Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/OFAkNkTrdwXYO7Ai0NGREUYB7JQ.roa
File: OFAkNkTrdwXYO7Ai0NGREUYB7JQ.roa (raw, json)
Hash identifier: BfJzaZJ/0yNU7huUxxxVoYjhGU2l175aiwM0AiVee1M=
Subject key identifier: 38:50:24:36:44:EB:77:05:D8:3B:B0:22:D0:D1:91:11:46:01:EC:94
Certificate issuer: /CN=e39f1a6e84c0277efcb56d942b0eb5e456471129
Certificate serial: 018CC7274FEC3074B10E7C95FD975F07A8B2
Authority key identifier: E3:9F:1A:6E:84:C0:27:7E:FC:B5:6D:94:2B:0E:B5:E4:56:47:11:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/458aboTAJ378tW2UKw615FZHESk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/OFAkNkTrdwXYO7Ai0NGREUYB7JQ.roa
Signing time: Mon 01 Jan 2024 22:31:31 +0000
ROA not before: Mon 01 Jan 2024 22:31:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206452
IP address blocks: 188.74.40.0/22 maxlen: 24
2a03:4b27:d000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 31 Jan 2024 03:38:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:4f:ec:30:74:b1:0e:7c:95:fd:97:5f:07:a8:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e39f1a6e84c0277efcb56d942b0eb5e456471129
Validity
Not Before: Jan 1 22:31:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3850243644eb7705d83bb022d0d191114601ec94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a5:b2:cc:a1:b1:13:14:4b:49:ab:01:1b:32:
aa:b3:00:fe:c3:61:0f:b4:5d:33:e1:f9:66:fc:ea:
38:89:75:71:33:14:a8:94:6a:fc:2b:5f:cd:35:54:
00:e9:61:3e:a5:d9:45:2c:07:72:be:5a:32:df:ea:
bf:a6:4b:21:52:34:b4:43:ef:9d:34:e6:89:30:20:
f9:44:a5:d7:33:4f:c8:e9:0b:62:54:04:d3:7f:de:
58:8f:d7:2d:f8:4a:3d:78:d8:44:c6:37:38:50:2a:
2b:ad:e6:8b:79:76:31:ff:12:cd:97:0b:89:be:53:
0c:74:dd:35:a9:2a:6f:ff:79:f4:21:37:fe:a4:a8:
03:d7:aa:99:bf:64:ca:10:4b:9f:22:61:68:ee:99:
69:95:1d:71:55:6c:fe:15:41:f5:69:79:70:1f:5e:
61:9d:67:ee:c1:bd:69:07:c6:20:1b:9b:8e:10:f1:
66:ab:17:4d:57:5f:d7:dc:6c:91:80:42:7c:68:5f:
a5:21:1c:e6:19:f7:c1:db:7b:66:91:47:8e:11:5b:
44:db:24:21:a7:bd:47:35:61:96:8c:45:9d:84:08:
b9:82:f8:f0:47:34:4f:c6:43:8d:8b:c2:68:3d:19:
17:82:93:bb:7e:62:be:d3:5d:18:b7:2e:63:43:82:
fd:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:50:24:36:44:EB:77:05:D8:3B:B0:22:D0:D1:91:11:46:01:EC:94
X509v3 Authority Key Identifier:
keyid:E3:9F:1A:6E:84:C0:27:7E:FC:B5:6D:94:2B:0E:B5:E4:56:47:11:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/458aboTAJ378tW2UKw615FZHESk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/OFAkNkTrdwXYO7Ai0NGREUYB7JQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/458aboTAJ378tW2UKw615FZHESk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.74.40.0/22
IPv6:
