Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oHU7nJGC_LaakQyCPcVXmYqNdc8.roa
File: oHU7nJGC_LaakQyCPcVXmYqNdc8.roa (raw, json)
Hash identifier: jT6VhxOCZ/GY40W/r8Pe31Z8XuQTC9cs5sAsg9+y2Aw=
Subject key identifier: A0:75:3B:9C:91:82:FC:B6:9A:91:0C:82:3D:C5:57:99:8A:8D:75:CF
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01883C9E913B36B2AB028455C21B25F27027
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oHU7nJGC_LaakQyCPcVXmYqNdc8.roa
Signing time: Sun 21 May 2023 04:43:24 +0000
ROA not before: Sun 21 May 2023 04:43:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1
IP address blocks: 81.161.231.0/24 maxlen: 24
164.40.185.0/24 maxlen: 24
185.221.64.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 May 2023 12:24:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:3c:9e:91:3b:36:b2:ab:02:84:55:c2:1b:25:f2:70:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 21 04:43:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0753b9c9182fcb69a910c823dc557998a8d75cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:1f:2e:1c:49:ee:0b:7c:8c:ce:8c:eb:9b:e8:
e0:4a:a1:d4:20:5f:0c:ac:e2:d0:b6:b1:1b:de:84:
d8:2b:89:2c:db:b2:63:c8:b5:6d:a7:db:11:09:42:
02:27:d5:ae:a5:37:70:f8:14:d3:93:07:0e:d6:18:
fe:d1:0f:9c:2e:d5:9f:4f:53:2f:dd:67:18:22:51:
ac:fb:ca:e9:44:f7:43:6f:da:9a:88:81:02:a4:20:
4a:22:bd:f1:39:25:be:54:df:7d:c5:d1:4d:f2:69:
61:1f:3f:f0:dd:0e:42:62:0a:26:f2:ae:52:b3:11:
9e:4b:e9:4f:67:35:d4:22:e3:8c:df:91:01:32:7b:
d8:b0:66:1b:1c:58:d9:f5:3b:e4:3c:ad:89:6b:a4:
67:1e:5e:6d:b6:47:e2:dc:20:f9:4d:dd:dd:0e:2b:
6f:76:42:90:af:36:d6:75:43:38:f8:cc:0c:a6:d0:
1d:b8:c6:63:bd:05:5f:d7:14:ac:99:50:b6:28:16:
d5:76:89:41:86:aa:c8:f8:5d:b3:2a:d2:8a:9a:ae:
f1:8e:aa:d5:3a:29:e7:6f:65:a5:ed:99:a6:19:34:
7c:0d:50:c9:50:64:6f:3e:82:7d:47:73:15:f6:21:
13:5b:a0:4a:80:be:67:3a:5a:3d:8e:44:4d:4f:8a:
e4:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:75:3B:9C:91:82:FC:B6:9A:91:0C:82:3D:C5:57:99:8A:8D:75:CF
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oHU7nJGC_LaakQyCPcVXmYqNdc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.231.0/24
164.40.185.0/24
185.221.64.0/24
Signature Algorithm: sha256WithRSAEncryption
13:7a:02:7a:5d:5f:39:67:96:54:7a:6b:68:1c:0d:85:f5:f8:
0b:6a:67:99:54:ee:16:ef:28:03:d0:e5:2a:ee:c4:c0:5d:30:
de:e8:14:32:25:f6:19:26:c9:5b:de:f0:2a:9e:cc:dc:14:6d:
89:76:11:db:a6:15:a6:23:d3:51:9f:c7:54:4a:52:0e:a3:c2:
40:81:b3:04:e9:3d:da:35:00:e5:23:c1:5f:f7:1b:e4:6d:c6:
ca:aa:e6:3f:1a:1a:64:4a:38:6c:e5:ba:be:33:1f:06:1f:61:
57:55:9d:21:49:d5:ba:e2:e8:87:3a:94:16:e3:4b:f7:f2:0f:
25:2e:f0:06:d6:8b:13:17:0a:57:8b:1c:b7:93:2e:42:53:85:
1b:74:e5:ac:32:c7:45:04:55:14:c0:3e:62:7c:df:27:4f:17:
77:d1:61:8c:cd:df:a0:60:f9:c6:39:94:9c:a9:e2:56:e1:78:
29:17:42:2b:46:b2:6d:e9:8b:19:9b:20:90:6d:84:61:ba:bf:
d7:b7:ad:fd:c8:ac:fc:90:8c:bd:d9:51:db:f0:19:ec:6b:be:
06:59:92:d2:26:ce:fe:08:2f:46:58:d3:7a:91:e6:69:d7:ba:
29:d9:c0:ed:a7:ca:7a:f7:ea:ed:b4:e0:09:e8:44:22:df:f0:
f0:af:23:59
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYg8npE7NrKrAoRVwhsl8nAnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTIxMDQ0MzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDc1M2I5YzkxODJmY2I2OWE5MTBjODIzZGM1NTc5OThhOGQ3NWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7R8uHEnuC3yMzozrm+jgSqHUIF8M
rOLQtrEb3oTYK4ks27JjyLVtp9sRCUICJ9WupTdw+BTTkwcO1hj+0Q+cLtWfT1Mv
3WcYIlGs+8rpRPdDb9qaiIECpCBKIr3xOSW+VN99xdFN8mlhHz/w3Q5CYgom8q5S
sxGeS+lPZzXUIuOM35EBMnvYsGYbHFjZ9TvkPK2Ja6RnHl5ttkfi3CD5Td3dDitv
dkKQrzbWdUM4+MwMptAduMZjvQVf1xSsmVC2KBbVdolBhqrI+F2zKtKKmq7xjqrV
Oinnb2Wl7ZmmGTR8DVDJUGRvPoJ9R3MV9iETW6BKgL5nOlo9jkRNT4rkowIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKB1O5yRgvy2mpEMgj3FV5mKjXXPMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvb0hVN25KR0NfTGFha1F5Q1BjVlhtWXFOZGM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUaHnAwQA
pCi5AwQAud1AMA0GCSqGSIb3DQEBCwUAA4IBAQATegJ6XV85Z5ZUemtoHA2F9fgL
ameZVO4W7ygD0OUq7sTAXTDe6BQyJfYZJslb3vAqnszcFG2JdhHbphWmI9NRn8dU
SlIOo8JAgbME6T3aNQDlI8Ff9xvkbcbKquY/GhpkSjhs5bq+Mx8GH2FXVZ0hSdW6
4uiHOpQW40v38g8lLvAG1osTFwpXixy3ky5CU4UbdOWsMsdFBFUUwD5ifN8nTxd3
0WGMzd+gYPnGOZScqeJW4XgpF0IrRrJt6YsZmyCQbYRhur/Xt639yKz8kIy92VHb
8Bnsa74GWZLSJs7+CC9GWNN6keZp17op2cDtp8p69+rttOAJ6EQi3/DwryNZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:43 2024 by rpki-client on console-ams.rpki-client.org