Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/OBq3hLkhVEGJVDa9JMTglvZBpp0.roa
File: OBq3hLkhVEGJVDa9JMTglvZBpp0.roa (raw, json)
Hash identifier: 1GUwBH0Z6IO/HOzKDhp/866c6nyZ7KRF7JTN5idHKWs=
Subject key identifier: 38:1A:B7:84:B9:21:54:41:89:54:36:BD:24:C4:E0:96:F6:41:A6:9D
Certificate issuer: /CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e
Certificate serial: 01857139AE6B18D07F16A2A056E7E80355B8
Authority key identifier: 2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/OBq3hLkhVEGJVDa9JMTglvZBpp0.roa
Signing time: Mon 02 Jan 2023 06:44:43 +0000
ROA not before: Mon 02 Jan 2023 06:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203068
IP address blocks: 109.205.244.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:ae:6b:18:d0:7f:16:a2:a0:56:e7:e8:03:55:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e
Validity
Not Before: Jan 2 06:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=381ab784b9215441895436bd24c4e096f641a69d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a2:ef:4e:e0:5c:9e:df:ef:4e:0a:8e:fc:fc:
92:24:3a:53:f6:c5:81:76:37:11:eb:ac:9b:d0:68:
cf:60:69:83:6c:74:46:0a:5c:10:f8:68:df:01:73:
35:7e:5f:37:8e:aa:cd:df:02:bf:76:83:ec:d0:96:
35:b0:9f:65:74:d5:4a:d5:df:37:a8:87:30:2f:e8:
ba:e9:2b:1b:9a:bc:85:78:06:d8:93:32:a6:7e:44:
01:0a:e2:d2:97:21:f9:cf:94:4f:98:fb:17:49:05:
78:c0:84:6c:f7:65:a7:32:ba:25:b5:4c:12:c4:aa:
93:eb:2b:0f:2c:67:11:32:94:b6:33:e9:27:42:45:
2f:89:f5:90:2d:1f:a3:6c:0b:19:f3:65:e9:89:25:
b8:27:30:be:92:1e:43:f8:61:36:42:80:5d:4b:8f:
6c:5d:0e:82:49:55:9e:86:81:c1:8e:51:85:8c:41:
f4:41:cf:1a:8f:1d:d2:7a:dc:af:63:69:65:9b:c2:
8e:68:61:6d:79:4f:4e:31:30:4d:18:00:b0:ef:54:
f1:8a:53:ec:ca:6f:b9:71:8e:ba:80:12:fd:b2:8d:
0b:50:f7:1f:98:10:1a:b8:7f:01:35:d0:e0:e2:7a:
10:24:05:79:3a:ca:99:4f:65:31:d5:91:0a:18:6e:
02:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:1A:B7:84:B9:21:54:41:89:54:36:BD:24:C4:E0:96:F6:41:A6:9D
X509v3 Authority Key Identifier:
keyid:2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/OBq3hLkhVEGJVDa9JMTglvZBpp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.244.0/24
Signature Algorithm: sha256WithRSAEncryption
15:2a:f8:65:9a:ba:c9:42:0a:a6:da:80:c5:0b:ff:55:85:89:
e4:4c:e4:c7:9c:a7:35:b5:dd:23:4c:03:8e:6d:ef:e4:f5:ad:
61:52:4e:b0:fd:69:20:05:7c:15:06:16:4a:99:87:a3:fa:01:
0c:8d:00:f3:21:75:c9:1e:bd:5f:08:5e:de:09:eb:a9:f9:7c:
58:a0:f7:1e:05:73:11:a6:40:7e:be:05:45:e7:c4:28:f7:57:
a5:09:4b:ed:90:9a:c7:4c:ed:a9:8a:23:26:fb:5d:65:ec:fe:
bb:5f:f3:70:2f:79:16:66:af:4a:3a:5b:b6:06:5e:cc:65:23:
c0:48:0a:7c:ab:64:0e:07:b4:c1:4e:33:48:90:25:25:48:5b:
2a:54:23:b8:5c:c4:23:c2:d2:84:8d:07:74:84:ae:eb:d0:e6:
6a:00:03:fa:06:d1:50:d7:65:2e:9d:b5:27:d8:86:48:56:2d:
3d:1a:f2:d9:c3:6f:06:8d:e3:1b:0e:13:53:2f:b0:4b:18:69:
3c:ba:97:df:8f:90:4c:6e:93:15:d9:6c:a8:01:ea:6d:c5:02:
5f:6f:af:49:5f:d0:26:df:a0:2e:61:f9:93:6a:26:30:42:a6:
8a:8c:74:25:2d:51:18:cc:c3:09:19:70:1c:ca:c1:9e:3f:4a:
96:8c:84:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxOa5rGNB/FqKgVufoA1W4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmOTNkM2JhMTk3ZjVjZTMwOThiZmE3NzAwYjQzODU0ZWFh
ODBlOWUwHhcNMjMwMTAyMDY0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODFhYjc4NGI5MjE1NDQxODk1NDM2YmQyNGM0ZTA5NmY2NDFhNjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqLvTuBcnt/vTgqO/PySJDpT9sWB
djcR66yb0GjPYGmDbHRGClwQ+GjfAXM1fl83jqrN3wK/doPs0JY1sJ9ldNVK1d83
qIcwL+i66SsbmryFeAbYkzKmfkQBCuLSlyH5z5RPmPsXSQV4wIRs92WnMroltUwS
xKqT6ysPLGcRMpS2M+knQkUvifWQLR+jbAsZ82XpiSW4JzC+kh5D+GE2QoBdS49s
XQ6CSVWehoHBjlGFjEH0Qc8ajx3SetyvY2llm8KOaGFteU9OMTBNGACw71TxilPs
ym+5cY66gBL9so0LUPcfmBAauH8BNdDg4noQJAV5OsqZT2Ux1ZEKGG4C7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDgat4S5IVRBiVQ2vSTE4Jb2QaadMB8GA1UdIwQY
MBaAFC+T07oZf1zjCYv6dwC0OFTqqA6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDVQVHVobF9YT01KaV9wM0FMUTRWT3FvRHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC83YTg3YTAtODAxNC00NjA1LTlmYjUt
OWU3MWRjMjRhNjgzLzEvT0JxM2hMa2hWRUdKVkRhOUpNVGdsdlpCcHAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC83YTg3YTAtODAxNC00NjA1LTlmYjUtOWU3MWRjMjRhNjgz
LzEvTDVQVHVobF9YT01KaV9wM0FMUTRWT3FvRHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbc30MA0G
CSqGSIb3DQEBCwUAA4IBAQAVKvhlmrrJQgqm2oDFC/9VhYnkTOTHnKc1td0jTAOO
be/k9a1hUk6w/WkgBXwVBhZKmYej+gEMjQDzIXXJHr1fCF7eCeup+XxYoPceBXMR
pkB+vgVF58Qo91elCUvtkJrHTO2piiMm+11l7P67X/NwL3kWZq9KOlu2Bl7MZSPA
SAp8q2QOB7TBTjNIkCUlSFsqVCO4XMQjwtKEjQd0hK7r0OZqAAP6BtFQ12UunbUn
2IZIVi09GvLZw28GjeMbDhNTL7BLGGk8upffj5BMbpMV2WyoAeptxQJfb69JX9Am
36AuYfmTaiYwQqaKjHQlLVEYzMMJGXAcysGeP0qWjIRN
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:59 2024 by rpki-client on console-fra.rpki-client.org