Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/ead6c4-9fe1-4fee-9760-047cbc310ccb/1/0Gfi6MusnAvjZg1NCnq58vfBIlU.roa
File: 0Gfi6MusnAvjZg1NCnq58vfBIlU.roa (raw, json)
Hash identifier: Lj1er30NsNFdu04pkZ3nFM3vcQn+vizyUgoMNN33yAM=
Subject key identifier: D0:67:E2:E8:CB:AC:9C:0B:E3:66:0D:4D:0A:7A:B9:F2:F7:C1:22:55
Certificate issuer: /CN=2f6f07cead06a4f811547600bac02faf0cc084c9
Certificate serial: 01856E1D3E382C5694A4D9A9D5ABAB3F9E49
Authority key identifier: 2F:6F:07:CE:AD:06:A4:F8:11:54:76:00:BA:C0:2F:AF:0C:C0:84:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L28Hzq0GpPgRVHYAusAvrwzAhMk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/ead6c4-9fe1-4fee-9760-047cbc310ccb/1/0Gfi6MusnAvjZg1NCnq58vfBIlU.roa
Signing time: Sun 01 Jan 2023 16:14:48 +0000
ROA not before: Sun 01 Jan 2023 16:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209497
IP address blocks: 149.3.172.0/24 maxlen: 24
149.3.174.0/24 maxlen: 24
149.3.175.0/24 maxlen: 24
149.3.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:1d:3e:38:2c:56:94:a4:d9:a9:d5:ab:ab:3f:9e:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f6f07cead06a4f811547600bac02faf0cc084c9
Validity
Not Before: Jan 1 16:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d067e2e8cbac9c0be3660d4d0a7ab9f2f7c12255
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c6:e2:01:1a:02:de:9f:f8:a0:69:1d:e3:ca:
67:a8:f9:ed:f7:f8:17:9b:a1:87:36:9e:2b:57:2b:
78:7d:b1:68:87:7a:62:6e:fb:39:21:ee:9b:61:6d:
ea:e5:52:5e:70:81:58:95:ac:80:18:18:0c:09:5a:
b5:2f:d9:30:33:91:9d:4f:09:0d:07:0f:5a:60:51:
b1:27:da:1a:6a:5f:dc:11:14:e8:ca:60:1d:64:f5:
80:a8:f3:e8:8a:6d:b7:17:ec:d4:b2:81:c2:af:68:
a5:26:3e:f6:ad:24:e0:f9:83:f1:9c:a5:91:e6:00:
60:09:75:7a:39:8d:11:a4:cd:d4:34:3d:fd:f6:c7:
ef:e5:6b:4a:b0:27:f4:19:52:13:8f:ae:19:8a:35:
bb:b4:f0:69:a0:55:72:dc:fd:c9:cd:5a:84:11:44:
4d:3f:a4:a9:92:50:5c:ec:73:b7:a8:11:a7:72:06:
3e:ab:68:f7:8e:e5:92:3b:42:4a:b1:17:92:94:4f:
54:6e:84:db:67:8a:00:be:49:05:81:94:32:7e:11:
a4:88:d2:aa:87:ff:e7:2a:48:82:50:09:4c:68:6b:
3c:cb:4a:9a:c1:f0:4d:7c:4f:8f:70:32:7c:eb:98:
9f:2e:63:8f:fb:af:71:bc:1a:ce:39:5c:fe:f6:32:
e5:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:67:E2:E8:CB:AC:9C:0B:E3:66:0D:4D:0A:7A:B9:F2:F7:C1:22:55
X509v3 Authority Key Identifier:
keyid:2F:6F:07:CE:AD:06:A4:F8:11:54:76:00:BA:C0:2F:AF:0C:C0:84:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L28Hzq0GpPgRVHYAusAvrwzAhMk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/ead6c4-9fe1-4fee-9760-047cbc310ccb/1/0Gfi6MusnAvjZg1NCnq58vfBIlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/ead6c4-9fe1-4fee-9760-047cbc310ccb/1/L28Hzq0GpPgRVHYAusAvrwzAhMk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.3.172.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:91:7e:b5:a2:98:8b:ed:21:9e:f2:51:df:06:b0:6d:1f:4d:
