Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/oJlO4BK-OL6rhFJZYb8NKyI0M4Y.roa
File: oJlO4BK-OL6rhFJZYb8NKyI0M4Y.roa (raw, json)
Hash identifier: W3D5xt5KIB1eVT0vfNRlzALcDN2udpIwojS5NJd5SUc=
Subject key identifier: A0:99:4E:E0:12:BE:38:BE:AB:84:52:59:61:BF:0D:2B:22:34:33:86
Certificate issuer: /CN=46c98b2e4a3e060def45abc62c0e345faa80b5ec
Certificate serial: 01856CF8733B3928D4739DACB4D591933953
Authority key identifier: 46:C9:8B:2E:4A:3E:06:0D:EF:45:AB:C6:2C:0E:34:5F:AA:80:B5:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RsmLLko-Bg3vRavGLA40X6qAtew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/oJlO4BK-OL6rhFJZYb8NKyI0M4Y.roa
Signing time: Sun 01 Jan 2023 10:54:59 +0000
ROA not before: Sun 01 Jan 2023 10:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60033
IP address blocks: 185.61.136.0/24 maxlen: 24
185.61.137.0/24 maxlen: 24
185.61.138.0/24 maxlen: 24
185.61.139.0/24 maxlen: 24
2a02:7a60::/48 maxlen: 48
2a02:7a60::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:73:3b:39:28:d4:73:9d:ac:b4:d5:91:93:39:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46c98b2e4a3e060def45abc62c0e345faa80b5ec
Validity
Not Before: Jan 1 10:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0994ee012be38beab84525961bf0d2b22343386
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:1f:ce:8f:f6:a5:c1:fe:ff:7b:83:9a:4f:ae:
2e:86:28:b7:79:0f:c1:94:03:f6:ff:c9:f3:4d:d1:
c7:04:b2:e3:78:80:e8:e7:bd:e5:a6:fa:11:6e:08:
30:60:d4:ab:8c:a2:70:dd:12:11:ee:fd:36:71:e0:
1b:8c:51:af:ae:0c:99:56:51:a6:a7:33:de:a6:89:
c0:75:5c:bc:7b:92:54:ae:43:02:a7:6d:10:a0:73:
de:03:08:17:ae:17:64:35:4d:7f:86:36:28:40:ec:
f7:8e:6f:ba:5b:37:1d:76:76:1f:1d:2d:9f:82:03:
1a:d5:35:5c:0e:f3:73:1c:fc:a3:e2:76:1c:da:32:
62:d8:b5:cd:fa:4e:e3:f7:db:68:cb:3d:8e:c5:6b:
20:6e:2a:95:cd:fe:51:f3:98:a0:01:e3:14:b5:4b:
c9:f3:10:13:1c:ee:85:73:8b:7c:17:32:78:5c:ff:
0b:b1:14:88:ef:f1:95:00:61:e2:84:12:a7:68:52:
dc:3c:47:f2:45:53:9c:21:bf:32:ae:a7:0f:f4:ee:
14:53:82:74:fd:12:d5:1e:3e:bb:ad:75:28:e6:87:
d7:ca:88:7d:62:ef:7a:c2:86:b3:2b:86:31:f4:17:
9c:dd:23:64:c6:31:08:30:8f:85:a7:3d:82:d5:a5:
f0:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:99:4E:E0:12:BE:38:BE:AB:84:52:59:61:BF:0D:2B:22:34:33:86
X509v3 Authority Key Identifier:
keyid:46:C9:8B:2E:4A:3E:06:0D:EF:45:AB:C6:2C:0E:34:5F:AA:80:B5:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RsmLLko-Bg3vRavGLA40X6qAtew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/oJlO4BK-OL6rhFJZYb8NKyI0M4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/RsmLLko-Bg3vRavGLA40X6qAtew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.61.136.0/22
