Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/065dba-eef9-480d-a880-9175c8408e5e/1/oeBFA6ff-7CkUaAbzHGA1_vxB6A.roa
File: oeBFA6ff-7CkUaAbzHGA1_vxB6A.roa (raw, json)
Hash identifier: 6wPHO4CKkQ3qCX/ENpO4xoQO3ZZWcb66+n/AYHu6utM=
Subject key identifier: A1:E0:45:03:A7:DF:FB:B0:A4:51:A0:1B:CC:71:80:D7:FB:F1:07:A0
Certificate issuer: /CN=7059e03a08e17416f66546307988349991b84a2e
Certificate serial: 018CC56EC1EDD47C4DF9A6CD32CDF315A9A9
Authority key identifier: 70:59:E0:3A:08:E1:74:16:F6:65:46:30:79:88:34:99:91:B8:4A:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFngOgjhdBb2ZUYweYg0mZG4Si4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/065dba-eef9-480d-a880-9175c8408e5e/1/oeBFA6ff-7CkUaAbzHGA1_vxB6A.roa
Signing time: Mon 01 Jan 2024 14:30:19 +0000
ROA not before: Mon 01 Jan 2024 14:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42605
IP address blocks: 83.136.72.0/21 maxlen: 24
185.111.192.0/22 maxlen: 24
2a02:b28::/32 maxlen: 32
2a02:b28::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:c1:ed:d4:7c:4d:f9:a6:cd:32:cd:f3:15:a9:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7059e03a08e17416f66546307988349991b84a2e
Validity
Not Before: Jan 1 14:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1e04503a7dffbb0a451a01bcc7180d7fbf107a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e0:51:b8:f5:31:65:ad:ce:71:30:03:6c:3b:
13:35:8c:81:b5:9c:04:2f:99:a2:17:51:a7:d5:a6:
2c:fe:45:fd:0d:36:20:e1:5a:b2:05:7a:d3:43:f4:
96:94:b8:c2:b0:3d:e3:14:d7:5c:50:86:1f:79:d3:
99:8c:55:a1:f3:72:8a:86:e7:41:d7:89:dd:3a:03:
46:83:fb:60:9d:63:21:fe:24:fe:92:16:65:d4:ff:
d6:db:6c:cd:fe:9c:3a:44:68:a0:4d:d7:c2:13:f4:
d7:e0:19:e9:cb:81:2f:9b:94:0b:80:d8:a8:c4:35:
e7:34:da:23:01:dd:7a:85:68:b8:8b:bb:a4:8b:c5:
3e:39:e1:a3:d4:09:12:7b:f0:81:24:96:0f:d7:bf:
15:c3:ba:ae:7e:02:78:10:fd:03:dc:db:32:14:9d:
c7:d7:60:02:6b:32:08:ef:b0:86:76:50:f3:25:59:
ca:15:83:4f:4a:b1:6b:6b:98:2f:b3:ee:81:0c:b9:
d5:6c:51:19:a6:88:4c:56:81:be:d8:20:c7:d0:5e:
c8:5b:ca:85:85:e1:06:20:cd:fc:d1:0d:67:32:70:
d2:9f:d5:46:fe:ea:eb:1f:93:8b:23:89:57:5f:f2:
57:39:81:fc:44:d6:2a:90:7e:60:3e:ff:b1:ec:76:
63:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:E0:45:03:A7:DF:FB:B0:A4:51:A0:1B:CC:71:80:D7:FB:F1:07:A0
X509v3 Authority Key Identifier:
keyid:70:59:E0:3A:08:E1:74:16:F6:65:46:30:79:88:34:99:91:B8:4A:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFngOgjhdBb2ZUYweYg0mZG4Si4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/065dba-eef9-480d-a880-9175c8408e5e/1/oeBFA6ff-7CkUaAbzHGA1_vxB6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/065dba-eef9-480d-a880-9175c8408e5e/1/cFngOgjhdBb2ZUYweYg0mZG4Si4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.72.0/21
