Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/OBoDxoDFv1_mLsjwGdEB3aYCPYg.roa
File: OBoDxoDFv1_mLsjwGdEB3aYCPYg.roa (raw, json)
Hash identifier: xnBmQJXZRjihbGjVDQjDRtZQD04N6a/K1m5hTbow+dg=
Subject key identifier: 38:1A:03:C6:80:C5:BF:5F:E6:2E:C8:F0:19:D1:01:DD:A6:02:3D:88
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01901C38ABEB79D99362847ADDAC6C6E825A
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/OBoDxoDFv1_mLsjwGdEB3aYCPYg.roa
Signing time: Sat 15 Jun 2024 14:06:34 +0000
ROA not before: Sat 15 Jun 2024 14:06:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 22773
IP address blocks: 159.255.32.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Jun 2024 08:28:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:1c:38:ab:eb:79:d9:93:62:84:7a:dd:ac:6c:6e:82:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jun 15 14:06:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=381a03c680c5bf5fe62ec8f019d101dda6023d88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f9:25:60:b9:0b:4a:70:67:41:e2:1d:99:bb:
03:f7:aa:0a:13:89:9f:49:2b:7b:c3:fd:23:e8:49:
e5:5e:7e:a9:80:30:c6:b2:4a:41:f7:0f:11:dc:95:
94:6b:20:58:68:6a:24:01:dd:24:51:e7:c5:dc:c7:
d7:f5:55:4b:c3:ac:28:6f:ce:d7:26:7b:20:ab:b9:
ae:a2:1c:98:02:45:f9:37:d3:c7:c8:c0:69:6d:b3:
3c:a3:88:86:50:f2:d5:2a:99:8c:c2:b6:f5:8e:c2:
62:76:7b:40:01:5c:29:90:31:88:e8:48:e1:e7:1b:
6e:83:10:70:3a:f7:25:a4:ed:bd:52:bc:21:e3:c7:
df:52:28:9a:55:40:78:b8:3f:c7:a1:ad:6d:5d:64:
3e:e9:3a:25:29:0f:83:21:4a:57:a9:de:2b:a4:ad:
35:3e:40:46:8e:ce:be:b4:f1:76:7d:c2:a9:eb:58:
a1:a7:61:39:47:76:d5:00:1f:ec:5e:c7:d9:1b:bc:
39:ce:03:62:c7:bb:40:d3:30:1d:fa:98:f9:38:6d:
15:30:73:32:13:d0:44:1b:86:e3:5d:df:2c:f0:fb:
ce:3c:54:89:f7:15:a2:90:ec:02:54:fd:82:91:14:
3a:11:6b:b6:e6:86:ea:2d:4c:dd:18:8d:92:0e:11:
ab:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:1A:03:C6:80:C5:BF:5F:E6:2E:C8:F0:19:D1:01:DD:A6:02:3D:88
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/OBoDxoDFv1_mLsjwGdEB3aYCPYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.255.32.0/21
Signature Algorithm: sha256WithRSAEncryption
89:72:e2:20:95:e8:9d:aa:bc:c2:fe:71:87:24:95:89:b1:ab:
a0:b5:41:ab:c0:4d:b8:31:c8:3c:6a:69:37:20:2c:79:b4:4b:
c0:a4:fb:4a:76:d7:b7:42:d1:9b:43:a8:5e:14:14:a6:e3:a3:
43:5f:1c:16:5f:7b:98:87:e2:52:b8:3d:82:83:91:75:27:31:
20:72:e8:af:58:32:7c:d5:70:be:0d:70:99:31:00:00:fa:30:
90:54:e7:11:1f:19:a3:22:f9:1a:7b:b2:a3:81:6d:aa:72:66:
a5:41:93:22:be:78:1a:77:06:3e:1d:23:94:08:f6:2e:8f:87:
5c:ca:7a:87:2f:86:cd:e3:06:02:1f:76:e8:26:c2:3a:52:6b:
89:a5:24:27:84:cf:62:67:32:29:8e:aa:2c:65:08:b3:c5:3a:
44:1d:92:81:e5:06:69:4e:6d:11:36:0b:7a:36:27:69:7e:07:
6c:f5:48:46:ef:a4:82:26:12:7f:c6:e6:6c:8d:a0:af:46:23:
a5:26:35:ae:f2:02:8d:24:86:96:1e:23:39:74:3d:ae:a0:eb:
45:50:28:bc:05:e5:e8:aa:c0:8a:59:d1:97:dd:27:eb:ad:36:
80:02:ee:75:c8:56:67:3d:52:8f:64:1c:79:d7:8a:12:a0:f1:
a4:75:e2:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZAcOKvredmTYoR63axsboJaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwNjE1MTQwNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODFhMDNjNjgwYzViZjVmZTYyZWM4ZjAxOWQxMDFkZGE2MDIzZDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvklYLkLSnBnQeIdmbsD96oKE4mf
SSt7w/0j6EnlXn6pgDDGskpB9w8R3JWUayBYaGokAd0kUefF3MfX9VVLw6wob87X
Jnsgq7muohyYAkX5N9PHyMBpbbM8o4iGUPLVKpmMwrb1jsJidntAAVwpkDGI6Ejh
5xtugxBwOvclpO29Urwh48ffUiiaVUB4uD/Hoa1tXWQ+6TolKQ+DIUpXqd4rpK01
PkBGjs6+tPF2fcKp61ihp2E5R3bVAB/sXsfZG7w5zgNix7tA0zAd+pj5OG0VMHMy
E9BEG4bjXd8s8PvOPFSJ9xWikOwCVP2CkRQ6EWu25obqLUzdGI2SDhGrvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDgaA8aAxb9f5i7I8BnRAd2mAj2IMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvT0JvRHhvREZ2MV9tTHNqd0dkRUIzYVlDUFlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDn/8gMA0G
CSqGSIb3DQEBCwUAA4IBAQCJcuIgleidqrzC/nGHJJWJsaugtUGrwE24Mcg8amk3
ICx5tEvApPtKdte3QtGbQ6heFBSm46NDXxwWX3uYh+JSuD2Cg5F1JzEgcuivWDJ8
1XC+DXCZMQAA+jCQVOcRHxmjIvkae7KjgW2qcmalQZMivngadwY+HSOUCPYuj4dc
ynqHL4bN4wYCH3boJsI6UmuJpSQnhM9iZzIpjqosZQizxTpEHZKB5QZpTm0RNgt6
Nidpfgds9UhG76SCJhJ/xuZsjaCvRiOlJjWu8gKNJIaWHiM5dD2uoOtFUCi8BeXo
qsCKWdGX3SfrrTaAAu51yFZnPVKPZBx514oSoPGkdeL4
-----END CERTIFICATE-----
Generated at Mon Jun 24 10:44:44 2024 by rpki-client on console-fra.rpki-client.org