Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/oc5nh_rMl1KbtvFM-tUwTq4sbGo.roa
File: oc5nh_rMl1KbtvFM-tUwTq4sbGo.roa (raw, json)
Hash identifier: NJ932FkUyKzLSZx2ImGFUCu3P76teO4jhvjvu6oTeqk=
Subject key identifier: A1:CE:67:87:FA:CC:97:52:9B:B6:F1:4C:FA:D5:30:4E:AE:2C:6C:6A
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 01857246FF356C3E79777102BCEE01F04D77
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/oc5nh_rMl1KbtvFM-tUwTq4sbGo.roa
Signing time: Mon 02 Jan 2023 11:38:53 +0000
ROA not before: Mon 02 Jan 2023 11:38:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39150
IP address blocks: 146.185.238.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:ff:35:6c:3e:79:77:71:02:bc:ee:01:f0:4d:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 2 11:38:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1ce6787facc97529bb6f14cfad5304eae2c6c6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:7b:87:63:96:65:ca:af:08:ba:38:de:cd:06:
9a:10:df:fd:9c:7c:41:2b:69:9b:4a:be:8f:4c:1c:
47:c1:52:38:00:1c:3c:05:11:aa:cc:c3:3f:7d:31:
eb:65:9c:b7:3f:50:26:a6:e5:4b:d0:a2:24:ea:67:
c9:c2:5c:3a:22:b6:b5:ce:c7:e5:4b:28:6f:50:05:
7c:a1:fe:3e:de:31:ac:09:69:a0:01:a2:49:88:a1:
db:22:74:03:96:a2:94:c6:48:21:e2:ac:d9:93:53:
e1:f7:ff:fc:4a:b3:d6:42:ec:50:e1:ce:5b:d8:fc:
36:37:4f:a3:34:f3:69:eb:7b:ce:a1:b8:c4:3c:8b:
e0:3e:ff:52:84:8f:f8:df:2d:fb:e5:5a:11:14:03:
64:1d:4e:e8:c1:b2:a2:6e:d9:3f:20:b4:e7:c4:9b:
81:c1:65:ef:0f:fc:49:e3:54:4e:8e:bc:7f:a6:7a:
f4:58:0b:50:15:ee:29:b4:28:b1:f6:48:be:00:b5:
12:fb:b1:a4:6d:e1:7f:d8:32:d2:2d:31:33:b7:da:
23:2e:43:6f:f0:b8:a5:62:a8:05:5a:83:af:cd:73:
b6:d8:d3:90:15:75:d0:82:a5:0f:67:19:d1:b6:b5:
af:7b:ad:93:9e:6e:fd:39:54:92:ef:29:b5:fa:34:
5d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:CE:67:87:FA:CC:97:52:9B:B6:F1:4C:FA:D5:30:4E:AE:2C:6C:6A
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/oc5nh_rMl1KbtvFM-tUwTq4sbGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.185.238.0/24
Signature Algorithm: sha256WithRSAEncryption
40:cd:b6:97:8c:93:c3:90:a7:1e:c2:60:41:82:2f:f4:89:4a:
33:d7:8f:29:04:42:56:34:8a:17:fb:01:3c:d9:9e:80:6c:fa:
b4:cb:4d:83:df:39:d1:b0:b0:22:59:ab:8c:cf:53:f1:24:96:
a9:f9:50:09:e3:9c:f3:da:97:f3:5f:11:2f:83:1f:45:ae:79:
3e:0a:35:8a:e0:21:62:5f:95:aa:9d:c9:08:b1:f5:94:59:bc:
69:2a:f2:20:1c:82:00:bf:ce:b9:7e:f0:0f:d6:41:05:4a:f3:
34:d7:e7:6e:a8:23:db:96:9d:c3:7d:05:f8:1a:fc:25:73:3f:
72:b2:09:28:b9:ce:d8:c1:64:f9:c6:f5:43:07:fb:5a:d5:6b:
50:b9:b6:aa:ae:3a:84:d8:a1:59:a1:84:43:46:1b:f0:50:94:
83:d4:23:ab:75:19:14:6c:b9:33:8f:a6:f6:0b:fd:d2:7b:63:
4e:6a:d1:03:a0:78:6a:a5:3b:6d:56:73:52:83:68:cc:a3:74:
bc:53:31:48:d1:86:a9:70:6e:d5:43:04:41:f3:4a:28:e6:43:
48:09:3a:ed:ee:4e:35:65:16:ec:99:ce:ad:66:e9:75:7b:50:
6b:1b:7f:57:d3:cd:bb:25:7e:99:39:25:d3:d0:92:57:55:7e:
b7:02:5c:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyRv81bD55d3ECvO4B8E13MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwMTAyMTEzODUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWNlNjc4N2ZhY2M5NzUyOWJiNmYxNGNmYWQ1MzA0ZWFlMmM2YzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XuHY5Zlyq8IujjezQaaEN/9nHxB
K2mbSr6PTBxHwVI4ABw8BRGqzMM/fTHrZZy3P1AmpuVL0KIk6mfJwlw6Ira1zsfl
SyhvUAV8of4+3jGsCWmgAaJJiKHbInQDlqKUxkgh4qzZk1Ph9//8SrPWQuxQ4c5b
2Pw2N0+jNPNp63vOobjEPIvgPv9ShI/43y375VoRFANkHU7owbKibtk/ILTnxJuB
wWXvD/xJ41ROjrx/pnr0WAtQFe4ptCix9ki+ALUS+7GkbeF/2DLSLTEzt9ojLkNv
8LilYqgFWoOvzXO22NOQFXXQgqUPZxnRtrWve62Tnm79OVSS7ym1+jRdfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKHOZ4f6zJdSm7bxTPrVME6uLGxqMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvb2M1bmhfck1sMUtidHZGTS10VXdUcTRzYkdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkrnuMA0G
CSqGSIb3DQEBCwUAA4IBAQBAzbaXjJPDkKcewmBBgi/0iUoz148pBEJWNIoX+wE8
2Z6AbPq0y02D3znRsLAiWauMz1PxJJap+VAJ45zz2pfzXxEvgx9Frnk+CjWK4CFi
X5WqnckIsfWUWbxpKvIgHIIAv865fvAP1kEFSvM01+duqCPblp3DfQX4Gvwlcz9y
sgkouc7YwWT5xvVDB/ta1WtQubaqrjqE2KFZoYRDRhvwUJSD1COrdRkUbLkzj6b2
C/3Se2NOatEDoHhqpTttVnNSg2jMo3S8UzFI0YapcG7VQwRB80oo5kNICTrt7k41
ZRbsmc6tZul1e1BrG39X0827JX6ZOSXT0JJXVX63Alwt
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:13:47 2024 by rpki-client on console-ams.rpki-client.org