Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/1OihoCUC-nOzcAH33zlYZ1ZxFhE.roa
File: 1OihoCUC-nOzcAH33zlYZ1ZxFhE.roa (raw, json)
Hash identifier: u47L1d1l+yzuitc5kNf7oqwLKWXBGLUOa/UQjatr03I=
Subject key identifier: D4:E8:A1:A0:25:02:FA:73:B3:70:01:F7:DF:39:58:67:56:71:16:11
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018809F0665E1CFF33C2CDBB07B51FD31221
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/1OihoCUC-nOzcAH33zlYZ1ZxFhE.roa
Signing time: Thu 11 May 2023 08:32:09 +0000
ROA not before: Thu 11 May 2023 08:32:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 26636
IP address blocks: 212.87.212.0/22 maxlen: 22
2.56.246.0/23 maxlen: 23
147.78.124.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:09:f0:66:5e:1c:ff:33:c2:cd:bb:07:b5:1f:d3:12:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: May 11 08:32:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4e8a1a02502fa73b37001f7df39586756711611
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2b:86:2c:73:a5:bd:26:20:58:76:85:80:01:
8f:1c:e2:d4:22:a3:c7:2f:a0:42:ce:08:31:29:f4:
a5:fb:76:2f:0e:52:a6:45:b9:fd:17:9e:dc:f1:e2:
da:49:7a:6f:b0:ae:c7:c3:56:b5:4c:ad:9f:c5:19:
38:ce:c8:2f:bb:f0:32:cf:e7:17:d1:41:70:16:6b:
2e:3c:9f:0f:0e:ff:8d:c3:14:ab:70:35:9a:4c:ac:
2d:24:0a:2b:cb:b2:cf:3a:20:56:d6:bf:73:ce:e2:
9b:10:f9:69:55:ad:b5:41:c9:17:19:2c:5b:c3:3d:
d1:16:35:8e:b6:e0:ab:7f:3c:0b:5f:7f:57:eb:f1:
0d:16:b3:f2:0b:74:ad:1f:c0:0d:9d:04:2a:cf:fa:
e3:f6:75:7b:1f:99:e6:ab:f6:4e:9c:83:81:e4:ca:
66:8d:cb:16:1c:71:cb:ee:f4:fd:15:29:45:0f:12:
5b:67:94:63:40:58:26:d4:86:f6:78:79:a9:b2:c8:
3e:f4:f8:23:d5:bf:89:27:48:2f:50:db:2d:43:f6:
c6:4d:e6:96:7a:5f:57:1d:ac:b8:70:b0:58:8b:33:
e1:39:a9:0a:66:b6:93:0c:5f:b6:d2:dd:39:3a:04:
b4:de:e9:11:f5:be:6b:6a:e1:61:1b:03:fc:ee:ea:
5e:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:E8:A1:A0:25:02:FA:73:B3:70:01:F7:DF:39:58:67:56:71:16:11
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/1OihoCUC-nOzcAH33zlYZ1ZxFhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.246.0/23
147.78.124.0/22
212.87.212.0/22
Signature Algorithm: sha256WithRSAEncryption
82:35:21:bf:90:22:08:96:3a:ac:e6:17:3b:d5:86:4e:70:d1:
22:32:6c:22:33:29:c7:b8:7f:e4:be:45:75:69:e0:bc:4c:39:
92:be:17:a7:07:3e:44:91:d1:ac:11:37:73:17:78:bb:a2:6d:
ca:d8:99:08:50:39:40:20:c2:f6:cf:f6:3f:5d:37:b2:3e:89:
46:e7:41:55:2e:87:60:4b:bf:9a:fb:f1:8e:6b:8d:13:8e:dc:
09:bc:44:ae:3c:b2:fb:8e:1b:ea:b0:81:27:7f:6e:e7:31:7b:
33:86:c1:02:52:13:87:91:6e:bf:f2:20:35:d2:b2:bf:82:ca:
f0:67:8d:26:75:2e:ce:a2:30:c2:f0:59:be:4d:13:c7:0c:b4:
d7:90:1a:a4:1c:5d:5d:f2:01:a3:e7:b2:82:51:d6:49:ae:b8:
02:fd:0f:db:64:22:cc:fb:6e:a2:50:12:07:a7:97:3f:47:d5:
49:5d:e9:73:5a:0b:ad:5c:2a:f6:30:93:5f:4e:b8:2c:6a:f9:
d6:66:17:ec:06:9a:e2:a0:0a:f8:1b:9b:97:f5:ae:9f:af:8e:
96:bf:25:d8:fd:08:16:a3:2e:b9:a2:0c:ed:77:42:ae:6f:ef:
6a:9f:f5:77:ca:15:81:3e:1a:bf:6e:7f:68:a3:84:30:1c:a7:
05:eb:20:d5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYgJ8GZeHP8zws27B7Uf0xIhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwNTExMDgzMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGU4YTFhMDI1MDJmYTczYjM3MDAxZjdkZjM5NTg2NzU2NzExNjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiuGLHOlvSYgWHaFgAGPHOLUIqPH
L6BCzggxKfSl+3YvDlKmRbn9F57c8eLaSXpvsK7Hw1a1TK2fxRk4zsgvu/Ayz+cX
0UFwFmsuPJ8PDv+NwxSrcDWaTKwtJAory7LPOiBW1r9zzuKbEPlpVa21QckXGSxb
wz3RFjWOtuCrfzwLX39X6/ENFrPyC3StH8ANnQQqz/rj9nV7H5nmq/ZOnIOB5Mpm
jcsWHHHL7vT9FSlFDxJbZ5RjQFgm1Ib2eHmpssg+9Pgj1b+JJ0gvUNstQ/bGTeaW
el9XHay4cLBYizPhOakKZraTDF+20t05OgS03ukR9b5rauFhGwP87upe4wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNTooaAlAvpzs3AB9985WGdWcRYRMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvMU9paG9DVUMtbk96Y0FIMzN6bFlaMVp4RmhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBAjj2AwQC
k058AwQC1FfUMA0GCSqGSIb3DQEBCwUAA4IBAQCCNSG/kCIIljqs5hc71YZOcNEi
MmwiMynHuH/kvkV1aeC8TDmSvhenBz5EkdGsETdzF3i7om3K2JkIUDlAIML2z/Y/
XTeyPolG50FVLodgS7+a+/GOa40TjtwJvESuPLL7jhvqsIEnf27nMXszhsECUhOH
kW6/8iA10rK/gsrwZ40mdS7OojDC8Fm+TRPHDLTXkBqkHF1d8gGj57KCUdZJrrgC
/Q/bZCLM+26iUBIHp5c/R9VJXelzWgutXCr2MJNfTrgsavnWZhfsBprioAr4G5uX
9a6fr46WvyXY/QgWoy65ogztd0Kub+9qn/V3yhWBPhq/bn9oo4QwHKcF6yDV
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:13 2024 by rpki-client on console-fra.rpki-client.org