185.111.192.0/22
IPv6:
2a02:b28::/29
Signature Algorithm: sha256WithRSAEncryption
4a:10:13:bb:d7:7d:b6:8f:ce:ad:bc:0d:0e:7b:66:36:db:73:
63:00:67:1e:eb:01:a4:1c:17:67:5a:66:68:ad:7d:70:27:d0:
50:e7:86:a7:34:01:41:b9:66:40:b3:06:ed:de:e5:e8:32:16:
28:9d:e3:f8:a1:da:94:26:7a:c8:62:e5:a5:85:bb:d6:b8:8d:
09:8d:ba:b8:99:32:3f:96:94:52:f0:0a:d1:40:04:a4:27:78:
3e:7d:7c:a0:6c:b8:19:1c:3e:33:87:4d:84:02:81:12:42:43:
1f:21:fa:0c:dd:d6:1c:38:21:79:15:93:06:8a:62:cf:d0:25:
ca:f4:05:1d:e4:52:44:a9:a1:de:2e:06:08:f1:c4:bb:36:6b:
e9:9a:d7:d5:a2:5f:cc:ef:0f:ce:f5:67:3a:21:32:35:8d:95:
6b:b4:13:ea:68:e4:03:2d:9a:34:92:cb:8d:10:9c:7a:cd:d1:
cb:57:5e:52:80:c0:a7:cf:60:11:f3:07:1c:98:fc:9a:d6:7a:
9a:bb:9f:3e:94:51:81:48:1a:f4:cc:9c:64:91:7d:b3:f7:fc:
1c:5a:19:bd:9f:25:4e:de:ac:29:51:01:05:f3:44:e9:72:d2:
5a:d1:2a:55:e9:a8:22:36:97:ad:36:74:0c:21:d5:3d:3a:52:
54:9e:90:7e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFbsHt1HxN+abNMs3zFampMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNTllMDNhMDhlMTc0MTZmNjY1NDYzMDc5ODgzNDk5OTFi
ODRhMmUwHhcNMjQwMTAxMTQzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWUwNDUwM2E3ZGZmYmIwYTQ1MWEwMWJjYzcxODBkN2ZiZjEwN2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzuBRuPUxZa3OcTADbDsTNYyBtZwE
L5miF1Gn1aYs/kX9DTYg4VqyBXrTQ/SWlLjCsD3jFNdcUIYfedOZjFWh83KKhudB
14ndOgNGg/tgnWMh/iT+khZl1P/W22zN/pw6RGigTdfCE/TX4Bnpy4Evm5QLgNio
xDXnNNojAd16hWi4i7uki8U+OeGj1AkSe/CBJJYP178Vw7qufgJ4EP0D3NsyFJ3H
12ACazII77CGdlDzJVnKFYNPSrFra5gvs+6BDLnVbFEZpohMVoG+2CDH0F7IW8qF
heEGIM380Q1nMnDSn9VG/urrH5OLI4lXX/JXOYH8RNYqkH5gPv+x7HZj5wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKHgRQOn3/uwpFGgG8xxgNf78QegMB8GA1UdIwQY
MBaAFHBZ4DoI4XQW9mVGMHmINJmRuEouMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0ZuZ09namhkQmIyWlVZd2VZZzBtWkc0U2k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8wNjVkYmEtZWVmOS00ODBkLWE4ODAt
OTE3NWM4NDA4ZTVlLzEvb2VCRkE2ZmYtN0NrVWFBYnpIR0ExX3Z4QjZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8wNjVkYmEtZWVmOS00ODBkLWE4ODAtOTE3NWM4NDA4ZTVl
LzEvY0ZuZ09namhkQmIyWlVZd2VZZzBtWkc0U2k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDU4hIAwQC
uW/AMA0EAgACMAcDBQMqAgsoMA0GCSqGSIb3DQEBCwUAA4IBAQBKEBO71322j86t
vA0Oe2Y223NjAGce6wGkHBdnWmZorX1wJ9BQ54anNAFBuWZAswbt3uXoMhYoneP4
odqUJnrIYuWlhbvWuI0Jjbq4mTI/lpRS8ArRQASkJ3g+fXygbLgZHD4zh02EAoES
QkMfIfoM3dYcOCF5FZMGimLP0CXK9AUd5FJEqaHeLgYI8cS7NmvpmtfVol/M7w/O
9Wc6ITI1jZVrtBPqaOQDLZo0ksuNEJx6zdHLV15SgMCnz2AR8wccmPya1nqau58+
lFGBSBr0zJxkkX2z9/wcWhm9nyVO3qwpUQEF80TpctJa0SpV6agiNpetNnQMIdU9
OlJUnpB+
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:50 2025 by rpki-client