2a03:4b27:d000::/36
Signature Algorithm: sha256WithRSAEncryption
4f:5a:59:82:eb:3a:16:23:d6:3c:e9:17:65:1b:48:d7:4a:9d:
01:97:3e:8b:3c:92:02:72:40:9d:47:30:6f:43:8a:99:d5:11:
ec:2e:03:11:e3:43:b1:e1:ff:3a:6e:fe:ae:b9:65:cc:4e:79:
14:00:20:ef:a2:e2:c4:fb:86:7a:cb:43:ab:00:b6:c9:ac:71:
fd:80:d7:81:2e:64:3d:83:38:86:a3:2a:5a:44:fd:c5:7f:34:
e6:4d:9d:99:9e:b3:09:6a:a0:a5:9b:8c:e5:f2:b6:70:f1:02:
19:82:86:66:68:57:be:e6:ed:32:83:f2:57:a9:46:f4:5a:7c:
00:e1:0a:bf:f4:99:15:7a:66:15:3a:90:6f:e5:bf:64:1e:3b:
7f:eb:b1:4a:63:35:32:19:be:73:f7:a5:62:8e:af:cd:83:b5:
0e:bc:3b:30:55:41:61:67:6d:24:09:c4:c8:64:45:05:6a:66:
a0:5e:a1:38:09:14:1a:f5:6b:d0:cd:15:37:a6:85:f9:06:4f:
e4:47:9d:5e:28:6b:dc:0f:6d:eb:1c:bc:7a:51:af:3c:aa:4f:
eb:e2:66:1e:fa:4f:41:57:23:c7:ff:39:a6:91:28:db:4c:0a:
08:f2:1c:bd:be:74:41:00:f6:f7:54:67:c3:3d:35:2d:b8:db:
2a:18:73:8b
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzHJ0/sMHSxDnyV/ZdfB6iyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzOWYxYTZlODRjMDI3N2VmY2I1NmQ5NDJiMGViNWU0NTY0
NzExMjkwHhcNMjQwMTAxMjIzMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODUwMjQzNjQ0ZWI3NzA1ZDgzYmIwMjJkMGQxOTExMTQ2MDFlYzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaWyzKGxExRLSasBGzKqswD+w2EP
tF0z4flm/Oo4iXVxMxSolGr8K1/NNVQA6WE+pdlFLAdyvloy3+q/pkshUjS0Q++d
NOaJMCD5RKXXM0/I6QtiVATTf95Yj9ct+Eo9eNhExjc4UCorreaLeXYx/xLNlwuJ
vlMMdN01qSpv/3n0ITf+pKgD16qZv2TKEEufImFo7plplR1xVWz+FUH1aXlwH15h
nWfuwb1pB8YgG5uOEPFmqxdNV1/X3GyRgEJ8aF+lIRzmGffB23tmkUeOEVtE2yQh
p71HNWGWjEWdhAi5gvjwRzRPxkONi8JoPRkXgpO7fmK+010Yty5jQ4L9vwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFDhQJDZE63cF2DuwItDRkRFGAeyUMB8GA1UdIwQY
MBaAFOOfGm6EwCd+/LVtlCsOteRWRxEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDU4YWJvVEFKMzc4dFcyVUt3NjE1RlpIRVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8xNjBhNzctNzU2ZC00NDFhLTg2YzMt
MGU1MzkyNzU3ZjgyLzEvT0ZBa05rVHJkd1hZTzdBaTBOR1JFVVlCN0pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8xNjBhNzctNzU2ZC00NDFhLTg2YzMtMGU1MzkyNzU3Zjgy
LzEvNDU4YWJvVEFKMzc4dFcyVUt3NjE1RlpIRVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCvEooMA4E
AgACMAgDBgQqA0sn0DANBgkqhkiG9w0BAQsFAAOCAQEAT1pZgus6FiPWPOkXZRtI
10qdAZc+izySAnJAnUcwb0OKmdUR7C4DEeNDseH/Om7+rrllzE55FAAg76LixPuG
estDqwC2yaxx/YDXgS5kPYM4hqMqWkT9xX805k2dmZ6zCWqgpZuM5fK2cPECGYKG
ZmhXvubtMoPyV6lG9Fp8AOEKv/SZFXpmFTqQb+W/ZB47f+uxSmM1Mhm+c/elYo6v
zYO1Drw7MFVBYWdtJAnEyGRFBWpmoF6hOAkUGvVr0M0VN6aF+QZP5EedXihr3A9t
6xy8elGvPKpP6+JmHvpPQVcjx/85ppEo20wKCPIcvb50QQD291Rnwz01LbjbKhhz
iw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:28 2024 by rpki-client on console-fra.rpki-client.org