Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/bNjY_kKqzhZePuetNq8tFqFRvdc.roa
File: bNjY_kKqzhZePuetNq8tFqFRvdc.roa (raw, json)
Hash identifier: S1tW1LGW1V3yBWOqo/ufG/BPMXacQtI4Q15gsVp7oRc=
Subject key identifier: 6C:D8:D8:FE:42:AA:CE:16:5E:3E:E7:AD:36:AF:2D:16:A1:51:BD:D7
Certificate issuer: /CN=fa3d0bc11b29da44ad57304c3f8568870a019c24
Certificate serial: 018F2951DFACC70CD1E4C989D082F5445586
Authority key identifier: FA:3D:0B:C1:1B:29:DA:44:AD:57:30:4C:3F:85:68:87:0A:01:9C:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/bNjY_kKqzhZePuetNq8tFqFRvdc.roa
Signing time: Mon 29 Apr 2024 10:06:22 +0000
ROA not before: Mon 29 Apr 2024 10:06:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48359
IP address blocks: 185.49.104.0/24 maxlen: 24
185.49.105.0/24 maxlen: 24
185.49.106.0/24 maxlen: 24
185.49.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jul 2024 12:56:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:29:51:df:ac:c7:0c:d1:e4:c9:89:d0:82:f5:44:55:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa3d0bc11b29da44ad57304c3f8568870a019c24
Validity
Not Before: Apr 29 10:06:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cd8d8fe42aace165e3ee7ad36af2d16a151bdd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:52:ee:89:6c:e0:3a:a1:a0:e3:84:10:77:40:
5a:8d:0b:be:3d:88:f5:9c:e2:bc:2a:d7:d6:83:0c:
dd:0e:a0:7d:62:cb:9c:25:6f:16:e7:1a:69:b6:5d:
ba:a0:a7:8f:fb:32:7a:5b:ed:53:2a:a6:38:76:fb:
ba:5f:c1:19:63:7a:e3:38:96:e4:8a:42:50:3e:07:
19:57:a7:73:34:1e:40:94:53:d6:b7:13:5c:84:43:
f3:fd:f6:9c:17:d7:b1:5d:d7:d5:b3:3f:39:15:28:
c6:f8:75:7a:88:69:7b:51:04:60:60:07:f3:cc:c9:
67:dd:cd:8f:67:52:b4:56:e3:ad:a3:cd:83:32:b9:
b1:04:75:9d:1f:eb:7f:fc:31:18:5b:e0:a7:e3:03:
7a:93:18:0d:70:b5:87:17:33:39:62:cc:47:88:17:
f4:b4:78:1a:d0:7f:40:81:fe:7a:e0:71:ff:4d:19:
3c:a5:d4:a1:6a:db:c8:6e:09:81:99:a5:82:84:a7:
f9:6f:85:c3:58:ab:74:33:6f:87:47:55:90:da:c2:
0f:54:58:5a:0d:d9:31:eb:0d:5e:64:0f:09:6a:5c:
2c:f4:6b:12:89:ae:80:50:4e:db:5a:e8:ac:58:3a:
87:e3:2f:b7:fb:67:df:db:66:2d:19:79:05:3c:87:
2a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:D8:D8:FE:42:AA:CE:16:5E:3E:E7:AD:36:AF:2D:16:A1:51:BD:D7
X509v3 Authority Key Identifier:
keyid:FA:3D:0B:C1:1B:29:DA:44:AD:57:30:4C:3F:85:68:87:0A:01:9C:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/bNjY_kKqzhZePuetNq8tFqFRvdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/1-j0LwRsp2kStVzBMP4VohwoBnCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.104.0/22
Signature Algorithm: sha256WithRSAEncryption
