Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/0b9f07-f166-4675-b185-60b6ebbb7e6f/1/oKni2Z0Cgw2AaQvHdQY-9yBY8W4.roa
File: oKni2Z0Cgw2AaQvHdQY-9yBY8W4.roa (raw, json)
Hash identifier: 6PjKLDxK9bMLQFYpXmG0ufqUBMgL/r5X8a+qnjPRmSw=
Subject key identifier: A0:A9:E2:D9:9D:02:83:0D:80:69:0B:C7:75:06:3E:F7:20:58:F1:6E
Certificate issuer: /CN=40cfd3a49bc71e74a0d0bf7e346ca89b29597a12
Certificate serial: 01856D81C77980B839C2E793B9EF72DC9BAD
Authority key identifier: 40:CF:D3:A4:9B:C7:1E:74:A0:D0:BF:7E:34:6C:A8:9B:29:59:7A:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QM_TpJvHHnSg0L9-NGyomylZehI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/0b9f07-f166-4675-b185-60b6ebbb7e6f/1/oKni2Z0Cgw2AaQvHdQY-9yBY8W4.roa
Signing time: Sun 01 Jan 2023 13:24:59 +0000
ROA not before: Sun 01 Jan 2023 13:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29119
IP address blocks: 185.223.96.0/22 maxlen: 22
195.128.12.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:c7:79:80:b8:39:c2:e7:93:b9:ef:72:dc:9b:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40cfd3a49bc71e74a0d0bf7e346ca89b29597a12
Validity
Not Before: Jan 1 13:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0a9e2d99d02830d80690bc775063ef72058f16e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:45:bd:d6:47:ad:48:62:9a:41:c9:41:af:f2:
c6:7f:e0:fa:bb:ca:9f:53:a0:a9:7a:3c:10:1b:4b:
ea:4c:f8:0a:39:3e:c3:cc:db:c5:7f:63:b9:d4:68:
8a:b4:cb:21:cf:87:31:e9:c0:bd:ec:dc:ad:4f:fb:
76:9d:f1:59:3e:03:a0:34:aa:ac:4a:6c:e9:2d:74:
96:d7:66:c4:ba:92:ed:5f:a6:6b:9d:a6:60:99:b0:
66:74:27:4d:34:89:b7:34:cd:8c:a2:48:a7:97:a0:
2f:b9:2f:89:ee:86:df:c2:8d:9a:a3:f5:51:da:37:
92:87:cb:a4:77:19:f9:51:81:3a:27:ec:2e:05:82:
4e:c5:8f:f3:0f:75:dd:a5:5a:d0:0e:a2:bd:d4:6b:
05:15:e9:f4:98:ba:8c:29:a4:85:29:32:7a:98:2b:
41:6f:c8:f8:72:24:66:68:c5:f4:2c:98:33:f1:00:
ed:68:f5:58:7d:33:a4:46:ed:53:8f:79:c2:7a:f2:
9a:39:e5:a2:41:43:96:2b:3c:11:97:55:22:a7:a4:
cb:32:a9:08:c4:a7:84:d1:0b:d5:cc:21:54:01:7e:
43:8b:85:4f:41:22:ad:e4:80:06:d1:ea:59:eb:66:
95:7a:00:08:0b:cd:3b:c7:c7:44:f1:54:84:bd:65:
84:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:A9:E2:D9:9D:02:83:0D:80:69:0B:C7:75:06:3E:F7:20:58:F1:6E
X509v3 Authority Key Identifier:
keyid:40:CF:D3:A4:9B:C7:1E:74:A0:D0:BF:7E:34:6C:A8:9B:29:59:7A:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QM_TpJvHHnSg0L9-NGyomylZehI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0b9f07-f166-4675-b185-60b6ebbb7e6f/1/oKni2Z0Cgw2AaQvHdQY-9yBY8W4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0b9f07-f166-4675-b185-60b6ebbb7e6f/1/QM_TpJvHHnSg0L9-NGyomylZehI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.96.0/22
