Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/aG0D4XbafL3sLYklYAF9yn4zapU.roa
File: aG0D4XbafL3sLYklYAF9yn4zapU.roa (raw, json)
Hash identifier: gweSXJhjJG6l+a2KUJvXPBqblVafMHIXVTPtfyGg3nU=
Subject key identifier: 68:6D:03:E1:76:DA:7C:BD:EC:2D:89:25:60:01:7D:CA:7E:33:6A:95
Certificate issuer: /CN=5dde4b3b82f209b701ae340cf53b974078f16a9f
Certificate serial: 01856FCBB2CC396F3F9D1395EF98ED83BD2E
Authority key identifier: 5D:DE:4B:3B:82:F2:09:B7:01:AE:34:0C:F5:3B:97:40:78:F1:6A:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xd5LO4LyCbcBrjQM9TuXQHjxap8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/aG0D4XbafL3sLYklYAF9yn4zapU.roa
Signing time: Mon 02 Jan 2023 00:04:58 +0000
ROA not before: Mon 02 Jan 2023 00:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52073
IP address blocks: 185.143.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Mar 2023 16:59:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:b2:cc:39:6f:3f:9d:13:95:ef:98:ed:83:bd:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dde4b3b82f209b701ae340cf53b974078f16a9f
Validity
Not Before: Jan 2 00:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=686d03e176da7cbdec2d892560017dca7e336a95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:53:0b:17:69:32:38:f0:20:23:01:63:0d:cb:
60:56:93:e2:e7:e5:6f:60:69:da:fe:da:b8:81:18:
4e:31:35:7f:2d:15:ad:13:62:f9:0b:d5:4e:dc:25:
d7:bb:dd:2d:92:df:fc:f2:49:04:33:0e:69:b7:5c:
47:e9:fd:4d:12:08:b8:fc:cf:d8:e3:9d:1c:1e:e5:
79:6e:44:a7:4c:b3:03:6d:e3:0c:d3:03:9e:9a:66:
a7:6e:0f:9b:85:df:22:39:6a:1d:c6:b0:5d:bc:16:
60:70:b8:77:8a:bb:90:79:53:89:86:88:9f:6a:d9:
9a:5e:fc:ec:da:c1:a1:dd:69:6f:f9:23:ff:38:22:
59:7a:3c:ee:20:63:80:32:ae:cd:b8:9a:bb:09:9f:
92:77:25:73:37:fa:59:42:77:16:19:dd:34:b1:c6:
cc:1a:9d:53:9b:80:8c:62:a0:e8:58:50:8b:3f:c8:
9e:c5:f8:23:1d:4b:c9:08:c9:fa:ef:5f:2c:c0:8a:
1e:50:6b:7d:af:81:75:4c:7c:84:57:f5:12:a8:2d:
3c:42:29:01:6c:e2:a9:12:eb:08:fc:ab:96:aa:e0:
39:f6:a1:bc:17:a2:83:7d:3e:f8:a1:df:2d:3f:3d:
08:e6:8b:0a:7d:69:9c:6b:3e:61:94:5c:c5:ba:55:
2d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:6D:03:E1:76:DA:7C:BD:EC:2D:89:25:60:01:7D:CA:7E:33:6A:95
X509v3 Authority Key Identifier:
keyid:5D:DE:4B:3B:82:F2:09:B7:01:AE:34:0C:F5:3B:97:40:78:F1:6A:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xd5LO4LyCbcBrjQM9TuXQHjxap8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/aG0D4XbafL3sLYklYAF9yn4zapU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/Xd5LO4LyCbcBrjQM9TuXQHjxap8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.241.0/24
