Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/OCmFLfu50Sx5ChEdfwWNOZnNQ1s.roa
File: OCmFLfu50Sx5ChEdfwWNOZnNQ1s.roa (raw, json)
Hash identifier: pY4eAXa7/4o2t8/ACFXCW5wl0R/0MOj2vLyBYN7UB50=
Subject key identifier: 38:29:85:2D:FB:B9:D1:2C:79:0A:11:1D:7F:05:8D:39:99:CD:43:5B
Certificate issuer: /CN=99d3a2d6fad651678e96d24e24d19d71fe380409
Certificate serial: 018805602EAD0DB5D6938FF627F30D1A5701
Authority key identifier: 99:D3:A2:D6:FA:D6:51:67:8E:96:D2:4E:24:D1:9D:71:FE:38:04:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mdOi1vrWUWeOltJOJNGdcf44BAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/OCmFLfu50Sx5ChEdfwWNOZnNQ1s.roa
Signing time: Wed 10 May 2023 11:16:09 +0000
ROA not before: Wed 10 May 2023 11:16:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12349
IP address blocks: 164.59.128.0/23 maxlen: 24
164.59.130.0/24 maxlen: 24
164.59.136.0/21 maxlen: 24
164.59.144.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 May 2023 12:46:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:05:60:2e:ad:0d:b5:d6:93:8f:f6:27:f3:0d:1a:57:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99d3a2d6fad651678e96d24e24d19d71fe380409
Validity
Not Before: May 10 11:16:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3829852dfbb9d12c790a111d7f058d3999cd435b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:0e:d0:bf:5a:a7:a4:7c:6c:bd:98:ae:e2:d5:
65:d2:93:f6:85:8a:36:bf:bf:af:2a:80:bb:e4:69:
b1:7e:75:d0:fd:91:22:4c:f6:f9:c3:e3:4b:08:39:
3a:d1:0f:8a:bc:6d:c9:02:64:79:8d:b7:d0:24:7a:
87:b3:ee:9b:5c:23:93:52:b1:80:ca:0d:31:87:e8:
9c:ae:c9:a8:47:6b:c4:ab:df:99:29:64:e8:4d:9d:
ff:02:ec:8f:e9:ff:ef:4e:8f:7f:66:55:e1:ae:a2:
b9:d1:ad:fd:ae:a5:a6:25:c2:96:a2:fd:d8:be:85:
90:b6:f2:0a:a6:bd:38:74:c9:ba:3b:09:65:49:0c:
f8:8c:7a:9e:d6:97:56:7a:e8:10:4a:f1:4e:6d:e4:
85:7f:75:a2:d3:de:65:21:b9:24:5a:af:cf:c7:df:
b1:37:21:ff:c0:29:bf:ff:53:50:e2:3b:49:ce:19:
2d:25:ba:f7:54:86:c9:45:9a:c7:d1:5d:ea:e2:2c:
6e:2c:70:f5:5a:14:61:69:37:9a:12:66:d7:cd:31:
b1:95:38:0c:0b:8b:73:ed:63:00:96:3c:e8:bd:d0:
ad:3f:24:33:c3:13:f5:df:67:33:52:e2:c4:5d:12:
ad:32:34:bd:eb:d2:cb:d4:83:0d:f9:93:1f:72:43:
53:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:29:85:2D:FB:B9:D1:2C:79:0A:11:1D:7F:05:8D:39:99:CD:43:5B
X509v3 Authority Key Identifier:
keyid:99:D3:A2:D6:FA:D6:51:67:8E:96:D2:4E:24:D1:9D:71:FE:38:04:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdOi1vrWUWeOltJOJNGdcf44BAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/OCmFLfu50Sx5ChEdfwWNOZnNQ1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/mdOi1vrWUWeOltJOJNGdcf44BAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.59.128.0-164.59.130.255
