Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/21b500-34a6-420a-aa44-749905c327b1/1/O7xcEvx35ge0AvWFcc4dezYYXu4.roa
File: O7xcEvx35ge0AvWFcc4dezYYXu4.roa (raw, json)
Hash identifier: He/bRorRdfdkoB33MkgqUlMI31wjlzh/LKWQj7BNaR0=
Subject key identifier: 3B:BC:5C:12:FC:77:E6:07:B4:02:F5:85:71:CE:1D:7B:36:18:5E:EE
Certificate issuer: /CN=1cae1a26967dfe287eb602749ec2c6f05afbb57c
Certificate serial: 0185708CC5D03A0AB0F6A9A03D6CF2BB91A1
Authority key identifier: 1C:AE:1A:26:96:7D:FE:28:7E:B6:02:74:9E:C2:C6:F0:5A:FB:B5:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HK4aJpZ9_ih-tgJ0nsLG8Fr7tXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/21b500-34a6-420a-aa44-749905c327b1/1/O7xcEvx35ge0AvWFcc4dezYYXu4.roa
Signing time: Mon 02 Jan 2023 03:35:51 +0000
ROA not before: Mon 02 Jan 2023 03:35:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56953
IP address blocks: 91.229.152.0/23 maxlen: 24
31.132.200.0/21 maxlen: 24
2001:67c:2340::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:c5:d0:3a:0a:b0:f6:a9:a0:3d:6c:f2:bb:91:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cae1a26967dfe287eb602749ec2c6f05afbb57c
Validity
Not Before: Jan 2 03:35:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bbc5c12fc77e607b402f58571ce1d7b36185eee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:25:99:e6:f9:e9:66:fe:17:91:9e:cf:c8:87:
0b:2a:c6:aa:04:66:77:b3:c4:75:ae:32:04:b0:bb:
ed:32:36:d4:0f:58:45:c4:17:b1:c3:04:6c:47:99:
18:14:04:0e:a2:ef:4f:da:6c:37:aa:d4:61:0f:b9:
f5:1f:1b:8a:c9:8a:d2:8b:36:2b:4d:13:6b:7e:35:
55:06:ad:3b:d3:a2:dc:6b:f5:76:69:1c:45:4b:9c:
df:34:4f:93:4f:49:09:54:e9:ad:87:93:e6:b2:56:
32:05:4a:8c:ab:13:84:bd:53:8e:d9:63:99:5a:9d:
70:d8:67:23:2f:0d:29:8f:b9:25:4d:85:8c:2c:33:
e7:d6:e3:cc:af:20:07:44:8c:fb:0b:29:76:a9:35:
20:cb:8d:b3:c7:08:f7:e8:e8:80:60:e2:cf:4e:f7:
72:9c:7f:a0:03:bc:e2:2c:0f:c1:cf:4a:2e:d0:a3:
a1:f1:b7:fb:78:b4:f5:6a:40:13:13:f8:7f:c2:6a:
8d:c8:4b:84:76:22:84:63:1a:13:28:9e:13:5c:15:
11:e6:9e:59:38:2c:e5:cf:91:0b:c3:6c:a2:38:35:
db:0d:96:4e:80:94:ba:90:14:af:f7:b7:1e:15:a1:
ae:a7:bc:97:69:be:ff:a7:c1:cf:ed:e3:1e:f1:ad:
46:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:BC:5C:12:FC:77:E6:07:B4:02:F5:85:71:CE:1D:7B:36:18:5E:EE
X509v3 Authority Key Identifier:
keyid:1C:AE:1A:26:96:7D:FE:28:7E:B6:02:74:9E:C2:C6:F0:5A:FB:B5:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HK4aJpZ9_ih-tgJ0nsLG8Fr7tXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/21b500-34a6-420a-aa44-749905c327b1/1/O7xcEvx35ge0AvWFcc4dezYYXu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/21b500-34a6-420a-aa44-749905c327b1/1/HK4aJpZ9_ih-tgJ0nsLG8Fr7tXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.132.200.0/21
