Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/DrtFTKjfjGTJRooXIbbzq_dbgsA.roa
File: DrtFTKjfjGTJRooXIbbzq_dbgsA.roa (raw, json)
Hash identifier: eYFe6VYfjCIb0G8RLDR/s8se0x0sOMZcuhb407Y2LQQ=
Subject key identifier: 0E:BB:45:4C:A8:DF:8C:64:C9:46:8A:17:21:B6:F3:AB:F7:5B:82:C0
Certificate issuer: /CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Certificate serial: 018C67B555B7B99246C89900A232437596D4
Authority key identifier: A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/DrtFTKjfjGTJRooXIbbzq_dbgsA.roa
Signing time: Thu 14 Dec 2023 09:43:06 +0000
ROA not before: Thu 14 Dec 2023 09:43:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51964
IP address blocks: 149.238.64.0/19 maxlen: 19
149.238.96.0/19 maxlen: 24
149.238.0.0/19 maxlen: 24
149.238.128.0/19 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Dec 2023 09:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:67:b5:55:b7:b9:92:46:c8:99:00:a2:32:43:75:96:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Validity
Not Before: Dec 14 09:43:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ebb454ca8df8c64c9468a1721b6f3abf75b82c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:1b:3f:13:0f:10:34:d0:67:14:e3:42:81:ff:
09:f2:bb:b5:80:e3:9a:65:d9:66:de:9d:56:00:ad:
3e:27:0e:21:1c:c1:e9:29:70:94:52:e2:03:f4:f2:
a3:8e:30:f7:2c:e9:9b:a7:62:ec:81:37:53:95:52:
f7:ab:b8:d1:34:cc:21:3d:ea:3b:75:59:cf:c1:f8:
df:2d:55:a6:87:86:19:dd:eb:f7:41:3b:d7:36:14:
e0:6b:6a:0d:d2:11:2e:79:b0:b2:eb:73:58:47:68:
99:10:54:9a:f8:62:e2:a7:b3:79:a8:fc:ae:0d:13:
a6:3c:0d:bb:10:9f:0f:e7:18:84:6c:8c:82:7b:f7:
85:2b:16:ad:32:ef:08:69:eb:b2:61:52:31:da:e5:
12:17:51:ab:de:4c:c5:39:ca:22:4c:ab:66:53:35:
18:ed:a8:d4:d4:df:67:9f:55:6e:c8:1e:80:a1:da:
6d:79:4a:f3:bf:26:c8:9c:b6:17:ca:92:6b:d0:10:
4e:13:41:91:eb:ab:fc:97:fd:5b:3c:23:72:eb:50:
4a:e9:a6:a1:fa:5a:b1:3c:3c:6e:1b:db:01:a4:00:
24:d8:89:9e:ee:b3:b7:d9:cd:b3:05:ff:b6:d2:f1:
39:6a:a8:98:db:d4:6f:50:21:a1:66:e3:64:9e:b8:
9e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:BB:45:4C:A8:DF:8C:64:C9:46:8A:17:21:B6:F3:AB:F7:5B:82:C0
X509v3 Authority Key Identifier:
keyid:A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/DrtFTKjfjGTJRooXIbbzq_dbgsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.238.0.0/19
149.238.64.0-149.238.159.255
Signature Algorithm: sha256WithRSAEncryption
a3:49:d7:78:10:74:0f:42:1b:ed:dc:a4:02:84:8d:d3:00:d1:
95:84:b5:ab:d2:05:05:97:b6:09:a4:57:ce:c2:fc:d8:c6:d2:
0c:67:98:15:95:ec:a1:69:c3:79:2c:ac:9f:d2:c6:78:60:99:
aa:05:78:16:21:29:5d:59:0d:a4:78:82:a4:f4:d1:ab:9e:fb:
01:55:5a:e7:75:53:82:31:a3:23:fa:d1:d9:da:12:9b:17:93:
c1:04:ad:47:97:6e:9d:fa:b2:90:24:b5:55:59:a9:dd:ba:60:
80:d4:d7:04:91:3e:35:7b:f0:43:08:bf:8a:37:a6:c5:6a:0d:
2c:65:42:b0:58:ac:4d:22:26:c1:5e:84:94:96:15:5b:0e:4b:
e6:cd:ce:77:47:d9:de:78:23:ce:e5:ff:00:44:e0:41:8a:6c:
04:06:40:2a:af:1f:92:e9:1f:79:93:a8:ac:8a:1e:83:ff:63:
1e:86:6a:ef:cf:8f:3e:13:33:d8:18:7d:52:3b:b3:27:bd:7b:
d4:ba:b8:88:b0:42:51:7f:a7:be:c3:1e:df:e3:32:64:8e:db:
de:5d:30:b6:34:53:39:79:31:ec:f4:c1:9f:0d:c1:1b:db:8a:
f1:16:c2:93:94:8e:b3:23:b4:c9:0b:78:e5:6b:76:7f:e0:a2:
f5:c1:00:03
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYxntVW3uZJGyJkAojJDdZbUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MzI3YzU2ZTk0MTE3MWVhM2JlYmEyNmViYjllMjNmNGRm
NWJjZjMwHhcNMjMxMjE0MDk0MzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWJiNDU0Y2E4ZGY4YzY0Yzk0NjhhMTcyMWI2ZjNhYmY3NWI4MmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8xs/Ew8QNNBnFONCgf8J8ru1gOOa
Zdlm3p1WAK0+Jw4hHMHpKXCUUuID9PKjjjD3LOmbp2LsgTdTlVL3q7jRNMwhPeo7
dVnPwfjfLVWmh4YZ3ev3QTvXNhTga2oN0hEuebCy63NYR2iZEFSa+GLip7N5qPyu
DROmPA27EJ8P5xiEbIyCe/eFKxatMu8IaeuyYVIx2uUSF1Gr3kzFOcoiTKtmUzUY
7ajU1N9nn1VuyB6AodpteUrzvybInLYXypJr0BBOE0GR66v8l/1bPCNy61BK6aah
+lqxPDxuG9sBpAAk2Ime7rO32c2zBf+20vE5aqiY29RvUCGhZuNknrie4QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFA67RUyo34xkyUaKFyG286v3W4LAMB8GA1UdIwQY
MBaAFKQyfFbpQRceo766Juu54j9N9bzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWIt
MjhjMzQzY2U5ZDVkLzEvRHJ0RlRLamZqR1RKUm9vWEliYnpxX2RiZ3NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWItMjhjMzQzY2U5ZDVk
LzEvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQFle4AMAwD
BAaV7kADBAWV7oAwDQYJKoZIhvcNAQELBQADggEBAKNJ13gQdA9CG+3cpAKEjdMA
0ZWEtavSBQWXtgmkV87C/NjG0gxnmBWV7KFpw3ksrJ/SxnhgmaoFeBYhKV1ZDaR4
gqT00aue+wFVWud1U4IxoyP60dnaEpsXk8EErUeXbp36spAktVVZqd26YIDU1wSR
PjV78EMIv4o3psVqDSxlQrBYrE0iJsFehJSWFVsOS+bNzndH2d54I87l/wBE4EGK
bAQGQCqvH5LpH3mTqKyKHoP/Yx6Gau/Pjz4TM9gYfVI7sye9e9S6uIiwQlF/p77D
Ht/jMmSO295dMLY0Uzl5Mez0wZ8NwRvbivEWwpOUjrMjtMkLeOVrdn/govXBAAM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:59 2024 by rpki-client on console-ams.rpki-client.org