Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/826b7c-4754-4abd-9875-e1b20077ed93/1/T4XR_RlTrzxtmg0qKG3K6Uw6aHY.roa
File: T4XR_RlTrzxtmg0qKG3K6Uw6aHY.roa (raw, json)
Hash identifier: i8IlNbV7Kz8iMplSUDK+FjVT/PWJYITVu3BOXRzIxzo=
Subject key identifier: 4F:85:D1:FD:19:53:AF:3C:6D:9A:0D:2A:28:6D:CA:E9:4C:3A:68:76
Certificate issuer: /CN=5289a5765a9e836fd0fa811f760f0dcebe8f18ce
Certificate serial: 01856F14B9FDA618B37851607B7F6B41D9CA
Authority key identifier: 52:89:A5:76:5A:9E:83:6F:D0:FA:81:1F:76:0F:0D:CE:BE:8F:18:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uomldlqeg2_Q-oEfdg8Nzr6PGM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/826b7c-4754-4abd-9875-e1b20077ed93/1/T4XR_RlTrzxtmg0qKG3K6Uw6aHY.roa
Signing time: Sun 01 Jan 2023 20:45:07 +0000
ROA not before: Sun 01 Jan 2023 20:45:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25091
IP address blocks: 149.255.48.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:30:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:b9:fd:a6:18:b3:78:51:60:7b:7f:6b:41:d9:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5289a5765a9e836fd0fa811f760f0dcebe8f18ce
Validity
Not Before: Jan 1 20:45:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f85d1fd1953af3c6d9a0d2a286dcae94c3a6876
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b3:b9:f0:93:cb:ad:45:97:cf:21:7e:f0:c6:
19:7d:d2:fd:b4:b8:c8:6c:03:a4:05:d1:b3:4b:13:
76:17:81:53:1d:a1:37:3c:55:47:d9:c8:34:40:aa:
b6:6f:d1:ce:1a:43:54:cb:7e:25:0a:c5:c1:58:21:
03:ad:7e:50:b2:e5:e4:9c:4a:f3:01:d2:fa:a9:f4:
c0:e6:63:b3:1f:98:9c:46:25:e7:05:b4:83:9f:80:
36:16:6d:0a:c9:5e:81:cd:49:88:30:0f:85:eb:23:
f8:21:1e:a6:eb:3a:cc:79:78:ab:a9:d0:6b:b9:f8:
f4:ae:04:62:c3:61:32:c2:c8:08:be:3d:4d:97:b3:
fa:b2:1e:55:ea:ec:fd:ec:bf:31:bd:0e:53:f1:8a:
7d:fe:b6:76:09:3f:03:5e:23:7b:ad:8e:ed:0f:2c:
eb:4a:cf:eb:fe:20:91:0d:f0:d9:8a:53:aa:fa:ac:
a7:2b:96:63:a5:9e:b8:b4:23:ee:eb:24:87:29:cb:
da:b7:f6:ba:1b:1b:3b:1a:ba:43:33:9f:72:2a:95:
0d:e9:8d:f0:87:1f:8e:4e:43:32:65:3a:22:1d:5c:
36:ff:70:66:1a:79:b5:fd:b7:c9:26:6d:e0:fa:90:
5b:da:e7:a2:36:ee:2e:d8:1e:8d:de:4f:cc:6e:e3:
34:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:85:D1:FD:19:53:AF:3C:6D:9A:0D:2A:28:6D:CA:E9:4C:3A:68:76
X509v3 Authority Key Identifier:
keyid:52:89:A5:76:5A:9E:83:6F:D0:FA:81:1F:76:0F:0D:CE:BE:8F:18:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uomldlqeg2_Q-oEfdg8Nzr6PGM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/826b7c-4754-4abd-9875-e1b20077ed93/1/T4XR_RlTrzxtmg0qKG3K6Uw6aHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/826b7c-4754-4abd-9875-e1b20077ed93/1/Uomldlqeg2_Q-oEfdg8Nzr6PGM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.255.48.0/21
