Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/1-mDRZoSkqggq4txDN1LXMqkF0x8.roa
File: 1-mDRZoSkqggq4txDN1LXMqkF0x8.roa (raw, json)
Hash identifier: 0G1lkZ1UNfUi5nHeQ8y+BrfBD/cXbCibldyrEYGAmKA=
Subject key identifier: FA:60:D1:66:84:A4:AA:08:2A:E2:DC:43:37:52:D7:32:A9:05:D3:1F
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 018A5686B9E7AE16DEEBF3E5362333CA02F7
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/1-mDRZoSkqggq4txDN1LXMqkF0x8.roa
Signing time: Sat 02 Sep 2023 15:33:04 +0000
ROA not before: Sat 02 Sep 2023 15:33:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31715
IP address blocks: 149.126.13.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:56:86:b9:e7:ae:16:de:eb:f3:e5:36:23:33:ca:02:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Sep 2 15:33:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa60d16684a4aa082ae2dc433752d732a905d31f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:df:16:a7:e5:dd:15:d5:8e:7a:c4:c1:c8:38:
6a:00:7b:8e:a4:f8:6f:48:15:f3:67:45:c2:02:48:
11:6a:c2:80:01:6a:fe:61:a6:bf:91:55:f6:0f:91:
1b:81:40:1b:ab:c9:1c:5e:ed:40:cb:eb:ac:d2:59:
cb:e2:ba:33:01:d3:83:49:a5:01:09:82:ff:08:bd:
68:d6:db:ae:48:ba:f6:56:b6:34:d4:ca:41:28:ed:
ff:44:c3:7f:9f:52:6f:04:c7:46:a2:0f:7f:c1:3a:
3f:5b:22:70:2a:24:fc:68:c9:19:4b:24:87:1f:6d:
23:c1:4d:8e:fd:e8:eb:c9:f7:0d:d4:5e:6c:9e:cc:
78:71:bd:6e:d7:6b:47:2b:50:da:64:01:41:9b:95:
8b:3b:ca:6c:97:1d:3f:27:80:10:49:b1:2f:e1:d2:
f0:e5:c9:87:a7:a1:ea:1a:b6:61:fd:99:93:cc:40:
47:9c:2b:a2:ac:07:b5:be:e0:49:6b:a3:e3:c6:ab:
23:a7:a3:5a:d7:06:9a:9a:be:2f:a1:f0:44:a7:8e:
ab:d5:d7:f6:be:46:b1:55:d8:cd:46:c9:0d:1a:4e:
22:b5:53:c3:b7:69:24:76:1c:eb:a2:50:56:26:eb:
74:28:0b:6e:25:98:50:a6:92:48:f9:2d:32:8c:cd:
dc:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:60:D1:66:84:A4:AA:08:2A:E2:DC:43:37:52:D7:32:A9:05:D3:1F
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/1-mDRZoSkqggq4txDN1LXMqkF0x8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.126.13.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:81:a1:85:83:d1:08:35:ee:5c:74:05:b8:4f:8b:86:e9:4f:
fc:1c:82:b6:44:1d:0b:40:5e:84:08:54:c9:70:f4:7c:1b:91:
13:40:5a:5c:39:9d:fc:09:4e:b5:e3:f5:94:5d:48:c1:4b:d1:
1b:f2:f1:5d:b8:e4:1d:50:cf:03:2d:80:0a:3e:d2:57:97:93:
b9:e0:e6:22:aa:5d:0e:55:ac:ff:cb:4c:5c:24:a4:de:e5:08:
9e:b6:83:97:64:e7:64:70:fa:b9:cd:57:21:48:7a:77:87:f6:
92:01:53:4c:20:93:42:5b:dc:45:4d:14:76:6a:eb:81:2e:7d:
d5:47:4c:c6:e4:82:94:be:e0:95:6b:31:9c:a5:b7:07:b6:4c:
f0:52:bb:bb:f0:60:77:5c:fb:34:bc:e4:74:b1:cd:fc:cb:32:
5b:e3:8d:5c:34:38:ae:2a:eb:41:77:02:12:a1:e4:71:46:d3:
21:98:5d:7f:fc:b9:15:38:fc:ea:3d:05:ce:79:b1:ae:05:7f:
20:0a:3b:9e:97:d8:71:12:06:63:17:0b:c6:94:0c:5d:3f:d9:
4a:59:a4:85:88:d1:dd:af:2d:1c:51:87:bc:84:e4:8e:e8:e7:
0a:27:35:aa:0d:2d:90:c4:06:3c:4c:23:c6:a7:cc:39:c6:83:
38:14:19:2d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYpWhrnnrhbe6/PlNiMzygL3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjMwOTAyMTUzMzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTYwZDE2Njg0YTRhYTA4MmFlMmRjNDMzNzUyZDczMmE5MDVkMzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgt8Wp+XdFdWOesTByDhqAHuOpPhv
SBXzZ0XCAkgRasKAAWr+Yaa/kVX2D5EbgUAbq8kcXu1Ay+us0lnL4rozAdODSaUB
CYL/CL1o1tuuSLr2VrY01MpBKO3/RMN/n1JvBMdGog9/wTo/WyJwKiT8aMkZSySH
H20jwU2O/ejryfcN1F5snsx4cb1u12tHK1DaZAFBm5WLO8pslx0/J4AQSbEv4dLw
5cmHp6HqGrZh/ZmTzEBHnCuirAe1vuBJa6Pjxqsjp6Na1waamr4vofBEp46r1df2
vkaxVdjNRskNGk4itVPDt2kkdhzrolBWJut0KAtuJZhQppJI+S0yjM3cawIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPpg0WaEpKoIKuLcQzdS1zKpBdMfMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvMS1tRFJab1NrcWdncTR0eEROMUxYTXFrRjB4OC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2EvM2M0YjhhLWJmYzctNDFlOS05OWUxLWYzZTUwNmFlYWEw
MS8xL2NyZVBab0w4T2NWYlFkU1BnTGlEalYwdHZ3Yy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJV+DTAN
BgkqhkiG9w0BAQsFAAOCAQEATYGhhYPRCDXuXHQFuE+LhulP/ByCtkQdC0BehAhU
yXD0fBuRE0BaXDmd/AlOteP1lF1IwUvRG/LxXbjkHVDPAy2ACj7SV5eTueDmIqpd
DlWs/8tMXCSk3uUInraDl2TnZHD6uc1XIUh6d4f2kgFTTCCTQlvcRU0UdmrrgS59
1UdMxuSClL7glWsxnKW3B7ZM8FK7u/Bgd1z7NLzkdLHN/MsyW+ONXDQ4rirrQXcC
EqHkcUbTIZhdf/y5FTj86j0FznmxrgV/IAo7npfYcRIGYxcLxpQMXT/ZSlmkhYjR
3a8tHFGHvITkjujnCic1qg0tkMQGPEwjxqfMOcaDOBQZLQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:54 2024 by rpki-client on console-fra.rpki-client.org