:a8:22:8f:32:81:54:48:72:37:da:94:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a0a06564d3c717d2d6daa1e833c495976b0bada
Validity
Not Before: Jan 2 08:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1c545bc7d95fd5ddc8da68ea144eb25f4449db1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a2:2e:a6:58:5c:b0:68:09:be:f3:5e:bd:05:
46:61:ce:34:56:4e:45:d2:dc:5f:11:72:a3:a1:69:
c7:54:44:f2:12:90:67:ee:21:7c:6d:de:72:c3:e7:
a1:e6:3c:af:c9:a0:78:de:ba:24:2d:a7:5f:1e:3a:
51:d5:87:9f:cb:ff:e4:68:6b:76:5e:1f:82:88:bb:
78:78:58:b7:15:09:20:07:62:3d:21:cd:eb:cc:0c:
40:25:8e:c2:4c:cb:91:0d:81:d3:38:1f:af:ab:81:
8e:30:63:76:99:05:38:53:79:64:73:62:4e:76:cb:
5c:e5:eb:6a:66:ad:bd:1b:95:33:ad:b9:95:26:c6:
80:65:27:f8:91:4a:79:c2:6e:0a:ac:6b:1c:14:1b:
c8:52:15:6b:90:74:c0:f8:29:91:6a:31:9a:b6:0f:
75:52:4a:8a:6d:45:8d:a7:9e:08:39:a8:be:75:ab:
d5:3b:b8:ee:59:32:1d:e3:ca:54:e7:49:96:be:bb:
c3:99:ef:f6:e2:66:75:ae:73:d9:3b:25:76:82:ff:
99:c7:56:0e:9b:7b:05:46:60:2f:3f:5c:9d:c5:4f:
4b:e2:74:6b:75:5b:fd:83:46:2c:87:46:1f:17:c2:
5a:c5:d1:51:b6:3d:f0:69:93:23:a4:ad:04:fc:5c:
51:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:C5:45:BC:7D:95:FD:5D:DC:8D:A6:8E:A1:44:EB:25:F4:44:9D:B1
X509v3 Authority Key Identifier:
keyid:7A:0A:06:56:4D:3C:71:7D:2D:6D:AA:1E:83:3C:49:59:76:B0:BA:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/egoGVk08cX0tbaoegzxJWXawuto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/6f598d-a5c5-4c99-a1f0-548263eb6fb4/1/0cVFvH2V_V3cjaaOoUTrJfREnbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/6f598d-a5c5-4c99-a1f0-548263eb6fb4/1/egoGVk08cX0tbaoegzxJWXawuto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.249.0.0/22
Signature Algorithm: sha256WithRSAEncryption
77:43:53:32:b4:b1:c3:a7:09:32:10:d3:ff:e5:a3:bc:8e:23:
7f:5e:b3:8c:59:48:77:37:35:f2:de:80:77:d7:fd:32:cf:c2:
92:73:20:54:5c:a8:64:37:87:33:5a:85:e7:87:87:66:4d:12:
6a:97:08:f1:c0:ba:62:73:08:7c:3e:0f:b6:ba:7c:4d:dd:c5:
5d:f3:d2:5a:e1:79:5a:dc:35:f8:97:42:b9:81:5f:31:d2:1b:
08:50:e9:73:63:ad:32:bb:20:22:ef:df:66:88:52:23:f2:3f:
e9:62:84:6f:3b:0d:47:de:5e:82:09:b0:70:d9:b2:7a:e2:4c:
19:19:28:f6:9b:29:5d:ca:69:fe:c3:a7:f3:4e:8b:19:1c:d7:
55:88:b2:0f:b6:27:dc:6b:3b:c8:20:5f:00:27:9d:5c:9c:7f:
19:a5:48:cc:e1:29:90:50:6f:69:82:81:03:bc:31:51:21:d7:
e5:9e:a7:55:8d:78:55:fe:a9:48:b2:51:a8:15:74:ff:f6:1c:
39:39:50:f3:44:9d:8d:55:89:e9:09:b2:f8:e6:b1:8a:86:55:
4d:65:c2:bc:f8:df:0c:e6:98:7c:11:f8:bd:06:7d:9e:19:ca:
bb:10:0b:73:0d:ec:51:51:a0:36:bc:14:8e:8e:ac:53:c1:67:
34:08:ae:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxp8CBqCKPMoFUSHI32pTrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMGEwNjU2NGQzYzcxN2QyZDZkYWExZTgzM2M0OTU5NzZi
MGJhZGEwHhcNMjMwMTAyMDg0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWM1NDViYzdkOTVmZDVkZGM4ZGE2OGVhMTQ0ZWIyNWY0NDQ5ZGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaIuplhcsGgJvvNevQVGYc40Vk5F
0txfEXKjoWnHVETyEpBn7iF8bd5yw+eh5jyvyaB43rokLadfHjpR1Yefy//kaGt2
Xh+CiLt4eFi3FQkgB2I9Ic3rzAxAJY7CTMuRDYHTOB+vq4GOMGN2mQU4U3lkc2JO
dstc5etqZq29G5UzrbmVJsaAZSf4kUp5wm4KrGscFBvIUhVrkHTA+CmRajGatg91
UkqKbUWNp54IOai+davVO7juWTId48pU50mWvrvDme/24mZ1rnPZOyV2gv+Zx1YO
m3sFRmAvP1ydxU9L4nRrdVv9g0Ysh0YfF8JaxdFRtj3waZMjpK0E/FxRBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNHFRbx9lf1d3I2mjqFE6yX0RJ2xMB8GA1UdIwQY
MBaAFHoKBlZNPHF9LW2qHoM8SVl2sLraMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWdvR1ZrMDhjWDB0YmFvZWd6eEpXWGF3dXRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi82ZjU5OGQtYTVjNS00Yzk5LWExZjAt
NTQ4MjYzZWI2ZmI0LzEvMGNWRnZIMlZfVjNjamFhT29VVHJKZlJFbmJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi82ZjU5OGQtYTVjNS00Yzk5LWExZjAtNTQ4MjYzZWI2ZmI0
LzEvZWdvR1ZrMDhjWDB0YmFvZWd6eEpXWGF3dXRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQClfkAMA0G
CSqGSIb3DQEBCwUAA4IBAQB3Q1MytLHDpwkyENP/5aO8jiN/XrOMWUh3NzXy3oB3
1/0yz8KScyBUXKhkN4czWoXnh4dmTRJqlwjxwLpicwh8Pg+2unxN3cVd89Ja4Xla
3DX4l0K5gV8x0hsIUOlzY60yuyAi799miFIj8j/pYoRvOw1H3l6CCbBw2bJ64kwZ
GSj2myldymn+w6fzTosZHNdViLIPtifcazvIIF8AJ51cnH8ZpUjM4SmQUG9pgoED
vDFRIdflnqdVjXhV/qlIslGoFXT/9hw5OVDzRJ2NVYnpCbL45rGKhlVNZcK8+N8M
5ph8Efi9Bn2eGcq7EAtzDexRUaA2vBSOjqxTwWc0CK5M
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:26:03 2024 by rpki-client on console-fra.rpki-client.org