Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/2e5c49-0d74-487a-a81c-9174df4ddb9a/1/1-I_zTR0LxMg46TfUel_a42sVWEU.roa
File: 1-I_zTR0LxMg46TfUel_a42sVWEU.roa (raw, json)
Hash identifier: leEVQYWe+7c4uN4HGeDrGtQx5h8nQVh4L8cXp3hORIQ=
Subject key identifier: F8:8F:F3:4D:1D:0B:C4:C8:38:E9:37:D4:7A:5F:DA:E3:6B:15:58:45
Certificate issuer: /CN=b799ac989c44b2e1cdabc258e96ca93caad4bd64
Certificate serial: 018B4FBE56AC163A3067BCC993BACF011779
Authority key identifier: B7:99:AC:98:9C:44:B2:E1:CD:AB:C2:58:E9:6C:A9:3C:AA:D4:BD:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t5msmJxEsuHNq8JY6WypPKrUvWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/2e5c49-0d74-487a-a81c-9174df4ddb9a/1/1-I_zTR0LxMg46TfUel_a42sVWEU.roa
Signing time: Sat 21 Oct 2023 00:59:15 +0000
ROA not before: Sat 21 Oct 2023 00:59:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8075
IP address blocks: 185.242.137.0/24 maxlen: 24
185.242.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Oct 2023 01:34:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4f:be:56:ac:16:3a:30:67:bc:c9:93:ba:cf:01:17:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b799ac989c44b2e1cdabc258e96ca93caad4bd64
Validity
Not Before: Oct 21 00:59:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f88ff34d1d0bc4c838e937d47a5fdae36b155845
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:bb:ff:26:f0:43:c9:3d:54:c8:ae:39:84:ea:
15:bd:b6:7d:d9:49:17:32:87:f0:3e:7c:22:4a:83:
e2:1a:16:98:c2:19:c0:fb:b2:18:c6:44:3b:50:51:
fc:61:c8:a3:44:4f:ed:01:34:91:76:b2:a0:28:6d:
66:76:7e:d7:50:f3:8c:e8:63:f3:bb:eb:dd:48:ad:
5d:54:93:c5:f7:bd:72:12:02:04:f7:dd:7a:65:ed:
a1:7c:51:12:e9:7c:96:0d:b0:09:bd:74:91:9f:1c:
41:1f:09:7f:88:02:dc:5e:4e:53:dc:7c:75:e1:4e:
36:55:e7:d2:4c:bf:d4:8a:c1:c5:e1:e2:c4:62:3e:
d5:55:e4:a3:eb:5b:00:51:40:94:36:fa:e0:30:01:
e2:3e:f0:10:3c:65:9c:f8:a4:21:dd:f6:b5:76:a8:
8b:91:69:d8:cd:a1:6c:1c:56:a5:5e:e9:22:9c:b0:
d5:b7:48:b5:7a:f5:60:8e:de:97:61:9d:49:62:f8:
34:02:61:b6:a0:80:32:03:1d:5c:2d:e8:6c:0d:51:
12:d9:42:ce:d5:b5:8d:1d:4e:3d:8f:71:ae:00:f4:
ec:e9:02:e0:b3:72:80:a0:f2:56:e4:37:d3:b5:51:
88:51:27:fb:c1:96:7c:be:49:44:7b:90:42:83:03:
50:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:8F:F3:4D:1D:0B:C4:C8:38:E9:37:D4:7A:5F:DA:E3:6B:15:58:45
X509v3 Authority Key Identifier:
keyid:B7:99:AC:98:9C:44:B2:E1:CD:AB:C2:58:E9:6C:A9:3C:AA:D4:BD:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t5msmJxEsuHNq8JY6WypPKrUvWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/2e5c49-0d74-487a-a81c-9174df4ddb9a/1/1-I_zTR0LxMg46TfUel_a42sVWEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/2e5c49-0d74-487a-a81c-9174df4ddb9a/1/t5msmJxEsuHNq8JY6WypPKrUvWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.137.0/24
