Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/b27d45-08cc-47a1-ac5a-5f4836083a30/1/Oa5Yi8jBFWiLXE4jEecRQp-bnes.roa
File: Oa5Yi8jBFWiLXE4jEecRQp-bnes.roa (raw, json)
Hash identifier: 1VCphk4H6xly9SeK2CuSB4KHenc573xZry9Rze6ijUE=
Subject key identifier: 39:AE:58:8B:C8:C1:15:68:8B:5C:4E:23:11:E7:11:42:9F:9B:9D:EB
Certificate issuer: /CN=52056867e4d2885e99b549ed6fb786330adf8f44
Certificate serial: 01856C65C02964FCCBB7D661B73FC1EB11A2
Authority key identifier: 52:05:68:67:E4:D2:88:5E:99:B5:49:ED:6F:B7:86:33:0A:DF:8F:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UgVoZ-TSiF6ZtUntb7eGMwrfj0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/b27d45-08cc-47a1-ac5a-5f4836083a30/1/Oa5Yi8jBFWiLXE4jEecRQp-bnes.roa
Signing time: Sun 01 Jan 2023 08:14:45 +0000
ROA not before: Sun 01 Jan 2023 08:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 195.93.178.0/23 maxlen: 24
178.239.128.0/20 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:c0:29:64:fc:cb:b7:d6:61:b7:3f:c1:eb:11:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52056867e4d2885e99b549ed6fb786330adf8f44
Validity
Not Before: Jan 1 08:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39ae588bc8c115688b5c4e2311e711429f9b9deb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e0:a5:2c:4c:58:0b:8b:dd:61:72:3c:40:56:
48:fd:0a:91:5a:79:10:3f:fa:36:ad:55:39:48:d0:
35:70:40:79:77:ab:ba:c4:3f:4a:22:db:cc:1a:33:
e3:27:e5:95:d5:d9:1e:63:e9:45:18:43:e0:13:88:
7c:9a:96:81:02:4c:ba:d1:9d:35:33:85:9f:b8:39:
5c:76:05:af:83:ae:84:fa:f0:49:4c:4d:7a:2b:28:
a8:2e:c2:d2:db:b0:0c:9b:b2:49:42:1a:2c:e3:f6:
9c:4b:fa:49:4e:c3:a7:e2:a0:21:45:64:16:c2:91:
47:e3:01:8d:96:30:62:08:d8:73:a1:56:8e:08:8d:
b3:9e:38:5e:fc:42:fb:83:0e:15:2c:2e:72:e2:2e:
34:c1:bb:bb:4d:7b:2d:c1:9b:11:35:ed:49:dc:84:
75:85:30:f1:79:13:5f:1d:75:a4:ad:4e:b6:15:7a:
5f:1c:30:c7:ec:8a:b4:f8:cb:96:90:58:59:2e:d4:
ae:8a:54:c0:ff:a3:5e:34:05:3d:d3:9f:88:24:ea:
f3:e2:83:c5:49:cd:a0:e1:f4:00:9e:19:2a:7e:7f:
76:8c:8a:1a:31:51:e1:59:7b:7b:0d:2e:9c:78:ac:
89:8f:ad:a9:80:50:87:f4:75:70:d6:c1:54:53:df:
06:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:AE:58:8B:C8:C1:15:68:8B:5C:4E:23:11:E7:11:42:9F:9B:9D:EB
X509v3 Authority Key Identifier:
keyid:52:05:68:67:E4:D2:88:5E:99:B5:49:ED:6F:B7:86:33:0A:DF:8F:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UgVoZ-TSiF6ZtUntb7eGMwrfj0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/b27d45-08cc-47a1-ac5a-5f4836083a30/1/Oa5Yi8jBFWiLXE4jEecRQp-bnes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/b27d45-08cc-47a1-ac5a-5f4836083a30/1/UgVoZ-TSiF6ZtUntb7eGMwrfj0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.128.0/20
