Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/1-toSafpP-p6scPSYS1nnjOkfUpw.roa
File: 1-toSafpP-p6scPSYS1nnjOkfUpw.roa (raw, json)
Hash identifier: +cQqE8TpsTb4DOFOeUXCexxIwanRgjKA/Rbv8VrTktE=
Subject key identifier: FA:DA:12:69:FA:4F:FA:9E:AC:70:F4:98:4B:59:E7:8C:E9:1F:52:9C
Certificate issuer: /CN=ced2d800dc6c33b69fa47291e2f15b335ea3600f
Certificate serial: 01856BD37B3DB6ACF7ECA65ACB7A33C59D90
Authority key identifier: CE:D2:D8:00:DC:6C:33:B6:9F:A4:72:91:E2:F1:5B:33:5E:A3:60:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ztLYANxsM7afpHKR4vFbM16jYA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/1-toSafpP-p6scPSYS1nnjOkfUpw.roa
Signing time: Sun 01 Jan 2023 05:34:59 +0000
ROA not before: Sun 01 Jan 2023 05:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 51.149.8.0/24 maxlen: 24
51.149.14.0/24 maxlen: 24
51.149.252.0/24 maxlen: 24
51.149.250.0/24 maxlen: 24
51.149.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:d3:7b:3d:b6:ac:f7:ec:a6:5a:cb:7a:33:c5:9d:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ced2d800dc6c33b69fa47291e2f15b335ea3600f
Validity
Not Before: Jan 1 05:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fada1269fa4ffa9eac70f4984b59e78ce91f529c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:89:42:34:9a:67:47:50:89:36:89:95:53:e7:
95:d5:d4:1e:6d:6d:c6:71:30:31:f3:ae:80:3d:dd:
e5:9e:ea:c4:c0:08:b8:f0:df:75:3e:24:ba:c6:ad:
86:a9:10:b4:31:72:f9:7e:75:5b:66:ef:ff:8c:9a:
2a:37:ee:5a:d2:30:c5:67:b1:b4:49:33:62:4e:8c:
d9:1c:13:4e:73:5a:75:01:34:1d:b3:a0:5d:48:a4:
8a:65:60:c1:fb:f5:70:ce:e2:00:12:22:99:60:98:
47:4d:44:c8:ba:a6:82:d1:49:a6:3b:52:10:65:a9:
cd:96:6c:b2:a5:bb:03:76:c1:bf:6f:75:5d:c9:01:
27:25:59:32:eb:4d:84:46:9f:f6:e7:5b:92:a3:e5:
ae:93:b8:a7:af:3a:d1:52:6d:75:ba:68:cf:ed:76:
63:fd:2d:ee:2c:5f:12:a2:6e:fb:c1:2b:45:57:39:
2f:04:ab:eb:1f:93:32:dc:25:25:46:be:c6:7d:fe:
c7:40:f1:a3:67:e2:34:77:59:d0:c0:b4:a3:3b:c9:
69:df:d3:3b:fe:a1:59:2a:e8:a8:0a:92:1c:46:34:
ff:d4:03:42:25:08:2d:87:7c:a7:fe:d9:79:1d:b5:
70:56:a4:a8:da:0c:f3:64:06:1f:57:18:67:2c:4a:
6c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:DA:12:69:FA:4F:FA:9E:AC:70:F4:98:4B:59:E7:8C:E9:1F:52:9C
X509v3 Authority Key Identifier:
keyid:CE:D2:D8:00:DC:6C:33:B6:9F:A4:72:91:E2:F1:5B:33:5E:A3:60:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ztLYANxsM7afpHKR4vFbM16jYA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/1-toSafpP-p6scPSYS1nnjOkfUpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/ztLYANxsM7afpHKR4vFbM16jYA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.149.8.0/24
51.149.14.0/24
51.149.250.0-51.149.252.255
Signature Algorithm: sha256WithRSAEncryption
