Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/bE2xDJFSWm9NeseSOi3zO7_-pVc.roa
File: bE2xDJFSWm9NeseSOi3zO7_-pVc.roa (raw, json)
Hash identifier: FtNmu71cJUzYTqN5+rmZ2/hGH+oi2YZKtcc2Xg58lgc=
Subject key identifier: 6C:4D:B1:0C:91:52:5A:6F:4D:7A:C7:92:3A:2D:F3:3B:BF:FE:A5:57
Certificate issuer: /CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Certificate serial: 018C67E9A845D5F1630DC5F947C3C8D6E51E
Authority key identifier: A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/bE2xDJFSWm9NeseSOi3zO7_-pVc.roa
Signing time: Thu 14 Dec 2023 10:40:15 +0000
ROA not before: Thu 14 Dec 2023 10:40:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21263
IP address blocks: 149.238.32.0/19 maxlen: 24
149.238.160.0/19 maxlen: 24
193.33.52.0/23 maxlen: 24
192.77.114.0/23 maxlen: 24
192.112.208.0/24 maxlen: 24
149.238.192.0/19 maxlen: 24
149.238.0.0/19 maxlen: 24
149.238.224.0/19 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:67:e9:a8:45:d5:f1:63:0d:c5:f9:47:c3:c8:d6:e5:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Validity
Not Before: Dec 14 10:40:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c4db10c91525a6f4d7ac7923a2df33bbffea557
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:4c:e5:22:09:17:5e:b4:c5:82:09:56:83:88:
3b:c5:37:60:68:08:0a:8a:6c:7c:a6:1d:4b:9b:21:
f0:08:ee:0b:c5:e7:94:85:69:55:34:f2:56:ce:ab:
80:7b:8e:c0:bf:cc:ae:c5:5d:1e:06:fe:25:c5:2d:
39:b5:62:cc:1b:0d:f6:9f:e7:da:68:20:17:ab:1e:
cd:e3:2e:93:ab:c3:69:e0:83:0a:87:8f:d9:48:0b:
65:40:2f:7b:8b:2c:9f:ec:d6:6c:a0:3c:c7:c3:e9:
9d:2c:b0:f9:6e:34:79:7e:43:61:f6:ae:0f:16:93:
42:b1:db:6f:24:56:2f:54:12:3b:82:a3:bc:29:5a:
7d:93:a0:a1:3d:96:17:17:2a:78:73:45:2b:3c:56:
a4:fd:54:4b:32:c2:27:8b:eb:fe:96:21:ca:a8:80:
57:d1:56:2b:ba:69:f9:4a:65:15:45:7b:b7:56:1b:
a6:34:4b:67:ad:cc:0e:95:84:55:9f:6e:14:f1:92:
3f:65:5e:58:5c:3f:06:45:cf:07:53:29:d4:6a:93:
4c:1d:73:d5:d3:d8:06:46:3b:4c:b3:35:7a:41:b3:
5b:21:48:9d:3a:09:fc:ad:75:91:34:d6:51:c8:6d:
ea:fa:e6:b2:43:48:bb:76:b1:bb:c2:fd:5b:b0:de:
3b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:4D:B1:0C:91:52:5A:6F:4D:7A:C7:92:3A:2D:F3:3B:BF:FE:A5:57
X509v3 Authority Key Identifier:
keyid:A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/bE2xDJFSWm9NeseSOi3zO7_-pVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.238.0.0/18
149.238.160.0-149.238.255.255
192.77.114.0/23
192.112.208.0/24
193.33.52.0/23
Signature Algorithm: sha256WithRSAEncryption
