Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/1-9CmLmiHxjSAtZMX-GTIx-70doo.roa
File: 1-9CmLmiHxjSAtZMX-GTIx-70doo.roa (raw, json)
Hash identifier: XqUa5+A3V3X7OWer2OeeHMXcwfWFRrfl68Sf5RiMfco=
Subject key identifier: FB:D0:A6:2E:68:87:C6:34:80:B5:93:17:F8:64:C8:C7:EE:F4:76:8A
Certificate issuer: /CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Certificate serial: 018C67D734DE3683B81EFFA617BCB683CD02
Authority key identifier: A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/1-9CmLmiHxjSAtZMX-GTIx-70doo.roa
Signing time: Thu 14 Dec 2023 10:20:06 +0000
ROA not before: Thu 14 Dec 2023 10:20:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216134
IP address blocks: 149.238.32.0/19 maxlen: 24
149.238.159.0/24 maxlen: 24
149.238.64.0/19 maxlen: 24
149.238.96.0/19 maxlen: 24
149.238.0.0/19 maxlen: 24
2a13:cb40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 14 Dec 2023 10:27:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:67:d7:34:de:36:83:b8:1e:ff:a6:17:bc:b6:83:cd:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Validity
Not Before: Dec 14 10:20:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbd0a62e6887c63480b59317f864c8c7eef4768a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ed:05:29:7b:20:a1:a3:98:23:63:ce:7e:a0:
a9:bd:71:c1:54:50:cd:64:de:ea:69:61:ad:30:43:
95:49:bd:01:e9:1f:fb:30:71:d6:b6:10:db:27:75:
f0:33:80:ba:ef:c1:88:02:9c:d4:9b:2e:d4:92:ad:
49:bf:7f:03:53:56:32:35:56:29:34:54:4c:7f:44:
40:f7:10:3b:05:46:ab:c3:c2:6c:5f:0b:eb:f9:81:
59:e5:ab:8d:0e:c7:48:c7:99:9e:ee:d1:0a:31:68:
0e:63:c7:e3:e9:de:a1:73:1b:35:98:ce:ef:97:51:
ad:50:18:77:c0:1e:7c:6e:af:24:88:35:f3:72:e2:
85:34:aa:a4:33:cd:39:f2:72:f7:87:70:20:b1:c6:
5d:4b:7a:5c:45:56:89:dd:b3:53:2c:11:f0:3f:77:
c6:68:91:39:0b:55:73:d9:bc:1b:bb:17:83:ce:e9:
7f:65:45:26:a6:70:93:e3:68:7c:30:95:ab:d8:b9:
62:ac:2c:bf:ef:87:fe:3e:5e:31:f0:d1:72:b4:45:
0a:bb:76:80:6e:27:85:56:a5:cb:c8:1c:3a:03:53:
9d:c4:9b:f1:e1:39:d5:63:f8:9b:b5:d2:3e:2d:3b:
54:bc:9f:04:38:7b:e7:89:0a:c5:e0:ff:f0:10:42:
ac:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:D0:A6:2E:68:87:C6:34:80:B5:93:17:F8:64:C8:C7:EE:F4:76:8A
X509v3 Authority Key Identifier:
keyid:A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/1-9CmLmiHxjSAtZMX-GTIx-70doo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.238.0.0/17
149.238.159.0/24
IPv6:
2a13:cb40::/29
Signature Algorithm: sha256WithRSAEncryption
