Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/oeDKbwUXHC2btUaqC6Cshj1rfFU.roa
File: oeDKbwUXHC2btUaqC6Cshj1rfFU.roa (raw, json)
Hash identifier: lWaD3r3nAIA/dH2HiW4QZW1XY2BtX9YGVDAxyFW0Lkk=
Subject key identifier: A1:E0:CA:6F:05:17:1C:2D:9B:B5:46:AA:0B:A0:AC:86:3D:6B:7C:55
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0185738FF5B32AB6B723DB171A64EF55E95B
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/oeDKbwUXHC2btUaqC6Cshj1rfFU.roa
Signing time: Mon 02 Jan 2023 17:38:12 +0000
ROA not before: Mon 02 Jan 2023 17:38:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62068
IP address blocks: 89.190.159.0/24 maxlen: 24
185.242.226.0/24 maxlen: 24
194.50.16.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:8f:f5:b3:2a:b6:b7:23:db:17:1a:64:ef:55:e9:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 17:38:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1e0ca6f05171c2d9bb546aa0ba0ac863d6b7c55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:69:63:d3:ff:2b:f6:b5:af:0d:64:e0:af:d0:
64:31:68:c1:cc:a5:a8:a2:57:9e:5f:42:d8:9e:22:
09:6f:01:16:1e:bd:c7:2d:16:b3:e8:ac:95:b6:8c:
a6:53:a1:d6:3a:09:58:99:60:7e:c2:b2:52:7f:6a:
5a:f1:75:cf:6d:34:eb:1f:7b:37:b6:ab:92:67:87:
b6:d1:5d:26:bc:4b:34:87:b3:2e:2b:d3:61:fa:53:
a9:e5:a9:53:db:bb:e4:94:b7:18:2b:ad:af:73:34:
7a:f4:34:68:9c:55:ff:6a:5d:71:6a:71:e1:49:6f:
50:22:0c:80:24:5a:f2:e4:06:48:95:78:75:c1:c2:
92:4e:c0:cf:e5:b9:a9:e2:0d:fb:ab:4d:50:e9:8c:
cb:33:77:3a:78:cd:5c:5e:75:ef:ee:02:49:29:de:
f8:c4:6b:5d:5e:40:7f:ef:8f:85:72:f5:91:f0:f7:
76:9c:e8:81:3a:2f:ae:cf:b0:3e:67:6d:33:66:12:
9a:0d:94:04:2c:bb:76:e2:81:a9:b8:e9:1a:11:91:
1e:98:9d:1c:60:ec:45:b4:be:2a:cb:b9:a5:02:59:
00:06:7a:55:0c:7c:0e:f6:b5:49:ed:f4:ba:a7:82:
50:76:03:1d:9b:76:cd:49:f2:27:05:c9:27:43:b2:
b0:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:E0:CA:6F:05:17:1C:2D:9B:B5:46:AA:0B:A0:AC:86:3D:6B:7C:55
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/oeDKbwUXHC2btUaqC6Cshj1rfFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.190.159.0/24
185.242.226.0/24
194.50.16.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:5e:61:55:1e:0f:48:bd:68:e7:d7:d6:5c:12:60:94:cc:19:
84:52:e9:e9:4f:9b:b8:3f:cd:a0:ab:91:69:0a:89:a1:9e:c9:
83:e7:9a:fc:3f:8e:38:77:54:59:1b:83:83:49:78:3e:91:a4:
dc:ee:3c:2f:24:4f:a1:d4:de:d0:a7:74:ad:04:87:d8:06:5e:
f1:b3:31:8f:16:da:45:a0:89:93:e3:41:74:84:49:76:53:b2:
f5:34:3d:7c:12:35:53:7c:f1:88:dc:55:0d:40:36:31:0d:7d:
59:5d:bf:6d:7c:da:8c:bd:ba:f3:a1:02:6e:3f:4a:47:39:e0:
00:bc:e6:57:8e:f3:31:5a:9d:10:91:ab:6d:f5:2e:28:7b:39:
57:05:ae:8e:17:6c:7f:66:48:6a:b9:a5:2c:a6:6f:88:f8:91:
ce:ce:3f:a8:ca:bf:82:86:01:6f:ab:2d:32:5f:9d:8e:42:9c:
ee:da:e7:b8:62:27:74:bf:63:9c:c4:ca:cc:4e:13:d9:64:e7:
c8:6e:a8:e7:1e:a8:5f:88:81:58:b1:f7:23:93:3e:11:b0:4a:
bf:a9:5f:2c:d7:73:a3:14:f3:ab:a3:7a:54:7f:4a:9f:be:95:
0b:32:cd:90:c1:b3:ed:27:0b:88:4d:a5:da:d4:f1:3b:3b:c9:
4b:61:3d:e6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVzj/WzKra3I9sXGmTvVelbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWUwY2E2ZjA1MTcxYzJkOWJiNTQ2YWEwYmEwYWM4NjNkNmI3YzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmlj0/8r9rWvDWTgr9BkMWjBzKWo
oleeX0LYniIJbwEWHr3HLRaz6KyVtoymU6HWOglYmWB+wrJSf2pa8XXPbTTrH3s3
tquSZ4e20V0mvEs0h7MuK9Nh+lOp5alT27vklLcYK62vczR69DRonFX/al1xanHh
SW9QIgyAJFry5AZIlXh1wcKSTsDP5bmp4g37q01Q6YzLM3c6eM1cXnXv7gJJKd74
xGtdXkB/74+FcvWR8Pd2nOiBOi+uz7A+Z20zZhKaDZQELLt24oGpuOkaEZEemJ0c
YOxFtL4qy7mlAlkABnpVDHwO9rVJ7fS6p4JQdgMdm3bNSfInBcknQ7KwwQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKHgym8FFxwtm7VGqgugrIY9a3xVMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvb2VES2J3VVhIQzJidFVhcUM2Q3NoajFyZkZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWb6fAwQA
ufLiAwQAwjIQMA0GCSqGSIb3DQEBCwUAA4IBAQDMXmFVHg9IvWjn19ZcEmCUzBmE
UunpT5u4P82gq5FpComhnsmD55r8P444d1RZG4ODSXg+kaTc7jwvJE+h1N7Qp3St
BIfYBl7xszGPFtpFoImT40F0hEl2U7L1ND18EjVTfPGI3FUNQDYxDX1ZXb9tfNqM
vbrzoQJuP0pHOeAAvOZXjvMxWp0Qkatt9S4oezlXBa6OF2x/ZkhquaUspm+I+JHO
zj+oyr+ChgFvqy0yX52OQpzu2ue4Yid0v2OcxMrMThPZZOfIbqjnHqhfiIFYsfcj
kz4RsEq/qV8s13OjFPOro3pUf0qfvpULMs2QwbPtJwuITaXa1PE7O8lLYT3m
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:40 2024 by rpki-client on console-ams.rpki-client.org