Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/7a806c-2f08-47d9-9cc9-658d4c4628ad/1/1aUkqcBQ9kDYPsDe6KYjqRWdK7c.roa
File: 1aUkqcBQ9kDYPsDe6KYjqRWdK7c.roa (raw, json)
Hash identifier: ONyzgqrW18YKjfe2Q0h8H+dfgsIBRtUFqTXZCexBB9A=
Subject key identifier: D5:A5:24:A9:C0:50:F6:40:D8:3E:C0:DE:E8:A6:23:A9:15:9D:2B:B7
Certificate issuer: /CN=a08e41cbfdefad0bb0e297247acc1a201d2df4a0
Certificate serial: 01856E8212B9D48A9213941676369E37974C
Authority key identifier: A0:8E:41:CB:FD:EF:AD:0B:B0:E2:97:24:7A:CC:1A:20:1D:2D:F4:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oI5By_3vrQuw4pckeswaIB0t9KA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/7a806c-2f08-47d9-9cc9-658d4c4628ad/1/1aUkqcBQ9kDYPsDe6KYjqRWdK7c.roa
Signing time: Sun 01 Jan 2023 18:04:56 +0000
ROA not before: Sun 01 Jan 2023 18:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211606
IP address blocks: 185.254.121.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:82:12:b9:d4:8a:92:13:94:16:76:36:9e:37:97:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a08e41cbfdefad0bb0e297247acc1a201d2df4a0
Validity
Not Before: Jan 1 18:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5a524a9c050f640d83ec0dee8a623a9159d2bb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3d:17:9f:ef:09:85:65:9b:9f:1a:22:3d:64:
58:b2:0c:2f:ac:ba:ff:c1:6d:04:da:65:20:0c:c7:
27:3d:7e:db:a0:08:ca:cf:c7:ed:4f:77:67:96:95:
68:d9:74:0c:27:80:10:26:b1:d4:fb:1a:d0:38:76:
36:70:4c:d1:26:a6:5c:38:e0:42:37:28:21:fc:c8:
07:78:ff:cc:db:d1:fd:0d:f8:91:58:85:80:75:a2:
62:50:3b:8b:ad:d3:4f:76:52:18:db:18:e8:46:83:
bd:87:da:08:b5:af:44:56:f6:62:37:03:73:27:a9:
61:77:b9:d5:af:5f:e6:d1:44:3b:9f:71:ac:28:b2:
0e:28:bc:57:d4:81:c3:e5:b3:af:bc:83:dd:1f:ef:
6c:ba:33:4c:42:55:de:17:79:49:32:09:49:39:4c:
61:a1:a3:8d:10:7e:41:42:5b:fb:f6:37:32:e0:96:
96:5b:80:9b:9a:e1:01:0e:83:87:fd:1b:c8:da:3c:
97:82:e1:c3:d7:73:7b:92:ec:d8:2c:c4:b7:63:81:
26:c6:5c:35:50:d1:bb:b1:e4:f0:6a:27:c1:7e:b5:
a4:dd:9a:2d:42:9e:69:ab:70:c2:d9:02:ed:63:cb:
26:7b:d7:cf:4e:40:dd:4a:d8:93:fd:fe:b7:3b:cc:
e8:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:A5:24:A9:C0:50:F6:40:D8:3E:C0:DE:E8:A6:23:A9:15:9D:2B:B7
X509v3 Authority Key Identifier:
keyid:A0:8E:41:CB:FD:EF:AD:0B:B0:E2:97:24:7A:CC:1A:20:1D:2D:F4:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oI5By_3vrQuw4pckeswaIB0t9KA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/7a806c-2f08-47d9-9cc9-658d4c4628ad/1/1aUkqcBQ9kDYPsDe6KYjqRWdK7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/7a806c-2f08-47d9-9cc9-658d4c4628ad/1/oI5By_3vrQuw4pckeswaIB0t9KA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.254.121.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:67:90:d1:f2:c9:ae:b5:98:ef:c9:10:fb:f2:e3:13:37:0b:
a5:40:54:0a:db:b3:9c:f6:e7:ab:78:94:9d:68:5b:50:4c:ff:
5e:a0:15:be:28:9f:9a:89:5f:dc:9d:4d:63:cc:77:fa:18:ba:
91:43:1e:5e:59:c1:48:78:1a:84:91:3e:9f:a9:67:3d:0c:61:
c3:8a:da:fe:2a:4f:8f:0a:1b:95:2d:98:8d:b5:c7:fa:ea:e0:
3d:4c:dc:80:7a:b7:26:41:8c:59:35:ae:4a:43:85:46:5b:30:
40:3a:dd:76:c0:ac:3d:80:d6:db:f8:4e:58:9a:73:bb:7a:0a:
f7:6a:3c:d8:74:67:4e:2f:fa:de:38:fd:94:6d:c0:07:70:5a:
cc:4e:55:72:6c:71:b0:50:4a:d4:73:0e:5e:9c:8b:42:24:88:
73:01:ab:12:1d:6b:7a:85:a9:96:82:b1:53:e4:61:f8:4b:98:
e7:75:13:55:c2:3a:40:95:00:8f:8a:82:ab:40:b2:ac:1d:2d:
8b:44:21:4c:29:e9:21:31:f0:dd:8f:6a:41:a7:ce:85:dc:c0:
5e:03:58:f1:05:e9:48:d9:d4:a3:9a:dc:c7:d4:85:f9:1f:81:
06:33:1f:a5:0a:c4:ef:42:7b:90:43:40:9b:6e:aa:d7:27:5a:
5e:d9:e1:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVughK51IqSE5QWdjaeN5dMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwOGU0MWNiZmRlZmFkMGJiMGUyOTcyNDdhY2MxYTIwMWQy
ZGY0YTAwHhcNMjMwMTAxMTgwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWE1MjRhOWMwNTBmNjQwZDgzZWMwZGVlOGE2MjNhOTE1OWQyYmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoj0Xn+8JhWWbnxoiPWRYsgwvrLr/
wW0E2mUgDMcnPX7boAjKz8ftT3dnlpVo2XQMJ4AQJrHU+xrQOHY2cEzRJqZcOOBC
Nygh/MgHeP/M29H9DfiRWIWAdaJiUDuLrdNPdlIY2xjoRoO9h9oIta9EVvZiNwNz
J6lhd7nVr1/m0UQ7n3GsKLIOKLxX1IHD5bOvvIPdH+9sujNMQlXeF3lJMglJOUxh
oaONEH5BQlv79jcy4JaWW4CbmuEBDoOH/RvI2jyXguHD13N7kuzYLMS3Y4Emxlw1
UNG7seTwaifBfrWk3ZotQp5pq3DC2QLtY8sme9fPTkDdStiT/f63O8zoOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNWlJKnAUPZA2D7A3uimI6kVnSu3MB8GA1UdIwQY
MBaAFKCOQcv9760LsOKXJHrMGiAdLfSgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0k1QnlfM3ZyUXV3NHBja2Vzd2FJQjB0OUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC83YTgwNmMtMmYwOC00N2Q5LTljYzkt
NjU4ZDRjNDYyOGFkLzEvMWFVa3FjQlE5a0RZUHNEZTZLWWpxUldkSzdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC83YTgwNmMtMmYwOC00N2Q5LTljYzktNjU4ZDRjNDYyOGFk
LzEvb0k1QnlfM3ZyUXV3NHBja2Vzd2FJQjB0OUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf55MA0G
CSqGSIb3DQEBCwUAA4IBAQCjZ5DR8smutZjvyRD78uMTNwulQFQK27Oc9uereJSd
aFtQTP9eoBW+KJ+aiV/cnU1jzHf6GLqRQx5eWcFIeBqEkT6fqWc9DGHDitr+Kk+P
ChuVLZiNtcf66uA9TNyAercmQYxZNa5KQ4VGWzBAOt12wKw9gNbb+E5YmnO7egr3
ajzYdGdOL/reOP2UbcAHcFrMTlVybHGwUErUcw5enItCJIhzAasSHWt6hamWgrFT
5GH4S5jndRNVwjpAlQCPioKrQLKsHS2LRCFMKekhMfDdj2pBp86F3MBeA1jxBelI
2dSjmtzH1IX5H4EGMx+lCsTvQnuQQ0CbbqrXJ1pe2eE6
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:01 2024 by rpki-client on console-ams.rpki-client.org