95:38:2d:3c:7f:a9:bc:2f:c1:46:65:c9:9f:82:64:02:97:7c:
24:d7:a4:0a:63:7b:5e:50:24:33:58:fb:a1:f0:a9:39:1c:d7:
94:18:de:77:54:cf:ef:39:c5:fc:f2:93:74:87:85:91:2c:4f:
14:98:e3:1f:23:1c:b3:81:10:10:a2:04:d5:20:f4:d0:4e:07:
88:8e:e8:e5:b2:6d:9c:65:e0:28:05:0a:a4:d8:9d:47:74:a2:
95:30:3f:73:d7:c6:0c:a3:f3:e9:a2:90:b0:dc:bd:aa:53:06:
94:07:7e:32:95:86:5b:ed:50:2b:85:1c:1d:ed:7e:04:81:45:
94:10:b6:ec:c2:4c:ed:57:3c:7a:1c:11:b8:1a:5e:44:7f:2f:
ed:37:a9:80:f5:a0:d8:3e:5e:8a:0b:ea:b0:a8:78:cd:82:ec:
53:e3:f4:b3:08:da:b1:6b:50:7d:b2:4e:7c:87:81:15:0f:fa:
ec:35:76:71:de:d6:fb:db:b0:2c:93:f4:90:44:16:42:28:ef:
27:eb:c0:d6:cf:41:13:23:b9:d2:06:74:c1:2e:aa:24:be:43:
9a:5d:71:da:3c:e2:c2:82:e2:25:e9:fa:66:9b:61:7e:9b:de:
f2:32:e6:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuHT44LFaUpNmp1aurP55JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNmYwN2NlYWQwNmE0ZjgxMTU0NzYwMGJhYzAyZmFmMGNj
MDg0YzkwHhcNMjMwMTAxMTYxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDY3ZTJlOGNiYWM5YzBiZTM2NjBkNGQwYTdhYjlmMmY3YzEyMjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMbiARoC3p/4oGkd48pnqPnt9/gX
m6GHNp4rVyt4fbFoh3pibvs5Ie6bYW3q5VJecIFYlayAGBgMCVq1L9kwM5GdTwkN
Bw9aYFGxJ9oaal/cERToymAdZPWAqPPoim23F+zUsoHCr2ilJj72rSTg+YPxnKWR
5gBgCXV6OY0RpM3UND399sfv5WtKsCf0GVITj64ZijW7tPBpoFVy3P3JzVqEEURN
P6SpklBc7HO3qBGncgY+q2j3juWSO0JKsReSlE9UboTbZ4oAvkkFgZQyfhGkiNKq
h//nKkiCUAlMaGs8y0qawfBNfE+PcDJ865ifLmOP+69xvBrOOVz+9jLlBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNBn4ujLrJwL42YNTQp6ufL3wSJVMB8GA1UdIwQY
MBaAFC9vB86tBqT4EVR2ALrAL68MwITJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDI4SHpxMEdwUGdSVkhZQXVzQXZyd3pBaE1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9lYWQ2YzQtOWZlMS00ZmVlLTk3NjAt
MDQ3Y2JjMzEwY2NiLzEvMEdmaTZNdXNuQXZqWmcxTkNucTU4dmZCSWxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9lYWQ2YzQtOWZlMS00ZmVlLTk3NjAtMDQ3Y2JjMzEwY2Ni
LzEvTDI4SHpxMEdwUGdSVkhZQXVzQXZyd3pBaE1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQClQOsMA0G
CSqGSIb3DQEBCwUAA4IBAQBtkX61opiL7SGe8lHfBrBtH02VOC08f6m8L8FGZcmf
gmQCl3wk16QKY3teUCQzWPuh8Kk5HNeUGN53VM/vOcX88pN0h4WRLE8UmOMfIxyz
gRAQogTVIPTQTgeIjujlsm2cZeAoBQqk2J1HdKKVMD9z18YMo/PpopCw3L2qUwaU
B34ylYZb7VArhRwd7X4EgUWUELbswkztVzx6HBG4Gl5Efy/tN6mA9aDYPl6KC+qw
qHjNguxT4/SzCNqxa1B9sk58h4EVD/rsNXZx3tb727Ask/SQRBZCKO8n68DWz0ET
I7nSBnTBLqokvkOaXXHaPOLCguIl6fpmm2F+m97yMuYk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:04 2024 by rpki-client on console-ams.rpki-client.org