Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/XJhvdOP0AaNxjNyszLOrEnc9csA.roa
File: XJhvdOP0AaNxjNyszLOrEnc9csA.roa (raw, json)
Hash identifier: 65eszjN7yO3qCYKE5qVIX9RTPM/AgNaTQnFlFUzAclU=
Subject key identifier: 5C:98:6F:74:E3:F4:01:A3:71:8C:DC:AC:CC:B3:AB:12:77:3D:72:C0
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 018CC26D556A8665BB2576AC8208CF9AC247
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/XJhvdOP0AaNxjNyszLOrEnc9csA.roa
Signing time: Mon 01 Jan 2024 00:29:54 +0000
ROA not before: Mon 01 Jan 2024 00:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203252
IP address blocks: 185.246.118.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Mar 2024 19:43:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:55:6a:86:65:bb:25:76:ac:82:08:cf:9a:c2:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Jan 1 00:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c986f74e3f401a3718cdcacccb3ab12773d72c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e0:7b:c1:0d:ce:fc:b8:c1:77:77:77:35:fd:
fe:6d:02:32:d6:90:ed:9b:e1:26:17:78:2a:98:94:
67:a1:2e:85:1c:dd:63:15:59:32:05:56:99:8a:a7:
03:07:fd:3f:6a:e2:e6:36:41:4f:f3:d6:ad:75:89:
b2:1d:61:7e:a0:df:63:f2:ca:23:4c:7d:95:43:4d:
7e:43:d2:8c:28:0b:4d:b3:8c:fb:12:53:29:54:08:
40:59:f3:b4:28:d1:9d:25:e4:6a:30:db:65:c1:9a:
05:cf:29:4a:ed:8f:9c:fd:fe:ba:79:98:a7:04:9f:
95:a7:26:15:77:ad:5b:3f:65:00:83:4a:3d:b2:34:
5c:88:95:03:6a:bc:a8:f8:f5:ca:7e:6e:33:fd:02:
69:a7:d7:f4:ac:3f:55:28:c8:f5:2b:8f:18:db:6e:
7b:e3:b1:5d:00:15:23:bf:46:ff:bc:1d:e0:39:18:
7e:ee:bc:99:24:b6:bc:a9:b8:a9:7c:a3:db:56:85:
36:30:97:65:44:e6:28:c7:b5:2e:59:c2:24:10:6a:
99:5a:ad:45:59:51:da:d3:0a:7c:66:42:5f:13:1f:
8e:11:9e:ec:0c:c0:59:23:78:b3:04:a3:58:b5:50:
34:90:74:f4:3a:a8:0a:51:7d:00:f2:b3:ea:e6:a8:
c5:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:98:6F:74:E3:F4:01:A3:71:8C:DC:AC:CC:B3:AB:12:77:3D:72:C0
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/XJhvdOP0AaNxjNyszLOrEnc9csA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.246.118.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:26:a9:ff:39:37:70:86:94:16:f2:be:2c:1b:5f:9b:d1:32:
07:b5:94:02:3c:ce:2f:b1:7a:45:fd:b7:1a:2f:03:bf:0d:ee:
5d:ee:6e:7d:f3:12:34:1e:a2:f3:be:d1:ab:0f:4e:82:7f:fa:
3f:e8:11:de:98:ee:01:f7:d6:77:2b:e9:8b:93:a6:0f:ab:26:
d4:96:6e:24:c2:da:5b:4a:24:09:03:46:46:e7:cb:99:a0:bb:
b5:b1:4e:f1:94:c8:71:21:75:c7:86:67:fd:42:44:53:16:6d:
01:ed:d5:b1:c1:53:27:36:76:28:13:0c:c7:8d:92:1a:c4:0f:
f6:32:55:4a:f0:d1:9f:ca:8e:49:b8:5b:c1:c6:3b:db:15:20:
08:b8:7a:31:e9:57:98:d2:81:53:44:a0:9e:5f:7f:5f:f7:1c:
ac:ee:4a:f9:73:f3:8e:1c:c0:7e:8c:38:ae:96:dd:d0:f5:53:
0f:c2:69:b5:ef:35:7d:12:29:4d:04:94:df:cb:a1:17:38:19:
eb:7c:27:2e:7a:99:66:f5:f5:26:72:80:2b:bd:fb:86:2e:85:
73:b3:6e:f9:1b:84:f3:f1:8f:d9:92:e5:b3:a7:67:65:0e:1b:
00:05:50:60:22:a1:77:b8:b4:8c:b5:93:60:54:c9:80:27:cb:
27:d1:c4:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbVVqhmW7JXasggjPmsJHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjQwMTAxMDAyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzk4NmY3NGUzZjQwMWEzNzE4Y2RjYWNjY2IzYWIxMjc3M2Q3MmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuB7wQ3O/LjBd3d3Nf3+bQIy1pDt
m+EmF3gqmJRnoS6FHN1jFVkyBVaZiqcDB/0/auLmNkFP89atdYmyHWF+oN9j8soj
TH2VQ01+Q9KMKAtNs4z7ElMpVAhAWfO0KNGdJeRqMNtlwZoFzylK7Y+c/f66eZin
BJ+VpyYVd61bP2UAg0o9sjRciJUDaryo+PXKfm4z/QJpp9f0rD9VKMj1K48Y2257
47FdABUjv0b/vB3gORh+7ryZJLa8qbipfKPbVoU2MJdlROYox7UuWcIkEGqZWq1F
WVHa0wp8ZkJfEx+OEZ7sDMBZI3izBKNYtVA0kHT0OqgKUX0A8rPq5qjF/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFyYb3Tj9AGjcYzcrMyzqxJ3PXLAMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvWEpodmRPUDBBYU54ak55c3pMT3JFbmM5Y3NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufZ2MA0G
CSqGSIb3DQEBCwUAA4IBAQA/Jqn/OTdwhpQW8r4sG1+b0TIHtZQCPM4vsXpF/bca
LwO/De5d7m598xI0HqLzvtGrD06Cf/o/6BHemO4B99Z3K+mLk6YPqybUlm4kwtpb
SiQJA0ZG58uZoLu1sU7xlMhxIXXHhmf9QkRTFm0B7dWxwVMnNnYoEwzHjZIaxA/2
MlVK8NGfyo5JuFvBxjvbFSAIuHox6VeY0oFTRKCeX39f9xys7kr5c/OOHMB+jDiu
lt3Q9VMPwmm17zV9EilNBJTfy6EXOBnrfCcueplm9fUmcoArvfuGLoVzs275G4Tz
8Y/ZkuWzp2dlDhsABVBgIqF3uLSMtZNgVMmAJ8sn0cQG
-----END CERTIFICATE-----
Generated at Sat Mar 16 00:16:32 2024 by rpki-client on console-fra.rpki-client.org