Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/433127-e2cf-41a1-9913-7a0f72cbb2d5/1/S_OHsst3hvXIVmTyJhPsH8tB6DQ.roa
File: S_OHsst3hvXIVmTyJhPsH8tB6DQ.roa (raw, json)
Hash identifier: jl1cMhFDW/7EDZzN4fOnezOKcu/Om1ALcqIDL4rXNVU=
Subject key identifier: 4B:F3:87:B2:CB:77:86:F5:C8:56:64:F2:26:13:EC:1F:CB:41:E8:34
Certificate issuer: /CN=38b59daedd43cc9575ac35953e3f396e21bb6d80
Certificate serial: 0185727135726CCBA131BF64C45CBA409D9B
Authority key identifier: 38:B5:9D:AE:DD:43:CC:95:75:AC:35:95:3E:3F:39:6E:21:BB:6D:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLWdrt1DzJV1rDWVPj85biG7bYA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/433127-e2cf-41a1-9913-7a0f72cbb2d5/1/S_OHsst3hvXIVmTyJhPsH8tB6DQ.roa
Signing time: Mon 02 Jan 2023 12:24:59 +0000
ROA not before: Mon 02 Jan 2023 12:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198385
IP address blocks: 45.147.41.0/24 maxlen: 24
2a0f:c800::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 21 Aug 2023 09:08:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:35:72:6c:cb:a1:31:bf:64:c4:5c:ba:40:9d:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b59daedd43cc9575ac35953e3f396e21bb6d80
Validity
Not Before: Jan 2 12:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4bf387b2cb7786f5c85664f22613ec1fcb41e834
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ab:b3:7b:ac:8a:f8:8b:7a:f7:69:a9:2a:dd:
14:03:3b:13:e5:b2:ec:7f:b6:58:1a:fe:aa:1e:0e:
46:6b:13:07:3f:c2:0f:63:2d:3f:46:e8:0d:62:5e:
c5:90:97:b7:bd:08:8c:13:8b:39:45:d0:a0:28:a3:
46:12:44:93:9c:7f:58:b8:0c:90:3f:3c:c1:cb:e9:
93:13:17:e0:3d:68:f9:e8:90:41:44:3b:ce:98:17:
26:24:c0:a5:ae:52:df:d4:f9:ec:bb:bd:14:ba:bf:
cb:f0:2c:af:c1:01:ad:ef:5a:89:d9:73:16:fd:30:
49:29:3f:cb:c8:86:62:43:a7:40:f4:a2:27:40:64:
97:e9:7e:7e:2e:08:b9:5c:1d:6e:1a:b2:cf:3f:c7:
62:64:6c:a3:43:52:c9:43:26:6f:9c:5a:e1:e4:84:
9c:0a:85:8a:95:a9:d3:57:c8:c4:5a:50:a0:9a:05:
2a:d9:d3:5f:f3:58:11:98:6a:e1:21:31:a0:77:2d:
47:7e:8e:71:af:d2:53:a9:c5:4f:05:29:f2:fb:10:
61:36:ce:5d:cd:a9:ab:45:6f:8d:15:e1:1f:c5:6f:
41:ea:51:ad:ba:f6:fc:14:b7:d2:bd:bf:26:a3:55:
a4:f2:52:f8:63:1b:04:1a:31:e9:94:ff:3d:d8:21:
a8:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:F3:87:B2:CB:77:86:F5:C8:56:64:F2:26:13:EC:1F:CB:41:E8:34
X509v3 Authority Key Identifier:
keyid:38:B5:9D:AE:DD:43:CC:95:75:AC:35:95:3E:3F:39:6E:21:BB:6D:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLWdrt1DzJV1rDWVPj85biG7bYA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/433127-e2cf-41a1-9913-7a0f72cbb2d5/1/S_OHsst3hvXIVmTyJhPsH8tB6DQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/433127-e2cf-41a1-9913-7a0f72cbb2d5/1/OLWdrt1DzJV1rDWVPj85biG7bYA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.41.0/24
