Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/e00d1e-4a18-4956-82a4-190a5c8d9d95/1/0oes-wpGYGICxBeBTqA_GyKQcIo.roa
File: 0oes-wpGYGICxBeBTqA_GyKQcIo.roa (raw, json)
Hash identifier: p+TUCcm47SJ9glbCmhepUrZQQl/Tq0ayWBj3g5Jbs5Q=
Subject key identifier: D2:87:AC:FB:0A:46:60:62:02:C4:17:81:4E:A0:3F:1B:22:90:70:8A
Certificate issuer: /CN=90afdcff7de3a65947631f92c67e272767194478
Certificate serial: 01856B8A0E0F20626A00F541E2DE882923F9
Authority key identifier: 90:AF:DC:FF:7D:E3:A6:59:47:63:1F:92:C6:7E:27:27:67:19:44:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kK_c_33jpllHYx-Sxn4nJ2cZRHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/e00d1e-4a18-4956-82a4-190a5c8d9d95/1/0oes-wpGYGICxBeBTqA_GyKQcIo.roa
Signing time: Sun 01 Jan 2023 04:14:47 +0000
ROA not before: Sun 01 Jan 2023 04:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199441
IP address blocks: 195.192.236.0/22 maxlen: 24
185.14.128.0/23 maxlen: 24
185.14.130.0/24 maxlen: 24
185.14.131.0/24 maxlen: 24
2a03:a240:2::/48 maxlen: 48
2a03:a240::/47 maxlen: 48
2a03:a240:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:8a:0e:0f:20:62:6a:00:f5:41:e2:de:88:29:23:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90afdcff7de3a65947631f92c67e272767194478
Validity
Not Before: Jan 1 04:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d287acfb0a46606202c417814ea03f1b2290708a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d1:dd:6b:a9:a4:f6:76:f5:16:c3:ad:a2:91:
05:9d:9e:e3:32:c6:d9:34:93:ab:7b:96:16:8b:ed:
d3:fa:ca:43:a6:4d:9c:b2:a6:01:40:25:f4:8a:c9:
35:df:c4:33:17:3d:da:75:32:45:c8:72:00:bd:25:
f8:43:f4:4f:61:05:35:d1:c5:c1:ef:c3:93:1d:72:
be:3f:da:9b:a0:66:5f:65:1b:a6:dd:45:68:f9:74:
cd:3f:8c:73:35:72:22:de:1d:f7:b3:cc:e3:fc:0f:
c1:e5:60:bc:6a:b9:b6:9f:fe:69:6c:e2:6b:fa:21:
69:b6:eb:2f:f1:2b:9c:73:f4:09:b9:d4:9a:db:15:
b9:0f:da:34:df:ed:9e:5d:89:0b:0e:3d:b1:63:e2:
9e:e5:f6:0f:41:ac:d5:c6:5d:93:59:9c:69:e8:42:
2b:86:98:cd:47:7b:fc:a1:f5:4b:c3:f7:27:32:1c:
ea:96:f0:04:46:77:20:5f:5f:ae:15:ff:8d:65:35:
5c:d8:33:c4:5b:82:b3:10:4f:3f:17:d9:8f:39:69:
e7:49:e6:1c:60:d4:e7:9b:d0:9c:bb:b6:35:88:25:
f0:84:b6:d2:9c:97:b9:8a:aa:8b:a7:ee:8d:cd:45:
9e:fd:86:73:96:23:14:91:4b:ff:df:9c:05:50:1e:
46:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:87:AC:FB:0A:46:60:62:02:C4:17:81:4E:A0:3F:1B:22:90:70:8A
X509v3 Authority Key Identifier:
keyid:90:AF:DC:FF:7D:E3:A6:59:47:63:1F:92:C6:7E:27:27:67:19:44:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kK_c_33jpllHYx-Sxn4nJ2cZRHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/e00d1e-4a18-4956-82a4-190a5c8d9d95/1/0oes-wpGYGICxBeBTqA_GyKQcIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/e00d1e-4a18-4956-82a4-190a5c8d9d95/1/kK_c_33jpllHYx-Sxn4nJ2cZRHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.128.0/22
