Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/dce44a-4a90-43ea-b1fb-a2d116560aca/1/OOp4mb5SAQrIzyMfmFLTqDefm8c.roa
File: OOp4mb5SAQrIzyMfmFLTqDefm8c.roa (raw, json)
Hash identifier: 2adYdqWaCl1lm5EYGrlFhE056/y/SruG6qGqFlsfxO0=
Subject key identifier: 38:EA:78:99:BE:52:01:0A:C8:CF:23:1F:98:52:D3:A8:37:9F:9B:C7
Certificate issuer: /CN=53cbd1477044a03404c7fc43961c2c83bba75bbc
Certificate serial: 01856C65D50AB8B53725D169D9878E2A72BB
Authority key identifier: 53:CB:D1:47:70:44:A0:34:04:C7:FC:43:96:1C:2C:83:BB:A7:5B:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U8vRR3BEoDQEx_xDlhwsg7unW7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/dce44a-4a90-43ea-b1fb-a2d116560aca/1/OOp4mb5SAQrIzyMfmFLTqDefm8c.roa
Signing time: Sun 01 Jan 2023 08:14:50 +0000
ROA not before: Sun 01 Jan 2023 08:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208552
IP address blocks: 193.254.222.0/24 maxlen: 24
193.254.223.0/24 maxlen: 24
91.211.24.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:d5:0a:b8:b5:37:25:d1:69:d9:87:8e:2a:72:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53cbd1477044a03404c7fc43961c2c83bba75bbc
Validity
Not Before: Jan 1 08:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38ea7899be52010ac8cf231f9852d3a8379f9bc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:76:1a:7f:b1:9a:1f:b6:ae:69:c7:00:08:2c:
ca:5e:5f:3b:30:d6:27:17:4d:64:9c:f5:c1:90:d9:
ed:f6:41:cf:90:29:8f:bc:b2:49:fb:20:d4:33:68:
7b:35:c1:ca:0c:36:cc:0b:9d:5c:3e:dd:84:1e:db:
02:85:88:28:04:78:44:06:96:85:3b:f6:9b:bc:f7:
02:43:38:f8:1e:89:01:79:be:45:f5:cc:9c:29:c5:
7d:8f:80:ee:c0:77:53:ca:a9:d9:0f:d0:bd:96:5b:
9d:30:8a:a8:5c:6d:8b:c6:44:75:68:4e:24:29:e0:
00:a6:8f:d2:1f:21:77:45:4e:45:93:6e:09:a9:fb:
c9:93:5f:e8:7b:27:ca:38:0b:5a:8d:1f:63:d6:ab:
8f:7d:52:35:7e:fb:ba:25:9a:e1:73:87:82:b3:ba:
14:5f:32:b7:d7:6b:15:98:1c:94:93:36:7a:a8:52:
aa:6e:d7:1d:14:e8:4e:47:6b:8b:bf:31:0d:4e:ee:
3d:95:fb:53:c8:94:96:2d:11:b9:4b:ad:e8:a3:25:
fc:e7:54:2d:e4:e0:22:64:a8:9a:24:7e:a3:47:94:
94:c6:1c:a3:b0:3c:6b:2a:79:a5:3c:78:ce:b2:8f:
9f:3c:fe:86:23:6c:cb:4a:f3:fc:f6:39:ca:2c:3a:
de:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:EA:78:99:BE:52:01:0A:C8:CF:23:1F:98:52:D3:A8:37:9F:9B:C7
X509v3 Authority Key Identifier:
keyid:53:CB:D1:47:70:44:A0:34:04:C7:FC:43:96:1C:2C:83:BB:A7:5B:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U8vRR3BEoDQEx_xDlhwsg7unW7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/dce44a-4a90-43ea-b1fb-a2d116560aca/1/OOp4mb5SAQrIzyMfmFLTqDefm8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/dce44a-4a90-43ea-b1fb-a2d116560aca/1/U8vRR3BEoDQEx_xDlhwsg7unW7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.24.0/24
