Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/C54TDGffCHo9EaDeKYk_S7yTA7k.roa
File: C54TDGffCHo9EaDeKYk_S7yTA7k.roa (raw, json)
Hash identifier: aOz0gJpfDWrOfp3+h8O0qgbpQxZlrqgDeIw/mrqrNYE=
Subject key identifier: 0B:9E:13:0C:67:DF:08:7A:3D:11:A0:DE:29:89:3F:4B:BC:93:03:B9
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 01856C6EF93E6A1C8B86DEFF1002335034BB
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/C54TDGffCHo9EaDeKYk_S7yTA7k.roa
Signing time: Sun 01 Jan 2023 08:24:50 +0000
ROA not before: Sun 01 Jan 2023 08:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47574
IP address blocks: 185.248.136.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:f9:3e:6a:1c:8b:86:de:ff:10:02:33:50:34:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 1 08:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b9e130c67df087a3d11a0de29893f4bbc9303b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a2:7c:20:c7:58:16:57:6f:40:b1:00:04:23:
22:36:a7:de:98:e4:5b:1c:b7:60:b6:1f:e0:dc:cd:
e6:e7:b2:81:88:c4:87:ad:7e:83:a6:88:51:e4:54:
ab:af:2e:f8:84:27:3e:a6:a4:00:6a:47:37:f4:7b:
d5:eb:aa:11:e4:83:10:47:4e:9d:34:68:ed:b8:3e:
33:14:2f:6f:46:f6:6c:b3:18:57:32:a2:d7:ba:fa:
37:a4:80:2a:6a:5c:e4:04:78:05:58:a3:6a:73:a6:
33:98:76:a4:56:2f:2a:79:f9:f2:e7:78:bb:35:bf:
79:3a:8c:db:a8:40:59:8b:64:f5:ff:e2:e3:db:b3:
cb:e1:c6:2c:80:09:4a:d1:51:b6:f1:9d:72:44:15:
f9:01:29:9b:1a:5d:f4:a3:a8:7e:af:6a:24:97:ce:
42:a4:95:a7:b8:60:4d:73:17:0b:c1:ab:45:e4:92:
75:b1:01:30:79:c7:ff:a3:a2:c1:bf:0a:2f:df:6d:
b4:13:a2:38:e9:5f:1f:98:e3:b1:ce:79:7a:d9:9e:
18:6e:33:a7:57:cf:1c:eb:46:bd:d1:ae:b6:57:38:
53:c6:4b:42:b5:1b:54:a9:f4:d8:8a:29:f3:b1:5a:
db:24:84:b7:03:0d:6d:b3:03:7e:f1:8c:be:cf:8a:
39:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:9E:13:0C:67:DF:08:7A:3D:11:A0:DE:29:89:3F:4B:BC:93:03:B9
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/C54TDGffCHo9EaDeKYk_S7yTA7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.136.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:5e:57:b8:f0:43:c6:a5:e6:5b:67:81:c8:2c:0c:8a:ba:ad:
21:ad:f8:45:4d:c7:21:df:44:8e:f3:8e:4d:be:f2:dd:38:70:
3b:83:f9:a4:f7:65:ef:ff:9a:82:23:17:af:f8:28:e0:e3:12:
b4:82:f3:5c:73:94:bf:b6:8d:40:d2:14:da:a7:61:10:e8:4d:
1f:42:a0:50:b4:aa:bc:4c:90:49:28:90:05:83:95:54:46:8d:
8d:78:92:9a:92:96:d5:68:09:f7:8e:e8:1e:6c:c0:08:66:4a:
8e:26:fa:c8:ec:d0:8e:96:7c:da:ff:37:d1:b9:d6:71:a0:3b:
8b:44:49:fc:c1:4a:30:c5:05:f6:b6:85:7a:5a:b4:94:87:69:
c1:4e:80:40:47:d3:9b:77:65:c6:d1:b8:61:27:e2:da:69:3f:
62:64:07:c6:1b:70:07:27:b5:9b:50:0c:91:fb:18:e7:79:e6:
39:42:1a:ec:6d:65:95:7f:a0:0f:55:1e:ce:43:53:41:78:b4:
be:39:db:be:40:11:7b:d8:78:16:03:1f:53:e9:b7:ea:21:7e:
a1:3c:54:19:f9:29:e3:4a:f5:ad:10:9c:e8:7f:01:11:85:6d:
29:c0:79:0f:b7:40:7f:38:f3:8d:b9:f9:25:21:2d:ac:26:f7:
c2:e7:4a:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsbvk+ahyLht7/EAIzUDS7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjMwMTAxMDgyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjllMTMwYzY3ZGYwODdhM2QxMWEwZGUyOTg5M2Y0YmJjOTMwM2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqJ8IMdYFldvQLEABCMiNqfemORb
HLdgth/g3M3m57KBiMSHrX6DpohR5FSrry74hCc+pqQAakc39HvV66oR5IMQR06d
NGjtuD4zFC9vRvZssxhXMqLXuvo3pIAqalzkBHgFWKNqc6YzmHakVi8qefny53i7
Nb95OozbqEBZi2T1/+Lj27PL4cYsgAlK0VG28Z1yRBX5ASmbGl30o6h+r2okl85C
pJWnuGBNcxcLwatF5JJ1sQEwecf/o6LBvwov3220E6I46V8fmOOxznl62Z4YbjOn
V88c60a90a62VzhTxktCtRtUqfTYiinzsVrbJIS3Aw1tswN+8Yy+z4o5rQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAueEwxn3wh6PRGg3imJP0u8kwO5MB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvQzU0VERHZmZDSG85RWFEZUtZa19TN3lUQTdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufiIMA0G
CSqGSIb3DQEBCwUAA4IBAQALXle48EPGpeZbZ4HILAyKuq0hrfhFTcch30SO845N
vvLdOHA7g/mk92Xv/5qCIxev+Cjg4xK0gvNcc5S/to1A0hTap2EQ6E0fQqBQtKq8
TJBJKJAFg5VURo2NeJKakpbVaAn3jugebMAIZkqOJvrI7NCOlnza/zfRudZxoDuL
REn8wUowxQX2toV6WrSUh2nBToBAR9Obd2XG0bhhJ+LaaT9iZAfGG3AHJ7WbUAyR
+xjneeY5QhrsbWWVf6APVR7OQ1NBeLS+Odu+QBF72HgWAx9T6bfqIX6hPFQZ+Snj
SvWtEJzofwERhW0pwHkPt0B/OPONufklIS2sJvfC50pm
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:28 2024 by rpki-client on console-fra.rpki-client.org