Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/0689ea-cdd9-4790-9f9b-c0f9d087fc10/1/OlXll9pNvbDv35HgYYOM4_UUFtc.roa
File: OlXll9pNvbDv35HgYYOM4_UUFtc.roa (raw, json)
Hash identifier: q9G7+4rtjlixLBBTmD9Wpq+sl6TvUlh4vv6woNw7Ya8=
Subject key identifier: 3A:55:E5:97:DA:4D:BD:B0:EF:DF:91:E0:61:83:8C:E3:F5:14:16:D7
Certificate issuer: /CN=e443fc203f706f9731412761b27a1a4b395cfc1e
Certificate serial: 01856DE661FE4F8B5C1A06DE83E815F432D5
Authority key identifier: E4:43:FC:20:3F:70:6F:97:31:41:27:61:B2:7A:1A:4B:39:5C:FC:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5EP8ID9wb5cxQSdhsnoaSzlc_B4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/0689ea-cdd9-4790-9f9b-c0f9d087fc10/1/OlXll9pNvbDv35HgYYOM4_UUFtc.roa
Signing time: Sun 01 Jan 2023 15:14:52 +0000
ROA not before: Sun 01 Jan 2023 15:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203646
IP address blocks: 185.128.72.0/22 maxlen: 22
87.239.64.0/21 maxlen: 21
2a03:9aa0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:61:fe:4f:8b:5c:1a:06:de:83:e8:15:f4:32:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e443fc203f706f9731412761b27a1a4b395cfc1e
Validity
Not Before: Jan 1 15:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a55e597da4dbdb0efdf91e061838ce3f51416d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:5d:89:bd:2f:c9:9e:96:51:4b:75:a7:21:45:
05:aa:e6:49:56:c5:f9:d5:e0:cc:08:c3:a4:1a:3e:
03:29:c9:ea:a3:37:d2:55:35:41:3b:87:e6:30:14:
86:05:84:82:91:d2:9b:b5:3b:26:e8:6d:bd:a0:ed:
10:25:9b:87:78:ed:16:9a:fb:81:a7:91:97:30:11:
81:8d:c8:56:49:e3:1a:6f:d6:89:fa:69:fa:6d:68:
8d:00:2e:1b:bb:29:25:fe:d1:19:8b:22:6e:20:a4:
cb:af:50:41:99:39:41:3c:34:a4:19:76:39:a0:65:
cf:9b:c1:1e:6e:77:8e:da:2b:c4:80:59:fc:fd:52:
07:08:3e:2e:0b:81:0a:db:f6:db:60:ce:42:22:d5:
fc:c0:17:c0:28:16:52:94:42:d9:17:bd:ea:a9:72:
aa:a4:cb:53:b8:b6:ed:6b:c7:47:c5:cb:f2:3d:da:
72:5a:f2:da:a0:2e:15:e9:1f:01:1d:e6:0e:9f:0e:
f8:9c:17:1b:f6:c6:dd:64:13:5d:69:5d:c4:de:1d:
99:c9:aa:d6:d3:4c:15:3b:a2:f8:21:02:35:70:93:
d6:99:1f:b5:4e:24:fb:83:5a:4f:48:be:83:ac:87:
14:19:73:fe:16:8f:f8:fe:3f:fb:71:e7:15:33:46:
c9:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:55:E5:97:DA:4D:BD:B0:EF:DF:91:E0:61:83:8C:E3:F5:14:16:D7
X509v3 Authority Key Identifier:
keyid:E4:43:FC:20:3F:70:6F:97:31:41:27:61:B2:7A:1A:4B:39:5C:FC:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5EP8ID9wb5cxQSdhsnoaSzlc_B4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/0689ea-cdd9-4790-9f9b-c0f9d087fc10/1/OlXll9pNvbDv35HgYYOM4_UUFtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/0689ea-cdd9-4790-9f9b-c0f9d087fc10/1/5EP8ID9wb5cxQSdhsnoaSzlc_B4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.64.0/21
