Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/td6fXzAGWypftf-rQYpUtC8jSeU.roa
File: td6fXzAGWypftf-rQYpUtC8jSeU.roa (raw, json)
Hash identifier: eKWaKvMcT0CQcnXhYwH3C+ZH9Yu/sjABq0TY98qBEuI=
Subject key identifier: B5:DE:9F:5F:30:06:5B:2A:5F:B5:FF:AB:41:8A:54:B4:2F:23:49:E5
Certificate issuer: /CN=391c5d3331145ec8e271876f8042207b9d00cb64
Certificate serial: 01856CF85C8F3CAB29B12DD8F06EF6520CC7
Authority key identifier: 39:1C:5D:33:31:14:5E:C8:E2:71:87:6F:80:42:20:7B:9D:00:CB:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ORxdMzEUXsjicYdvgEIge50Ay2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/td6fXzAGWypftf-rQYpUtC8jSeU.roa
Signing time: Sun 01 Jan 2023 10:54:53 +0000
ROA not before: Sun 01 Jan 2023 10:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204352
IP address blocks: 185.249.105.0/24 maxlen: 24
185.249.104.0/24 maxlen: 24
185.249.107.0/24 maxlen: 24
185.249.106.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:5c:8f:3c:ab:29:b1:2d:d8:f0:6e:f6:52:0c:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=391c5d3331145ec8e271876f8042207b9d00cb64
Validity
Not Before: Jan 1 10:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5de9f5f30065b2a5fb5ffab418a54b42f2349e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:81:20:7c:16:90:db:0b:06:52:14:09:b8:b1:
d3:c2:64:bf:04:65:fc:a4:6d:d1:93:a6:a9:8c:50:
39:0d:4a:be:08:fb:48:25:4e:b9:ce:be:fb:ed:e6:
f3:2e:00:32:6b:72:32:a6:b9:dc:a6:d0:23:9e:86:
dc:06:3d:e7:9f:eb:78:29:72:e7:71:1f:b7:34:83:
da:2e:cc:5c:dc:bb:5f:6d:37:e7:b5:4c:86:3c:8c:
40:92:26:a8:07:82:a2:c9:bf:42:08:45:5f:32:0c:
33:53:16:7f:86:6c:0c:be:44:27:c7:3a:3d:6d:f4:
0e:94:33:68:44:d0:c4:55:98:eb:7f:19:9e:70:6c:
a8:56:29:9e:6b:ca:ac:89:70:f9:e4:9d:45:69:3c:
a2:1f:86:4a:a9:75:52:c4:8b:89:63:a2:72:a4:20:
a9:ae:33:42:24:64:0a:f4:76:89:d4:4f:c3:11:a6:
a9:c2:43:f0:3f:ef:61:9a:4c:82:b2:2b:98:b4:bc:
89:e5:69:d9:4b:6f:37:d1:3c:77:e8:c8:0c:21:7d:
25:7f:e8:9b:48:6d:0e:49:fe:33:d5:a1:e5:b9:f8:
fb:44:36:6a:7b:f1:9d:cd:4a:22:1f:b0:48:b7:e6:
d5:da:a4:07:23:d1:4f:78:98:66:cc:14:a6:3a:50:
1a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:DE:9F:5F:30:06:5B:2A:5F:B5:FF:AB:41:8A:54:B4:2F:23:49:E5
X509v3 Authority Key Identifier:
keyid:39:1C:5D:33:31:14:5E:C8:E2:71:87:6F:80:42:20:7B:9D:00:CB:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ORxdMzEUXsjicYdvgEIge50Ay2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/td6fXzAGWypftf-rQYpUtC8jSeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/ORxdMzEUXsjicYdvgEIge50Ay2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.104.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:64:39:88:0b:c5:f2:0a:9c:1b:42:dc:87:ad:e9:7e:0f:ec:
2f:4d:5f:0a:51:55:d0:ab:37:46:a2:ad:92:b4:7f:6d:78:a3:
58:7b:e2:73:00:7a:2c:a3:b9:f4:b2:38:ee:4f:e8:f1:6e:35:
86:46:56:8e:57:f1:9f:d5:b4:ce:70:18:b7:7e:bc:1c:5d:2a:
03:72:e0:47:f7:20:7c:79:cf:b7:12:32:cb:ef:47:16:8a:66:
2e:0b:c5:a9:9e:7b:81:d6:a2:95:95:43:d7:38:2b:3a:81:c5:
e3:c6:96:5f:41:6c:50:a5:2d:32:82:3d:b3:a3:4b:9d:f0:1a:
9c:a4:fe:88:25:90:2a:fc:70:54:fb:b7:f6:59:ca:8a:69:32:
55:33:fb:5c:bf:38:57:9f:ff:cb:33:46:b5:7c:8f:c3:ee:4d:
41:9f:c3:2d:6a:da:ba:d8:1e:26:12:69:e6:66:ba:35:10:b4:
fb:e8:1a:27:6e:04:1a:09:e4:1c:66:3e:b9:75:7d:e7:8b:02:
c4:84:9c:bf:bc:b8:44:68:cd:ef:d1:bc:c7:fb:37:a5:e8:54:
11:b3:47:81:1a:03:a7:8c:d8:67:95:9c:3b:4c:0d:a6:5c:a9:
93:49:e2:9b:13:52:e1:ef:59:5c:a6:01:91:df:1b:02:50:ae:
ad:b3:3d:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs+FyPPKspsS3Y8G72UgzHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MWM1ZDMzMzExNDVlYzhlMjcxODc2ZjgwNDIyMDdiOWQw
MGNiNjQwHhcNMjMwMTAxMTA1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWRlOWY1ZjMwMDY1YjJhNWZiNWZmYWI0MThhNTRiNDJmMjM0OWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4EgfBaQ2wsGUhQJuLHTwmS/BGX8
pG3Rk6apjFA5DUq+CPtIJU65zr777ebzLgAya3IyprncptAjnobcBj3nn+t4KXLn
cR+3NIPaLsxc3LtfbTfntUyGPIxAkiaoB4Kiyb9CCEVfMgwzUxZ/hmwMvkQnxzo9
bfQOlDNoRNDEVZjrfxmecGyoVimea8qsiXD55J1FaTyiH4ZKqXVSxIuJY6JypCCp
rjNCJGQK9HaJ1E/DEaapwkPwP+9hmkyCsiuYtLyJ5WnZS2830Tx36MgMIX0lf+ib
SG0OSf4z1aHlufj7RDZqe/GdzUoiH7BIt+bV2qQHI9FPeJhmzBSmOlAarQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLXen18wBlsqX7X/q0GKVLQvI0nlMB8GA1UdIwQY
MBaAFDkcXTMxFF7I4nGHb4BCIHudAMtkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1J4ZE16RVVYc2ppY1lkdmdFSWdlNTBBeTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8wNTg2MjQtZGU3Ny00MjI0LWI1NDAt
Y2EzMzUwZTc2MGNiLzEvdGQ2Zlh6QUdXeXBmdGYtclFZcFV0QzhqU2VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8wNTg2MjQtZGU3Ny00MjI0LWI1NDAtY2EzMzUwZTc2MGNi
LzEvT1J4ZE16RVVYc2ppY1lkdmdFSWdlNTBBeTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufloMA0G
CSqGSIb3DQEBCwUAA4IBAQBsZDmIC8XyCpwbQtyHrel+D+wvTV8KUVXQqzdGoq2S
tH9teKNYe+JzAHoso7n0sjjuT+jxbjWGRlaOV/Gf1bTOcBi3frwcXSoDcuBH9yB8
ec+3EjLL70cWimYuC8WpnnuB1qKVlUPXOCs6gcXjxpZfQWxQpS0ygj2zo0ud8Bqc
pP6IJZAq/HBU+7f2WcqKaTJVM/tcvzhXn//LM0a1fI/D7k1Bn8Mtatq62B4mEmnm
Zro1ELT76BonbgQaCeQcZj65dX3niwLEhJy/vLhEaM3v0bzH+zel6FQRs0eBGgOn
jNhnlZw7TA2mXKmTSeKbE1Lh71lcpgGR3xsCUK6tsz1H
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:00 2024 by rpki-client on console-ams.rpki-client.org