IPv6:
2a02:7a60::/32
Signature Algorithm: sha256WithRSAEncryption
0d:bc:82:d9:59:33:7c:3c:1a:3b:de:66:4e:61:d0:f4:37:fe:
59:34:80:ed:a6:e5:e0:7b:ee:7a:c0:b5:8b:9a:29:16:64:af:
06:d8:a4:1d:98:0d:b9:9b:95:43:1c:21:36:50:2b:ac:0d:db:
47:63:fc:8a:8c:8e:1f:b4:37:33:8a:36:08:58:85:7c:a0:49:
5e:1e:1e:19:64:f1:70:02:d2:3a:06:dc:bc:bd:21:69:39:48:
5e:a7:b8:36:b6:f6:80:39:5f:eb:3c:01:5d:43:dd:25:57:0f:
50:77:7b:aa:83:77:8e:ca:b2:f8:a8:01:e3:48:44:82:b2:57:
35:4d:a7:f8:c5:97:22:c5:39:3a:56:19:a9:27:e6:ef:11:4b:
c6:a1:9a:ac:43:1a:c9:d8:5d:da:9a:9f:a5:b0:ee:ca:bd:b1:
da:a7:17:c0:70:89:a9:a5:2f:c4:45:46:77:48:88:49:2f:1b:
d2:32:ec:69:e7:d3:73:37:b7:b1:a3:7a:2c:30:84:a6:b7:fc:
76:69:90:30:1d:3a:97:5c:d1:b0:82:c6:7d:d7:e7:ea:f5:74:
cc:6f:3a:75:19:77:9a:48:88:99:a1:82:fa:24:d4:da:b2:c5:
c4:b2:b8:3d:54:5e:68:77:e9:2d:4f:70:ce:cb:24:d5:33:7c:
17:8a:0e:d9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVs+HM7OSjUc52stNWRkzlTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2Yzk4YjJlNGEzZTA2MGRlZjQ1YWJjNjJjMGUzNDVmYWE4
MGI1ZWMwHhcNMjMwMTAxMTA1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDk5NGVlMDEyYmUzOGJlYWI4NDUyNTk2MWJmMGQyYjIyMzQzMzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgx/Oj/alwf7/e4OaT64uhii3eQ/B
lAP2/8nzTdHHBLLjeIDo573lpvoRbggwYNSrjKJw3RIR7v02ceAbjFGvrgyZVlGm
pzPeponAdVy8e5JUrkMCp20QoHPeAwgXrhdkNU1/hjYoQOz3jm+6WzcddnYfHS2f
ggMa1TVcDvNzHPyj4nYc2jJi2LXN+k7j99toyz2OxWsgbiqVzf5R85igAeMUtUvJ
8xATHO6Fc4t8FzJ4XP8LsRSI7/GVAGHihBKnaFLcPEfyRVOcIb8yrqcP9O4UU4J0
/RLVHj67rXUo5ofXyoh9Yu96woazK4Yx9Bec3SNkxjEIMI+Fpz2C1aXwfQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKCZTuASvji+q4RSWWG/DSsiNDOGMB8GA1UdIwQY
MBaAFEbJiy5KPgYN70WrxiwONF+qgLXsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnNtTExrby1CZzN2UmF2R0xBNDBYNnFBdGV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8yYWE4ZDEtY2I3MS00OTA0LWE1OTEt
MzQ0OTUyMjcxMGU3LzEvb0psTzRCSy1PTDZyaEZKWlliOE5LeUkwTTRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8yYWE4ZDEtY2I3MS00OTA0LWE1OTEtMzQ0OTUyMjcxMGU3
LzEvUnNtTExrby1CZzN2UmF2R0xBNDBYNnFBdGV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuT2IMA0E
AgACMAcDBQAqAnpgMA0GCSqGSIb3DQEBCwUAA4IBAQANvILZWTN8PBo73mZOYdD0
N/5ZNIDtpuXge+56wLWLmikWZK8G2KQdmA25m5VDHCE2UCusDdtHY/yKjI4ftDcz
ijYIWIV8oEleHh4ZZPFwAtI6Bty8vSFpOUhep7g2tvaAOV/rPAFdQ90lVw9Qd3uq
g3eOyrL4qAHjSESCslc1Taf4xZcixTk6VhmpJ+bvEUvGoZqsQxrJ2F3amp+lsO7K
vbHapxfAcImppS/ERUZ3SIhJLxvSMuxp59NzN7exo3osMISmt/x2aZAwHTqXXNGw
gsZ91+fq9XTMbzp1GXeaSIiZoYL6JNTassXEsrg9VF5od+ktT3DOyyTVM3wXig7Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:22 2024 by rpki-client on console-ams.rpki-client.org