Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/O2Qyi-D8YZZ6vtDC4kQD1zXhK7Q.roa
File: O2Qyi-D8YZZ6vtDC4kQD1zXhK7Q.roa (raw, json)
Hash identifier: 39cPGIDkwQs7IKax9NQwGdzd2Yenz5DFyjey8Dhs8fk=
Subject key identifier: 3B:64:32:8B:E0:FC:61:96:7A:BE:D0:C2:E2:44:03:D7:35:E1:2B:B4
Certificate issuer: /CN=c946c4befe0fbbe3624bd748296b5fe2e7ec2d68
Certificate serial: 0185728378A5E8310AD278854DBA865B1128
Authority key identifier: C9:46:C4:BE:FE:0F:BB:E3:62:4B:D7:48:29:6B:5F:E2:E7:EC:2D:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yUbEvv4Pu-NiS9dIKWtf4ufsLWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/O2Qyi-D8YZZ6vtDC4kQD1zXhK7Q.roa
Signing time: Mon 02 Jan 2023 12:44:56 +0000
ROA not before: Mon 02 Jan 2023 12:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58007
IP address blocks: 194.8.28.0/24 maxlen: 24
2a13:4380::/32 maxlen: 64
Validation: Failed, certificate revoked on Mon 01 May 2023 19:21:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:83:78:a5:e8:31:0a:d2:78:85:4d:ba:86:5b:11:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c946c4befe0fbbe3624bd748296b5fe2e7ec2d68
Validity
Not Before: Jan 2 12:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b64328be0fc61967abed0c2e24403d735e12bb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ca:c5:e5:c6:00:8f:03:82:2e:12:5e:71:33:
14:36:39:e2:e7:b9:8a:aa:f8:bb:31:1f:23:3e:d4:
b1:fd:84:ed:b9:ce:40:f7:bc:96:bc:1c:5d:30:3c:
9e:dc:b2:22:f1:19:d2:4a:62:31:17:78:a6:08:28:
ab:a2:dd:ab:74:66:74:4d:bc:73:3e:ab:83:d9:ea:
3a:9e:dd:25:c2:95:20:18:28:01:5d:38:6e:14:f9:
ec:b8:06:54:50:6a:9d:35:9b:a4:48:c6:35:9b:b0:
af:78:84:c4:ae:5f:56:77:f7:c3:e1:b9:1c:9d:cd:
b2:c8:5a:35:46:c3:0f:03:07:f1:97:17:fb:36:a4:
9b:3e:e9:db:46:30:f6:d1:89:10:ef:94:ce:ae:8b:
ce:f2:be:56:8d:e3:0a:49:1c:98:c7:b5:6f:c3:b1:
f9:f6:2c:10:ce:23:48:d8:b7:91:f1:f2:44:de:42:
e6:49:a2:cc:d0:0e:30:13:02:a4:e3:87:46:31:3c:
2e:7e:34:0d:88:bb:1d:ce:e4:8c:a0:fa:9d:47:75:
4f:90:92:9f:15:73:65:a9:78:ed:50:bf:6d:fe:7c:
86:74:3c:44:47:b8:10:0a:c9:2a:ca:e0:cb:eb:da:
77:83:55:7d:e9:2e:96:38:9e:45:c2:7f:65:53:7a:
65:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:64:32:8B:E0:FC:61:96:7A:BE:D0:C2:E2:44:03:D7:35:E1:2B:B4
X509v3 Authority Key Identifier:
keyid:C9:46:C4:BE:FE:0F:BB:E3:62:4B:D7:48:29:6B:5F:E2:E7:EC:2D:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yUbEvv4Pu-NiS9dIKWtf4ufsLWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/O2Qyi-D8YZZ6vtDC4kQD1zXhK7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/yUbEvv4Pu-NiS9dIKWtf4ufsLWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.8.28.0/24
IPv6:
2a13:4380::/32
Signature Algorithm: sha256WithRSAEncryption
02:fc:1a:21:91:ef:11:43:a2:95:37:59:db:f9:1d:94:1e:59:
7f:37:60:13:13:4f:51:f7:3e:c8:30:d6:a9:b3:9d:62:14:f7:
8e:d2:54:a6:05:28:36:51:52:8f:9e:87:f6:12:cb:17:64:f8:
01:81:98:df:04:e7:6e:39:c3:e9:c6:c0:a8:f0:f3:18:2b:0d:
35:a5:76:43:e3:3f:d6:63:dd:90:b7:aa:49:1f:26:53:f8:f6:
4c:46:17:94:60:cb:6a:0a:ab:5f:04:5f:c8:53:95:1f:42:8f:
f3:e2:27:7c:16:62:42:ad:40:25:88:5c:92:4b:64:71:79:3b:
4c:02:1c:53:bc:07:b1:51:72:c8:24:25:cd:45:58:aa:db:81:
df:1e:b2:87:62:75:5d:bb:75:21:d1:4d:6b:5b:fe:0e:ae:88:
b5:5c:0f:62:d9:cc:ea:18:71:8d:df:c4:e9:e8:0c:bd:99:55:
ea:5e:1d:cf:41:d0:62:07:42:45:8e:17:ca:20:13:8e:2c:43:
75:0c:0b:69:04:39:79:2d:9a:15:e6:69:88:5f:6b:b4:ff:e4:
ef:34:8c:75:ee:c5:e0:33:32:77:64:59:cc:9a:93:d5:8e:f0:
d4:47:c2:5e:a3:c1:9c:86:8d:64:a5:97:d8:6e:6f:20:b6:c2:
33:4b:52:ff
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyg3il6DEK0niFTbqGWxEoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5NDZjNGJlZmUwZmJiZTM2MjRiZDc0ODI5NmI1ZmUyZTdl
YzJkNjgwHhcNMjMwMTAyMTI0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjY0MzI4YmUwZmM2MTk2N2FiZWQwYzJlMjQ0MDNkNzM1ZTEyYmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsrF5cYAjwOCLhJecTMUNjni57mK
qvi7MR8jPtSx/YTtuc5A97yWvBxdMDye3LIi8RnSSmIxF3imCCirot2rdGZ0Tbxz
PquD2eo6nt0lwpUgGCgBXThuFPnsuAZUUGqdNZukSMY1m7CveITErl9Wd/fD4bkc
nc2yyFo1RsMPAwfxlxf7NqSbPunbRjD20YkQ75TOrovO8r5WjeMKSRyYx7Vvw7H5
9iwQziNI2LeR8fJE3kLmSaLM0A4wEwKk44dGMTwufjQNiLsdzuSMoPqdR3VPkJKf
FXNlqXjtUL9t/nyGdDxER7gQCskqyuDL69p3g1V96S6WOJ5Fwn9lU3pl6QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDtkMovg/GGWer7QwuJEA9c14Su0MB8GA1UdIwQY
MBaAFMlGxL7+D7vjYkvXSClrX+Ln7C1oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVViRXZ2NFB1LU5pUzlkSUtXdGY0dWZzTFdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9mMmQ5ZTktZWVmZi00NjMzLWExODkt
NmJiYjI3MDgxZGUyLzEvTzJReWktRDhZWlo2dnREQzRrUUQxelhoSzdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9mMmQ5ZTktZWVmZi00NjMzLWExODktNmJiYjI3MDgxZGUy
LzEveVViRXZ2NFB1LU5pUzlkSUtXdGY0dWZzTFdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwggcMA0E
AgACMAcDBQAqE0OAMA0GCSqGSIb3DQEBCwUAA4IBAQAC/Bohke8RQ6KVN1nb+R2U
Hll/N2ATE09R9z7IMNaps51iFPeO0lSmBSg2UVKPnof2EssXZPgBgZjfBOduOcPp
xsCo8PMYKw01pXZD4z/WY92Qt6pJHyZT+PZMRheUYMtqCqtfBF/IU5UfQo/z4id8
FmJCrUAliFySS2RxeTtMAhxTvAexUXLIJCXNRViq24HfHrKHYnVdu3Uh0U1rW/4O
roi1XA9i2czqGHGN38Tp6Ay9mVXqXh3PQdBiB0JFjhfKIBOOLEN1DAtpBDl5LZoV
5mmIX2u0/+TvNIx17sXgMzJ3ZFnMmpPVjvDUR8Jeo8Gcho1kpZfYbm8gtsIzS1L/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:08 2024 by rpki-client on console-ams.rpki-client.org