85:f3:a0:6c:8c:63:27:48:2a:f8:d9:16:c7:8d:f1:26:18:8c:
75:82:fa:22:8d:16:06:73:53:77:99:71:aa:b5:93:87:19:54:
50:a7:c7:e6:f6:f1:db:37:af:8c:12:06:8b:a9:40:c0:7d:59:
53:02:a3:fe:42:a3:c0:47:80:20:09:ec:19:20:1c:ab:87:aa:
d0:14:b0:3d:ed:3e:d0:7c:70:10:5b:19:77:ac:4c:1a:4b:a6:
59:70:91:d4:90:91:ef:d6:11:a2:58:a8:ea:cd:47:fa:93:82:
39:da:92:de:02:e4:7d:53:64:83:eb:d2:08:8e:2f:6d:c2:13:
48:d4:68:47:63:c2:cc:63:6d:37:bf:af:7e:83:5c:50:93:8f:
23:30:c4:dd:24:4d:7e:2f:39:73:84:fa:54:3c:e5:ad:4d:06:
24:c9:31:33:c3:2c:f4:f9:2e:c9:78:b2:d8:69:19:b0:d7:da:
b4:64:ab:eb:02:91:f9:e4:cc:41:d9:3d:53:e6:74:25:d5:10:
11:cd:1e:15:9b:eb:cf:99:d7:2d:d3:dd:ba:a1:2f:0f:f2:ab:
6d:61:db:38:15:34:43:3d:44:66:6c:3a:6d:8f:90:57:d6:93:
c0:80:61:d5:bd:91:20:74:1b:4c:9b:c6:39:6a:46:1c:64:bc:
40:4c:1a:48
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVr03s9tqz37KZay3ozxZ2QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlZDJkODAwZGM2YzMzYjY5ZmE0NzI5MWUyZjE1YjMzNWVh
MzYwMGYwHhcNMjMwMTAxMDUzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWRhMTI2OWZhNGZmYTllYWM3MGY0OTg0YjU5ZTc4Y2U5MWY1MjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIlCNJpnR1CJNomVU+eV1dQebW3G
cTAx866APd3lnurEwAi48N91PiS6xq2GqRC0MXL5fnVbZu//jJoqN+5a0jDFZ7G0
STNiTozZHBNOc1p1ATQds6BdSKSKZWDB+/VwzuIAEiKZYJhHTUTIuqaC0UmmO1IQ
ZanNlmyypbsDdsG/b3VdyQEnJVky602ERp/251uSo+Wuk7inrzrRUm11umjP7XZj
/S3uLF8Som77wStFVzkvBKvrH5My3CUlRr7Gff7HQPGjZ+I0d1nQwLSjO8lp39M7
/qFZKuioCpIcRjT/1ANCJQgth3yn/tl5HbVwVqSo2gzzZAYfVxhnLEpscQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPraEmn6T/qerHD0mEtZ54zpH1KcMB8GA1UdIwQY
MBaAFM7S2ADcbDO2n6RykeLxWzNeo2APMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenRMWUFOeHNNN2FmcEhLUjR2RmJNMTZqWUE4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9mODg4NTctY2MwNS00YmRiLTkxZTYt
ZWQ0ZjA2NDNiZjI1LzEvMS10b1NhZnBQLXA2c2NQU1lTMW5uak9rZlVwdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmIvZjg4ODU3LWNjMDUtNGJkYi05MWU2LWVkNGYwNjQzYmYy
NS8xL3p0TFlBTnhzTTdhZnBIS1I0dkZiTTE2allBOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAzBggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEADOVCAME
ADOVDjAMAwQBM5X6AwQAM5X8MA0GCSqGSIb3DQEBCwUAA4IBAQCF86BsjGMnSCr4
2RbHjfEmGIx1gvoijRYGc1N3mXGqtZOHGVRQp8fm9vHbN6+MEgaLqUDAfVlTAqP+
QqPAR4AgCewZIByrh6rQFLA97T7QfHAQWxl3rEwaS6ZZcJHUkJHv1hGiWKjqzUf6
k4I52pLeAuR9U2SD69IIji9twhNI1GhHY8LMY203v69+g1xQk48jMMTdJE1+Lzlz
hPpUPOWtTQYkyTEzwyz0+S7JeLLYaRmw19q0ZKvrApH55MxB2T1T5nQl1RARzR4V
m+vPmdct0926oS8P8qttYds4FTRDPURmbDptj5BX1pPAgGHVvZEgdBtMm8Y5akYc
ZLxATBpI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:04 2024 by rpki-client on console-ams.rpki-client.org