Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/5kBcqF_4Kbt0vNq1UWE2C3ZcO1g.roa
File: 5kBcqF_4Kbt0vNq1UWE2C3ZcO1g.roa (raw, json)
Hash identifier: mg542C6Xp9z3jSAo1RIUOZ5Lunl7MHfqkPATL5tcF4Q=
Subject key identifier: E6:40:5C:A8:5F:F8:29:BB:74:BC:DA:B5:51:61:36:0B:76:5C:3B:58
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 01856C6EF846C33E49AE5EBC7D6D260A72CD
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/5kBcqF_4Kbt0vNq1UWE2C3ZcO1g.roa
Signing time: Sun 01 Jan 2023 08:24:49 +0000
ROA not before: Sun 01 Jan 2023 08:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43704
IP address blocks: 185.248.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:f8:46:c3:3e:49:ae:5e:bc:7d:6d:26:0a:72:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 1 08:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6405ca85ff829bb74bcdab55161360b765c3b58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:0e:46:5b:47:c9:55:1e:e3:71:cb:50:51:a5:
fe:34:8e:3e:ee:84:a2:fc:67:8e:d2:a7:f7:ee:22:
e3:fd:74:25:32:b2:f8:71:7a:01:d7:86:d9:a7:17:
80:c7:07:54:e2:82:e4:45:9d:db:35:34:46:14:c0:
ef:6f:98:c3:c4:bd:a7:3f:97:6f:82:5e:88:f9:54:
bf:c1:21:41:48:1c:dd:37:92:e7:bc:97:7c:62:68:
27:6c:6d:5a:76:51:d2:2d:b6:f0:1f:0b:99:92:12:
b2:4f:ef:e0:72:c1:56:b4:20:54:d8:be:1a:38:dd:
de:49:d2:cc:eb:4d:19:9e:1a:22:3b:bb:97:87:ae:
ad:20:e4:c0:9e:76:d5:e6:48:8a:67:ac:e5:5e:8d:
b5:32:91:09:e2:b1:13:8d:98:fc:1f:e2:ba:42:50:
f7:04:ba:3a:e3:9d:48:3c:d3:8e:08:33:5a:3f:10:
45:cf:e9:bd:f8:66:bc:ad:2d:fe:4d:3b:55:8b:0b:
52:77:a0:19:cd:08:10:84:14:db:71:4b:1e:78:02:
6e:b8:b5:08:ab:16:32:59:48:ea:6f:97:6e:50:66:
29:ed:bd:07:75:ff:7b:67:d8:56:b9:24:6b:ee:03:
2c:bb:99:05:f2:38:e8:74:18:5a:25:89:c5:f7:7c:
6d:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:40:5C:A8:5F:F8:29:BB:74:BC:DA:B5:51:61:36:0B:76:5C:3B:58
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/5kBcqF_4Kbt0vNq1UWE2C3ZcO1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.137.0/24
Signature Algorithm: sha256WithRSAEncryption
60:88:9a:7f:83:de:c0:56:07:71:99:2e:e1:09:dc:a3:39:d2:
11:03:f3:42:ec:78:01:a9:63:46:fa:ae:21:e7:11:d4:2c:4c:
7c:a4:62:ce:a7:2d:78:1d:b4:21:da:6a:57:bf:57:cc:e0:96:
e2:d3:cd:cf:cb:0e:98:3b:17:e0:f0:57:54:c0:94:bb:6a:7e:
a3:f6:15:6c:9a:b1:e4:db:8e:ea:25:4a:54:c7:6c:36:9e:6c:
2f:42:ad:85:2e:f5:10:b8:11:44:6b:e2:c3:f9:8b:4a:ae:27:
6e:95:3c:0c:e5:89:26:63:60:76:64:ce:cc:d7:99:4c:b5:f5:
48:2d:00:a8:49:99:85:b5:2a:c5:89:85:83:98:66:62:96:e0:
f6:e0:a3:aa:7b:2a:0a:ef:f4:4a:f5:2e:14:a3:39:8b:81:ba:
fe:ac:9e:2e:40:25:67:f3:b3:78:18:d7:1a:40:df:13:e9:d6:
ae:a2:90:07:83:11:4e:c0:1c:75:9d:a7:da:fd:bd:0f:2d:33:
37:ae:95:cf:42:1b:32:34:87:a9:a3:61:01:70:3d:cc:f7:6e:
cd:dd:bd:0a:58:fd:9c:29:49:06:06:43:ee:26:c2:7c:20:db:
5b:36:9d:2b:b9:79:84:33:0c:40:59:e6:be:08:28:98:9b:a2:
1a:75:fe:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsbvhGwz5Jrl68fW0mCnLNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjMwMTAxMDgyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjQwNWNhODVmZjgyOWJiNzRiY2RhYjU1MTYxMzYwYjc2NWMzYjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApg5GW0fJVR7jcctQUaX+NI4+7oSi
/GeO0qf37iLj/XQlMrL4cXoB14bZpxeAxwdU4oLkRZ3bNTRGFMDvb5jDxL2nP5dv
gl6I+VS/wSFBSBzdN5LnvJd8YmgnbG1adlHSLbbwHwuZkhKyT+/gcsFWtCBU2L4a
ON3eSdLM600ZnhoiO7uXh66tIOTAnnbV5kiKZ6zlXo21MpEJ4rETjZj8H+K6QlD3
BLo6451IPNOOCDNaPxBFz+m9+Ga8rS3+TTtViwtSd6AZzQgQhBTbcUseeAJuuLUI
qxYyWUjqb5duUGYp7b0Hdf97Z9hWuSRr7gMsu5kF8jjodBhaJYnF93xtLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOZAXKhf+Cm7dLzatVFhNgt2XDtYMB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvNWtCY3FGXzRLYnQwdk5xMVVXRTJDM1pjTzFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufiJMA0G
CSqGSIb3DQEBCwUAA4IBAQBgiJp/g97AVgdxmS7hCdyjOdIRA/NC7HgBqWNG+q4h
5xHULEx8pGLOpy14HbQh2mpXv1fM4Jbi083Pyw6YOxfg8FdUwJS7an6j9hVsmrHk
247qJUpUx2w2nmwvQq2FLvUQuBFEa+LD+YtKridulTwM5YkmY2B2ZM7M15lMtfVI
LQCoSZmFtSrFiYWDmGZiluD24KOqeyoK7/RK9S4UozmLgbr+rJ4uQCVn87N4GNca
QN8T6dauopAHgxFOwBx1nafa/b0PLTM3rpXPQhsyNIepo2EBcD3M927N3b0KWP2c
KUkGBkPuJsJ8INtbNp0ruXmEMwxAWea+CCiYm6Iadf4b
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:14 2024 by rpki-client on console-fra.rpki-client.org