195.128.12.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:ad:33:d1:16:c8:ce:0b:b2:26:a8:52:6b:14:b3:d9:4e:95:
97:50:de:73:92:73:23:dc:4f:ae:d6:97:15:1e:ac:34:dc:6c:
99:0b:85:08:3a:20:9a:39:a2:2a:21:e2:ca:b8:08:87:56:f4:
a8:2d:a2:ac:f8:b5:33:31:49:39:75:87:62:0b:11:40:8f:75:
ce:66:50:d7:76:77:55:0d:e2:79:da:3b:79:40:be:4b:ef:e6:
9c:06:83:c0:4d:ea:93:51:fe:c9:5f:10:7a:25:47:ac:01:b6:
44:f0:e7:b8:2b:12:d0:9a:5c:cc:8b:79:e0:d0:63:9b:5b:b1:
8b:fb:41:4b:2b:af:ab:49:39:15:6e:bd:d0:18:7e:2f:df:58:
56:2e:2a:46:08:45:87:15:c7:42:2d:c4:a6:ea:b0:15:b7:79:
17:fc:7d:67:9d:be:14:01:9e:27:be:cf:83:22:2c:25:2f:0b:
ea:7a:a3:fb:77:0f:46:75:df:92:f4:5b:91:3f:36:90:67:16:
c7:a9:45:c5:68:97:31:5f:8b:83:b2:08:ed:03:df:e2:10:ad:
71:b4:4c:a9:0b:ff:40:c7:f8:5c:25:5d:a8:f2:b7:65:1f:49:
16:09:05:f2:27:f9:75:79:7c:93:44:2d:4a:93:60:56:7a:9a:
7d:a2:fa:0d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtgcd5gLg5wueTue9y3JutMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwY2ZkM2E0OWJjNzFlNzRhMGQwYmY3ZTM0NmNhODliMjk1
OTdhMTIwHhcNMjMwMTAxMTMyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGE5ZTJkOTlkMDI4MzBkODA2OTBiYzc3NTA2M2VmNzIwNThmMTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0W91ketSGKaQclBr/LGf+D6u8qf
U6CpejwQG0vqTPgKOT7DzNvFf2O51GiKtMshz4cx6cC97NytT/t2nfFZPgOgNKqs
SmzpLXSW12bEupLtX6ZrnaZgmbBmdCdNNIm3NM2Mokinl6AvuS+J7obfwo2ao/VR
2jeSh8ukdxn5UYE6J+wuBYJOxY/zD3XdpVrQDqK91GsFFen0mLqMKaSFKTJ6mCtB
b8j4ciRmaMX0LJgz8QDtaPVYfTOkRu1Tj3nCevKaOeWiQUOWKzwRl1Uip6TLMqkI
xKeE0QvVzCFUAX5Di4VPQSKt5IAG0epZ62aVegAIC807x8dE8VSEvWWEwQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKCp4tmdAoMNgGkLx3UGPvcgWPFuMB8GA1UdIwQY
MBaAFEDP06Sbxx50oNC/fjRsqJspWXoSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU1fVHBKdkhIblNnMEw5LU5HeW9teWxaZWhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wYjlmMDctZjE2Ni00Njc1LWIxODUt
NjBiNmViYmI3ZTZmLzEvb0tuaTJaMENndzJBYVF2SGRRWS05eUJZOFc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wYjlmMDctZjE2Ni00Njc1LWIxODUtNjBiNmViYmI3ZTZm
LzEvUU1fVHBKdkhIblNnMEw5LU5HeW9teWxaZWhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCud9gAwQC
w4AMMA0GCSqGSIb3DQEBCwUAA4IBAQAbrTPRFsjOC7ImqFJrFLPZTpWXUN5zknMj
3E+u1pcVHqw03GyZC4UIOiCaOaIqIeLKuAiHVvSoLaKs+LUzMUk5dYdiCxFAj3XO
ZlDXdndVDeJ52jt5QL5L7+acBoPATeqTUf7JXxB6JUesAbZE8Oe4KxLQmlzMi3ng
0GObW7GL+0FLK6+rSTkVbr3QGH4v31hWLipGCEWHFcdCLcSm6rAVt3kX/H1nnb4U
AZ4nvs+DIiwlLwvqeqP7dw9Gdd+S9FuRPzaQZxbHqUXFaJcxX4uDsgjtA9/iEK1x
tEypC/9Ax/hcJV2o8rdlH0kWCQXyJ/l1eXyTRC1Kk2BWepp9ovoN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:57 2024 by rpki-client on console-fra.rpki-client.org