Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/c0ba6f-df6f-4148-8fca-d25aaa804145/1/OWDTAaUTTuJWjelwjBPJo8139v4.roa
File: OWDTAaUTTuJWjelwjBPJo8139v4.roa (raw, json)
Hash identifier: sWs8XCJH8t7My8ZbgsZpvoeVvijcYqriI9GBrtlYHP8=
Subject key identifier: 39:60:D3:01:A5:13:4E:E2:56:8D:E9:70:8C:13:C9:A3:CD:77:F6:FE
Certificate issuer: /CN=4540daa4c245a4725f38041402b6bffded15ea78
Certificate serial: 018CC500226D5F94D37C3396C61B6963F34F
Authority key identifier: 45:40:DA:A4:C2:45:A4:72:5F:38:04:14:02:B6:BF:FD:ED:15:EA:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RUDapMJFpHJfOAQUAra__e0V6ng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/c0ba6f-df6f-4148-8fca-d25aaa804145/1/OWDTAaUTTuJWjelwjBPJo8139v4.roa
Signing time: Mon 01 Jan 2024 12:29:29 +0000
ROA not before: Mon 01 Jan 2024 12:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201746
IP address blocks: 217.61.224.0/22 maxlen: 24
185.49.168.0/22 maxlen: 24
2a01:9f20::/37 maxlen: 37
Validation: Failed, certificate revoked on Tue 09 Jan 2024 09:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:22:6d:5f:94:d3:7c:33:96:c6:1b:69:63:f3:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4540daa4c245a4725f38041402b6bffded15ea78
Validity
Not Before: Jan 1 12:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3960d301a5134ee2568de9708c13c9a3cd77f6fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b0:b9:97:09:66:d3:7d:23:6e:1f:d5:12:be:
bd:17:28:45:2b:53:31:2d:d9:24:8b:5e:3d:33:0f:
a1:81:c2:9c:a2:29:13:d1:cf:3f:e7:bf:a3:23:51:
4c:c1:81:6d:36:0e:9d:d2:79:89:0d:dc:48:4b:c3:
c2:18:20:af:e5:2d:b2:f0:4f:9f:e3:77:63:c4:15:
80:90:a3:87:2c:d7:b9:84:0b:d9:6f:26:34:c2:a5:
4f:7d:8c:8f:f5:53:50:81:08:be:ce:cd:e5:d5:e8:
83:62:d8:38:45:86:a9:a0:71:da:18:de:22:b7:94:
eb:19:19:37:aa:b1:f9:c0:94:ce:2c:1c:d6:69:cd:
28:a6:ea:1c:3e:16:65:61:ea:c7:ad:f8:cc:d5:ac:
ff:28:56:c4:a2:87:33:4c:dc:8f:22:76:03:87:cd:
df:92:91:5d:ab:d5:71:bb:33:20:e3:1f:37:6e:1e:
12:51:c3:50:99:ee:52:fb:78:ee:73:70:f9:2d:fc:
7c:28:f4:7b:ea:f1:90:14:b7:31:3e:b0:ec:da:bd:
31:4a:4e:e5:01:4f:b9:da:db:ad:85:43:fc:48:c5:
fe:36:80:f7:bf:cf:41:d7:94:e1:6e:60:a0:b4:f4:
8a:7b:aa:bd:41:af:8d:1e:12:f7:58:0b:6b:94:5d:
56:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:60:D3:01:A5:13:4E:E2:56:8D:E9:70:8C:13:C9:A3:CD:77:F6:FE
X509v3 Authority Key Identifier:
keyid:45:40:DA:A4:C2:45:A4:72:5F:38:04:14:02:B6:BF:FD:ED:15:EA:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RUDapMJFpHJfOAQUAra__e0V6ng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/c0ba6f-df6f-4148-8fca-d25aaa804145/1/OWDTAaUTTuJWjelwjBPJo8139v4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/c0ba6f-df6f-4148-8fca-d25aaa804145/1/RUDapMJFpHJfOAQUAra__e0V6ng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.168.0/22