55:cd:e6:bf:97:f2:ce:42:6e:68:a3:f3:97:49:ce:9d:48:85:
8a:04:2b:0d:e1:ef:e6:93:dd:ac:2a:5f:c7:6d:34:3b:58:08:
b1:28:44:08:50:da:08:06:fe:76:63:25:fa:02:af:fc:b4:95:
fa:ed:53:19:2a:c1:1d:a8:f0:09:64:66:b6:4b:d3:c6:3b:00:
7a:1c:2b:28:15:32:b4:bf:aa:dd:ef:88:e5:40:5f:98:29:5f:
19:07:fd:6d:77:20:05:ec:49:21:c0:dc:58:5a:e3:0b:48:08:
cf:a4:cd:65:fe:25:4c:38:bc:83:4b:2e:e2:5b:41:f5:0e:f5:
7b:4b:f4:ee:67:ae:c8:f1:4a:0e:b1:40:38:54:42:58:47:cf:
00:99:92:0c:63:0a:cf:ec:99:21:a4:b6:1e:19:df:76:ec:3b:
eb:11:e7:13:f0:60:ae:e1:f8:fa:69:cc:66:f2:7a:15:ca:c1:
06:e8:34:5e:3f:2c:cf:0a:4b:ba:29:a1:40:c3:bb:95:ea:6f:
aa:c0:23:5f:dd:0c:82:2d:92:f8:a1:b6:2c:a7:82:c4:ee:f7:
ef:ae:fd:b5:2d:f7:6a:15:b0:f1:80:3f:27:f2:00:f5:d1:fe:
d7:a4:2c:0b:8f:dd:78:89:39:65:fd:71:05:a7:08:fc:e2:ec:
20:9a:0c:87
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYxn1zTeNoO4Hv+mF7y2g80CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MzI3YzU2ZTk0MTE3MWVhM2JlYmEyNmViYjllMjNmNGRm
NWJjZjMwHhcNMjMxMjE0MTAyMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmQwYTYyZTY4ODdjNjM0ODBiNTkzMTdmODY0YzhjN2VlZjQ3NjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2O0FKXsgoaOYI2POfqCpvXHBVFDN
ZN7qaWGtMEOVSb0B6R/7MHHWthDbJ3XwM4C678GIApzUmy7Ukq1Jv38DU1YyNVYp
NFRMf0RA9xA7BUarw8JsXwvr+YFZ5auNDsdIx5me7tEKMWgOY8fj6d6hcxs1mM7v
l1GtUBh3wB58bq8kiDXzcuKFNKqkM8058nL3h3AgscZdS3pcRVaJ3bNTLBHwP3fG
aJE5C1Vz2bwbuxeDzul/ZUUmpnCT42h8MJWr2LlirCy/74f+Pl4x8NFytEUKu3aA
bieFVqXLyBw6A1OdxJvx4TnVY/ibtdI+LTtUvJ8EOHvniQrF4P/wEEKsCwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPvQpi5oh8Y0gLWTF/hkyMfu9HaKMB8GA1UdIwQY
MBaAFKQyfFbpQRceo766Juu54j9N9bzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWIt
MjhjMzQzY2U5ZDVkLzEvMS05Q21MbWlIeGpTQXRaTVgtR1RJeC03MGRvby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTEvOWE0ODMzLTZkYTQtNGRkYS1iN2FiLTI4YzM0M2NlOWQ1
ZC8xL3BESjhWdWxCRng2anZyb202N25pUDAzMXZQTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEB5XuAAME
AJXunzANBAIAAjAHAwUDKhPLQDANBgkqhkiG9w0BAQsFAAOCAQEAVc3mv5fyzkJu
aKPzl0nOnUiFigQrDeHv5pPdrCpfx200O1gIsShECFDaCAb+dmMl+gKv/LSV+u1T
GSrBHajwCWRmtkvTxjsAehwrKBUytL+q3e+I5UBfmClfGQf9bXcgBexJIcDcWFrj
C0gIz6TNZf4lTDi8g0su4ltB9Q71e0v07meuyPFKDrFAOFRCWEfPAJmSDGMKz+yZ
IaS2Hhnfduw76xHnE/BgruH4+mnMZvJ6FcrBBug0Xj8szwpLuimhQMO7lepvqsAj
X90Mgi2S+KG2LKeCxO737679tS33ahWw8YA/J/IA9dH+16QsC4/deIk5Zf1xBacI
/OLsIJoMhw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:22 2024 by rpki-client on console-fra.rpki-client.org