b2:75:08:91:ba:03:7c:dd:13:65:ff:08:81:65:17:f1:69:d4:
67:8c:85:08:86:22:21:cb:ec:01:c3:ee:d9:88:05:41:c4:8c:
f7:6e:68:6b:7a:e5:b2:df:ec:dd:ec:18:41:91:c0:06:8b:8e:
a4:d2:5a:0f:2b:69:7c:85:9b:bf:ac:0b:bd:a3:39:98:2c:27:
cb:01:19:33:09:aa:86:56:c0:d5:ec:5b:84:35:f5:f3:4c:b4:
de:66:20:00:3b:8b:99:bc:b2:67:06:2a:9b:d5:b4:ee:4a:a1:
80:dc:3a:2a:c7:6b:4a:b6:76:c4:64:01:41:9f:4c:dd:05:42:
0e:e4:ba:55:d3:bb:b2:26:e6:ab:db:b4:a6:b1:8d:7e:a2:f6:
b2:31:9d:4b:91:95:59:d8:db:df:7b:87:dd:cd:40:10:62:7d:
eb:27:e2:5f:83:05:48:ce:ec:a0:62:2b:0c:be:c3:82:69:d4:
14:8a:74:05:4f:89:e1:84:59:39:d5:a4:4e:0d:f3:b2:40:14:
27:fb:27:8a:e2:67:38:ee:51:21:36:96:c2:6e:17:90:bd:df:
e2:36:ad:78:86:8e:83:25:b1:23:a8:e6:4c:0e:77:d4:50:7e:
68:44:f8:86:cc:6a:8f:4b:b1:6c:0f:02:f2:77:b9:39:5e:5d:
e7:2c:cf:94
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYxn6ahF1fFjDcX5R8PI1uUeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MzI3YzU2ZTk0MTE3MWVhM2JlYmEyNmViYjllMjNmNGRm
NWJjZjMwHhcNMjMxMjE0MTA0MDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzRkYjEwYzkxNTI1YTZmNGQ3YWM3OTIzYTJkZjMzYmJmZmVhNTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6kzlIgkXXrTFgglWg4g7xTdgaAgK
imx8ph1LmyHwCO4LxeeUhWlVNPJWzquAe47Av8yuxV0eBv4lxS05tWLMGw32n+fa
aCAXqx7N4y6Tq8Np4IMKh4/ZSAtlQC97iyyf7NZsoDzHw+mdLLD5bjR5fkNh9q4P
FpNCsdtvJFYvVBI7gqO8KVp9k6ChPZYXFyp4c0UrPFak/VRLMsIni+v+liHKqIBX
0VYrumn5SmUVRXu3VhumNEtnrcwOlYRVn24U8ZI/ZV5YXD8GRc8HUynUapNMHXPV
09gGRjtMszV6QbNbIUidOgn8rXWRNNZRyG3q+uayQ0i7drG7wv1bsN47QwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFGxNsQyRUlpvTXrHkjot8zu//qVXMB8GA1UdIwQY
MBaAFKQyfFbpQRceo766Juu54j9N9bzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWIt
MjhjMzQzY2U5ZDVkLzEvYkUyeERKRlNXbTlOZXNlU09pM3pPN18tcFZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWItMjhjMzQzY2U5ZDVk
LzEvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTArBAIAATAlAwQGle4AMAsD
BAWV7qADAwCV7gMEAcBNcgMEAMBw0AMEAcEhNDANBgkqhkiG9w0BAQsFAAOCAQEA
snUIkboDfN0TZf8IgWUX8WnUZ4yFCIYiIcvsAcPu2YgFQcSM925oa3rlst/s3ewY
QZHABouOpNJaDytpfIWbv6wLvaM5mCwnywEZMwmqhlbA1exbhDX180y03mYgADuL
mbyyZwYqm9W07kqhgNw6KsdrSrZ2xGQBQZ9M3QVCDuS6VdO7sibmq9u0prGNfqL2
sjGdS5GVWdjb33uH3c1AEGJ96yfiX4MFSM7soGIrDL7DgmnUFIp0BU+J4YRZOdWk
Tg3zskAUJ/sniuJnOO5RITaWwm4XkL3f4jateIaOgyWxI6jmTA531FB+aET4hsxq
j0uxbA8C8ne5OV5d5yzPlA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:22 2024 by rpki-client on console-fra.rpki-client.org