91.229.152.0/23
IPv6:
2001:67c:2340::/48
Signature Algorithm: sha256WithRSAEncryption
dd:29:7d:b1:47:5e:3f:22:b0:4b:4a:e9:b5:a1:29:1b:8a:11:
15:19:da:d3:46:78:63:8c:67:00:55:77:07:35:e2:a5:cb:85:
d9:56:89:fe:82:fb:df:21:cf:ae:75:b4:1e:4b:d1:6e:c4:38:
7a:f3:11:07:b7:74:13:6b:6b:fa:0d:b3:0d:78:be:b9:56:90:
65:2a:a6:2c:f1:77:02:33:9f:42:e1:f2:e9:fe:58:48:fd:b5:
fc:a1:af:d9:65:f1:b7:51:39:67:4c:30:00:99:78:6e:c8:dc:
33:ad:f8:05:09:1e:4e:51:d1:f4:cb:bd:0c:5d:54:56:b0:07:
6f:7a:2d:6e:6d:b0:59:5e:f1:e7:22:92:7b:fc:e9:4a:ba:cc:
80:8c:1b:a0:a3:39:c6:b4:10:23:27:cc:0f:28:17:1a:70:27:
dd:a4:71:54:8f:9e:07:73:e0:2a:07:c4:a4:91:59:1e:5d:46:
0c:0a:b1:75:cf:b4:02:60:1e:4c:1f:a2:78:14:76:da:f0:c6:
b1:55:4b:9f:f8:ae:3e:61:80:33:c7:87:a2:3f:ab:17:e2:d6:
e1:ca:ab:bd:b4:d1:3e:e4:f8:19:2f:d4:86:c2:e5:3e:41:c7:
22:a0:4e:bc:cb:b6:e3:43:76:f9:c5:33:94:0d:b2:44:38:83:
c7:92:c0:2f
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVwjMXQOgqw9qmgPWzyu5GhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYWUxYTI2OTY3ZGZlMjg3ZWI2MDI3NDllYzJjNmYwNWFm
YmI1N2MwHhcNMjMwMTAyMDMzNTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmJjNWMxMmZjNzdlNjA3YjQwMmY1ODU3MWNlMWQ3YjM2MTg1ZWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSWZ5vnpZv4XkZ7PyIcLKsaqBGZ3
s8R1rjIEsLvtMjbUD1hFxBexwwRsR5kYFAQOou9P2mw3qtRhD7n1HxuKyYrSizYr
TRNrfjVVBq0706Lca/V2aRxFS5zfNE+TT0kJVOmth5PmslYyBUqMqxOEvVOO2WOZ
Wp1w2GcjLw0pj7klTYWMLDPn1uPMryAHRIz7Cyl2qTUgy42zxwj36OiAYOLPTvdy
nH+gA7ziLA/Bz0ou0KOh8bf7eLT1akATE/h/wmqNyEuEdiKEYxoTKJ4TXBUR5p5Z
OCzlz5ELw2yiODXbDZZOgJS6kBSv97ceFaGup7yXab7/p8HP7eMe8a1GOwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFDu8XBL8d+YHtAL1hXHOHXs2GF7uMB8GA1UdIwQY
MBaAFByuGiaWff4ofrYCdJ7CxvBa+7V8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEs0YUpwWjlfaWgtdGdKMG5zTEc4RnI3dFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8yMWI1MDAtMzRhNi00MjBhLWFhNDQt
NzQ5OTA1YzMyN2IxLzEvTzd4Y0V2eDM1Z2UwQXZXRmNjNGRlellZWHU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8yMWI1MDAtMzRhNi00MjBhLWFhNDQtNzQ5OTA1YzMyN2Ix
LzEvSEs0YUpwWjlfaWgtdGdKMG5zTEc4RnI3dFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDH4TIAwQB
W+WYMA8EAgACMAkDBwAgAQZ8I0AwDQYJKoZIhvcNAQELBQADggEBAN0pfbFHXj8i
sEtK6bWhKRuKERUZ2tNGeGOMZwBVdwc14qXLhdlWif6C+98hz651tB5L0W7EOHrz
EQe3dBNra/oNsw14vrlWkGUqpizxdwIzn0Lh8un+WEj9tfyhr9ll8bdROWdMMACZ
eG7I3DOt+AUJHk5R0fTLvQxdVFawB296LW5tsFle8eciknv86Uq6zICMG6CjOca0
ECMnzA8oFxpwJ92kcVSPngdz4CoHxKSRWR5dRgwKsXXPtAJgHkwfongUdtrwxrFV
S5/4rj5hgDPHh6I/qxfi1uHKq7200T7k+Bkv1IbC5T5BxyKgTrzLtuNDdvnFM5QN
skQ4g8eSwC8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:44 2024 by rpki-client on console-ams.rpki-client.org