Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/u-vKMruTDNsUxVFWOoTlyHR4P_s.roa
File: u-vKMruTDNsUxVFWOoTlyHR4P_s.roa (raw, json)
Hash identifier: 9rZkb/JMRMrIPqK7MoFjr3XsdonFG+n9BC+dOZGn1eM=
Subject key identifier: BB:EB:CA:32:BB:93:0C:DB:14:C5:51:56:3A:84:E5:C8:74:78:3F:FB
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 018CC94E6EFF4B6FF064F65EEB6A73362A6F
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/u-vKMruTDNsUxVFWOoTlyHR4P_s.roa
Signing time: Tue 02 Jan 2024 08:33:29 +0000
ROA not before: Tue 02 Jan 2024 08:33:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43704
IP address blocks: 185.248.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Oct 2024 15:09:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:6e:ff:4b:6f:f0:64:f6:5e:eb:6a:73:36:2a:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 2 08:33:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bbebca32bb930cdb14c551563a84e5c874783ffb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:76:10:1e:62:4b:0a:f6:92:49:d7:2d:7b:a6:
9b:36:b2:30:0c:89:31:0e:19:32:28:4c:be:86:0c:
24:71:48:bc:9e:b6:45:20:09:9e:00:ef:e2:6b:de:
cc:e1:2d:8a:47:9a:a1:f7:f9:95:98:75:03:3f:4c:
6a:db:b1:07:f6:76:c3:3f:f1:06:5b:0d:2c:63:72:
d0:9f:6d:6a:08:21:5c:81:18:79:5f:8c:82:a2:0b:
1e:d3:a4:e3:6b:9f:cc:83:be:5e:d3:d5:a5:ac:e5:
04:f7:a6:bd:08:d2:71:c7:b4:cf:72:11:38:d9:61:
ab:bf:8c:a5:cd:41:06:2f:44:ec:a6:8f:0f:5c:d2:
5a:09:97:6e:70:3e:5b:d6:2a:48:eb:3c:b3:d7:e8:
0f:f0:98:cc:4f:2b:97:94:7e:93:74:69:fa:d9:37:
21:d9:0e:04:04:44:ea:eb:5f:34:71:8d:a3:79:ab:
9e:16:67:2d:8d:67:56:e5:15:8f:e5:1e:40:86:8a:
88:4a:1c:ef:b3:f5:2c:e7:87:6c:3a:f4:e0:43:08:
c6:3e:43:01:d5:0e:d9:e9:cd:fb:4b:c6:6a:2c:57:
0c:ad:7b:29:ee:46:74:ac:05:0c:9e:10:01:75:7e:
6a:af:9f:ec:05:15:a2:c0:4a:98:7d:12:8a:60:cc:
97:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:EB:CA:32:BB:93:0C:DB:14:C5:51:56:3A:84:E5:C8:74:78:3F:FB
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/u-vKMruTDNsUxVFWOoTlyHR4P_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.137.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:df:9f:b4:a0:2b:74:6d:42:46:a4:8f:6b:fd:53:36:e9:62:
00:50:9e:5a:04:42:6d:25:75:f8:37:48:17:f1:0c:32:52:d3:
df:73:4d:52:4b:21:7d:15:01:ed:ae:6f:cb:66:95:74:da:14:
ac:2d:44:4a:22:0c:a0:a3:61:bc:81:32:00:09:3d:f8:c0:71:
b0:d8:55:6b:b0:28:0f:c1:12:71:51:ec:56:45:44:26:17:4c:
b7:c1:bc:fc:63:98:97:23:9f:33:9e:8d:ea:40:7c:c6:94:89:
cf:1c:73:fb:25:c2:26:3f:91:9e:a2:b6:a3:82:72:dc:69:47:
75:84:9c:f2:4c:67:11:4e:c4:b1:a0:97:3d:c6:6e:87:53:b4:
44:ac:d8:31:c8:fa:ee:d7:30:bf:36:49:ac:e6:be:48:0a:d2:
60:40:f7:f2:2a:db:ce:36:19:8f:68:c5:1c:27:50:05:21:56:
fb:09:e9:18:75:24:82:4b:50:62:28:4f:a6:81:a7:0c:e7:b5:
9a:91:52:1e:93:78:54:be:3a:cb:4d:1a:10:eb:ab:9b:7c:b7:
85:bc:a4:38:4a:49:49:8c:84:7b:05:12:bc:f4:fa:6d:c0:43:
f8:58:08:88:3f:24:b9:03:44:1b:b5:06:07:2e:df:83:08:87:
a0:30:bc:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTm7/S2/wZPZe62pzNipvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjQwMTAyMDgzMzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmViY2EzMmJiOTMwY2RiMTRjNTUxNTYzYTg0ZTVjODc0NzgzZmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3YQHmJLCvaSSdcte6abNrIwDIkx
DhkyKEy+hgwkcUi8nrZFIAmeAO/ia97M4S2KR5qh9/mVmHUDP0xq27EH9nbDP/EG
Ww0sY3LQn21qCCFcgRh5X4yCogse06Tja5/Mg75e09WlrOUE96a9CNJxx7TPchE4
2WGrv4ylzUEGL0Tspo8PXNJaCZducD5b1ipI6zyz1+gP8JjMTyuXlH6TdGn62Tch
2Q4EBETq6180cY2jeaueFmctjWdW5RWP5R5AhoqIShzvs/Us54dsOvTgQwjGPkMB
1Q7Z6c37S8ZqLFcMrXsp7kZ0rAUMnhABdX5qr5/sBRWiwEqYfRKKYMyXtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLvryjK7kwzbFMVRVjqE5ch0eD/7MB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvdS12S01ydVRETnNVeFZGV09vVGx5SFI0UF9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufiJMA0G
CSqGSIb3DQEBCwUAA4IBAQCp35+0oCt0bUJGpI9r/VM26WIAUJ5aBEJtJXX4N0gX
8QwyUtPfc01SSyF9FQHtrm/LZpV02hSsLURKIgygo2G8gTIACT34wHGw2FVrsCgP
wRJxUexWRUQmF0y3wbz8Y5iXI58zno3qQHzGlInPHHP7JcImP5GeorajgnLcaUd1
hJzyTGcRTsSxoJc9xm6HU7RErNgxyPru1zC/Nkms5r5ICtJgQPfyKtvONhmPaMUc
J1AFIVb7CekYdSSCS1BiKE+mgacM57WakVIek3hUvjrLTRoQ66ubfLeFvKQ4SklJ
jIR7BRK89PptwEP4WAiIPyS5A0QbtQYHLt+DCIegMLyF
-----END CERTIFICATE-----
Generated at Thu Oct 10 19:31:45 2024 by rpki-client on console-fra.rpki-client.org