Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/433edf-aaf8-4669-877c-e3781d8fe74c/1/oW0WtOY2Mfn41czWS0wYhTgkcJg.roa
File: oW0WtOY2Mfn41czWS0wYhTgkcJg.roa (raw, json)
Hash identifier: yqWNZwbUXy8JADNv0LixMYwMFHwemFUZJyanhpy3D/A=
Subject key identifier: A1:6D:16:B4:E6:36:31:F9:F8:D5:CC:D6:4B:4C:18:85:38:24:70:98
Certificate issuer: /CN=6135c1f7b7140c872e7f3ff3462b4edc631d7674
Certificate serial: 01856FCBABECA2C02BD746DDD2A267BF60C8
Authority key identifier: 61:35:C1:F7:B7:14:0C:87:2E:7F:3F:F3:46:2B:4E:DC:63:1D:76:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YTXB97cUDIcufz_zRitO3GMddnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/433edf-aaf8-4669-877c-e3781d8fe74c/1/oW0WtOY2Mfn41czWS0wYhTgkcJg.roa
Signing time: Mon 02 Jan 2023 00:04:56 +0000
ROA not before: Mon 02 Jan 2023 00:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 194.147.148.0/24 maxlen: 24
194.147.149.0/24 maxlen: 24
194.147.115.0/24 maxlen: 24
2a0f:4240::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:31:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:ab:ec:a2:c0:2b:d7:46:dd:d2:a2:67:bf:60:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6135c1f7b7140c872e7f3ff3462b4edc631d7674
Validity
Not Before: Jan 2 00:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a16d16b4e63631f9f8d5ccd64b4c188538247098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:9d:6b:9d:8a:e0:2d:9b:1c:ca:1c:e3:88:3c:
8c:99:73:40:31:6b:f9:2a:a5:e6:93:d3:30:71:b3:
d9:de:89:36:a9:c4:dc:fd:6f:51:09:6d:e9:04:b6:
8e:d9:c9:a4:4c:65:3d:b0:2e:cb:70:6e:bc:6a:fc:
8e:e9:ee:0a:a3:e5:45:69:0a:91:79:3d:51:32:e2:
3d:0a:5d:fe:7f:61:dd:50:8a:dc:ec:da:36:38:99:
fa:86:f0:e6:23:96:50:81:f0:fb:31:23:8d:32:83:
00:15:e3:ef:5c:1d:4f:76:11:98:48:6b:ed:81:4e:
04:28:42:46:0c:e9:c6:8b:59:80:d2:24:13:d2:26:
8a:ca:ef:b4:a0:46:41:83:c4:2e:a5:b7:1a:f1:1f:
4a:08:b6:96:a1:59:bb:67:11:22:89:db:7c:ce:d6:
a3:83:88:23:36:d2:45:2c:5b:4f:e7:6c:74:ac:2f:
53:bd:9e:55:a7:79:72:38:0e:0c:6a:93:e9:31:cb:
81:48:02:6f:c4:39:bd:f4:07:87:91:f8:a7:bb:56:
25:68:05:41:24:cc:63:f5:84:17:77:62:00:42:3c:
f3:a8:34:38:d3:8b:66:03:84:35:7a:61:a9:43:95:
73:51:4f:6e:ca:ef:29:ea:8c:54:bd:b9:fe:54:3e:
87:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:6D:16:B4:E6:36:31:F9:F8:D5:CC:D6:4B:4C:18:85:38:24:70:98
X509v3 Authority Key Identifier:
keyid:61:35:C1:F7:B7:14:0C:87:2E:7F:3F:F3:46:2B:4E:DC:63:1D:76:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YTXB97cUDIcufz_zRitO3GMddnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/433edf-aaf8-4669-877c-e3781d8fe74c/1/oW0WtOY2Mfn41czWS0wYhTgkcJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/433edf-aaf8-4669-877c-e3781d8fe74c/1/YTXB97cUDIcufz_zRitO3GMddnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.115.0/24