195.192.236.0/22
IPv6:
2a03:a240::/46
Signature Algorithm: sha256WithRSAEncryption
5a:33:f9:b0:90:0d:b1:46:5e:4c:5d:8a:a4:68:14:c3:2c:9c:
be:4b:3f:24:a7:ce:3f:be:b9:d1:51:09:bd:4b:19:1b:ff:10:
67:2e:96:97:16:9b:29:46:7b:5a:80:9b:fd:73:6b:8a:14:f8:
20:90:e1:fd:e6:f8:ac:f0:9a:4d:ae:f8:2a:3e:94:a5:8b:f2:
dd:08:6a:43:c2:4b:b1:04:8c:2a:dd:52:72:c5:70:84:97:65:
0b:09:c1:a6:c6:4b:e8:2f:b8:f2:08:3b:ab:19:c8:2c:c9:b9:
35:a2:35:2b:2c:a1:43:1c:95:02:9f:66:1d:67:2d:09:26:69:
b4:26:cb:0d:2c:3d:92:98:39:9e:4b:e4:18:b2:32:41:37:4a:
b3:2f:14:a2:62:02:5c:27:71:2a:0c:db:ea:31:3d:8a:f8:d9:
bc:87:40:9d:c7:f9:24:4f:72:d2:59:f4:dd:dd:8b:3d:b9:fe:
fa:7a:df:ec:59:0c:e2:b2:c2:a0:2f:3c:46:a2:f5:00:5f:cb:
31:4f:fc:3d:d5:48:d4:35:c8:f9:08:6d:bd:5b:4e:38:f0:01:
30:ec:eb:ed:d0:4e:49:7f:d9:c3:77:d4:2e:37:d6:3c:08:a5:
33:b0:58:d6:07:ed:ec:6b:79:5f:f7:f1:6e:b2:7f:31:72:c9:
d7:c2:47:7e
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVrig4PIGJqAPVB4t6IKSP5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYWZkY2ZmN2RlM2E2NTk0NzYzMWY5MmM2N2UyNzI3Njcx
OTQ0NzgwHhcNMjMwMTAxMDQxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjg3YWNmYjBhNDY2MDYyMDJjNDE3ODE0ZWEwM2YxYjIyOTA3MDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNHda6mk9nb1FsOtopEFnZ7jMsbZ
NJOre5YWi+3T+spDpk2csqYBQCX0isk138QzFz3adTJFyHIAvSX4Q/RPYQU10cXB
78OTHXK+P9qboGZfZRum3UVo+XTNP4xzNXIi3h33s8zj/A/B5WC8arm2n/5pbOJr
+iFptusv8Succ/QJudSa2xW5D9o03+2eXYkLDj2xY+Ke5fYPQazVxl2TWZxp6EIr
hpjNR3v8ofVLw/cnMhzqlvAERncgX1+uFf+NZTVc2DPEW4KzEE8/F9mPOWnnSeYc
YNTnm9Ccu7Y1iCXwhLbSnJe5iqqLp+6NzUWe/YZzliMUkUv/35wFUB5GpwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNKHrPsKRmBiAsQXgU6gPxsikHCKMB8GA1UdIwQY
MBaAFJCv3P9946ZZR2MfksZ+JydnGUR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0tfY18zM2pwbGxIWXgtU3huNG5KMmNaUkhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9lMDBkMWUtNGExOC00OTU2LTgyYTQt
MTkwYTVjOGQ5ZDk1LzEvMG9lcy13cEdZR0lDeEJlQlRxQV9HeUtRY0lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9lMDBkMWUtNGExOC00OTU2LTgyYTQtMTkwYTVjOGQ5ZDk1
LzEva0tfY18zM2pwbGxIWXgtU3huNG5KMmNaUkhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCuQ6AAwQC
w8DsMA8EAgACMAkDBwIqA6JAAAAwDQYJKoZIhvcNAQELBQADggEBAFoz+bCQDbFG
XkxdiqRoFMMsnL5LPySnzj++udFRCb1LGRv/EGculpcWmylGe1qAm/1za4oU+CCQ
4f3m+Kzwmk2u+Co+lKWL8t0IakPCS7EEjCrdUnLFcISXZQsJwabGS+gvuPIIO6sZ
yCzJuTWiNSssoUMclQKfZh1nLQkmabQmyw0sPZKYOZ5L5BiyMkE3SrMvFKJiAlwn
cSoM2+oxPYr42byHQJ3H+SRPctJZ9N3diz25/vp63+xZDOKywqAvPEai9QBfyzFP
/D3VSNQ1yPkIbb1bTjjwATDs6+3QTkl/2cN31C431jwIpTOwWNYH7exreV/38W6y
fzFyydfCR34=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:08 2024 by rpki-client on console-fra.rpki-client.org