IPv6:
2a0f:c800::/29
Signature Algorithm: sha256WithRSAEncryption
4d:be:2a:8e:e7:6a:33:0f:25:88:30:35:c3:72:0b:2b:a5:67:
22:63:c5:87:ed:3e:5a:3d:98:78:6e:29:51:22:3c:96:33:45:
2c:d8:32:d8:8e:9b:18:7a:84:14:08:b8:fc:01:b4:c1:3b:8c:
c5:dd:a0:49:7e:15:cd:13:7a:a8:64:54:3d:4f:8c:55:fd:47:
3a:7a:55:4c:73:63:7c:e7:42:27:c5:67:ca:77:e2:2f:86:41:
a7:1a:9d:5c:c3:45:7b:a9:4f:cb:e5:fa:9e:40:14:83:e0:31:
44:e8:f5:1f:59:46:92:75:3b:df:db:13:14:8a:a5:25:80:70:
09:37:cf:49:79:03:a0:05:2e:ea:7d:d8:26:64:cd:e1:df:71:
8d:fd:30:7d:52:d3:64:a5:d1:64:7a:2e:93:90:24:c5:4a:e9:
bd:ac:61:0b:b0:4d:c9:29:3d:2c:d3:f9:16:6d:12:68:0b:07:
db:79:8d:ff:cf:1b:3e:4c:58:f6:0c:a5:e3:a4:f1:a7:36:c4:
29:bf:6a:0d:ec:95:f5:2f:fe:e1:ac:7c:1b:66:19:f6:81:d6:
0b:8f:0b:a7:75:e6:87:db:a7:a2:98:e0:9d:9f:a1:f2:11:a0:
e7:0c:cc:79:f6:14:c7:5f:3e:08:a0:49:e5:1c:bb:57:18:06:
23:bf:02:76
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVycTVybMuhMb9kxFy6QJ2bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjU5ZGFlZGQ0M2NjOTU3NWFjMzU5NTNlM2YzOTZlMjFi
YjZkODAwHhcNMjMwMTAyMTIyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmYzODdiMmNiNzc4NmY1Yzg1NjY0ZjIyNjEzZWMxZmNiNDFlODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKuze6yK+It692mpKt0UAzsT5bLs
f7ZYGv6qHg5GaxMHP8IPYy0/RugNYl7FkJe3vQiME4s5RdCgKKNGEkSTnH9YuAyQ
PzzBy+mTExfgPWj56JBBRDvOmBcmJMClrlLf1Pnsu70Uur/L8CyvwQGt71qJ2XMW
/TBJKT/LyIZiQ6dA9KInQGSX6X5+Lgi5XB1uGrLPP8diZGyjQ1LJQyZvnFrh5ISc
CoWKlanTV8jEWlCgmgUq2dNf81gRmGrhITGgdy1Hfo5xr9JTqcVPBSny+xBhNs5d
zamrRW+NFeEfxW9B6lGtuvb8FLfSvb8mo1Wk8lL4YxsEGjHplP892CGobwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEvzh7LLd4b1yFZk8iYT7B/LQeg0MB8GA1UdIwQY
MBaAFDi1na7dQ8yVdaw1lT4/OW4hu22AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xXZHJ0MUR6SlYxckRXVlBqODViaUc3YllBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC80MzMxMjctZTJjZi00MWExLTk5MTMt
N2EwZjcyY2JiMmQ1LzEvU19PSHNzdDNodlhJVm1UeUpoUHNIOHRCNkRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC80MzMxMjctZTJjZi00MWExLTk5MTMtN2EwZjcyY2JiMmQ1
LzEvT0xXZHJ0MUR6SlYxckRXVlBqODViaUc3YllBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALZMpMA0E
AgACMAcDBQMqD8gAMA0GCSqGSIb3DQEBCwUAA4IBAQBNviqO52ozDyWIMDXDcgsr
pWciY8WH7T5aPZh4bilRIjyWM0Us2DLYjpsYeoQUCLj8AbTBO4zF3aBJfhXNE3qo
ZFQ9T4xV/Uc6elVMc2N850InxWfKd+IvhkGnGp1cw0V7qU/L5fqeQBSD4DFE6PUf
WUaSdTvf2xMUiqUlgHAJN89JeQOgBS7qfdgmZM3h33GN/TB9UtNkpdFkei6TkCTF
Sum9rGELsE3JKT0s0/kWbRJoCwfbeY3/zxs+TFj2DKXjpPGnNsQpv2oN7JX1L/7h
rHwbZhn2gdYLjwundeaH26eimOCdn6HyEaDnDMx59hTHXz4IoEnlHLtXGAYjvwJ2
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:23 2024 by rpki-client on console-ams.rpki-client.org