Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/ca945b-0e15-456d-8b90-5aa16e7a9989/1/o9xfMdRxpf1CrkBhNsdMLajo4y4.roa
File: o9xfMdRxpf1CrkBhNsdMLajo4y4.roa (raw, json)
Hash identifier: wT6mHkidRCDzZoyKDKltrEwzcfnR8sq53JyTUx1roto=
Subject key identifier: A3:DC:5F:31:D4:71:A5:FD:42:AE:40:61:36:C7:4C:2D:A8:E8:E3:2E
Certificate issuer: /CN=74f59301011c45af635634d2e53c0b08c2054e2d
Certificate serial: 01856B5325C05B05854031CC4C1E48BD5361
Authority key identifier: 74:F5:93:01:01:1C:45:AF:63:56:34:D2:E5:3C:0B:08:C2:05:4E:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dPWTAQEcRa9jVjTS5TwLCMIFTi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/ca945b-0e15-456d-8b90-5aa16e7a9989/1/o9xfMdRxpf1CrkBhNsdMLajo4y4.roa
Signing time: Sun 01 Jan 2023 03:14:49 +0000
ROA not before: Sun 01 Jan 2023 03:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 185.248.144.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:53:25:c0:5b:05:85:40:31:cc:4c:1e:48:bd:53:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74f59301011c45af635634d2e53c0b08c2054e2d
Validity
Not Before: Jan 1 03:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3dc5f31d471a5fd42ae406136c74c2da8e8e32e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:98:30:87:e1:65:35:8b:a4:8e:85:07:17:c6:
fe:d8:7a:a4:d4:e6:39:3e:b4:16:3c:53:32:d6:58:
ca:85:69:ef:2f:3a:7b:bc:b5:48:b6:78:3c:79:f6:
aa:c7:3f:2c:f5:05:4f:1b:fb:11:3c:a6:9e:2d:cd:
f5:bd:89:91:41:ce:a5:00:9f:2f:8b:d3:77:6a:91:
c9:2b:1b:2c:16:1e:b4:43:2c:a8:af:ab:e9:29:92:
54:0e:a9:3c:c5:49:2b:75:14:ff:d0:db:e3:57:71:
50:4f:38:52:58:60:91:d1:47:df:09:e5:28:29:eb:
75:7d:7c:5e:d8:d6:2e:dd:32:35:82:58:4b:2f:b9:
d5:72:f0:d7:e6:ce:8f:36:75:cd:47:b7:1b:22:50:
4f:6d:41:2f:57:b3:3f:0c:39:42:c6:60:33:05:4c:
4a:40:0f:a5:b7:2a:87:ca:93:a5:8a:17:c6:fa:73:
51:42:84:e0:1f:39:33:2b:07:81:7b:7a:69:c2:0e:
19:b9:74:34:34:5f:6b:db:7f:dd:7d:7d:05:97:45:
5c:6b:65:30:6f:77:7b:c8:85:17:9f:1e:9a:14:66:
57:bf:0b:e7:f5:d2:dc:13:61:7c:a4:5a:36:1a:e8:
a0:c8:61:f7:2f:62:5c:c4:40:15:84:73:ed:1c:c2:
57:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:DC:5F:31:D4:71:A5:FD:42:AE:40:61:36:C7:4C:2D:A8:E8:E3:2E
X509v3 Authority Key Identifier:
keyid:74:F5:93:01:01:1C:45:AF:63:56:34:D2:E5:3C:0B:08:C2:05:4E:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dPWTAQEcRa9jVjTS5TwLCMIFTi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ca945b-0e15-456d-8b90-5aa16e7a9989/1/o9xfMdRxpf1CrkBhNsdMLajo4y4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ca945b-0e15-456d-8b90-5aa16e7a9989/1/dPWTAQEcRa9jVjTS5TwLCMIFTi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.144.0/24
