Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/Ovr9F6ZzV08hYLu-tx9DnTcVhFQ.roa
File: Ovr9F6ZzV08hYLu-tx9DnTcVhFQ.roa (raw, json)
Hash identifier: RJsMbTskJMlzohCThHx3SHyvLKdmPgAiJI0+Awp6QZw=
Subject key identifier: 3A:FA:FD:17:A6:73:57:4F:21:60:BB:BE:B7:1F:43:9D:37:15:84:54
Certificate issuer: /CN=be604ff35a29c91156be4bd229b3baf77c8397bd
Certificate serial: 018A0801B84AEC22210774C873ABC47EB6C8
Authority key identifier: BE:60:4F:F3:5A:29:C9:11:56:BE:4B:D2:29:B3:BA:F7:7C:83:97:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vmBP81opyRFWvkvSKbO693yDl70.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/Ovr9F6ZzV08hYLu-tx9DnTcVhFQ.roa
Signing time: Fri 18 Aug 2023 09:37:24 +0000
ROA not before: Fri 18 Aug 2023 09:37:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208795
IP address blocks: 5.35.104.0/21 maxlen: 24
2a07:aa40::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:08:01:b8:4a:ec:22:21:07:74:c8:73:ab:c4:7e:b6:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be604ff35a29c91156be4bd229b3baf77c8397bd
Validity
Not Before: Aug 18 09:37:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3afafd17a673574f2160bbbeb71f439d37158454
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f0:ac:cc:7c:22:bd:27:97:34:ed:c2:93:1d:
e1:25:6e:a2:ce:2b:21:69:30:65:f1:d9:c1:f1:97:
5d:54:79:14:0e:db:e2:43:dc:c3:19:28:71:8a:37:
a3:e6:14:31:d6:97:a7:98:a6:d6:26:01:72:dc:30:
0e:72:f1:f2:33:c3:31:ee:48:1f:2e:52:e5:d2:36:
2b:99:37:a7:7b:c1:5a:1a:9a:5a:e3:df:e5:6a:21:
db:a2:af:45:5a:d7:71:1f:96:75:dd:c4:fd:a0:ee:
f4:6b:95:e1:6a:a5:0d:20:a9:8c:90:97:d0:22:89:
21:c2:67:6f:53:74:3a:82:a7:51:60:34:29:a8:42:
3f:4f:51:40:1e:32:d0:0c:7f:f7:88:2f:e7:e6:82:
79:9b:4c:8e:df:53:29:b3:1c:12:50:c3:d6:d1:35:
ea:7f:89:94:97:8c:ab:fe:84:c4:a9:fc:00:1a:86:
5e:71:ba:c7:23:c9:24:05:f5:8f:9e:bc:18:36:3a:
b8:ab:a9:2c:c0:3c:9e:61:40:c6:78:fb:29:bc:f8:
b0:6e:d4:3d:14:dc:ea:4e:8f:e8:3a:72:51:8e:ff:
3b:be:49:63:34:80:a8:c7:ae:2d:a4:4f:38:77:a8:
08:cd:3d:7d:ba:5d:83:f1:e5:5c:6e:7c:24:a7:79:
58:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:FA:FD:17:A6:73:57:4F:21:60:BB:BE:B7:1F:43:9D:37:15:84:54
X509v3 Authority Key Identifier:
keyid:BE:60:4F:F3:5A:29:C9:11:56:BE:4B:D2:29:B3:BA:F7:7C:83:97:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vmBP81opyRFWvkvSKbO693yDl70.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/Ovr9F6ZzV08hYLu-tx9DnTcVhFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.104.0/21
IPv6:
2a07:aa40::/29
Signature Algorithm: sha256WithRSAEncryption
