Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/1-OlwmgZjoZp7LqETVmFUEfYhxyQ.roa
File: 1-OlwmgZjoZp7LqETVmFUEfYhxyQ.roa (raw, json)
Hash identifier: bUI616Ak2SUABpxLF3tVK5OWCxl/ccRrKRjpwcqz9dQ=
Subject key identifier: F8:E9:70:9A:06:63:A1:9A:7B:2E:A1:13:56:61:54:11:F6:21:C7:24
Certificate issuer: /CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Certificate serial: 0185729EDE58A521BF4373618E62693B227E
Authority key identifier: 30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/1-OlwmgZjoZp7LqETVmFUEfYhxyQ.roa
Signing time: Mon 02 Jan 2023 13:14:52 +0000
ROA not before: Mon 02 Jan 2023 13:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197033
IP address blocks: 217.119.185.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:de:58:a5:21:bf:43:73:61:8e:62:69:3b:22:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Validity
Not Before: Jan 2 13:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8e9709a0663a19a7b2ea11356615411f621c724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:af:3d:08:03:6d:63:66:0d:23:e5:c9:d7:1f:
97:37:40:0c:0d:59:19:ed:50:eb:c0:85:65:d3:f0:
d6:34:c3:4c:17:9f:2c:2c:47:ac:20:d3:55:d2:58:
9f:97:fb:e0:c7:42:53:2c:12:18:a6:1b:bd:05:2c:
df:8e:08:08:00:ab:36:12:c5:89:45:15:4c:b9:8e:
ab:50:26:ec:5d:37:81:50:df:6b:d8:90:72:4a:98:
e9:7e:4b:ed:d4:cd:09:af:71:f5:f8:9f:6f:e0:c3:
5d:58:23:65:ce:79:14:8d:df:26:cd:e2:e3:d2:55:
85:e7:90:6f:47:8b:ef:68:95:79:6a:87:71:13:92:
3c:5d:90:95:f1:02:94:f7:6a:5e:20:74:4a:11:27:
03:8c:7f:86:bb:c8:55:69:10:0f:75:fe:b8:6a:3c:
88:c3:53:dc:74:a2:b9:e5:1f:9d:67:62:58:96:b2:
61:31:0f:ce:40:84:fb:69:51:93:fb:d7:99:4b:05:
8b:2c:d3:5e:53:bc:cf:e7:34:03:40:f5:6f:7f:73:
57:89:8b:db:7b:36:a8:aa:da:ef:49:93:d1:ae:ef:
9a:12:db:ff:51:4e:0b:9c:53:56:71:a2:df:ca:3e:
50:9f:c6:bb:4c:09:c0:7c:1c:25:fc:7a:84:d1:fc:
d9:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:E9:70:9A:06:63:A1:9A:7B:2E:A1:13:56:61:54:11:F6:21:C7:24
X509v3 Authority Key Identifier:
keyid:30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/1-OlwmgZjoZp7LqETVmFUEfYhxyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/MH2IfALgfJ5HTR-OIQScqmzj-9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.119.185.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:a2:28:60:b4:bf:56:cd:55:76:6b:e5:6e:40:a1:09:f0:6c:
d4:cf:35:92:55:18:87:8c:65:9e:08:d8:05:60:73:8c:c0:5a:
13:79:c5:66:a7:61:24:82:98:74:8c:9f:a2:e6:e4:b7:82:ad:
18:a9:43:fa:5f:bc:33:42:66:3f:62:db:7c:66:99:1a:96:7c:
8f:94:0a:c0:2b:0c:fc:ef:38:45:c6:5c:34:30:cb:a5:0f:99:
38:49:2b:21:5c:0b:bf:57:80:f1:07:22:ff:24:3a:06:f2:99:
58:da:db:e3:9b:7e:fc:a6:c1:da:f2:df:f4:c6:6d:f3:c9:ee:
6f:e1:d7:4c:8a:dc:12:62:5b:94:57:9e:89:26:6a:7c:66:2f:
ed:ca:0c:c5:7f:42:fb:77:70:0a:00:77:f1:28:d6:3d:e6:b5:
8d:95:12:44:53:2a:b3:9b:19:c4:89:4f:0e:ba:9a:39:b5:62:
bf:6c:60:8d:41:1c:e9:bc:89:80:17:09:7a:fb:00:0a:6c:12:
fb:7e:18:ca:71:b0:65:19:74:09:20:2b:50:48:99:c1:63:29:
8c:5e:1d:42:90:2a:06:1c:56:51:7d:19:d3:3d:0c:e1:28:db:
5a:68:b2:1d:f5:55:dd:ba:45:d2:31:c8:9d:34:fc:e4:2c:41:
cb:a9:89:f2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVynt5YpSG/Q3NhjmJpOyJ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Q4ODdjMDJlMDdjOWU0NzRkMWY4ZTIxMDQ5Y2FhNmNl
M2ZiZDMwHhcNMjMwMTAyMTMxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGU5NzA5YTA2NjNhMTlhN2IyZWExMTM1NjYxNTQxMWY2MjFjNzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqq89CANtY2YNI+XJ1x+XN0AMDVkZ
7VDrwIVl0/DWNMNMF58sLEesINNV0lifl/vgx0JTLBIYphu9BSzfjggIAKs2EsWJ
RRVMuY6rUCbsXTeBUN9r2JBySpjpfkvt1M0Jr3H1+J9v4MNdWCNlznkUjd8mzeLj
0lWF55BvR4vvaJV5aodxE5I8XZCV8QKU92peIHRKEScDjH+Gu8hVaRAPdf64ajyI
w1PcdKK55R+dZ2JYlrJhMQ/OQIT7aVGT+9eZSwWLLNNeU7zP5zQDQPVvf3NXiYvb
ezaoqtrvSZPRru+aEtv/UU4LnFNWcaLfyj5Qn8a7TAnAfBwl/HqE0fzZ2QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPjpcJoGY6Gaey6hE1ZhVBH2IcckMB8GA1UdIwQY
MBaAFDB9iHwC4HyeR00fjiEEnKps4/vTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUgySWZBTGdmSjVIVFItT0lRU2NxbXpqLTlNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9iMjBkODMtNjEyYy00YjYyLTk3YTMt
MWE1ZTVmMTkxYmZhLzEvMS1PbHdtZ1pqb1pwN0xxRVRWbUZVRWZZaHh5US5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWMvYjIwZDgzLTYxMmMtNGI2Mi05N2EzLTFhNWU1ZjE5MWJm
YS8xL01IMklmQUxnZko1SFRSLU9JUVNjcW16ai05TS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANl3uTAN
BgkqhkiG9w0BAQsFAAOCAQEApqIoYLS/Vs1VdmvlbkChCfBs1M81klUYh4xlngjY
BWBzjMBaE3nFZqdhJIKYdIyfoubkt4KtGKlD+l+8M0JmP2LbfGaZGpZ8j5QKwCsM
/O84RcZcNDDLpQ+ZOEkrIVwLv1eA8Qci/yQ6BvKZWNrb45t+/KbB2vLf9MZt88nu
b+HXTIrcEmJblFeeiSZqfGYv7coMxX9C+3dwCgB38SjWPea1jZUSRFMqs5sZxIlP
DrqaObViv2xgjUEc6byJgBcJevsACmwS+34YynGwZRl0CSArUEiZwWMpjF4dQpAq
BhxWUX0Z0z0M4SjbWmiyHfVV3bpF0jHInTT85CxBy6mJ8g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:04 2024 by rpki-client on console-ams.rpki-client.org