Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/d61b54-ee9f-4e00-b1e3-f7d027560058/1/RUohi_frPsyLMlzB0-7xRKh4rx4.roa
File: RUohi_frPsyLMlzB0-7xRKh4rx4.roa (raw, json)
Hash identifier: zBxx4C9r1BZMuCwGNzjazb0oMlapoWaRTnSg7DSVBLc=
Subject key identifier: 45:4A:21:8B:F7:EB:3E:CC:8B:32:5C:C1:D3:EE:F1:44:A8:78:AF:1E
Certificate issuer: /CN=77cc46ade957c8f066a5c6fe25310a4cf5a7e9d4
Certificate serial: 018572DECEEF5570720B99AB58A58E74B7EB
Authority key identifier: 77:CC:46:AD:E9:57:C8:F0:66:A5:C6:FE:25:31:0A:4C:F5:A7:E9:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d8xGrelXyPBmpcb-JTEKTPWn6dQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/d61b54-ee9f-4e00-b1e3-f7d027560058/1/RUohi_frPsyLMlzB0-7xRKh4rx4.roa
Signing time: Mon 02 Jan 2023 14:24:42 +0000
ROA not before: Mon 02 Jan 2023 14:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 193.138.90.0/24 maxlen: 24
193.110.146.0/24 maxlen: 24
194.165.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:de:ce:ef:55:70:72:0b:99:ab:58:a5:8e:74:b7:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77cc46ade957c8f066a5c6fe25310a4cf5a7e9d4
Validity
Not Before: Jan 2 14:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=454a218bf7eb3ecc8b325cc1d3eef144a878af1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ad:6d:c0:c0:95:8d:8a:9c:ac:2c:a2:5c:d1:
87:06:93:da:85:09:88:95:4d:e3:cb:c7:8e:b5:aa:
0d:d7:a4:e9:72:ed:f0:d8:ab:9b:22:0a:65:4d:b2:
df:64:de:ec:45:3a:4f:07:43:cf:d1:15:67:c0:cf:
ea:d6:78:42:53:d0:0d:33:e7:2d:c9:7b:67:ab:ba:
fa:d5:78:de:5f:4a:95:17:d2:c2:b8:2e:fc:b9:68:
b1:6d:b3:0b:84:a0:44:36:39:15:71:07:bb:0c:ca:
3c:e9:c6:b1:b8:5a:0d:f3:9f:b6:ba:e7:7f:95:11:
5e:25:40:08:e6:fb:9c:d9:dc:a0:cb:41:2f:dc:ab:
3a:2d:86:50:90:f3:3a:2f:26:9e:c0:d3:0c:32:30:
61:37:cd:f3:6f:a0:09:80:c5:b1:56:5c:8f:2d:4e:
30:59:f6:4b:27:ea:7b:e0:48:cd:1f:65:12:f8:d2:
08:ab:8e:1a:b7:e8:c0:82:6f:c2:d3:21:95:dd:c2:
e9:14:89:2c:30:27:3d:a5:82:fb:25:58:de:54:11:
d9:b3:26:d8:17:35:0c:3d:d4:4e:8a:eb:bb:19:d5:
b0:db:bf:07:08:da:4e:25:69:5c:c3:23:c1:6b:b3:
16:15:b9:b4:c3:23:48:b9:2f:33:e7:4c:ed:50:68:
b2:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:4A:21:8B:F7:EB:3E:CC:8B:32:5C:C1:D3:EE:F1:44:A8:78:AF:1E
X509v3 Authority Key Identifier:
keyid:77:CC:46:AD:E9:57:C8:F0:66:A5:C6:FE:25:31:0A:4C:F5:A7:E9:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8xGrelXyPBmpcb-JTEKTPWn6dQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d61b54-ee9f-4e00-b1e3-f7d027560058/1/RUohi_frPsyLMlzB0-7xRKh4rx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d61b54-ee9f-4e00-b1e3-f7d027560058/1/d8xGrelXyPBmpcb-JTEKTPWn6dQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.110.146.0/24
