Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OucXuQWt6ndjZZmXBVux0C0Lf-k.roa
File: OucXuQWt6ndjZZmXBVux0C0Lf-k.roa (raw, json)
Hash identifier: +yV4omXmwte5WNI2GV4p+kpAuy5DbIiXH9ALjOuleN8=
Subject key identifier: 3A:E7:17:B9:05:AD:EA:77:63:65:99:97:05:5B:B1:D0:2D:0B:7F:E9
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0188C2BA87D65FF978D7B378F71457EF50DF
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OucXuQWt6ndjZZmXBVux0C0Lf-k.roa
Signing time: Fri 16 Jun 2023 05:43:04 +0000
ROA not before: Fri 16 Jun 2023 05:43:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202685
IP address blocks: 2.58.95.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
31.13.211.0/24 maxlen: 24
45.128.232.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c2:ba:87:d6:5f:f9:78:d7:b3:78:f7:14:57:ef:50:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 16 05:43:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ae717b905adea7763659997055bb1d02d0b7fe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:88:d2:cd:d0:3b:ef:3b:28:4e:dc:33:0e:0e:
f4:ce:42:5e:91:41:2f:be:8c:0b:63:4b:35:d6:1b:
26:18:4c:85:1a:f8:bc:cd:b6:0f:8e:8d:89:e6:9a:
88:de:22:3e:30:dd:55:64:55:e4:d6:2b:0d:c6:44:
f0:a2:4d:57:4e:03:06:b6:68:4a:8e:67:9e:0f:a9:
69:e9:d7:b6:6b:3c:40:ea:c1:60:b9:41:62:1e:85:
b4:59:a1:22:62:fe:d6:c9:69:1f:c5:b5:c5:c6:bd:
3f:e6:c7:7d:9a:c0:d9:23:f2:81:0e:16:ab:45:a0:
3c:f8:46:b8:cd:04:b7:7c:a7:07:20:41:7f:36:dc:
87:bc:4f:87:6d:be:58:4a:a9:39:52:15:93:d6:6f:
af:4b:bb:e7:fe:d5:03:3b:dd:7c:52:8b:a3:cf:3b:
bd:78:79:1c:43:1d:31:3e:7b:65:10:f6:14:1b:0e:
6c:2d:e9:0d:78:d9:22:19:1a:26:bd:bd:68:4b:1c:
c2:a5:83:ad:ed:fa:66:fd:89:7b:58:d6:2a:67:25:
df:d3:b1:6b:cf:84:20:85:3b:e1:1c:6a:ec:43:68:
c2:4f:0c:71:18:04:11:d8:e6:84:6e:cb:64:bb:7b:
2e:a0:e6:85:5e:16:40:85:87:6f:0a:7e:bf:bb:e3:
7f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:E7:17:B9:05:AD:EA:77:63:65:99:97:05:5B:B1:D0:2D:0B:7F:E9
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OucXuQWt6ndjZZmXBVux0C0Lf-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.95.0/24
31.13.211.0/24
45.128.232.0/24
84.54.51.0/24
193.35.18.0/24
Signature Algorithm: sha256WithRSAEncryption
44:e4:bf:a7:11:08:38:05:d3:28:73:30:13:ba:e0:e5:c8:0b:
44:e7:21:90:f0:eb:32:70:3b:95:e8:6a:f9:c7:31:86:be:cb:
db:17:37:56:19:64:4e:79:13:64:06:3d:f9:f7:8d:a4:b8:b7:
50:50:dc:ca:85:fb:1b:f0:80:b4:29:39:77:9b:26:69:bd:fb:
2b:16:7e:f9:41:82:85:a1:4a:52:ec:1f:70:22:34:19:1e:de:
94:d1:de:23:f1:c2:bc:9c:03:7a:e2:ff:75:e2:df:69:92:ea:
3b:ed:d0:d7:e6:9d:52:26:6d:19:1d:e6:49:8e:f8:01:16:85:
8f:d9:ae:29:47:08:d3:b3:cd:ed:bb:c0:02:a8:0f:5b:b5:62:
f1:dc:f7:05:c7:de:42:da:89:8e:87:b2:26:0e:cd:59:b1:a7:
ed:59:d0:4f:06:91:c5:cf:d4:8b:07:d5:2b:bf:86:97:9a:d0:
ff:19:85:50:25:43:96:d6:d1:cd:cb:b9:b0:b6:7e:95:b5:a3:
76:04:79:2a:26:17:30:9a:9f:9d:ce:d9:31:5f:2b:d2:d3:22:
6f:07:41:74:c3:a0:9c:ce:fd:e9:68:ab:30:71:06:41:f1:78:
57:13:42:d8:cd:d6:0b:b5:59:41:90:ee:54:15:11:dc:9d:9b:
1d:e8:7d:7e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYjCuofWX/l417N49xRX71DfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNjE2MDU0MzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWU3MTdiOTA1YWRlYTc3NjM2NTk5OTcwNTViYjFkMDJkMGI3ZmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4jSzdA77zsoTtwzDg70zkJekUEv
vowLY0s11hsmGEyFGvi8zbYPjo2J5pqI3iI+MN1VZFXk1isNxkTwok1XTgMGtmhK
jmeeD6lp6de2azxA6sFguUFiHoW0WaEiYv7WyWkfxbXFxr0/5sd9msDZI/KBDhar
RaA8+Ea4zQS3fKcHIEF/NtyHvE+Hbb5YSqk5UhWT1m+vS7vn/tUDO918Uoujzzu9
eHkcQx0xPntlEPYUGw5sLekNeNkiGRomvb1oSxzCpYOt7fpm/Yl7WNYqZyXf07Fr
z4QghTvhHGrsQ2jCTwxxGAQR2OaEbstku3suoOaFXhZAhYdvCn6/u+N/vQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDrnF7kFrep3Y2WZlwVbsdAtC3/pMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvT3VjWHVRV3Q2bmRqWlptWEJWdXgwQzBMZi1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjpfAwQA
Hw3TAwQALYDoAwQAVDYzAwQAwSMSMA0GCSqGSIb3DQEBCwUAA4IBAQBE5L+nEQg4
BdMoczATuuDlyAtE5yGQ8OsycDuV6Gr5xzGGvsvbFzdWGWROeRNkBj35942kuLdQ
UNzKhfsb8IC0KTl3myZpvfsrFn75QYKFoUpS7B9wIjQZHt6U0d4j8cK8nAN64v91
4t9pkuo77dDX5p1SJm0ZHeZJjvgBFoWP2a4pRwjTs83tu8ACqA9btWLx3PcFx95C
2omOh7ImDs1ZsaftWdBPBpHFz9SLB9Urv4aXmtD/GYVQJUOW1tHNy7mwtn6VtaN2
BHkqJhcwmp+dztkxXyvS0yJvB0F0w6Cczv3paKswcQZB8XhXE0LYzdYLtVlBkO5U
FRHcnZsd6H1+
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:36 2023 by rpki-client on console-ams.rpki-client.org