Signature Algorithm: sha256WithRSAEncryption
9e:e8:eb:1a:42:5f:3c:7e:84:04:00:48:e4:db:e2:92:dc:84:
5c:cf:f0:c0:5f:7a:65:4a:e1:43:51:bf:d9:e0:98:10:27:8e:
50:7b:c8:e4:3e:2c:0c:b7:ef:70:34:12:c9:b8:f1:52:6f:e7:
4c:f1:a2:e2:27:56:66:2a:20:61:1e:f2:aa:6c:77:0c:df:0e:
18:0f:f8:df:c7:0d:0a:33:77:81:c4:78:26:63:55:1c:aa:61:
6d:84:bd:33:fd:2b:e8:cd:08:ec:70:7b:df:6a:44:04:78:92:
3e:7d:2b:cb:bc:93:b9:1f:c1:46:2e:a3:e9:0a:9a:7d:c9:21:
3f:73:a6:9e:08:6d:c5:d4:7a:a7:f0:57:2a:30:8a:87:a8:50:
35:a5:48:93:f4:73:c5:c4:ad:ed:2b:a5:3e:27:df:16:16:9c:
00:85:27:13:c3:0a:ae:66:af:92:93:bf:97:73:76:c3:2b:40:
88:33:c8:48:59:94:c2:6f:ee:ab:ee:54:64:35:4a:74:98:3f:
80:43:0a:a9:5e:3e:8a:72:c8:95:72:33:b1:de:38:98:f8:e1:
08:c0:82:14:13:af:10:01:54:a6:92:46:1b:ac:d3:5a:df:da:
dd:d9:0a:f1:d7:ff:30:19:d1:e4:6e:58:20:79:7f:4a:32:1a:
57:99:8f:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFLn9phizeFFge39rQdnKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyODlhNTc2NWE5ZTgzNmZkMGZhODExZjc2MGYwZGNlYmU4
ZjE4Y2UwHhcNMjMwMTAxMjA0NTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Zjg1ZDFmZDE5NTNhZjNjNmQ5YTBkMmEyODZkY2FlOTRjM2E2ODc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbO58JPLrUWXzyF+8MYZfdL9tLjI
bAOkBdGzSxN2F4FTHaE3PFVH2cg0QKq2b9HOGkNUy34lCsXBWCEDrX5QsuXknErz
AdL6qfTA5mOzH5icRiXnBbSDn4A2Fm0KyV6BzUmIMA+F6yP4IR6m6zrMeXirqdBr
ufj0rgRiw2EywsgIvj1Nl7P6sh5V6uz97L8xvQ5T8Yp9/rZ2CT8DXiN7rY7tDyzr
Ss/r/iCRDfDZilOq+qynK5ZjpZ64tCPu6ySHKcvat/a6Gxs7GrpDM59yKpUN6Y3w
hx+OTkMyZToiHVw2/3BmGnm1/bfJJm3g+pBb2ueiNu4u2B6N3k/MbuM0fwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE+F0f0ZU688bZoNKihtyulMOmh2MB8GA1UdIwQY
MBaAFFKJpXZanoNv0PqBH3YPDc6+jxjOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW9tbGRscWVnMl9RLW9FZmRnOE56cjZQR000LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84MjZiN2MtNDc1NC00YWJkLTk4NzUt
ZTFiMjAwNzdlZDkzLzEvVDRYUl9SbFRyenh0bWcwcUtHM0s2VXc2YUhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84MjZiN2MtNDc1NC00YWJkLTk4NzUtZTFiMjAwNzdlZDkz
LzEvVW9tbGRscWVnMl9RLW9FZmRnOE56cjZQR000LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDlf8wMA0G
CSqGSIb3DQEBCwUAA4IBAQCe6OsaQl88foQEAEjk2+KS3IRcz/DAX3plSuFDUb/Z
4JgQJ45Qe8jkPiwMt+9wNBLJuPFSb+dM8aLiJ1ZmKiBhHvKqbHcM3w4YD/jfxw0K
M3eBxHgmY1UcqmFthL0z/SvozQjscHvfakQEeJI+fSvLvJO5H8FGLqPpCpp9ySE/
c6aeCG3F1Hqn8FcqMIqHqFA1pUiT9HPFxK3tK6U+J98WFpwAhScTwwquZq+Sk7+X
c3bDK0CIM8hIWZTCb+6r7lRkNUp0mD+AQwqpXj6KcsiVcjOx3jiY+OEIwIIUE68Q
AVSmkkYbrNNa39rd2Qrx1/8wGdHkblggeX9KMhpXmY/j
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:34 2024 by rpki-client on console-ams.rpki-client.org