Signature Algorithm: sha256WithRSAEncryption
70:99:2f:e4:5b:e3:71:28:52:4d:5f:02:c6:ff:58:4b:66:ae:
67:5e:79:8f:c0:db:b3:fb:e2:18:b8:f0:5a:14:06:f0:c9:68:
a3:7d:86:2f:db:6f:a5:8a:e3:68:7a:bc:5d:9a:db:9e:5f:2e:
07:97:8e:bf:3f:5c:43:c2:0e:e6:65:29:7f:95:28:8e:85:a3:
73:c7:38:b0:50:e0:30:27:78:ff:5a:c8:c9:61:f5:6d:7f:16:
af:4e:33:84:14:0a:ab:40:1a:50:de:ed:37:56:a5:a1:1d:6b:
a0:ee:92:83:6b:a4:d6:6a:99:50:fb:ac:98:cd:b8:e5:68:9b:
54:13:e3:5f:1f:a9:e1:f0:76:52:1e:71:a7:29:fc:1f:1e:96:
e9:0b:b2:90:00:6f:d3:2e:2f:ea:79:28:5f:fa:0a:95:65:28:
4f:5d:8b:88:d1:e2:cd:41:04:f6:96:97:3b:d0:c0:15:30:11:
ff:a4:00:f4:09:61:78:77:ba:06:5d:b7:c4:d8:b5:37:c1:6e:
f3:a5:cd:58:3d:6f:d8:1f:8d:ad:54:80:05:69:05:e9:18:88:
79:f8:f6:58:51:b8:78:36:53:11:5b:8b:a4:a7:46:4d:67:6f:
78:dc:e4:9c:08:57:4d:74:d5:b2:3e:94:06:fd:92:3c:76:7b:
a4:6f:e2:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy7LMOW8/nROV75jtg70uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZGU0YjNiODJmMjA5YjcwMWFlMzQwY2Y1M2I5NzQwNzhm
MTZhOWYwHhcNMjMwMTAyMDAwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODZkMDNlMTc2ZGE3Y2JkZWMyZDg5MjU2MDAxN2RjYTdlMzM2YTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVMLF2kyOPAgIwFjDctgVpPi5+Vv
YGna/tq4gRhOMTV/LRWtE2L5C9VO3CXXu90tkt/88kkEMw5pt1xH6f1NEgi4/M/Y
450cHuV5bkSnTLMDbeMM0wOemmanbg+bhd8iOWodxrBdvBZgcLh3iruQeVOJhoif
atmaXvzs2sGh3Wlv+SP/OCJZejzuIGOAMq7NuJq7CZ+SdyVzN/pZQncWGd00scbM
Gp1Tm4CMYqDoWFCLP8iexfgjHUvJCMn6718swIoeUGt9r4F1THyEV/USqC08QikB
bOKpEusI/KuWquA59qG8F6KDfT74od8tPz0I5osKfWmcaz5hlFzFulUtMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGhtA+F22ny97C2JJWABfcp+M2qVMB8GA1UdIwQY
MBaAFF3eSzuC8gm3Aa40DPU7l0B48WqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGQ1TE80THlDYmNCcmpRTTlUdVhRSGp4YXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8wMmJkZjAtYmYyOS00ZGFlLWIxOWIt
ODZhNTUxOGUyZDUyLzEvYUcwRDRYYmFmTDNzTFlrbFlBRjl5bjR6YXBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8wMmJkZjAtYmYyOS00ZGFlLWIxOWItODZhNTUxOGUyZDUy
LzEvWGQ1TE80THlDYmNCcmpRTTlUdVhRSGp4YXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuY/xMA0G
CSqGSIb3DQEBCwUAA4IBAQBwmS/kW+NxKFJNXwLG/1hLZq5nXnmPwNuz++IYuPBa
FAbwyWijfYYv22+liuNoerxdmtueXy4Hl46/P1xDwg7mZSl/lSiOhaNzxziwUOAw
J3j/WsjJYfVtfxavTjOEFAqrQBpQ3u03VqWhHWug7pKDa6TWaplQ+6yYzbjlaJtU
E+NfH6nh8HZSHnGnKfwfHpbpC7KQAG/TLi/qeShf+gqVZShPXYuI0eLNQQT2lpc7
0MAVMBH/pAD0CWF4d7oGXbfE2LU3wW7zpc1YPW/YH42tVIAFaQXpGIh5+PZYUbh4
NlMRW4ukp0ZNZ2943OScCFdNdNWyPpQG/ZI8dnukb+Iy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:07 2024 by rpki-client on console-fra.rpki-client.org