Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/oj9erqk836geXLS4Y5NThgdRoEY.roa
File: oj9erqk836geXLS4Y5NThgdRoEY.roa (raw, json)
Hash identifier: ZmKzdbGAMBo/V6KFv0FGKXOat7C9qTiYa2cbD0ydEv4=
Subject key identifier: A2:3F:5E:AE:A9:3C:DF:A8:1E:5C:B4:B8:63:93:53:86:07:51:A0:46
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 0188959D46FFADBABBB5229716827B7D3E9D
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/oj9erqk836geXLS4Y5NThgdRoEY.roa
Signing time: Wed 07 Jun 2023 11:28:12 +0000
ROA not before: Wed 07 Jun 2023 11:28:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52116
IP address blocks: 178.254.170.0/24 maxlen: 24
178.254.180.0/24 maxlen: 24
178.254.181.0/24 maxlen: 24
89.23.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:95:9d:46:ff:ad:ba:bb:b5:22:97:16:82:7b:7d:3e:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Jun 7 11:28:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a23f5eaea93cdfa81e5cb4b8639353860751a046
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:66:b4:c9:8b:7b:33:f3:e4:7a:c7:13:40:c5:
85:51:87:e2:22:05:4a:3e:60:ee:2f:c6:49:7f:17:
93:fc:b1:2d:8b:0e:32:06:a4:83:3d:9b:87:4b:3b:
2b:5a:84:f1:18:ef:1e:34:6f:35:fa:b4:26:d9:d3:
64:d8:52:55:77:a5:9e:ec:b1:d0:45:f8:28:1d:b3:
e2:55:a8:6d:e3:ee:33:ac:68:36:7f:e0:4d:cd:25:
9b:7a:0e:16:46:ef:70:6a:b4:16:af:df:f3:3f:7e:
6b:12:83:1d:ae:97:99:5e:dc:c1:e7:87:18:df:fc:
db:54:4b:73:2e:49:ec:4f:c1:1b:43:ca:ea:a8:c3:
20:1d:28:41:0d:5a:6b:c0:d6:7c:84:05:e3:bc:9e:
93:81:b2:f4:6b:bf:88:e1:d0:56:51:c5:b6:f0:54:
37:68:e5:64:d5:f0:7c:79:26:d0:8b:7a:4e:87:13:
04:f8:2c:ea:07:99:b8:e6:c9:6b:8f:a1:25:bb:cf:
6b:da:08:4e:71:0c:f4:29:6e:b1:c1:89:e8:c0:0e:
79:be:ba:b0:cb:6b:dd:17:4f:3b:e1:a3:8d:31:30:
9c:58:cc:ce:62:39:76:2b:fc:62:36:e4:93:2b:ce:
26:ff:53:88:44:56:40:03:13:9e:c7:b1:18:69:1b:
6e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:3F:5E:AE:A9:3C:DF:A8:1E:5C:B4:B8:63:93:53:86:07:51:A0:46
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/oj9erqk836geXLS4Y5NThgdRoEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.71.0/24
178.254.170.0/24
178.254.180.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:81:fb:77:b5:b9:da:f4:70:af:f8:82:d5:dc:20:3d:67:a1:
6c:33:5d:d1:be:69:bc:32:c6:63:70:ac:34:e5:bc:dd:aa:a3:
2d:f2:67:d8:50:5a:ca:2e:e6:5d:f0:7a:24:ef:f3:70:91:a0:
7f:ba:8e:82:55:57:c6:13:25:34:ed:3a:a8:a4:1e:eb:bd:76:
e3:54:d2:b4:09:64:2d:9a:20:4a:28:c4:fd:5a:1e:45:e3:74:
5c:bf:9d:9f:1e:35:47:23:a2:6e:f5:69:8b:cb:3a:b3:a4:75:
12:4d:7b:62:3e:f9:14:06:fc:80:d3:ee:3b:10:85:db:53:49:
15:f1:73:e1:9b:65:b4:e0:87:77:28:e8:53:55:c5:34:7a:92:
d4:61:a0:5a:31:83:3b:68:50:df:aa:c3:b6:77:00:fb:6b:b4:
5a:58:ed:a8:5f:77:14:04:a8:48:4f:de:f2:d3:8c:26:49:fb:
15:11:49:9a:0d:59:6c:22:37:3d:5a:a0:ef:89:51:47:ee:fa:
25:88:50:cc:79:be:e3:c3:bf:6e:8c:23:88:5c:c0:2b:54:4c:
d8:dc:ab:75:d7:dd:b2:66:fb:9a:7d:8c:b0:19:11:9c:d1:55:
82:5c:7b:bd:7e:f9:af:55:7d:d1:0a:bf:54:55:13:05:bc:e5:
b9:0d:45:a1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYiVnUb/rbq7tSKXFoJ7fT6dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjMwNjA3MTEyODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjNmNWVhZWE5M2NkZmE4MWU1Y2I0Yjg2MzkzNTM4NjA3NTFhMDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGa0yYt7M/PkescTQMWFUYfiIgVK
PmDuL8ZJfxeT/LEtiw4yBqSDPZuHSzsrWoTxGO8eNG81+rQm2dNk2FJVd6We7LHQ
RfgoHbPiVaht4+4zrGg2f+BNzSWbeg4WRu9warQWr9/zP35rEoMdrpeZXtzB54cY
3/zbVEtzLknsT8EbQ8rqqMMgHShBDVprwNZ8hAXjvJ6TgbL0a7+I4dBWUcW28FQ3
aOVk1fB8eSbQi3pOhxME+CzqB5m45slrj6Elu89r2ghOcQz0KW6xwYnowA55vrqw
y2vdF0874aONMTCcWMzOYjl2K/xiNuSTK84m/1OIRFZAAxOex7EYaRtuUQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKI/Xq6pPN+oHly0uGOTU4YHUaBGMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvb2o5ZXJxazgzNmdlWExTNFk1TlRoZ2RSb0VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWRdHAwQA
sv6qAwQBsv60MA0GCSqGSIb3DQEBCwUAA4IBAQBKgft3tbna9HCv+ILV3CA9Z6Fs
M13Rvmm8MsZjcKw05bzdqqMt8mfYUFrKLuZd8Hok7/NwkaB/uo6CVVfGEyU07Tqo
pB7rvXbjVNK0CWQtmiBKKMT9Wh5F43Rcv52fHjVHI6Ju9WmLyzqzpHUSTXtiPvkU
BvyA0+47EIXbU0kV8XPhm2W04Id3KOhTVcU0epLUYaBaMYM7aFDfqsO2dwD7a7Ra
WO2oX3cUBKhIT97y04wmSfsVEUmaDVlsIjc9WqDviVFH7voliFDMeb7jw79ujCOI
XMArVEzY3Kt1192yZvuafYywGRGc0VWCXHu9fvmvVX3RCr9UVRMFvOW5DUWh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:45 2024 by rpki-client on console-fra.rpki-client.org