193.254.222.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:cc:f1:75:90:df:bc:3a:21:27:4f:65:66:fa:29:e8:9a:66:
6f:b1:07:0b:4a:3f:15:4a:9a:ba:89:a6:33:84:19:19:73:82:
58:14:3a:de:56:c3:1d:2a:ed:03:d1:8e:91:8c:9b:d6:b6:24:
21:8b:13:1a:c5:6d:31:3f:dc:86:e4:f2:c1:a6:51:5d:53:57:
e7:b4:1a:0b:39:24:6b:c0:17:10:7d:b6:07:4b:63:3b:ee:71:
f1:0c:f6:a4:d9:bb:e9:85:63:57:c4:6c:76:9c:b7:10:8e:da:
1c:42:ff:f6:ae:09:5a:ad:c6:6c:26:74:ca:10:54:ee:bb:55:
97:93:e5:66:0a:2b:13:d8:5d:55:b7:f5:ed:c7:55:0c:d5:b5:
d2:85:fb:ea:d6:71:b9:c8:c4:b8:d9:b5:42:59:57:66:1e:54:
f5:ec:9d:2a:a5:4b:e0:11:8d:d9:64:0b:0a:d7:a5:67:1f:82:
93:96:7f:18:89:2c:fc:a0:23:98:af:42:29:6b:09:60:d3:6c:
87:00:45:50:5b:e7:fc:7a:63:cb:db:86:8e:65:87:69:98:70:
e2:7a:b8:26:d4:d7:0f:b5:ff:42:cf:16:cd:62:2f:fb:66:d5:
18:cb:f5:15:7b:7a:99:bc:b2:6e:a5:15:23:b1:c7:d2:99:e3:
f4:9e:d7:96
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsZdUKuLU3JdFp2YeOKnK7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzY2JkMTQ3NzA0NGEwMzQwNGM3ZmM0Mzk2MWMyYzgzYmJh
NzViYmMwHhcNMjMwMTAxMDgxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGVhNzg5OWJlNTIwMTBhYzhjZjIzMWY5ODUyZDNhODM3OWY5YmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXYaf7GaH7auaccACCzKXl87MNYn
F01knPXBkNnt9kHPkCmPvLJJ+yDUM2h7NcHKDDbMC51cPt2EHtsChYgoBHhEBpaF
O/abvPcCQzj4HokBeb5F9cycKcV9j4DuwHdTyqnZD9C9lludMIqoXG2LxkR1aE4k
KeAApo/SHyF3RU5Fk24JqfvJk1/oeyfKOAtajR9j1quPfVI1fvu6JZrhc4eCs7oU
XzK312sVmByUkzZ6qFKqbtcdFOhOR2uLvzENTu49lftTyJSWLRG5S63ooyX851Qt
5OAiZKiaJH6jR5SUxhyjsDxrKnmlPHjOso+fPP6GI2zLSvP89jnKLDreUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDjqeJm+UgEKyM8jH5hS06g3n5vHMB8GA1UdIwQY
MBaAFFPL0UdwRKA0BMf8Q5YcLIO7p1u8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTh2UlIzQkVvRFFFeF94RGxod3NnN3VuVzd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kY2U0NGEtNGE5MC00M2VhLWIxZmIt
YTJkMTE2NTYwYWNhLzEvT09wNG1iNVNBUXJJenlNZm1GTFRxRGVmbThjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kY2U0NGEtNGE5MC00M2VhLWIxZmItYTJkMTE2NTYwYWNh
LzEvVTh2UlIzQkVvRFFFeF94RGxod3NnN3VuVzd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9MYAwQB
wf7eMA0GCSqGSIb3DQEBCwUAA4IBAQBNzPF1kN+8OiEnT2Vm+inommZvsQcLSj8V
Spq6iaYzhBkZc4JYFDreVsMdKu0D0Y6RjJvWtiQhixMaxW0xP9yG5PLBplFdU1fn
tBoLOSRrwBcQfbYHS2M77nHxDPak2bvphWNXxGx2nLcQjtocQv/2rglarcZsJnTK
EFTuu1WXk+VmCisT2F1Vt/Xtx1UM1bXShfvq1nG5yMS42bVCWVdmHlT17J0qpUvg
EY3ZZAsK16VnH4KTln8YiSz8oCOYr0Ipawlg02yHAEVQW+f8emPL24aOZYdpmHDi
ergm1NcPtf9CzxbNYi/7ZtUYy/UVe3qZvLJupRUjscfSmeP0nteW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:50 2024 by rpki-client on console-fra.rpki-client.org