Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/6186da-51d4-4618-95f9-f4a39e18cfb4/1/okJbbA-buWeW2URCKaHYH0odUdc.roa
File: okJbbA-buWeW2URCKaHYH0odUdc.roa (raw, json)
Hash identifier: 5Ed2jqprRS1c8LEk0H6F2wsyN9x5CK2jdwHQTdBODjY=
Subject key identifier: A2:42:5B:6C:0F:9B:B9:67:96:D9:44:42:29:A1:D8:1F:4A:1D:51:D7
Certificate issuer: /CN=a8aba63e806a21d46035ca6e9d345b03dbc8e553
Certificate serial: 018BB0C3657F4EC4041495B034290852D8C0
Authority key identifier: A8:AB:A6:3E:80:6A:21:D4:60:35:CA:6E:9D:34:5B:03:DB:C8:E5:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qKumPoBqIdRgNcpunTRbA9vI5VM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/6186da-51d4-4618-95f9-f4a39e18cfb4/1/okJbbA-buWeW2URCKaHYH0odUdc.roa
Signing time: Wed 08 Nov 2023 21:07:57 +0000
ROA not before: Wed 08 Nov 2023 21:07:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9008
IP address blocks: 80.90.32.0/19 maxlen: 24
109.69.240.0/21 maxlen: 24
195.200.240.0/23 maxlen: 24
185.211.232.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b0:c3:65:7f:4e:c4:04:14:95:b0:34:29:08:52:d8:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8aba63e806a21d46035ca6e9d345b03dbc8e553
Validity
Not Before: Nov 8 21:07:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2425b6c0f9bb96796d9444229a1d81f4a1d51d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f3:f5:e6:47:20:29:b9:9f:cb:9f:9f:cb:30:
08:69:62:fc:13:90:0a:59:fa:a1:ce:24:d2:65:36:
a7:b3:c7:2b:57:59:7b:29:b4:51:e9:4f:6b:52:83:
35:e7:a4:ea:bb:5b:b8:a4:b3:39:1e:c9:90:76:b4:
23:94:14:ca:d3:50:71:f2:73:24:97:6e:77:47:82:
84:50:4f:1e:7c:f3:de:ae:dd:1e:25:b3:c6:59:fa:
97:cc:5d:0a:7c:66:3f:c7:f1:c9:12:b1:d1:24:22:
52:f0:74:a2:bc:42:af:3f:61:82:0c:0d:28:54:4e:
55:72:99:15:17:79:85:78:13:92:68:b3:ee:a8:87:
33:30:cd:19:03:81:79:d3:b3:ae:a0:8f:d8:50:db:
03:ac:bf:fc:f9:12:22:a6:61:32:1d:47:cf:f3:46:
31:f4:3b:3c:72:19:ac:ed:c2:d8:8c:2b:42:6b:eb:
f4:2c:7f:d7:52:19:89:2e:c1:ec:f4:b5:d6:2d:16:
8c:d6:96:b1:4b:92:a7:b2:a8:64:bd:cc:52:af:ff:
4d:5e:93:ad:47:82:e7:2f:7d:bc:a4:6b:06:2f:eb:
aa:da:df:fb:8c:b7:87:15:dc:83:2f:70:f0:d9:6c:
8f:3c:2e:c0:a3:79:1d:85:25:aa:65:fa:b3:4d:ef:
bf:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:42:5B:6C:0F:9B:B9:67:96:D9:44:42:29:A1:D8:1F:4A:1D:51:D7
X509v3 Authority Key Identifier:
keyid:A8:AB:A6:3E:80:6A:21:D4:60:35:CA:6E:9D:34:5B:03:DB:C8:E5:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qKumPoBqIdRgNcpunTRbA9vI5VM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/6186da-51d4-4618-95f9-f4a39e18cfb4/1/okJbbA-buWeW2URCKaHYH0odUdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/6186da-51d4-4618-95f9-f4a39e18cfb4/1/qKumPoBqIdRgNcpunTRbA9vI5VM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.90.32.0/19