48:1d:c5:3f:87:bc:37:67:ee:bd:e5:3b:72:ba:73:09:80:d0:
59:4a:72:50:32:cb:45:66:c7:5b:de:32:11:3b:8a:2a:46:7c:
8d:d3:7f:b5:c6:cf:bf:d6:4e:a8:3b:e4:d0:f1:91:ce:98:95:
1b:87:37:43:67:22:f5:fd:ac:fc:fe:9c:e5:64:7f:c4:b7:16:
5a:7d:1f:e6:4c:51:c6:48:1f:b7:92:34:71:ca:64:9f:7e:90:
c0:03:24:6d:8e:af:72:d6:28:aa:3f:64:5b:d0:92:65:0f:57:
82:15:1d:7d:41:0b:8e:60:a5:b9:ff:0e:11:3b:99:05:f9:53:
60:89:b5:a0:ca:f4:e3:16:db:a9:e9:79:a7:47:ba:e4:d4:9c:
df:3e:75:a0:4e:3b:1d:b2:8c:2f:2c:0f:e8:39:25:6e:f4:30:
de:3a:d6:c7:2b:8c:6e:69:df:4d:70:02:3b:87:95:06:57:16:
0a:df:33:5b:63:9b:9d:e7:4d:8a:82:3b:04:2c:a3:6e:ca:7a:
fd:2d:1c:f3:50:7e:ec:b6:a3:2a:da:de:fa:f4:fc:4c:32:94:
a8:1c:ff:84:e9:da:9c:ff:32:2c:7f:4e:74:65:7c:f8:4d:34:
9f:24:41:91:81:37:08:d0:14:e1:20:a2:9e:07:d3:7b:ab:81:
b3:34:68:6c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYoIAbhK7CIhB3TIc6vEfrbIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNjA0ZmYzNWEyOWM5MTE1NmJlNGJkMjI5YjNiYWY3N2M4
Mzk3YmQwHhcNMjMwODE4MDkzNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWZhZmQxN2E2NzM1NzRmMjE2MGJiYmViNzFmNDM5ZDM3MTU4NDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvCszHwivSeXNO3Ckx3hJW6izish
aTBl8dnB8ZddVHkUDtviQ9zDGShxijej5hQx1penmKbWJgFy3DAOcvHyM8Mx7kgf
LlLl0jYrmTene8FaGppa49/laiHboq9FWtdxH5Z13cT9oO70a5XhaqUNIKmMkJfQ
IokhwmdvU3Q6gqdRYDQpqEI/T1FAHjLQDH/3iC/n5oJ5m0yO31MpsxwSUMPW0TXq
f4mUl4yr/oTEqfwAGoZecbrHI8kkBfWPnrwYNjq4q6kswDyeYUDGePspvPiwbtQ9
FNzqTo/oOnJRjv87vkljNICox64tpE84d6gIzT19ul2D8eVcbnwkp3lYbQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDr6/Remc1dPIWC7vrcfQ503FYRUMB8GA1UdIwQY
MBaAFL5gT/NaKckRVr5L0imzuvd8g5e9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm1CUDgxb3B5UkZXdmt2U0tiTzY5M3lEbDcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lODQ5YmItMTMwNC00NGVhLTgzOGYt
MWEzOWMzZDM0ZjA4LzEvT3ZyOUY2WnpWMDhoWUx1LXR4OURuVGNWaEZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lODQ5YmItMTMwNC00NGVhLTgzOGYtMWEzOWMzZDM0ZjA4
LzEvdm1CUDgxb3B5UkZXdmt2U0tiTzY5M3lEbDcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDBSNoMA0E
AgACMAcDBQMqB6pAMA0GCSqGSIb3DQEBCwUAA4IBAQBIHcU/h7w3Z+695TtyunMJ
gNBZSnJQMstFZsdb3jIRO4oqRnyN03+1xs+/1k6oO+TQ8ZHOmJUbhzdDZyL1/az8
/pzlZH/EtxZafR/mTFHGSB+3kjRxymSffpDAAyRtjq9y1iiqP2Rb0JJlD1eCFR19
QQuOYKW5/w4RO5kF+VNgibWgyvTjFtup6XmnR7rk1JzfPnWgTjsdsowvLA/oOSVu
9DDeOtbHK4xuad9NcAI7h5UGVxYK3zNbY5ud502KgjsELKNuynr9LRzzUH7stqMq
2t769PxMMpSoHP+E6dqc/zIsf050ZXz4TTSfJEGRgTcI0BThIKKeB9N7q4GzNGhs
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:05 2024 by rpki-client on console-ams.rpki-client.org