Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/Tf8NBL15ImpldOjCcMgdrn-1R30.roa
File: Tf8NBL15ImpldOjCcMgdrn-1R30.roa (raw, json)
Hash identifier: 4tf1zqJOTRPzdqq2us9JMStUdYDN1Zm6k5B4dHMIhng=
Subject key identifier: 4D:FF:0D:04:BD:79:22:6A:65:74:E8:C2:70:C8:1D:AE:7F:B5:47:7D
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 01856C6F0097FD52FBC55390BF54C1D0556A
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/Tf8NBL15ImpldOjCcMgdrn-1R30.roa
Signing time: Sun 01 Jan 2023 08:24:51 +0000
ROA not before: Sun 01 Jan 2023 08:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213323
IP address blocks: 185.248.139.0/24 maxlen: 24
2a0b:fb40::/46 maxlen: 46
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6f:00:97:fd:52:fb:c5:53:90:bf:54:c1:d0:55:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 1 08:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4dff0d04bd79226a6574e8c270c81dae7fb5477d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c7:19:9c:99:8e:41:55:69:e4:28:33:2b:5e:
5b:2c:c3:b9:2a:32:f5:b2:90:4c:98:fc:d0:ed:e7:
7a:1f:11:98:ca:5b:c6:5c:c2:c3:41:0f:3c:97:11:
d8:12:69:93:6c:88:f5:a9:2d:5a:36:11:ab:a4:79:
34:4b:e4:b0:26:3d:4f:f1:d7:6b:db:07:2c:99:c8:
fb:c8:4f:94:0d:e0:b4:f2:85:a7:28:a6:6e:f3:7d:
80:9e:c2:4b:d8:db:88:cd:d0:d2:07:39:45:30:e4:
df:52:b5:72:3a:fe:20:23:05:a0:8b:24:f4:e4:e8:
ed:1b:17:d0:8e:d9:0c:04:bf:0e:c9:8c:07:2c:c5:
49:9f:fe:f2:a8:be:32:85:45:6c:fb:5d:1a:16:30:
dd:aa:09:41:c3:76:84:f2:6a:95:a0:b2:9c:9a:75:
97:24:c1:fe:a5:0a:11:c3:39:23:01:26:3d:fa:6d:
ad:1d:f9:c2:97:d6:7a:9f:87:2e:21:f9:2d:0a:8e:
f9:5d:99:2d:97:63:31:c4:2d:ad:b8:a2:52:a1:c3:
17:55:e2:57:6e:bf:e1:40:33:45:8c:cc:92:b6:ca:
a1:73:a3:2d:8c:cf:d8:6d:c8:f5:96:8f:1a:8d:40:
8b:80:54:71:ce:91:8d:8d:55:d9:c4:19:1e:08:09:
99:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:FF:0D:04:BD:79:22:6A:65:74:E8:C2:70:C8:1D:AE:7F:B5:47:7D
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/Tf8NBL15ImpldOjCcMgdrn-1R30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.139.0/24
IPv6:
2a0b:fb40::/46
Signature Algorithm: sha256WithRSAEncryption
e3:bb:b8:85:99:cd:f0:79:aa:4c:c2:28:67:6b:9b:a0:77:61:
c0:73:6f:01:a8:5c:5f:64:d4:59:69:a4:a1:15:ce:71:c5:6a:
a3:2d:b1:43:2a:3c:82:88:84:20:aa:80:76:ce:fe:12:1f:b0:
09:2e:40:ff:44:69:07:fc:06:df:7e:b6:c8:0b:b3:b6:73:17:
14:99:d7:d2:48:8f:dd:16:3f:31:90:7e:88:f4:af:e6:06:00:
36:c7:bb:6d:29:41:14:ce:6b:01:ae:7f:7c:23:94:7b:86:a2:
b3:1b:26:bd:a8:b0:bf:9e:98:fd:ab:63:e4:97:18:12:33:86:
da:2d:51:f9:d9:1d:dc:65:82:fb:90:37:b3:b2:d3:c1:ff:6c:
ba:f1:98:17:1f:e1:9f:f1:61:45:a4:f9:2f:f6:c5:ce:e7:68:
b2:ea:8e:82:77:4e:1a:34:b1:24:f1:f7:ed:a4:c8:d8:d7:58:
19:88:4f:3d:e7:b0:43:81:cb:14:cf:f3:b6:c4:86:81:a1:73:
25:a9:9a:32:43:3d:b0:7b:2b:a1:05:51:0f:f5:d7:2c:1f:e7:
d6:24:c4:16:03:d3:39:97:84:62:fa:7d:7b:ae:6b:d9:30:8e:
c4:3c:47:7d:61:67:af:20:24:1f:1b:db:52:ef:d2:d7:3a:8d:
ba:6c:bb:94
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsbwCX/VL7xVOQv1TB0FVqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjMwMTAxMDgyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGZmMGQwNGJkNzkyMjZhNjU3NGU4YzI3MGM4MWRhZTdmYjU0NzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqccZnJmOQVVp5CgzK15bLMO5KjL1
spBMmPzQ7ed6HxGYylvGXMLDQQ88lxHYEmmTbIj1qS1aNhGrpHk0S+SwJj1P8ddr
2wcsmcj7yE+UDeC08oWnKKZu832AnsJL2NuIzdDSBzlFMOTfUrVyOv4gIwWgiyT0
5OjtGxfQjtkMBL8OyYwHLMVJn/7yqL4yhUVs+10aFjDdqglBw3aE8mqVoLKcmnWX
JMH+pQoRwzkjASY9+m2tHfnCl9Z6n4cuIfktCo75XZktl2MxxC2tuKJSocMXVeJX
br/hQDNFjMyStsqhc6MtjM/Ybcj1lo8ajUCLgFRxzpGNjVXZxBkeCAmZmwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE3/DQS9eSJqZXTownDIHa5/tUd9MB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvVGY4TkJMMTVJbXBsZE9qQ2NNZ2Rybi0xUjMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAufiLMA8E
AgACMAkDBwIqC/tAAAAwDQYJKoZIhvcNAQELBQADggEBAOO7uIWZzfB5qkzCKGdr
m6B3YcBzbwGoXF9k1FlppKEVznHFaqMtsUMqPIKIhCCqgHbO/hIfsAkuQP9EaQf8
Bt9+tsgLs7ZzFxSZ19JIj90WPzGQfoj0r+YGADbHu20pQRTOawGuf3wjlHuGorMb
Jr2osL+emP2rY+SXGBIzhtotUfnZHdxlgvuQN7Oy08H/bLrxmBcf4Z/xYUWk+S/2
xc7naLLqjoJ3Tho0sSTx9+2kyNjXWBmITz3nsEOByxTP87bEhoGhcyWpmjJDPbB7
K6EFUQ/11ywf59YkxBYD0zmXhGL6fXuua9kwjsQ8R31hZ68gJB8b21Lv0tc6jbps
u5Q=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:28 2024 by rpki-client on console-fra.rpki-client.org