Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/OQwT1zqFgfmPB9y4oiMBTMhlEjk.roa
File: OQwT1zqFgfmPB9y4oiMBTMhlEjk.roa (raw, json)
Hash identifier: xMEHPI87+06rg9vu5rsCEe3wXK3d/vhH0KJejjgj07o=
Subject key identifier: 39:0C:13:D7:3A:85:81:F9:8F:07:DC:B8:A2:23:01:4C:C8:65:12:39
Certificate issuer: /CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Certificate serial: 018570CBEA701B89DC371E903FDA318BF03D
Authority key identifier: 3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/OQwT1zqFgfmPB9y4oiMBTMhlEjk.roa
Signing time: Mon 02 Jan 2023 04:44:50 +0000
ROA not before: Mon 02 Jan 2023 04:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6810
IP address blocks: 81.218.102.0/24 maxlen: 24
85.130.128.0/18 maxlen: 24
62.219.92.0/24 maxlen: 24
31.168.36.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 16 Mar 2023 12:40:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:ea:70:1b:89:dc:37:1e:90:3f:da:31:8b:f0:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Validity
Not Before: Jan 2 04:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=390c13d73a8581f98f07dcb8a223014cc8651239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ee:55:3b:72:a3:a4:d6:1c:94:63:5f:0f:56:
64:b0:2f:5e:27:d1:0b:46:84:79:a2:d4:58:2e:24:
31:54:61:4c:bc:6f:e2:9e:0a:d7:5b:9b:d2:37:90:
3a:5e:80:90:cc:ea:71:60:24:0d:db:66:ff:ad:2e:
9e:dd:e8:2f:bc:4d:c5:7e:7c:1c:bb:6f:3d:79:5d:
d4:17:a7:ec:e9:45:9f:08:d4:1f:a3:99:57:d2:9d:
92:65:a4:ff:bd:75:9b:ce:6a:4d:a4:35:1e:60:f0:
00:20:74:69:50:0d:08:8e:24:c2:8b:b8:e6:d8:5c:
fe:a3:39:c6:fe:33:e7:fd:54:7d:ec:d7:67:90:fd:
53:c7:9b:2e:e5:b7:c3:5e:d0:aa:01:50:a0:62:c6:
b2:77:0b:e7:e2:7a:1d:c6:54:55:23:d3:de:bf:f8:
64:27:c8:8d:d4:1a:e9:ab:4d:f2:75:14:01:8a:81:
e3:6c:86:db:1f:c9:6d:ab:76:80:fb:f3:13:a9:f1:
3f:54:1e:ac:d5:b3:90:fe:f8:c8:24:12:01:52:8f:
0c:af:0c:9a:34:43:61:c5:99:59:86:bf:0a:4a:1c:
83:17:f6:11:b4:4c:49:5d:f0:92:fe:81:dc:18:75:
67:fa:f5:2b:b6:eb:f4:29:a5:38:4c:dd:c9:70:84:
ac:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:0C:13:D7:3A:85:81:F9:8F:07:DC:B8:A2:23:01:4C:C8:65:12:39
X509v3 Authority Key Identifier:
keyid:3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/OQwT1zqFgfmPB9y4oiMBTMhlEjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.168.36.0/23
62.219.92.0/24
81.218.102.0/24
85.130.128.0/18
Signature Algorithm: sha256WithRSAEncryption
40:5f:19:f2:5b:99:7c:5a:32:b2:6e:37:c9:ef:8f:75:14:c4:
76:3c:18:24:f7:f7:4f:95:77:4f:af:28:4b:7d:53:98:30:45:
9a:6c:25:0e:47:a7:cb:12:17:03:e8:c7:64:65:67:76:59:0d:
af:74:7e:6f:93:6a:a7:e9:f4:f2:fe:a6:c9:e7:f4:ec:8c:bc:
a5:cd:82:5f:80:ed:cc:2b:84:de:61:6d:a0:65:14:00:79:cf:
b3:b3:34:14:9b:a1:34:21:e3:81:5b:37:50:18:85:93:76:9f:
e1:96:ef:94:c6:7a:68:ee:9e:ce:24:7f:53:6d:ec:2a:d5:12:
54:cb:74:a9:ee:2d:4b:7a:7c:6a:73:8c:82:b1:50:e6:a6:42:
d2:de:33:12:ca:b6:fc:bd:c4:60:4d:a4:04:dc:26:21:52:ef:
5b:41:23:e6:05:fc:4c:8f:1b:23:dd:c6:fa:90:99:9c:80:18:
2b:79:3a:ea:17:f0:fb:2c:8c:39:26:89:39:90:1f:4d:5c:3f:
1e:87:e2:84:e3:13:3c:d1:e8:8c:18:e0:3e:17:68:cc:d2:b9:
a5:bf:99:a7:6a:48:90:f8:68:8e:8c:a8:81:5e:a1:b0:4c:53:
87:0d:9a:86:ef:a4:8e:d2:26:0e:30:78:43:3e:50:38:aa:b0:
d3:93:20:0d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVwy+pwG4ncNx6QP9oxi/A9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZWRkODVjMWVjY2I1ZmY0YmE5MzAxMTdhNzMyOTA5OWMw
ZmYyZWIwHhcNMjMwMTAyMDQ0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTBjMTNkNzNhODU4MWY5OGYwN2RjYjhhMjIzMDE0Y2M4NjUxMjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAie5VO3KjpNYclGNfD1ZksC9eJ9EL
RoR5otRYLiQxVGFMvG/ingrXW5vSN5A6XoCQzOpxYCQN22b/rS6e3egvvE3Ffnwc
u289eV3UF6fs6UWfCNQfo5lX0p2SZaT/vXWbzmpNpDUeYPAAIHRpUA0IjiTCi7jm
2Fz+oznG/jPn/VR97NdnkP1Tx5su5bfDXtCqAVCgYsaydwvn4nodxlRVI9Pev/hk
J8iN1Brpq03ydRQBioHjbIbbH8ltq3aA+/MTqfE/VB6s1bOQ/vjIJBIBUo8Mrwya
NENhxZlZhr8KShyDF/YRtExJXfCS/oHcGHVn+vUrtuv0KaU4TN3JcISsbQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDkME9c6hYH5jwfcuKIjAUzIZRI5MB8GA1UdIwQY
MBaAFD/t2FwezLX/S6kwEXpzKQmcD/LrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQt
ZTJiNTI3NzI4ZTk2LzEvT1F3VDF6cUZnZm1QQjl5NG9pTUJUTWhsRWprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQtZTJiNTI3NzI4ZTk2
LzEvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBH6gkAwQA
PttcAwQAUdpmAwQGVYKAMA0GCSqGSIb3DQEBCwUAA4IBAQBAXxnyW5l8WjKybjfJ
7491FMR2PBgk9/dPlXdPryhLfVOYMEWabCUOR6fLEhcD6MdkZWd2WQ2vdH5vk2qn
6fTy/qbJ5/TsjLylzYJfgO3MK4TeYW2gZRQAec+zszQUm6E0IeOBWzdQGIWTdp/h
lu+Uxnpo7p7OJH9Tbewq1RJUy3Sp7i1Lenxqc4yCsVDmpkLS3jMSyrb8vcRgTaQE
3CYhUu9bQSPmBfxMjxsj3cb6kJmcgBgreTrqF/D7LIw5Jok5kB9NXD8eh+KE4xM8
0eiMGOA+F2jM0rmlv5mnakiQ+GiOjKiBXqGwTFOHDZqG76SO0iYOMHhDPlA4qrDT
kyAN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:57 2024 by rpki-client on console-fra.rpki-client.org