Signature Algorithm: sha256WithRSAEncryption
26:99:9a:6e:eb:a4:0e:0b:b3:db:85:1f:8f:d2:0b:42:eb:5a:
bd:fd:f4:20:bc:1b:a3:a0:cf:0a:b9:a5:02:fa:0b:3f:8f:10:
7f:bd:1f:fc:78:5d:3c:36:ce:83:c7:63:ad:88:ca:03:8c:42:
39:47:38:b9:77:cc:c1:fe:b2:6b:6f:b3:b7:f3:27:e0:1d:7b:
89:29:bd:a0:ad:82:82:a4:f9:8d:47:a7:4c:02:c7:a2:e0:b4:
89:de:2e:94:3d:fa:a9:4a:1d:87:18:75:36:d4:ff:a6:f4:98:
38:3d:44:e4:9f:e8:fc:04:20:19:02:93:1b:38:0c:e2:c2:d1:
dd:32:f4:2e:d9:8d:ef:e7:c7:c9:d0:5a:aa:70:0e:26:f9:73:
94:fd:c8:29:43:7c:a1:cf:ac:ae:dc:f8:84:83:9f:db:be:d2:
f0:85:15:e0:f9:24:5b:61:19:81:46:d1:e5:1a:4a:45:5c:73:
ac:01:be:34:46:a8:78:65:46:4d:74:3b:12:b4:14:e0:55:d8:
8b:06:3f:4b:3a:c4:fb:c8:34:2b:1c:5d:9f:85:15:43:b9:cf:
72:e2:55:86:b6:6f:e0:77:35:4f:49:c9:35:5c:f2:36:af:1a:
cd:e4:85:0c:52:16:ce:8f:a8:8d:f1:ce:6a:d8:42:6a:94:52:
29:95:d9:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrUyXAWwWFQDHMTB5IvVNhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZjU5MzAxMDExYzQ1YWY2MzU2MzRkMmU1M2MwYjA4YzIw
NTRlMmQwHhcNMjMwMTAxMDMxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2RjNWYzMWQ0NzFhNWZkNDJhZTQwNjEzNmM3NGMyZGE4ZThlMzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5gwh+FlNYukjoUHF8b+2Hqk1OY5
PrQWPFMy1ljKhWnvLzp7vLVItng8efaqxz8s9QVPG/sRPKaeLc31vYmRQc6lAJ8v
i9N3apHJKxssFh60Qyyor6vpKZJUDqk8xUkrdRT/0NvjV3FQTzhSWGCR0UffCeUo
Ket1fXxe2NYu3TI1glhLL7nVcvDX5s6PNnXNR7cbIlBPbUEvV7M/DDlCxmAzBUxK
QA+ltyqHypOlihfG+nNRQoTgHzkzKweBe3ppwg4ZuXQ0NF9r23/dfX0Fl0Vca2Uw
b3d7yIUXnx6aFGZXvwvn9dLcE2F8pFo2GuigyGH3L2JcxEAVhHPtHMJXgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKPcXzHUcaX9Qq5AYTbHTC2o6OMuMB8GA1UdIwQY
MBaAFHT1kwEBHEWvY1Y00uU8CwjCBU4tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFBXVEFRRWNSYTlqVmpUUzVUd0xDTUlGVGkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jYTk0NWItMGUxNS00NTZkLThiOTAt
NWFhMTZlN2E5OTg5LzEvbzl4Zk1kUnhwZjFDcmtCaE5zZE1MYWpvNHk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jYTk0NWItMGUxNS00NTZkLThiOTAtNWFhMTZlN2E5OTg5
LzEvZFBXVEFRRWNSYTlqVmpUUzVUd0xDTUlGVGkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufiQMA0G
CSqGSIb3DQEBCwUAA4IBAQAmmZpu66QOC7PbhR+P0gtC61q9/fQgvBujoM8KuaUC
+gs/jxB/vR/8eF08Ns6Dx2OtiMoDjEI5Rzi5d8zB/rJrb7O38yfgHXuJKb2grYKC
pPmNR6dMAsei4LSJ3i6UPfqpSh2HGHU21P+m9Jg4PUTkn+j8BCAZApMbOAziwtHd
MvQu2Y3v58fJ0FqqcA4m+XOU/cgpQ3yhz6yu3PiEg5/bvtLwhRXg+SRbYRmBRtHl
GkpFXHOsAb40Rqh4ZUZNdDsStBTgVdiLBj9LOsT7yDQrHF2fhRVDuc9y4lWGtm/g
dzVPSck1XPI2rxrN5IUMUhbOj6iN8c5q2EJqlFIpldkB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:54 2024 by rpki-client on console-ams.rpki-client.org