193.138.90.0/24
194.165.43.0/24
Signature Algorithm: sha256WithRSAEncryption
02:1a:9c:fe:ad:98:32:b2:30:a7:18:ca:2d:74:3c:d4:d7:50:
43:91:74:c5:4f:22:31:06:d4:86:0f:f4:cd:2e:ca:54:70:85:
e7:3f:37:26:3d:c1:98:a8:7c:22:92:2d:c2:a2:2d:7a:a2:dc:
10:89:42:68:33:37:01:78:1e:9d:27:9a:28:37:f6:7c:a0:5d:
70:6a:b7:25:b1:0f:3c:c0:cb:2e:bf:a3:52:fb:82:96:17:bc:
0b:ac:71:48:1c:70:72:2c:74:3c:b5:d5:c2:ab:ab:56:93:93:
16:29:6a:29:5b:7b:3d:6a:c1:f5:f4:d4:3a:d4:3a:25:aa:76:
60:79:cc:81:9e:ed:69:9b:53:77:ab:50:5d:2c:04:d4:19:a8:
e5:b4:93:57:4c:2c:2f:bd:0f:1e:79:3e:ed:9c:1b:34:f0:62:
a6:40:82:19:f9:46:38:de:49:53:72:25:9e:a8:a7:f9:15:1a:
fd:fb:95:a0:87:9a:50:84:71:a0:b5:3d:c0:59:84:1d:b5:60:
de:c5:0d:03:01:54:39:ea:28:20:bf:5c:89:de:3c:43:04:6e:
08:1c:94:46:ca:2e:ac:ab:ba:55:06:94:12:8c:56:cd:3f:d2:
b6:e7:f4:4b:c4:89:c2:ba:1c:2f:26:fd:ea:07:92:81:70:d9:
ef:42:dc:c6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVy3s7vVXByC5mrWKWOdLfrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3Y2M0NmFkZTk1N2M4ZjA2NmE1YzZmZTI1MzEwYTRjZjVh
N2U5ZDQwHhcNMjMwMTAyMTQyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTRhMjE4YmY3ZWIzZWNjOGIzMjVjYzFkM2VlZjE0NGE4NzhhZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi61twMCVjYqcrCyiXNGHBpPahQmI
lU3jy8eOtaoN16Tpcu3w2KubIgplTbLfZN7sRTpPB0PP0RVnwM/q1nhCU9ANM+ct
yXtnq7r61XjeX0qVF9LCuC78uWixbbMLhKBENjkVcQe7DMo86caxuFoN85+2uud/
lRFeJUAI5vuc2dygy0Ev3Ks6LYZQkPM6LyaewNMMMjBhN83zb6AJgMWxVlyPLU4w
WfZLJ+p74EjNH2US+NIIq44at+jAgm/C0yGV3cLpFIksMCc9pYL7JVjeVBHZsybY
FzUMPdROiuu7GdWw278HCNpOJWlcwyPBa7MWFbm0wyNIuS8z50ztUGiy8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEVKIYv36z7MizJcwdPu8USoeK8eMB8GA1UdIwQY
MBaAFHfMRq3pV8jwZqXG/iUxCkz1p+nUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDh4R3JlbFh5UEJtcGNiLUpURUtUUFduNmRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9kNjFiNTQtZWU5Zi00ZTAwLWIxZTMt
ZjdkMDI3NTYwMDU4LzEvUlVvaGlfZnJQc3lMTWx6QjAtN3hSS2g0cng0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9kNjFiNTQtZWU5Zi00ZTAwLWIxZTMtZjdkMDI3NTYwMDU4
LzEvZDh4R3JlbFh5UEJtcGNiLUpURUtUUFduNmRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwW6SAwQA
wYpaAwQAwqUrMA0GCSqGSIb3DQEBCwUAA4IBAQACGpz+rZgysjCnGMotdDzU11BD
kXTFTyIxBtSGD/TNLspUcIXnPzcmPcGYqHwiki3Coi16otwQiUJoMzcBeB6dJ5oo
N/Z8oF1warclsQ88wMsuv6NS+4KWF7wLrHFIHHByLHQ8tdXCq6tWk5MWKWopW3s9
asH19NQ61DolqnZgecyBnu1pm1N3q1BdLATUGajltJNXTCwvvQ8eeT7tnBs08GKm
QIIZ+UY43klTciWeqKf5FRr9+5Wgh5pQhHGgtT3AWYQdtWDexQ0DAVQ56iggv1yJ
3jxDBG4IHJRGyi6sq7pVBpQSjFbNP9K25/RLxInCuhwvJv3qB5KBcNnvQtzG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:39 2024 by rpki-client on console-fra.rpki-client.org