109.69.240.0/21
185.211.232.0/22
195.200.240.0/23
Signature Algorithm: sha256WithRSAEncryption
08:ef:4a:41:54:ad:6a:cf:51:2b:87:4f:43:d1:5e:43:94:80:
0d:3b:f9:de:ac:19:f5:8b:22:03:56:86:4b:ab:85:52:1b:d6:
00:2b:47:08:69:08:a3:3a:d0:6a:e0:a0:5b:09:05:5c:b7:a8:
5f:59:a4:60:ae:e4:48:0a:9f:73:49:c3:80:22:17:33:13:25:
58:ca:ce:e5:62:06:88:f6:77:c0:8e:a0:19:6b:2e:d2:fb:ea:
e0:26:7f:3a:fe:d4:6f:7c:4a:cb:ff:6d:25:20:e6:bf:e0:b5:
21:59:91:4a:30:ed:63:a4:8b:eb:67:9d:62:1e:57:62:50:d5:
32:1b:3c:2d:e9:e9:21:b4:61:56:03:30:0f:75:8f:69:20:24:
a6:f5:8e:a8:17:5d:15:fe:26:30:a3:47:a4:7a:76:b0:f0:32:
5b:c2:de:45:3d:a2:49:8e:5a:23:12:e3:ad:f9:15:98:dc:68:
3a:b1:bb:1f:78:af:66:8c:2e:54:c0:42:55:0e:d2:e8:07:dd:
7d:db:d9:d3:45:02:52:28:61:53:b3:e3:74:38:47:83:5c:ec:
79:46:76:ad:41:2e:96:84:8d:07:fb:29:b3:3d:6c:aa:8f:34:
6d:af:ba:22:2e:ff:0f:85:b5:ed:36:0d:f2:ca:1c:94:23:de:
a9:86:2e:0b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYuww2V/TsQEFJWwNCkIUtjAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YWJhNjNlODA2YTIxZDQ2MDM1Y2E2ZTlkMzQ1YjAzZGJj
OGU1NTMwHhcNMjMxMTA4MjEwNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjQyNWI2YzBmOWJiOTY3OTZkOTQ0NDIyOWExZDgxZjRhMWQ1MWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvP15kcgKbmfy5+fyzAIaWL8E5AK
WfqhziTSZTans8crV1l7KbRR6U9rUoM156Tqu1u4pLM5HsmQdrQjlBTK01Bx8nMk
l253R4KEUE8efPPert0eJbPGWfqXzF0KfGY/x/HJErHRJCJS8HSivEKvP2GCDA0o
VE5VcpkVF3mFeBOSaLPuqIczMM0ZA4F507OuoI/YUNsDrL/8+RIipmEyHUfP80Yx
9Ds8chms7cLYjCtCa+v0LH/XUhmJLsHs9LXWLRaM1paxS5KnsqhkvcxSr/9NXpOt
R4LnL328pGsGL+uq2t/7jLeHFdyDL3Dw2WyPPC7Ao3kdhSWqZfqzTe+/UQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKJCW2wPm7lnltlEQimh2B9KHVHXMB8GA1UdIwQY
MBaAFKirpj6AaiHUYDXKbp00WwPbyOVTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUt1bVBvQnFJZFJnTmNwdW5UUmJBOXZJNVZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi82MTg2ZGEtNTFkNC00NjE4LTk1Zjkt
ZjRhMzllMThjZmI0LzEvb2tKYmJBLWJ1V2VXMlVSQ0thSFlIMG9kVWRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi82MTg2ZGEtNTFkNC00NjE4LTk1ZjktZjRhMzllMThjZmI0
LzEvcUt1bVBvQnFJZFJnTmNwdW5UUmJBOXZJNVZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFUFogAwQD
bUXwAwQCudPoAwQBw8jwMA0GCSqGSIb3DQEBCwUAA4IBAQAI70pBVK1qz1Erh09D
0V5DlIANO/nerBn1iyIDVoZLq4VSG9YAK0cIaQijOtBq4KBbCQVct6hfWaRgruRI
Cp9zScOAIhczEyVYys7lYgaI9nfAjqAZay7S++rgJn86/tRvfErL/20lIOa/4LUh
WZFKMO1jpIvrZ51iHldiUNUyGzwt6ekhtGFWAzAPdY9pICSm9Y6oF10V/iYwo0ek
enaw8DJbwt5FPaJJjlojEuOt+RWY3Gg6sbsfeK9mjC5UwEJVDtLoB91929nTRQJS
KGFTs+N0OEeDXOx5RnatQS6WhI0H+ymzPWyqjzRtr7oiLv8PhbXtNg3yyhyUI96p
hi4L
-----END CERTIFICATE-----
Generated at Thu Nov 9 10:47:44 2023 by rpki-client on console-fra.rpki-client.org