195.93.178.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:84:8a:ed:13:fe:52:e8:0c:2a:3c:e6:92:1c:f7:89:97:19:
e6:98:b8:9a:9e:3a:71:a9:1a:63:93:a0:fd:9d:5d:8a:a0:ec:
7f:10:91:2e:ce:b1:db:53:fa:4f:69:08:c0:2d:3c:93:9c:2a:
2a:4c:65:b8:c4:ac:55:c4:33:1c:cc:47:d7:cc:f5:06:1e:52:
e6:fd:f0:be:2e:93:37:cc:43:4e:fe:37:36:68:b8:90:58:03:
2f:61:c9:22:ec:ad:d1:5c:9b:75:06:ed:dd:7e:51:94:7f:61:
54:98:76:c2:85:9c:f5:7b:e4:80:3b:4e:74:fe:a5:06:08:27:
ef:5b:38:90:c2:0c:e6:20:9e:a3:a0:04:55:cb:2b:f9:59:b6:
78:d9:2e:fe:1b:1b:06:0e:b4:1f:08:a6:b4:49:fa:41:b1:ab:
b8:63:43:fc:06:01:5e:dd:da:a3:4e:1a:3f:9c:82:78:af:42:
7a:a2:e6:d4:8a:6a:bb:aa:8a:43:db:c9:3b:14:e8:85:bf:38:
f0:dc:97:90:da:e6:e7:2f:65:cd:2a:f2:c4:7f:e4:6e:80:ac:
9c:de:9a:c3:30:c4:e7:ea:86:a0:1c:3d:a7:a8:03:3e:b7:f4:
04:3a:ef:64:5b:44:13:2f:97:1f:bf:cd:cf:6d:fd:c9:56:e9:
57:ba:47:3c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsZcApZPzLt9Zhtz/B6xGiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMDU2ODY3ZTRkMjg4NWU5OWI1NDllZDZmYjc4NjMzMGFk
ZjhmNDQwHhcNMjMwMTAxMDgxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWFlNTg4YmM4YzExNTY4OGI1YzRlMjMxMWU3MTE0MjlmOWI5ZGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+ClLExYC4vdYXI8QFZI/QqRWnkQ
P/o2rVU5SNA1cEB5d6u6xD9KItvMGjPjJ+WV1dkeY+lFGEPgE4h8mpaBAky60Z01
M4WfuDlcdgWvg66E+vBJTE16KyioLsLS27AMm7JJQhos4/acS/pJTsOn4qAhRWQW
wpFH4wGNljBiCNhzoVaOCI2znjhe/EL7gw4VLC5y4i40wbu7TXstwZsRNe1J3IR1
hTDxeRNfHXWkrU62FXpfHDDH7Iq0+MuWkFhZLtSuilTA/6NeNAU905+IJOrz4oPF
Sc2g4fQAnhkqfn92jIoaMVHhWXt7DS6ceKyJj62pgFCH9HVw1sFUU98G9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDmuWIvIwRVoi1xOIxHnEUKfm53rMB8GA1UdIwQY
MBaAFFIFaGfk0ohembVJ7W+3hjMK349EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWdWb1otVFNpRjZadFVudGI3ZUdNd3JmajBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9iMjdkNDUtMDhjYy00N2ExLWFjNWEt
NWY0ODM2MDgzYTMwLzEvT2E1WWk4akJGV2lMWEU0akVlY1JRcC1ibmVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9iMjdkNDUtMDhjYy00N2ExLWFjNWEtNWY0ODM2MDgzYTMw
LzEvVWdWb1otVFNpRjZadFVudGI3ZUdNd3JmajBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEsu+AAwQB
w12yMA0GCSqGSIb3DQEBCwUAA4IBAQAqhIrtE/5S6AwqPOaSHPeJlxnmmLianjpx
qRpjk6D9nV2KoOx/EJEuzrHbU/pPaQjALTyTnCoqTGW4xKxVxDMczEfXzPUGHlLm
/fC+LpM3zENO/jc2aLiQWAMvYcki7K3RXJt1Bu3dflGUf2FUmHbChZz1e+SAO050
/qUGCCfvWziQwgzmIJ6joARVyyv5WbZ42S7+GxsGDrQfCKa0SfpBsau4Y0P8BgFe
3dqjTho/nIJ4r0J6oubUimq7qopD28k7FOiFvzjw3JeQ2ubnL2XNKvLEf+RugKyc
3prDMMTn6oagHD2nqAM+t/QEOu9kW0QTL5cfv83Pbf3JVulXukc8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:15 2024 by rpki-client on console-ams.rpki-client.org