164.59.136.0-164.59.145.255
Signature Algorithm: sha256WithRSAEncryption
35:c2:4a:01:43:8b:43:1f:e3:9f:34:2f:1d:49:d6:15:73:5a:
a4:75:b0:3e:fa:c0:80:f0:d7:f6:b1:3f:48:21:3a:bb:5b:a8:
a4:18:62:8f:d4:46:f8:80:49:26:e0:81:f8:2f:d6:12:2f:60:
ba:90:dd:19:36:e6:e2:17:ed:24:01:a7:cb:34:b5:92:a5:f0:
98:ba:51:11:f2:06:4c:33:80:c1:1d:86:49:58:5d:a4:d1:b9:
01:fc:8b:f5:c1:dd:9e:1a:7e:67:f6:ea:59:a7:7c:b5:20:13:
d0:1e:b3:16:77:f0:9f:52:73:24:67:3d:f4:43:d9:6d:7a:52:
01:9e:24:b4:c5:e3:53:d1:80:45:da:7d:e2:6d:45:5c:bf:cf:
fb:4c:7b:e5:49:ab:d5:e4:05:3a:3b:e0:a4:0d:7c:9d:ac:fc:
d0:97:5c:12:78:4b:0a:df:4a:11:3c:8e:70:d3:23:5c:9a:5b:
70:ce:39:97:f2:d7:17:74:9c:52:38:c9:9f:e2:3f:ad:1e:40:
fc:33:dd:0c:ac:ea:d1:4f:88:47:ce:4f:95:1c:f7:a3:b1:2f:
08:42:89:92:fe:7c:0a:a8:2f:61:06:cb:19:24:7e:ab:07:2e:
b6:7c:da:71:48:e1:10:95:f0:a0:00:d7:84:a7:5a:cb:b0:8f:
8c:5c:2b:8e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYgFYC6tDbXWk4/2J/MNGlcBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDNhMmQ2ZmFkNjUxNjc4ZTk2ZDI0ZTI0ZDE5ZDcxZmUz
ODA0MDkwHhcNMjMwNTEwMTExNjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODI5ODUyZGZiYjlkMTJjNzkwYTExMWQ3ZjA1OGQzOTk5Y2Q0MzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAig7Qv1qnpHxsvZiu4tVl0pP2hYo2
v7+vKoC75GmxfnXQ/ZEiTPb5w+NLCDk60Q+KvG3JAmR5jbfQJHqHs+6bXCOTUrGA
yg0xh+icrsmoR2vEq9+ZKWToTZ3/AuyP6f/vTo9/ZlXhrqK50a39rqWmJcKWov3Y
voWQtvIKpr04dMm6OwllSQz4jHqe1pdWeugQSvFObeSFf3Wi095lIbkkWq/Px9+x
NyH/wCm//1NQ4jtJzhktJbr3VIbJRZrH0V3q4ixuLHD1WhRhaTeaEmbXzTGxlTgM
C4tz7WMAljzovdCtPyQzwxP132czUuLEXRKtMjS969LL1IMN+ZMfckNT/QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDgphS37udEseQoRHX8FjTmZzUNbMB8GA1UdIwQY
MBaAFJnTotb61lFnjpbSTiTRnXH+OAQJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWRPaTF2cldVV2VPbHRKT0pOR2RjZjQ0QkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS80MTBkOTQtYWY3OC00Mzk3LWFkZmUt
NDhkNzM4YzU5NDdkLzEvT0NtRkxmdTUwU3g1Q2hFZGZ3V05PWm5OUTFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS80MTBkOTQtYWY3OC00Mzk3LWFkZmUtNDhkNzM4YzU5NDdk
LzEvbWRPaTF2cldVV2VPbHRKT0pOR2RjZjQ0QkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAekO4AD
BACkO4IwDAMEA6Q7iAMEAaQ7kDANBgkqhkiG9w0BAQsFAAOCAQEANcJKAUOLQx/j
nzQvHUnWFXNapHWwPvrAgPDX9rE/SCE6u1uopBhij9RG+IBJJuCB+C/WEi9gupDd
GTbm4hftJAGnyzS1kqXwmLpREfIGTDOAwR2GSVhdpNG5AfyL9cHdnhp+Z/bqWad8
tSAT0B6zFnfwn1JzJGc99EPZbXpSAZ4ktMXjU9GARdp94m1FXL/P+0x75Umr1eQF
OjvgpA18naz80JdcEnhLCt9KETyOcNMjXJpbcM45l/LXF3ScUjjJn+I/rR5A/DPd
DKzq0U+IR85PlRz3o7EvCEKJkv58CqgvYQbLGSR+qwcutnzacUjhEJXwoADXhKda
y7CPjFwrjg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:40 2024 by rpki-client on console-fra.rpki-client.org