Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/493571-210e-4d1a-8819-a6c49ce90756/1/x1uo1x2DyMrQiwQyk3QEV9qARiI.roa
File: x1uo1x2DyMrQiwQyk3QEV9qARiI.roa (raw, json)
Hash identifier: YaMQjYeU1iFK0LhlXR+dcwtmG7nWkoN8gjpWPuBf/AA=
Subject key identifier: C7:5B:A8:D7:1D:83:C8:CA:D0:8B:04:32:93:74:04:57:DA:80:46:22
Certificate issuer: /CN=53d0359f9f8b20815ce4d988e109bf82306e4c74
Certificate serial: 018C6DE8DB608CF816F31DDC369C1CE0CD21
Authority key identifier: 53:D0:35:9F:9F:8B:20:81:5C:E4:D9:88:E1:09:BF:82:30:6E:4C:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U9A1n5-LIIFc5NmI4Qm_gjBuTHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/493571-210e-4d1a-8819-a6c49ce90756/1/x1uo1x2DyMrQiwQyk3QEV9qARiI.roa
Signing time: Fri 15 Dec 2023 14:37:06 +0000
ROA not before: Fri 15 Dec 2023 14:37:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 185.239.191.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6d:e8:db:60:8c:f8:16:f3:1d:dc:36:9c:1c:e0:cd:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53d0359f9f8b20815ce4d988e109bf82306e4c74
Validity
Not Before: Dec 15 14:37:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c75ba8d71d83c8cad08b043293740457da804622
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:36:70:e3:de:d4:26:22:24:1d:83:8b:5d:97:
0a:26:37:87:2c:fc:b9:68:aa:02:b5:08:c8:78:89:
64:e8:93:90:5a:a3:f0:6a:ca:ca:f8:12:54:58:5d:
c5:19:50:ce:01:a4:af:d4:65:37:78:33:9e:8e:da:
bf:de:91:df:10:8e:df:6b:e3:16:27:ad:13:49:9d:
1d:03:6f:83:6a:c9:85:6a:9c:24:1b:ab:a7:46:87:
8b:dd:84:10:e8:ee:95:f4:6b:73:3b:19:90:aa:15:
89:86:c3:63:ec:48:2f:57:64:c1:2e:5c:f4:98:6f:
91:60:6f:31:e4:4a:74:48:3e:28:47:fe:8c:01:51:
14:76:bb:87:11:36:aa:27:78:c7:7c:16:9a:f7:6e:
24:47:15:96:37:76:b7:88:b4:56:0e:fa:08:2c:0a:
92:6b:8d:06:44:f6:d3:8b:25:72:22:a7:1d:8b:02:
2c:b8:80:4c:df:d0:e9:ce:13:ad:59:7e:74:be:2d:
d1:59:33:71:bf:84:45:1d:dc:f5:1d:fd:7a:e2:7b:
2d:b6:3a:df:46:62:01:32:47:e5:8b:fd:90:17:af:
95:de:73:49:98:ea:4d:29:87:42:e1:83:01:45:be:
94:2a:8e:20:cf:bd:5b:fb:4c:88:44:0e:d7:d3:43:
ee:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:5B:A8:D7:1D:83:C8:CA:D0:8B:04:32:93:74:04:57:DA:80:46:22
X509v3 Authority Key Identifier:
keyid:53:D0:35:9F:9F:8B:20:81:5C:E4:D9:88:E1:09:BF:82:30:6E:4C:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U9A1n5-LIIFc5NmI4Qm_gjBuTHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/493571-210e-4d1a-8819-a6c49ce90756/1/x1uo1x2DyMrQiwQyk3QEV9qARiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/493571-210e-4d1a-8819-a6c49ce90756/1/U9A1n5-LIIFc5NmI4Qm_gjBuTHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.191.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:6a:50:e7:d2:c7:d0:52:69:7a:f5:e7:8c:80:89:d7:ca:88:
bd:c0:bf:eb:cc:bb:de:7e:b6:4b:61:9c:8e:06:c1:f9:ed:6d:
5b:c1:db:65:35:5a:37:ac:83:ad:0d:04:9f:fc:17:44:aa:76:
52:bf:f0:37:57:c2:a5:ad:55:90:0d:7a:f0:72:53:0e:38:a4:
9a:16:bd:64:5b:7e:7f:1b:fc:60:9b:d8:d5:c7:e7:bc:33:c2:
04:50:77:47:4e:92:e1:98:09:a9:59:c6:cb:8c:13:02:56:b3:
16:ca:0c:93:52:02:c3:fe:3e:c8:ba:ec:0c:e3:1a:8e:95:d7:
f2:48:63:4f:37:7f:5c:fa:52:2e:8c:eb:d5:fa:73:92:3e:5b:
6a:6f:95:2a:46:3f:42:b1:d2:bf:a0:37:7a:6d:dc:ac:1d:48:
66:12:55:b2:9e:8f:66:f2:bc:d0:be:9d:78:ff:59:6a:ee:b0:
4d:89:01:da:94:9f:de:b0:54:2e:e9:2b:b6:e5:2f:a4:0a:e8:
e0:33:2b:d9:79:62:cf:bf:3c:46:b9:f5:f3:c1:5b:ce:d0:58:
8e:84:e9:b1:fc:cf:2b:56:ee:e4:2f:c9:c3:32:87:63:97:cf:
8c:99:6d:b0:13:62:9a:c1:04:e1:b1:05:17:72:8e:93:ae:f8:
46:92:72:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxt6NtgjPgW8x3cNpwc4M0hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZDAzNTlmOWY4YjIwODE1Y2U0ZDk4OGUxMDliZjgyMzA2
ZTRjNzQwHhcNMjMxMjE1MTQzNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzViYThkNzFkODNjOGNhZDA4YjA0MzI5Mzc0MDQ1N2RhODA0NjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTZw497UJiIkHYOLXZcKJjeHLPy5
aKoCtQjIeIlk6JOQWqPwasrK+BJUWF3FGVDOAaSv1GU3eDOejtq/3pHfEI7fa+MW
J60TSZ0dA2+DasmFapwkG6unRoeL3YQQ6O6V9GtzOxmQqhWJhsNj7EgvV2TBLlz0
mG+RYG8x5Ep0SD4oR/6MAVEUdruHETaqJ3jHfBaa924kRxWWN3a3iLRWDvoILAqS
a40GRPbTiyVyIqcdiwIsuIBM39DpzhOtWX50vi3RWTNxv4RFHdz1Hf164nsttjrf
RmIBMkfli/2QF6+V3nNJmOpNKYdC4YMBRb6UKo4gz71b+0yIRA7X00PuOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMdbqNcdg8jK0IsEMpN0BFfagEYiMB8GA1UdIwQY
MBaAFFPQNZ+fiyCBXOTZiOEJv4Iwbkx0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTlBMW41LUxJSUZjNU5tSTRRbV9nakJ1VEhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC80OTM1NzEtMjEwZS00ZDFhLTg4MTkt
YTZjNDljZTkwNzU2LzEveDF1bzF4MkR5TXJRaXdReWszUUVWOXFBUmlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC80OTM1NzEtMjEwZS00ZDFhLTg4MTktYTZjNDljZTkwNzU2
LzEvVTlBMW41LUxJSUZjNU5tSTRRbV9nakJ1VEhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAue+/MA0G
CSqGSIb3DQEBCwUAA4IBAQALalDn0sfQUml69eeMgInXyoi9wL/rzLvefrZLYZyO
BsH57W1bwdtlNVo3rIOtDQSf/BdEqnZSv/A3V8KlrVWQDXrwclMOOKSaFr1kW35/
G/xgm9jVx+e8M8IEUHdHTpLhmAmpWcbLjBMCVrMWygyTUgLD/j7IuuwM4xqOldfy
SGNPN39c+lIujOvV+nOSPltqb5UqRj9CsdK/oDd6bdysHUhmElWyno9m8rzQvp14
/1lq7rBNiQHalJ/esFQu6Su25S+kCujgMyvZeWLPvzxGufXzwVvO0FiOhOmx/M8r
Vu7kL8nDModjl8+MmW2wE2KawQThsQUXco6TrvhGknK7
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:53 2024 by rpki-client on console-ams.rpki-client.org