194.147.148.0/23
IPv6:
2a0f:4240::/29
Signature Algorithm: sha256WithRSAEncryption
1f:d9:bf:aa:8a:af:e3:ea:72:ae:df:01:88:17:30:2f:e4:75:
e2:a9:8d:67:cd:b8:5d:4f:87:03:b5:bc:0b:2b:aa:be:55:7f:
4d:6a:be:2e:d7:24:2c:f4:39:ab:db:09:3d:37:6c:e4:55:8d:
78:33:8e:f3:48:f3:33:a7:5a:38:fd:f1:67:40:47:52:b4:f6:
41:f0:fd:7d:89:ce:de:c2:5a:cb:9d:95:89:61:1f:62:f2:52:
4e:c1:ac:e2:d8:28:8a:08:d3:da:30:3e:94:d5:ae:12:f3:0e:
8a:62:06:2e:fc:3e:81:19:98:c2:e1:44:5c:6d:56:23:bf:e1:
a3:fb:59:cb:ff:82:34:68:b0:82:fe:cf:df:78:8f:4e:31:36:
79:06:92:ca:5c:6a:6c:cd:e2:0e:b7:37:de:67:90:53:d7:31:
9d:f9:f9:d0:94:39:4d:10:31:80:18:bd:66:04:75:07:6d:14:
37:f9:60:d8:08:c0:03:ec:34:00:28:6b:f6:d9:53:e9:0c:01:
ec:b9:7b:20:c0:b9:de:f9:1e:87:95:37:9b:b1:4d:c0:54:78:
f5:c4:0d:78:5d:3e:8c:1a:44:41:64:78:f1:49:d1:b3:cb:a4:
99:5e:74:c2:fe:45:fb:37:b3:cf:02:03:23:db:57:4a:af:b0:
c9:d4:c7:a0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvy6vsosAr10bd0qJnv2DIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMzVjMWY3YjcxNDBjODcyZTdmM2ZmMzQ2MmI0ZWRjNjMx
ZDc2NzQwHhcNMjMwMTAyMDAwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTZkMTZiNGU2MzYzMWY5ZjhkNWNjZDY0YjRjMTg4NTM4MjQ3MDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAip1rnYrgLZscyhzjiDyMmXNAMWv5
KqXmk9MwcbPZ3ok2qcTc/W9RCW3pBLaO2cmkTGU9sC7LcG68avyO6e4Ko+VFaQqR
eT1RMuI9Cl3+f2HdUIrc7No2OJn6hvDmI5ZQgfD7MSONMoMAFePvXB1PdhGYSGvt
gU4EKEJGDOnGi1mA0iQT0iaKyu+0oEZBg8Qupbca8R9KCLaWoVm7ZxEiidt8ztaj
g4gjNtJFLFtP52x0rC9TvZ5Vp3lyOA4MapPpMcuBSAJvxDm99AeHkfinu1YlaAVB
JMxj9YQXd2IAQjzzqDQ404tmA4Q1emGpQ5VzUU9uyu8p6oxUvbn+VD6HOQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKFtFrTmNjH5+NXM1ktMGIU4JHCYMB8GA1UdIwQY
MBaAFGE1wfe3FAyHLn8/80YrTtxjHXZ0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVRYQjk3Y1VESWN1ZnpfelJpdE8zR01kZG5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS80MzNlZGYtYWFmOC00NjY5LTg3N2Mt
ZTM3ODFkOGZlNzRjLzEvb1cwV3RPWTJNZm40MWN6V1Mwd1loVGdrY0pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS80MzNlZGYtYWFmOC00NjY5LTg3N2MtZTM3ODFkOGZlNzRj
LzEvWVRYQjk3Y1VESWN1ZnpfelJpdE8zR01kZG5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwpNzAwQB
wpOUMA0EAgACMAcDBQMqD0JAMA0GCSqGSIb3DQEBCwUAA4IBAQAf2b+qiq/j6nKu
3wGIFzAv5HXiqY1nzbhdT4cDtbwLK6q+VX9Nar4u1yQs9Dmr2wk9N2zkVY14M47z
SPMzp1o4/fFnQEdStPZB8P19ic7ewlrLnZWJYR9i8lJOwazi2CiKCNPaMD6U1a4S
8w6KYgYu/D6BGZjC4URcbVYjv+Gj+1nL/4I0aLCC/s/feI9OMTZ5BpLKXGpszeIO
tzfeZ5BT1zGd+fnQlDlNEDGAGL1mBHUHbRQ3+WDYCMAD7DQAKGv22VPpDAHsuXsg
wLne+R6HlTebsU3AVHj1xA14XT6MGkRBZHjxSdGzy6SZXnTC/kX7N7PPAgMj21dK
r7DJ1Meg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:34 2024 by rpki-client on console-fra.rpki-client.org