217.61.224.0/22
IPv6:
2a01:9f20::/37
Signature Algorithm: sha256WithRSAEncryption
28:d3:16:75:54:1c:12:0e:ef:ce:21:16:85:c3:38:e7:ce:0f:
69:81:a2:e6:e0:03:a6:cb:aa:a6:2d:63:3d:21:56:99:8c:42:
f0:20:a6:12:bb:38:6a:e9:f6:20:49:1a:a4:ac:b3:f8:e8:72:
90:a2:cc:72:98:db:38:1d:72:47:ed:d1:68:bb:0c:de:99:76:
cd:59:10:e5:15:0b:5d:90:cf:4e:67:39:2b:7d:6a:6a:a7:b7:
76:a5:fb:3f:b0:0d:10:39:de:34:c0:29:60:6f:61:32:79:5a:
4b:97:2d:79:da:e8:64:1a:38:9f:54:88:ce:8d:2a:ce:8e:36:
20:58:35:c8:24:36:e5:74:7b:42:68:d1:ed:38:b8:db:8f:2e:
64:19:37:f3:99:88:8b:e7:86:a0:e3:59:26:29:55:93:db:aa:
06:dc:7c:3e:82:cf:a2:f3:f3:a3:67:f7:f8:61:6a:a9:ef:fc:
45:22:19:78:d8:89:50:29:bd:b4:13:dd:fb:4e:62:e7:68:ae:
71:30:f7:de:d2:4a:e0:36:00:77:c3:b9:3a:aa:e8:a9:d6:13:
2e:39:de:6b:fa:8a:64:f5:dd:72:fd:e6:5e:ab:c2:92:04:7b:
a8:57:18:21:d6:d2:7f:27:29:99:7f:bf:f7:0c:f6:7c:05:d6:
af:9b:53:c0
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzFACJtX5TTfDOWxhtpY/NPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NDBkYWE0YzI0NWE0NzI1ZjM4MDQxNDAyYjZiZmZkZWQx
NWVhNzgwHhcNMjQwMTAxMTIyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTYwZDMwMWE1MTM0ZWUyNTY4ZGU5NzA4YzEzYzlhM2NkNzdmNmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbC5lwlm030jbh/VEr69FyhFK1Mx
Ldkki149Mw+hgcKcoikT0c8/57+jI1FMwYFtNg6d0nmJDdxIS8PCGCCv5S2y8E+f
43djxBWAkKOHLNe5hAvZbyY0wqVPfYyP9VNQgQi+zs3l1eiDYtg4RYapoHHaGN4i
t5TrGRk3qrH5wJTOLBzWac0opuocPhZlYerHrfjM1az/KFbEooczTNyPInYDh83f
kpFdq9VxuzMg4x83bh4SUcNQme5S+3juc3D5Lfx8KPR76vGQFLcxPrDs2r0xSk7l
AU+52tuthUP8SMX+NoD3v89B15ThbmCgtPSKe6q9Qa+NHhL3WAtrlF1W8QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDlg0wGlE07iVo3pcIwTyaPNd/b+MB8GA1UdIwQY
MBaAFEVA2qTCRaRyXzgEFAK2v/3tFep4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlVEYXBNSkZwSEpmT0FRVUFyYV9fZTBWNm5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9jMGJhNmYtZGY2Zi00MTQ4LThmY2Et
ZDI1YWFhODA0MTQ1LzEvT1dEVEFhVVRUdUpXamVsd2pCUEpvODEzOXY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9jMGJhNmYtZGY2Zi00MTQ4LThmY2EtZDI1YWFhODA0MTQ1
LzEvUlVEYXBNSkZwSEpmT0FRVUFyYV9fZTBWNm5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQCuTGoAwQC
2T3gMA4EAgACMAgDBgMqAZ8gADANBgkqhkiG9w0BAQsFAAOCAQEAKNMWdVQcEg7v
ziEWhcM4584PaYGi5uADpsuqpi1jPSFWmYxC8CCmErs4aun2IEkapKyz+OhykKLM
cpjbOB1yR+3RaLsM3pl2zVkQ5RULXZDPTmc5K31qaqe3dqX7P7ANEDneNMApYG9h
MnlaS5ctedroZBo4n1SIzo0qzo42IFg1yCQ25XR7QmjR7Ti4248uZBk385mIi+eG
oONZJilVk9uqBtx8PoLPovPzo2f3+GFqqe/8RSIZeNiJUCm9tBPd+05i52iucTD3
3tJK4DYAd8O5OqroqdYTLjnea/qKZPXdcv3mXqvCkgR7qFcYIdbSfycpmX+/9wz2
fAXWr5tTwA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:26 2024 by rpki-client on console-fra.rpki-client.org