Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/oPG3Fd7kamJJYRobDOjixQ-zw_E.roa
File: oPG3Fd7kamJJYRobDOjixQ-zw_E.roa (raw, json)
Hash identifier: D1cnwSs0Evs+izbxAXQuW7bhsO2Rv/HQ/Q/caYqi/bk=
Subject key identifier: A0:F1:B7:15:DE:E4:6A:62:49:61:1A:1B:0C:E8:E2:C5:0F:B3:C3:F1
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 0189400EC3597B6479EB9560C4021F98D8D3
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/oPG3Fd7kamJJYRobDOjixQ-zw_E.roa
Signing time: Mon 10 Jul 2023 13:47:36 +0000
ROA not before: Mon 10 Jul 2023 13:47:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 195.180.128.0/22 maxlen: 24
194.233.151.0/24 maxlen: 24
194.233.148.0/24 maxlen: 24
194.233.149.0/24 maxlen: 24
194.64.89.0/24 maxlen: 24
194.163.92.0/24 maxlen: 24
195.252.175.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:40:0e:c3:59:7b:64:79:eb:95:60:c4:02:1f:98:d8:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Jul 10 13:47:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0f1b715dee46a6249611a1b0ce8e2c50fb3c3f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:48:b6:d9:f1:8c:1a:e2:de:d1:42:9f:f1:18:
93:c6:8d:d2:c2:a9:49:56:eb:f9:ed:c3:60:ab:9b:
67:00:ef:88:91:77:47:f2:4a:92:ee:48:45:b8:20:
c5:fe:c8:e1:58:36:38:bf:63:8d:5d:9b:ea:67:5a:
1d:d9:06:8a:58:23:13:03:c0:f4:23:1c:00:78:ab:
13:67:c7:aa:d3:39:52:d2:0d:5e:b9:60:db:db:de:
05:71:27:84:ec:11:44:11:29:a6:43:03:12:01:4a:
1b:b3:6b:14:ad:7f:83:1a:7a:10:9c:f5:95:ff:d3:
64:92:91:be:21:c4:d5:cb:d9:b2:c1:cd:31:de:83:
fa:54:ae:75:e0:50:a7:b1:d1:23:12:67:12:07:2e:
af:6e:58:c3:d2:98:c3:7d:99:9f:47:9b:48:3e:6f:
be:99:3b:12:b3:75:40:e9:d7:5f:08:2f:5b:33:91:
16:7e:10:60:6c:8c:79:b9:d7:e6:16:83:e3:ab:27:
95:a5:ca:ae:06:9e:d3:3e:62:d6:50:0b:48:d6:51:
af:e9:be:b9:c5:79:9f:76:b5:3d:e9:bf:df:ec:ca:
66:d9:7e:5d:33:56:76:bb:a4:1d:07:70:c1:b9:c2:
d5:70:b1:ca:cd:d1:a0:64:46:81:29:74:e8:3f:c3:
8a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:F1:B7:15:DE:E4:6A:62:49:61:1A:1B:0C:E8:E2:C5:0F:B3:C3:F1
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/oPG3Fd7kamJJYRobDOjixQ-zw_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.64.89.0/24
194.163.92.0/24
194.233.148.0/23
194.233.151.0/24
195.180.128.0/22
195.252.175.0/24
Signature Algorithm: sha256WithRSAEncryption
87:62:b5:1b:2d:b0:42:e2:2d:61:e7:6c:ce:98:07:20:b2:e0:
67:5b:67:48:54:e2:b8:6b:db:5d:52:9b:0d:b0:53:f1:bd:34:
55:9d:b6:d9:a9:3b:6d:d5:96:9e:7e:93:b1:84:65:e2:7b:3e:
3a:e3:b7:ea:74:c0:ab:5a:75:a4:7c:13:d5:a8:4f:f9:47:c7:
81:ec:3e:a3:d4:c6:27:a3:c3:7b:69:24:03:57:a1:83:fe:4e:
6e:79:75:87:8e:dd:31:e3:31:56:3b:d7:77:29:1a:82:d3:c8:
46:eb:26:a4:ce:98:d9:38:fb:9e:df:7e:6f:ee:7b:d4:e6:56:
3e:8a:f9:18:eb:ec:1a:e8:b5:5a:93:a8:c2:bf:7a:88:76:85:
76:fb:d1:b9:1f:c5:14:67:74:ba:5a:03:a5:f1:d2:11:3e:ed:
67:cc:41:4c:bc:aa:38:31:e8:95:20:b7:5b:a5:53:ce:c0:dc:
43:ee:5c:32:f7:b6:38:77:94:b1:c7:e3:30:95:51:62:bb:35:
01:e1:29:78:b4:16:df:2f:23:a1:67:77:16:bd:b9:d4:71:a5:
bc:88:a7:c8:d9:a1:2f:16:cc:ea:b6:69:8f:14:83:27:80:a8:
0e:48:3c:c6:60:52:84:2a:17:f6:42:63:f3:05:61:73:f6:e0:
1d:f4:ef:85
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYlADsNZe2R565VgxAIfmNjTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjMwNzEwMTM0NzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGYxYjcxNWRlZTQ2YTYyNDk2MTFhMWIwY2U4ZTJjNTBmYjNjM2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0i22fGMGuLe0UKf8RiTxo3SwqlJ
Vuv57cNgq5tnAO+IkXdH8kqS7khFuCDF/sjhWDY4v2ONXZvqZ1od2QaKWCMTA8D0
IxwAeKsTZ8eq0zlS0g1euWDb294FcSeE7BFEESmmQwMSAUobs2sUrX+DGnoQnPWV
/9NkkpG+IcTVy9mywc0x3oP6VK514FCnsdEjEmcSBy6vbljD0pjDfZmfR5tIPm++
mTsSs3VA6ddfCC9bM5EWfhBgbIx5udfmFoPjqyeVpcquBp7TPmLWUAtI1lGv6b65
xXmfdrU96b/f7Mpm2X5dM1Z2u6QdB3DBucLVcLHKzdGgZEaBKXToP8OKNwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKDxtxXe5GpiSWEaGwzo4sUPs8PxMB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEvb1BHM0ZkN2thbUpKWVJvYkRPaml4US16d19FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwkBZAwQA
wqNcAwQBwumUAwQAwumXAwQCw7SAAwQAw/yvMA0GCSqGSIb3DQEBCwUAA4IBAQCH
YrUbLbBC4i1h52zOmAcgsuBnW2dIVOK4a9tdUpsNsFPxvTRVnbbZqTtt1ZaefpOx
hGXiez4647fqdMCrWnWkfBPVqE/5R8eB7D6j1MYno8N7aSQDV6GD/k5ueXWHjt0x
4zFWO9d3KRqC08hG6yakzpjZOPue335v7nvU5lY+ivkY6+wa6LVak6jCv3qIdoV2
+9G5H8UUZ3S6WgOl8dIRPu1nzEFMvKo4MeiVILdbpVPOwNxD7lwy97Y4d5Sxx+Mw
lVFiuzUB4Sl4tBbfLyOhZ3cWvbnUcaW8iKfI2aEvFszqtmmPFIMngKgOSDzGYFKE
Khf2QmPzBWFz9uAd9O+F
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:30 2023 by rpki-client on console-ams.rpki-client.org