Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/OssOHKuwZ9QbzO68stukWh_rq_U.roa
File: OssOHKuwZ9QbzO68stukWh_rq_U.roa (raw, json)
Hash identifier: V20I78PkwcrSZvyK4pJSHcj/d/Ltx2lJYeP4Kdnv3rY=
Subject key identifier: 3A:CB:0E:1C:AB:B0:67:D4:1B:CC:EE:BC:B2:DB:A4:5A:1F:EB:AB:F5
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01886FC2A01367D579063ED24942803D293C
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/OssOHKuwZ9QbzO68stukWh_rq_U.roa
Signing time: Wed 31 May 2023 03:03:25 +0000
ROA not before: Wed 31 May 2023 03:03:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210907
IP address blocks: 109.122.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:6f:c2:a0:13:67:d5:79:06:3e:d2:49:42:80:3d:29:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: May 31 03:03:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3acb0e1cabb067d41bcceebcb2dba45a1febabf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:54:07:31:23:b4:75:a9:5e:c9:21:c6:e7:f6:
0f:13:d4:35:b8:5a:85:5b:ea:12:f7:5b:4a:fe:61:
fe:a0:8a:f9:76:78:60:80:1d:65:49:22:3d:0a:80:
bc:03:f0:c3:20:96:24:1b:92:ed:8b:a1:bd:0d:7d:
17:69:a8:04:ad:da:f7:59:37:13:3b:43:dc:35:97:
1d:5a:09:59:03:3a:88:ec:b8:d3:a8:0c:45:3e:61:
4b:68:f3:1f:26:99:f3:8a:2c:21:eb:41:5a:08:17:
0c:c7:13:05:7b:a3:cd:20:9f:ed:4d:cd:5b:08:95:
10:ee:a7:ba:0e:78:d1:b8:f4:6b:66:ba:7b:6b:cd:
0e:7a:18:13:72:8f:aa:71:02:bb:e2:33:22:de:3c:
c6:b6:8c:a7:2f:3e:3f:38:c1:d4:1f:d5:be:84:d1:
d4:9a:49:da:ef:d6:21:fc:ea:ca:bc:59:14:83:64:
01:30:00:05:9a:30:b4:3c:76:04:2a:91:ee:bd:7e:
f9:3a:58:21:16:34:4c:96:84:5e:09:b4:94:8f:68:
28:58:f0:a5:04:cd:eb:5b:cb:37:df:37:c3:9a:fa:
d1:98:db:dc:92:c3:02:db:d0:99:07:a0:8d:3d:eb:
c1:23:11:a6:f9:2f:94:cc:20:11:8a:bd:62:be:76:
1c:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:CB:0E:1C:AB:B0:67:D4:1B:CC:EE:BC:B2:DB:A4:5A:1F:EB:AB:F5
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/OssOHKuwZ9QbzO68stukWh_rq_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.41.0/24
Signature Algorithm: sha256WithRSAEncryption
14:0d:82:78:2f:d1:d5:a0:2e:29:0e:ff:cd:04:52:92:38:b1:
b1:02:85:c9:6a:ab:20:00:34:74:4d:bb:dc:f3:25:25:6d:b7:
ff:57:42:a9:8d:d6:69:9d:53:36:07:80:91:a7:b6:55:ef:ed:
7a:bc:0c:20:19:3f:b8:de:e1:1a:ed:6e:d0:f7:29:3d:62:40:
f2:ae:8b:88:47:ae:1f:88:14:19:78:1e:09:a2:64:51:db:1c:
66:13:c5:88:ef:14:90:5f:b3:09:b3:d3:a9:76:73:59:94:29:
5a:e0:5d:3b:fe:37:34:15:9f:69:aa:0b:e2:59:89:0d:08:c6:
18:d9:e8:12:8f:7c:a3:9e:d8:34:42:c7:27:27:e7:76:af:4c:
fb:d6:7a:e9:04:b0:bf:19:d0:e0:31:81:60:b1:a6:bd:34:74:
34:2e:1c:7b:ff:c0:e6:28:d4:84:ce:0a:e1:1d:be:e1:3b:e7:
9e:35:2a:59:8e:8c:16:87:cd:3a:fc:b4:42:90:1b:81:6b:2e:
5c:db:70:35:6d:c3:fd:81:15:79:f0:54:44:63:f6:ab:0b:4a:
31:5d:bf:1c:79:4a:0a:55:1f:6f:c3:23:ab:7f:8d:c0:0f:1a:
98:1f:83:b5:dd:5a:8f:ba:00:28:dd:ab:ce:e9:05:06:42:23:
2f:56:95:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhvwqATZ9V5Bj7SSUKAPSk8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNTMxMDMwMzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWNiMGUxY2FiYjA2N2Q0MWJjY2VlYmNiMmRiYTQ1YTFmZWJhYmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlQHMSO0daleySHG5/YPE9Q1uFqF
W+oS91tK/mH+oIr5dnhggB1lSSI9CoC8A/DDIJYkG5Lti6G9DX0XaagErdr3WTcT
O0PcNZcdWglZAzqI7LjTqAxFPmFLaPMfJpnziiwh60FaCBcMxxMFe6PNIJ/tTc1b
CJUQ7qe6DnjRuPRrZrp7a80OehgTco+qcQK74jMi3jzGtoynLz4/OMHUH9W+hNHU
mkna79Yh/OrKvFkUg2QBMAAFmjC0PHYEKpHuvX75OlghFjRMloReCbSUj2goWPCl
BM3rW8s33zfDmvrRmNvcksMC29CZB6CNPevBIxGm+S+UzCARir1ivnYc5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDrLDhyrsGfUG8zuvLLbpFof66v1MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvT3NzT0hLdXdaOVFiek82OHN0dWtXaF9ycV9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXopMA0G
CSqGSIb3DQEBCwUAA4IBAQAUDYJ4L9HVoC4pDv/NBFKSOLGxAoXJaqsgADR0Tbvc
8yUlbbf/V0KpjdZpnVM2B4CRp7ZV7+16vAwgGT+43uEa7W7Q9yk9YkDyrouIR64f
iBQZeB4JomRR2xxmE8WI7xSQX7MJs9OpdnNZlCla4F07/jc0FZ9pqgviWYkNCMYY
2egSj3yjntg0QscnJ+d2r0z71nrpBLC/GdDgMYFgsaa9NHQ0Lhx7/8DmKNSEzgrh
Hb7hO+eeNSpZjowWh806/LRCkBuBay5c23A1bcP9gRV58FREY/arC0oxXb8ceUoK
VR9vwyOrf43ADxqYH4O13VqPugAo3avO6QUGQiMvVpUG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org