02:cf:fa:d4:f1:2c:4e:da:76:26:27:9e:ce:4d:7e:91:29:ac:
b1:c1:73:a7:a4:cd:ce:53:68:47:39:3a:93:92:8b:ec:25:b4:
83:ad:95:3d:15:19:03:fa:eb:66:46:9c:aa:ad:01:f9:c8:ae:
0d:d9:ec:e6:34:ba:58:af:c2:45:e0:c4:17:2d:27:31:7e:7e:
84:0c:c9:1f:3a:69:8f:a9:bd:c3:10:53:f8:62:08:a0:58:13:
1a:a4:a2:bb:cf:c8:52:da:f5:3b:ab:19:a9:5d:18:a4:27:63:
04:77:c3:fb:80:9a:42:c0:97:f4:bc:1c:c7:ca:78:7f:95:b1:
2c:62:6f:7e:55:9e:b0:9b:45:d5:0e:72:42:16:22:df:de:b6:
1f:61:33:41:17:e3:6f:34:ad:04:c4:5c:12:be:42:20:3b:ad:
97:f1:f4:4e:a6:06:0e:06:e0:f2:8a:f8:ca:1b:44:37:4e:a1:
b0:91:f4:ee:b3:81:54:0d:9d:4c:f2:c2:91:82:80:29:04:c3:
64:d1:b7:e1:0d:5f:28:22:f9:05:75:0d:3f:45:33:97:b2:80:
f4:8a:e2:8a:25:ab:7b:27:b2:d7:29:5e:7d:ea:a2:da:59:f1:
e1:51:a5:1d:42:5d:4b:37:a7:a4:ef:50:2d:0c:0b:12:e0:d2:
be:29:e8:00
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAY8pUd+sxwzR5MmJ0IL1RFWGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhM2QwYmMxMWIyOWRhNDRhZDU3MzA0YzNmODU2ODg3MGEw
MTljMjQwHhcNMjQwNDI5MTAwNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2Q4ZDhmZTQyYWFjZTE2NWUzZWU3YWQzNmFmMmQxNmExNTFiZGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslLuiWzgOqGg44QQd0BajQu+PYj1
nOK8KtfWgwzdDqB9YsucJW8W5xpptl26oKeP+zJ6W+1TKqY4dvu6X8EZY3rjOJbk
ikJQPgcZV6dzNB5AlFPWtxNchEPz/facF9exXdfVsz85FSjG+HV6iGl7UQRgYAfz
zMln3c2PZ1K0VuOto82DMrmxBHWdH+t//DEYW+Cn4wN6kxgNcLWHFzM5YsxHiBf0
tHga0H9Agf564HH/TRk8pdShatvIbgmBmaWChKf5b4XDWKt0M2+HR1WQ2sIPVFha
Ddkx6w1eZA8Jalws9GsSia6AUE7bWuisWDqH4y+3+2ff22YtGXkFPIcqswIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGzY2P5Cqs4WXj7nrTavLRahUb3XMB8GA1UdIwQY
MBaAFPo9C8EbKdpErVcwTD+FaIcKAZwkMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1qMEx3UnNwMmtTdFZ6Qk1QNFZvaHdvQm5DUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMvYWE2NjI5LWQxNDktNDE5Ny1hMzE1
LWQyMTA3MWVmNzM1Yi8xL2JOallfa0txemhaZVB1ZXROcTh0RnFGUnZkYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzMvYWE2NjI5LWQxNDktNDE5Ny1hMzE1LWQyMTA3MWVmNzM1
Yi8xLzEtajBMd1JzcDJrU3RWekJNUDRWb2h3b0JuQ1EuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK5MWgw
DQYJKoZIhvcNAQELBQADggEBAALP+tTxLE7adiYnns5NfpEprLHBc6ekzc5TaEc5
OpOSi+wltIOtlT0VGQP662ZGnKqtAfnIrg3Z7OY0ulivwkXgxBctJzF+foQMyR86
aY+pvcMQU/hiCKBYExqkorvPyFLa9TurGaldGKQnYwR3w/uAmkLAl/S8HMfKeH+V
sSxib35VnrCbRdUOckIWIt/eth9hM0EX4280rQTEXBK+QiA7rZfx9E6mBg4G4PKK
+MobRDdOobCR9O6zgVQNnUzywpGCgCkEw2TRt+ENXygi+QV1DT9FM5eygPSK4ool
q3snstcpXn3qotpZ8eFRpR1CXUs3p6TvUC0MCxLg0r4p6AA=
Generated at Mon Jul 8 16:01:27 2024 by rpki-client on console-ams.rpki-client.org