Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/8f7d37-a740-42b0-acd0-c36976363968/1/rJ0gDjUQi91TcaM3D_gk67I5vGo.roa
File: rJ0gDjUQi91TcaM3D_gk67I5vGo.roa (raw, json)
Hash identifier: hPKfCfZWFJfrgaZnLd7gH7GFTtQg46LTNDfu0hE09D4=
Subject key identifier: AC:9D:20:0E:35:10:8B:DD:53:71:A3:37:0F:F8:24:EB:B2:39:BC:6A
Certificate issuer: /CN=938a2d72e79026f52bf5657e97ffd1b11be88641
Certificate serial: 018A18667E50835A22DDC948E8FFC9C0B929
Authority key identifier: 93:8A:2D:72:E7:90:26:F5:2B:F5:65:7E:97:FF:D1:B1:1B:E8:86:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k4otcueQJvUr9WV-l__RsRvohkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/8f7d37-a740-42b0-acd0-c36976363968/1/rJ0gDjUQi91TcaM3D_gk67I5vGo.roa
Signing time: Mon 21 Aug 2023 14:01:24 +0000
ROA not before: Mon 21 Aug 2023 14:01:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34428
IP address blocks: 185.249.157.0/24 maxlen: 24
2a13:f00::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:18:66:7e:50:83:5a:22:dd:c9:48:e8:ff:c9:c0:b9:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=938a2d72e79026f52bf5657e97ffd1b11be88641
Validity
Not Before: Aug 21 14:01:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac9d200e35108bdd5371a3370ff824ebb239bc6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:4d:9d:d2:74:83:59:41:3f:44:87:8b:42:c5:
04:dd:a1:dc:93:76:e3:22:a5:2f:e2:ef:0a:6b:ba:
69:15:54:e5:40:16:61:ee:c8:8b:29:fc:4c:1f:36:
a4:93:b4:8a:cd:58:f4:83:d9:03:d8:ed:8c:b2:69:
8e:fd:bc:fa:06:5a:7a:02:37:18:31:d5:f6:ed:28:
ea:cc:60:4a:1e:a4:90:2e:dc:98:91:d8:f9:b4:dc:
42:28:30:12:d3:dd:2e:fb:04:d2:9a:32:27:0d:ae:
a7:dc:fc:ae:99:a7:d1:4c:97:52:3c:bc:0e:b9:92:
e6:63:53:e0:6f:26:50:b4:ca:ef:1e:bf:40:e0:3e:
66:82:dd:fa:ef:67:51:c0:77:dc:98:5d:ad:d4:08:
73:e3:50:71:4b:65:ed:e6:b5:ec:74:72:4d:0e:e7:
31:f5:7a:52:18:c0:67:89:75:07:0f:7e:eb:f9:ca:
05:d0:a9:25:40:8b:36:16:5e:ee:21:0f:df:8d:81:
70:70:ed:30:00:55:cb:78:02:97:39:1f:d8:7d:a0:
9f:60:4e:7b:36:26:d7:6e:09:59:70:3d:ee:09:83:
fb:ce:21:37:06:86:c4:3e:0e:1c:d3:a7:07:b9:58:
13:96:3d:ad:d8:10:8c:51:de:a3:c6:27:9c:5e:85:
56:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:9D:20:0E:35:10:8B:DD:53:71:A3:37:0F:F8:24:EB:B2:39:BC:6A
X509v3 Authority Key Identifier:
keyid:93:8A:2D:72:E7:90:26:F5:2B:F5:65:7E:97:FF:D1:B1:1B:E8:86:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k4otcueQJvUr9WV-l__RsRvohkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8f7d37-a740-42b0-acd0-c36976363968/1/rJ0gDjUQi91TcaM3D_gk67I5vGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8f7d37-a740-42b0-acd0-c36976363968/1/k4otcueQJvUr9WV-l__RsRvohkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.157.0/24