185.242.139.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:95:69:4b:fd:24:b0:68:3b:6e:3c:86:8e:2c:3e:d5:38:53:
95:5d:c3:86:5d:f3:83:fc:b1:b2:9a:5d:69:2b:02:2e:3f:d7:
39:29:f8:21:5e:bb:d5:fc:26:07:fd:0b:ca:aa:d8:46:35:b7:
6d:51:15:2f:8f:6f:51:0a:36:50:6d:28:4f:10:14:24:44:57:
31:fe:b2:fc:c7:f7:63:55:de:2c:8d:e6:5b:0b:46:d8:63:6b:
e3:c5:22:a5:c4:f6:99:ea:fa:11:7b:50:1e:50:9f:ae:9f:fa:
b2:54:b4:c0:82:b6:2c:63:c8:fc:d1:b6:6b:60:d1:60:af:b6:
13:94:7c:88:27:93:f3:36:bb:24:8b:b6:93:cc:32:a0:6f:80:
87:94:58:2a:2e:07:76:45:dd:30:99:96:d9:e2:f2:69:ce:15:
6e:b2:16:97:a6:7f:7b:86:63:4c:09:64:fa:06:17:3c:d9:f3:
9b:4b:b7:1e:04:4f:88:b7:6a:88:ba:5e:31:50:e9:fd:75:e6:
4d:8c:ad:54:de:dc:d4:1b:9a:e4:94:f3:8c:bd:c4:69:3a:c5:
77:f6:3a:fd:85:2d:de:27:82:d1:4d:fd:32:42:60:9b:e4:24:
22:00:6f:7c:ce:ab:df:26:88:db:ab:51:28:ae:00:b4:06:25:
56:63:6c:cf
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYtPvlasFjowZ7zJk7rPARd5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3OTlhYzk4OWM0NGIyZTFjZGFiYzI1OGU5NmNhOTNjYWFk
NGJkNjQwHhcNMjMxMDIxMDA1OTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODhmZjM0ZDFkMGJjNGM4MzhlOTM3ZDQ3YTVmZGFlMzZiMTU1ODQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbv/JvBDyT1UyK45hOoVvbZ92UkX
MofwPnwiSoPiGhaYwhnA+7IYxkQ7UFH8YcijRE/tATSRdrKgKG1mdn7XUPOM6GPz
u+vdSK1dVJPF971yEgIE9916Ze2hfFES6XyWDbAJvXSRnxxBHwl/iALcXk5T3Hx1
4U42VefSTL/UisHF4eLEYj7VVeSj61sAUUCUNvrgMAHiPvAQPGWc+KQh3fa1dqiL
kWnYzaFsHFalXukinLDVt0i1evVgjt6XYZ1JYvg0AmG2oIAyAx1cLehsDVES2ULO
1bWNHU49j3GuAPTs6QLgs3KAoPJW5DfTtVGIUSf7wZZ8vklEe5BCgwNQLQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPiP800dC8TIOOk31Hpf2uNrFVhFMB8GA1UdIwQY
MBaAFLeZrJicRLLhzavCWOlsqTyq1L1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDVtc21KeEVzdUhOcThKWTZXeXBQS3JVdldRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8yZTVjNDktMGQ3NC00ODdhLWE4MWMt
OTE3NGRmNGRkYjlhLzEvMS1JX3pUUjBMeE1nNDZUZlVlbF9hNDJzVldFVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGQvMmU1YzQ5LTBkNzQtNDg3YS1hODFjLTkxNzRkZjRkZGI5
YS8xL3Q1bXNtSnhFc3VITnE4Slk2V3lwUEtyVXZXUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALnyiQME
ALnyizANBgkqhkiG9w0BAQsFAAOCAQEAX5VpS/0ksGg7bjyGjiw+1ThTlV3Dhl3z
g/yxsppdaSsCLj/XOSn4IV671fwmB/0LyqrYRjW3bVEVL49vUQo2UG0oTxAUJERX
Mf6y/Mf3Y1XeLI3mWwtG2GNr48UipcT2mer6EXtQHlCfrp/6slS0wIK2LGPI/NG2
a2DRYK+2E5R8iCeT8za7JIu2k8wyoG+Ah5RYKi4HdkXdMJmW2eLyac4VbrIWl6Z/
e4ZjTAlk+gYXPNnzm0u3HgRPiLdqiLpeMVDp/XXmTYytVN7c1Bua5JTzjL3EaTrF
d/Y6/YUt3ieC0U39MkJgm+QkIgBvfM6r3yaI26tRKK4AtAYlVmNszw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:07 2024 by rpki-client on console-ams.rpki-client.org