Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/kHq__gvrBO7EDqqgc92-0izk2rg.roa
File: kHq__gvrBO7EDqqgc92-0izk2rg.roa (raw, json)
Hash identifier: NFfBm605xZMsjHzm3sm7gumzDZYoMCPBKSLmwvOFI9M=
Subject key identifier: 90:7A:BF:FE:0B:EB:04:EE:C4:0E:AA:A0:73:DD:BE:D2:2C:E4:DA:B8
Certificate issuer: /CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Certificate serial: 018BA90A2B513502C1FEA34C467ADD3C8AA9
Authority key identifier: A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/kHq__gvrBO7EDqqgc92-0izk2rg.roa
Signing time: Tue 07 Nov 2023 09:08:17 +0000
ROA not before: Tue 07 Nov 2023 09:08:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51964
IP address blocks: 149.238.64.0/19 maxlen: 19
149.238.96.0/19 maxlen: 24
149.238.128.0/19 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Dec 2023 09:43:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a9:0a:2b:51:35:02:c1:fe:a3:4c:46:7a:dd:3c:8a:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Validity
Not Before: Nov 7 09:08:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=907abffe0beb04eec40eaaa073ddbed22ce4dab8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:48:82:b3:46:88:07:a1:a4:07:05:56:c8:3e:
c8:25:70:e1:a6:d1:ef:3f:4a:7c:88:88:01:6a:db:
39:6f:10:a7:54:74:1f:18:2b:be:7b:8c:9e:d3:8e:
e2:e1:c0:10:2a:b7:60:b5:89:0c:97:5c:86:6f:e0:
16:88:e1:76:9c:4c:6d:d8:2f:a1:5e:f0:8c:6c:2f:
d4:ad:19:5c:ae:80:d1:5e:21:7e:43:64:a7:1d:4f:
a5:c0:f6:bf:e4:c2:b1:64:b3:85:78:13:e5:f6:6c:
3c:db:d0:a5:b2:62:85:12:d7:cb:60:b9:87:47:f3:
d4:5a:7c:b4:17:4d:3d:96:25:47:7c:f1:dc:e3:8e:
e4:58:f7:5e:09:77:8c:b7:d4:c9:08:01:9f:79:6f:
1b:14:6b:be:03:47:5f:94:cb:5e:2a:f5:6e:83:1b:
3a:a0:d7:22:48:78:7e:06:15:de:51:69:6c:18:ae:
cf:93:5e:eb:ec:88:ab:f8:97:43:c6:5c:c2:b2:cc:
d7:18:5a:d8:b3:a1:db:19:7b:76:54:1b:09:7e:cf:
10:e9:e7:11:2d:ad:ea:1d:79:7c:da:f9:fb:64:b6:
e1:34:c6:2c:a9:c2:73:15:21:f6:a2:42:31:61:63:
a9:26:f5:35:47:1f:82:68:d4:ea:f2:e0:a0:97:4d:
ba:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:7A:BF:FE:0B:EB:04:EE:C4:0E:AA:A0:73:DD:BE:D2:2C:E4:DA:B8
X509v3 Authority Key Identifier:
keyid:A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/kHq__gvrBO7EDqqgc92-0izk2rg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.238.64.0-149.238.159.255
Signature Algorithm: sha256WithRSAEncryption
d5:1e:b7:9a:a3:d2:00:9e:10:7d:5b:ea:68:ec:68:c2:b1:9b:
f5:b6:ab:91:03:52:6a:a4:aa:f3:31:3f:ac:ab:8e:02:a0:ae:
f4:7e:98:db:4a:4e:4e:92:19:84:3f:4d:24:f6:db:95:7c:75:
5d:6f:6c:31:1b:d7:d8:81:e0:9c:f5:bb:f0:c3:ca:68:60:8f:
5d:12:8a:11:18:6d:23:29:62:73:7b:66:77:93:b4:8e:b1:2c:
a3:2d:67:1c:b3:f8:7c:62:1b:70:a1:41:2c:a4:aa:5d:f4:bd:
39:db:bc:51:a2:b1:58:f6:36:f5:b8:2e:0c:d3:a0:6e:e5:2e:
fe:58:6f:b8:5e:0e:16:4e:8d:b1:1a:62:e7:dd:e5:57:f5:6a:
49:05:06:9f:b6:28:44:92:53:b6:0c:89:20:3a:a8:81:b3:db:
47:0f:bc:13:01:a0:3f:2a:ae:0c:55:52:23:f9:10:27:4b:83:
2b:fa:79:e2:87:b1:8a:80:ae:cf:d8:e8:68:46:68:22:91:ad:
62:cd:01:1e:07:42:8a:b1:a5:78:bd:a5:ed:15:8a:b4:de:6a:
16:72:07:b9:c1:d8:83:b8:2c:c5:5f:4e:bf:be:37:f0:a2:44:
84:dc:60:a2:7d:2a:20:1d:f8:9d:66:0a:e8:e0:47:6d:7a:70:
8c:49:ce:45
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYupCitRNQLB/qNMRnrdPIqpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MzI3YzU2ZTk0MTE3MWVhM2JlYmEyNmViYjllMjNmNGRm
NWJjZjMwHhcNMjMxMTA3MDkwODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDdhYmZmZTBiZWIwNGVlYzQwZWFhYTA3M2RkYmVkMjJjZTRkYWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskiCs0aIB6GkBwVWyD7IJXDhptHv
P0p8iIgBats5bxCnVHQfGCu+e4ye047i4cAQKrdgtYkMl1yGb+AWiOF2nExt2C+h
XvCMbC/UrRlcroDRXiF+Q2SnHU+lwPa/5MKxZLOFeBPl9mw829ClsmKFEtfLYLmH
R/PUWny0F009liVHfPHc447kWPdeCXeMt9TJCAGfeW8bFGu+A0dflMteKvVugxs6
oNciSHh+BhXeUWlsGK7Pk17r7Iir+JdDxlzCsszXGFrYs6HbGXt2VBsJfs8Q6ecR
La3qHXl82vn7ZLbhNMYsqcJzFSH2okIxYWOpJvU1Rx+CaNTq8uCgl026fwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJB6v/4L6wTuxA6qoHPdvtIs5Nq4MB8GA1UdIwQY
MBaAFKQyfFbpQRceo766Juu54j9N9bzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWIt
MjhjMzQzY2U5ZDVkLzEva0hxX19ndnJCTzdFRHFxZ2M5Mi0waXprMnJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWItMjhjMzQzY2U5ZDVk
LzEvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAaV7kAD
BAWV7oAwDQYJKoZIhvcNAQELBQADggEBANUet5qj0gCeEH1b6mjsaMKxm/W2q5ED
UmqkqvMxP6yrjgKgrvR+mNtKTk6SGYQ/TST225V8dV1vbDEb19iB4Jz1u/DDymhg
j10SihEYbSMpYnN7ZneTtI6xLKMtZxyz+HxiG3ChQSykql30vTnbvFGisVj2NvW4
LgzToG7lLv5Yb7heDhZOjbEaYufd5Vf1akkFBp+2KESSU7YMiSA6qIGz20cPvBMB
oD8qrgxVUiP5ECdLgyv6eeKHsYqArs/Y6GhGaCKRrWLNAR4HQoqxpXi9pe0VirTe
ahZyB7nB2IO4LMVfTr++N/CiRITcYKJ9KiAd+J1mCujgR216cIxJzkU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:59 2024 by rpki-client on console-ams.rpki-client.org