Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/ok4wT_mlm2z7ZxCGerNSkWlFZkQ.roa
File: ok4wT_mlm2z7ZxCGerNSkWlFZkQ.roa (raw, json)
Hash identifier: /1Qo76tSm9prJ0vYJSeS6TPqFlPntxJHAW2/+J3SzkQ=
Subject key identifier: A2:4E:30:4F:F9:A5:9B:6C:FB:67:10:86:7A:B3:52:91:69:45:66:44
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 018CC64ADA006CC3502900361AA56E108F16
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/ok4wT_mlm2z7ZxCGerNSkWlFZkQ.roa
Signing time: Mon 01 Jan 2024 18:30:43 +0000
ROA not before: Mon 01 Jan 2024 18:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8930
IP address blocks: 194.102.176.0/24 maxlen: 24
193.230.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Mar 2024 16:37:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:da:00:6c:c3:50:29:00:36:1a:a5:6e:10:8f:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 1 18:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a24e304ff9a59b6cfb6710867ab3529169456644
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1a:62:89:1a:86:a2:d0:4a:a3:8d:2f:a2:7a:
7a:db:df:8b:47:5a:30:ca:05:2f:01:ff:18:ff:6a:
3e:f2:69:86:c5:0e:88:fa:61:3e:5e:b9:9f:7f:d0:
3d:b2:4f:26:96:47:65:d1:4a:ed:02:c1:cc:64:4c:
16:b8:0d:c3:5b:fb:0f:15:d6:2a:14:95:e9:ab:a9:
ca:f0:72:9e:41:49:94:ff:d8:00:1e:75:67:d1:89:
79:4a:29:98:cc:b5:85:54:22:35:13:01:51:b3:e7:
18:f3:8f:b0:0a:13:3d:13:41:5e:e5:68:80:d2:be:
2c:22:c6:fa:85:86:0c:2b:e1:ef:41:a5:62:9a:3f:
2d:ce:b1:0c:fe:7a:d4:e3:01:e6:e6:3a:ec:0d:b2:
d9:b2:9a:c6:ac:3e:71:98:45:16:72:b5:24:1a:8d:
65:af:77:5d:98:df:97:b8:e9:b2:ba:7a:75:0c:a3:
64:20:31:de:d5:fa:33:ea:aa:e5:75:be:2c:3d:46:
50:08:28:5c:a6:17:f9:44:62:82:03:46:27:5c:9c:
55:af:63:aa:82:77:e1:d5:69:53:3b:60:b4:3d:e1:
d5:cb:df:6f:1a:ec:9e:04:d0:76:11:06:d8:56:86:
a0:fc:d4:02:35:ba:a1:7f:44:42:b5:34:d3:25:3f:
c8:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:4E:30:4F:F9:A5:9B:6C:FB:67:10:86:7A:B3:52:91:69:45:66:44
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/ok4wT_mlm2z7ZxCGerNSkWlFZkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.230.230.0/24
194.102.176.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:87:82:9e:62:19:c8:1d:17:3e:39:d7:b6:09:90:42:1f:f4:
00:13:36:67:b0:b2:d5:ca:db:58:2a:dc:0c:a7:91:43:0d:4f:
bb:36:d0:9a:31:49:02:22:52:d0:f6:77:eb:73:a1:20:5f:32:
f3:7d:46:01:4c:d2:dc:23:6d:6f:99:f4:3b:d7:cd:9a:44:22:
7a:b2:94:f1:6f:ce:20:2e:59:67:8c:0d:29:e9:ab:5e:98:4d:
90:83:6d:95:da:65:7f:c3:ff:67:d1:cf:e1:ef:55:61:2a:24:
2e:96:e5:61:bb:90:ee:e1:6e:ce:6d:a8:34:7c:75:ed:e5:60:
89:1f:fb:e2:4a:b7:a3:5c:28:ef:4f:c1:fa:ea:7a:8d:80:cf:
28:e9:42:d9:fd:36:32:d9:f7:2b:21:58:c0:41:e9:88:4a:24:
76:74:f8:61:57:a5:b8:f1:c9:71:4f:e0:46:07:2f:f3:2e:cb:
53:5e:61:62:b9:50:f7:e6:3a:ef:d6:8a:fb:bb:0c:d7:00:33:
24:9e:bc:9e:d8:82:7d:fa:51:50:06:bf:01:62:68:76:b4:77:
11:6c:81:77:c9:d5:49:9f:9c:57:f5:80:7c:fd:4d:6e:d4:3a:
32:26:b3:d7:78:ee:b8:09:54:87:6d:9b:62:b0:f4:86:4d:77:
c8:82:60:9b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGStoAbMNQKQA2GqVuEI8WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjQwMTAxMTgzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjRlMzA0ZmY5YTU5YjZjZmI2NzEwODY3YWIzNTI5MTY5NDU2NjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBpiiRqGotBKo40vonp629+LR1ow
ygUvAf8Y/2o+8mmGxQ6I+mE+Xrmff9A9sk8mlkdl0UrtAsHMZEwWuA3DW/sPFdYq
FJXpq6nK8HKeQUmU/9gAHnVn0Yl5SimYzLWFVCI1EwFRs+cY84+wChM9E0Fe5WiA
0r4sIsb6hYYMK+HvQaVimj8tzrEM/nrU4wHm5jrsDbLZsprGrD5xmEUWcrUkGo1l
r3ddmN+XuOmyunp1DKNkIDHe1foz6qrldb4sPUZQCChcphf5RGKCA0YnXJxVr2Oq
gnfh1WlTO2C0PeHVy99vGuyeBNB2EQbYVoag/NQCNbqhf0RCtTTTJT/I8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKJOME/5pZts+2cQhnqzUpFpRWZEMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvb2s0d1RfbWxtMno3WnhDR2VyTlNrV2xGWmtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwebmAwQA
wmawMA0GCSqGSIb3DQEBCwUAA4IBAQCuh4KeYhnIHRc+Ode2CZBCH/QAEzZnsLLV
yttYKtwMp5FDDU+7NtCaMUkCIlLQ9nfrc6EgXzLzfUYBTNLcI21vmfQ7182aRCJ6
spTxb84gLllnjA0p6atemE2Qg22V2mV/w/9n0c/h71VhKiQuluVhu5Du4W7Obag0
fHXt5WCJH/viSrejXCjvT8H66nqNgM8o6ULZ/TYy2fcrIVjAQemISiR2dPhhV6W4
8clxT+BGBy/zLstTXmFiuVD35jrv1or7uwzXADMknrye2IJ9+lFQBr8BYmh2tHcR
bIF3ydVJn5xX9YB8/U1u1DoyJrPXeO64CVSHbZtisPSGTXfIgmCb
-----END CERTIFICATE-----
Generated at Thu Mar 28 20:49:17 2024 by rpki-client on console-ams.rpki-client.org