185.128.72.0/22
IPv6:
2a03:9aa0::/32
Signature Algorithm: sha256WithRSAEncryption
8b:22:b3:46:4e:e0:87:b9:fa:8a:26:e6:50:6f:6e:0c:76:a3:
eb:50:16:81:e1:da:6f:63:ac:90:39:06:08:45:ce:13:3e:c1:
44:65:41:de:e2:bd:4c:a6:d9:06:fa:9e:d6:f5:9e:33:3b:bd:
af:d0:36:27:26:2f:d8:8d:f4:67:12:66:0b:ed:49:79:6d:30:
44:9b:1c:a8:fb:cb:7a:ae:e1:56:8b:70:68:c4:54:2a:b3:47:
cd:82:4a:61:33:4e:4c:29:46:0b:46:cd:32:48:cc:50:f8:5e:
65:7f:7d:6a:59:15:bc:74:03:6f:6e:5b:2f:5c:55:99:04:31:
0b:ac:01:ca:a0:9e:7a:bd:f6:59:08:df:3e:05:7b:39:20:57:
bc:57:1e:09:9d:02:af:75:5a:64:ac:f1:e1:ee:a0:ce:d3:e7:
f4:84:aa:a7:4d:82:db:a6:45:a3:92:9b:b6:8f:85:8a:4a:49:
e2:59:8f:1b:eb:76:56:3f:e5:64:2a:02:df:0f:f8:aa:69:6a:
88:12:92:ff:0b:46:1d:61:7b:af:8a:03:fb:db:93:c0:c2:1b:
88:cf:fa:6a:7e:18:27:a1:ae:8c:23:97:19:86:ed:f9:da:07:
51:92:48:f5:38:81:08:72:19:39:83:8b:51:8c:21:e7:7a:52:
15:3d:0b:30
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVt5mH+T4tcGgbeg+gV9DLVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0NDNmYzIwM2Y3MDZmOTczMTQxMjc2MWIyN2ExYTRiMzk1
Y2ZjMWUwHhcNMjMwMTAxMTUxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTU1ZTU5N2RhNGRiZGIwZWZkZjkxZTA2MTgzOGNlM2Y1MTQxNmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjl2JvS/JnpZRS3WnIUUFquZJVsX5
1eDMCMOkGj4DKcnqozfSVTVBO4fmMBSGBYSCkdKbtTsm6G29oO0QJZuHeO0WmvuB
p5GXMBGBjchWSeMab9aJ+mn6bWiNAC4buykl/tEZiyJuIKTLr1BBmTlBPDSkGXY5
oGXPm8EebneO2ivEgFn8/VIHCD4uC4EK2/bbYM5CItX8wBfAKBZSlELZF73qqXKq
pMtTuLbta8dHxcvyPdpyWvLaoC4V6R8BHeYOnw74nBcb9sbdZBNdaV3E3h2ZyarW
00wVO6L4IQI1cJPWmR+1TiT7g1pPSL6DrIcUGXP+Fo/4/j/7cecVM0bJaQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDpV5ZfaTb2w79+R4GGDjOP1FBbXMB8GA1UdIwQY
MBaAFORD/CA/cG+XMUEnYbJ6Gks5XPweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUVQOElEOXdiNWN4UVNkaHNub2FTemxjX0I0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8wNjg5ZWEtY2RkOS00NzkwLTlmOWIt
YzBmOWQwODdmYzEwLzEvT2xYbGw5cE52YkR2MzVIZ1lZT000X1VVRnRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8wNjg5ZWEtY2RkOS00NzkwLTlmOWItYzBmOWQwODdmYzEw
LzEvNUVQOElEOXdiNWN4UVNkaHNub2FTemxjX0I0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDV+9AAwQC
uYBIMA0EAgACMAcDBQAqA5qgMA0GCSqGSIb3DQEBCwUAA4IBAQCLIrNGTuCHufqK
JuZQb24MdqPrUBaB4dpvY6yQOQYIRc4TPsFEZUHe4r1MptkG+p7W9Z4zO72v0DYn
Ji/YjfRnEmYL7Ul5bTBEmxyo+8t6ruFWi3BoxFQqs0fNgkphM05MKUYLRs0ySMxQ
+F5lf31qWRW8dANvblsvXFWZBDELrAHKoJ56vfZZCN8+BXs5IFe8Vx4JnQKvdVpk
rPHh7qDO0+f0hKqnTYLbpkWjkpu2j4WKSkniWY8b63ZWP+VkKgLfD/iqaWqIEpL/
C0YdYXuvigP725PAwhuIz/pqfhgnoa6MI5cZhu352gdRkkj1OIEIchk5g4tRjCHn
elIVPQsw
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:53 2024 by rpki-client on console-ams.rpki-client.org