IPv6:
2a13:f00::/29
Signature Algorithm: sha256WithRSAEncryption
56:4b:df:c3:1c:21:8e:ee:89:ad:08:4a:39:e1:5c:24:f7:83:
20:09:4b:96:99:2a:e5:e8:c1:af:81:9e:a3:48:a5:c4:d7:a1:
b8:95:91:a2:c2:cc:2a:da:d3:f6:12:9c:c8:67:1c:6b:4d:fc:
2b:72:9a:03:f9:4b:8a:ce:72:16:c5:94:bf:49:6f:9d:85:df:
f7:1b:7d:91:fc:21:b3:1d:4c:33:8d:33:d6:13:43:62:28:45:
f3:9e:5e:1a:b0:35:11:d7:e5:fa:01:de:c5:9f:85:8e:95:cc:
51:9a:b1:f3:8d:79:8a:06:58:15:2f:7b:fc:06:30:06:f9:d2:
a3:d0:8c:b3:ae:f7:8d:7d:da:cb:7b:77:ed:f6:a0:32:e6:ea:
22:e2:13:f3:33:28:51:a6:2f:22:f8:a9:2c:f9:d3:ab:34:8b:
8b:c3:b3:8c:37:b2:78:ff:35:7f:79:b3:f4:82:0d:f4:99:fe:
17:98:a2:75:91:f2:a6:7f:cb:b1:cd:f7:d2:8e:32:ad:d6:28:
41:96:88:3a:c0:36:fb:df:dc:96:05:14:b5:8e:e2:7d:a7:6a:
c1:be:3c:5a:ab:ae:9e:4d:d2:83:9d:06:b3:50:72:52:8a:8a:
8b:6e:32:12:4f:51:11:b6:b3:7b:06:cd:88:bc:95:64:f2:93:
dd:f1:b7:9b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYoYZn5Qg1oi3clI6P/JwLkpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzOGEyZDcyZTc5MDI2ZjUyYmY1NjU3ZTk3ZmZkMWIxMWJl
ODg2NDEwHhcNMjMwODIxMTQwMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzlkMjAwZTM1MTA4YmRkNTM3MWEzMzcwZmY4MjRlYmIyMzliYzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnU2d0nSDWUE/RIeLQsUE3aHck3bj
IqUv4u8Ka7ppFVTlQBZh7siLKfxMHzakk7SKzVj0g9kD2O2MsmmO/bz6Blp6AjcY
MdX27SjqzGBKHqSQLtyYkdj5tNxCKDAS090u+wTSmjInDa6n3PyumafRTJdSPLwO
uZLmY1PgbyZQtMrvHr9A4D5mgt3672dRwHfcmF2t1Ahz41BxS2Xt5rXsdHJNDucx
9XpSGMBniXUHD37r+coF0KklQIs2Fl7uIQ/fjYFwcO0wAFXLeAKXOR/YfaCfYE57
NibXbglZcD3uCYP7ziE3BobEPg4c06cHuVgTlj2t2BCMUd6jxiecXoVW4wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKydIA41EIvdU3GjNw/4JOuyObxqMB8GA1UdIwQY
MBaAFJOKLXLnkCb1K/Vlfpf/0bEb6IZBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazRvdGN1ZVFKdlVyOVdWLWxfX1JzUnZvaGtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi84ZjdkMzctYTc0MC00MmIwLWFjZDAt
YzM2OTc2MzYzOTY4LzEvckowZ0RqVVFpOTFUY2FNM0RfZ2s2N0k1dkdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi84ZjdkMzctYTc0MC00MmIwLWFjZDAtYzM2OTc2MzYzOTY4
LzEvazRvdGN1ZVFKdlVyOVdWLWxfX1JzUnZvaGtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAufmdMA0E
AgACMAcDBQMqEw8AMA0GCSqGSIb3DQEBCwUAA4IBAQBWS9/DHCGO7omtCEo54Vwk
94MgCUuWmSrl6MGvgZ6jSKXE16G4lZGiwswq2tP2EpzIZxxrTfwrcpoD+UuKznIW
xZS/SW+dhd/3G32R/CGzHUwzjTPWE0NiKEXznl4asDUR1+X6Ad7Fn4WOlcxRmrHz
jXmKBlgVL3v8BjAG+dKj0IyzrveNfdrLe3ft9qAy5uoi4hPzMyhRpi8i+Kks+dOr
NIuLw7OMN7J4/zV/ebP0gg30mf4XmKJ1kfKmf8uxzffSjjKt1ihBlog6wDb739yW
BRS1juJ9p2rBvjxaq66eTdKDnQazUHJSioqLbjIST1ERtrN7Bs2IvJVk8pPd8beb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:09 2024 by rpki-client on console-ams.rpki-client.org