Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/okiP1Vmr8mrIYzZ_92Z3--yz5zI.roa
File: okiP1Vmr8mrIYzZ_92Z3--yz5zI.roa (raw, json)
Hash identifier: GthdXDU4Ajyw1LQph/dR7l1kMCQuytLpcimadTlAprk=
Subject key identifier: A2:48:8F:D5:59:AB:F2:6A:C8:63:36:7F:F7:66:77:FB:EC:B3:E7:32
Certificate issuer: /CN=34fe6b9d0cc1e7f6e16b2a46b42ca5e01c700346
Certificate serial: 018D1CF8EBDC25DA58BC2678B45BB5547F4B
Authority key identifier: 34:FE:6B:9D:0C:C1:E7:F6:E1:6B:2A:46:B4:2C:A5:E0:1C:70:03:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NP5rnQzB5_bhaypGtCyl4BxwA0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/okiP1Vmr8mrIYzZ_92Z3--yz5zI.roa
Signing time: Thu 18 Jan 2024 14:28:11 +0000
ROA not before: Thu 18 Jan 2024 14:28:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.156.16.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1c:f8:eb:dc:25:da:58:bc:26:78:b4:5b:b5:54:7f:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34fe6b9d0cc1e7f6e16b2a46b42ca5e01c700346
Validity
Not Before: Jan 18 14:28:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2488fd559abf26ac863367ff76677fbecb3e732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:e9:9e:b1:94:a8:b7:80:b8:fc:c1:84:87:8d:
6f:db:e2:fa:79:b3:e2:af:3b:79:24:5e:7d:df:d7:
bc:01:bc:06:94:17:27:95:d6:86:64:7a:b3:5a:18:
bd:32:ca:2f:8d:0a:eb:90:7a:25:3c:a2:a9:e5:5b:
52:39:00:f4:2a:23:3c:b8:03:f5:2d:40:39:b9:cb:
e1:e5:d8:e8:84:2f:d5:61:58:36:3a:46:b0:1b:d1:
35:42:03:07:e6:8a:25:e1:26:b5:8b:ee:ec:b3:71:
0f:64:30:65:d8:79:a6:91:26:eb:dc:09:dc:b7:a3:
5e:6e:27:78:37:76:2c:8d:d5:fd:82:c6:0b:f9:ec:
f6:5a:e7:ac:79:cb:be:8b:c8:cf:52:fe:89:ae:1d:
d5:ba:59:0a:b3:9d:f7:41:31:6c:3a:e8:c4:23:90:
7b:b6:15:aa:69:64:77:3c:fc:59:a1:3b:e6:08:db:
e2:79:5b:68:20:b1:4b:57:a6:9e:9d:77:3b:31:b4:
07:24:21:67:75:20:f4:19:ff:e3:48:0c:6c:74:58:
71:84:1a:7e:3d:e7:d2:35:2e:5a:b2:a0:0c:aa:00:
cc:20:a6:28:f1:d5:30:05:c4:18:a2:7f:26:80:b9:
b8:55:f0:21:14:fd:52:8e:db:49:ed:1b:fe:d7:7f:
99:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:48:8F:D5:59:AB:F2:6A:C8:63:36:7F:F7:66:77:FB:EC:B3:E7:32
X509v3 Authority Key Identifier:
keyid:34:FE:6B:9D:0C:C1:E7:F6:E1:6B:2A:46:B4:2C:A5:E0:1C:70:03:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NP5rnQzB5_bhaypGtCyl4BxwA0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/okiP1Vmr8mrIYzZ_92Z3--yz5zI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/NP5rnQzB5_bhaypGtCyl4BxwA0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.16.0/23
Signature Algorithm: sha256WithRSAEncryption
95:4d:10:7f:3e:35:82:6b:6b:69:2c:d6:45:f3:27:83:6b:b0:
62:94:18:b2:94:63:0f:88:db:45:df:9e:b9:c4:9e:25:85:11:
68:20:20:09:ae:aa:2b:6c:98:a6:6c:60:2e:11:01:80:85:03:
35:a3:31:b9:dd:19:78:da:de:25:8f:2e:e5:49:02:ba:17:ae:
41:05:4e:47:44:fd:9a:bf:d5:bd:bd:90:65:98:37:6b:f2:ff:
81:c3:9d:72:a8:8b:a5:49:4f:f0:c3:34:31:f9:78:af:56:f6:
f1:92:d2:b0:f9:97:7b:79:43:ae:93:ce:e1:2f:af:3c:1b:31:
a6:70:d1:bc:27:0c:de:f2:e1:e9:51:54:d4:e6:c4:c1:94:be:
2a:07:23:8a:86:06:45:77:a2:2e:19:a8:62:9b:3c:43:ff:e0:
80:1c:96:4f:ae:ee:ad:6d:b6:9a:be:6b:e4:bc:cd:c8:c3:fb:
70:a1:40:02:c4:b3:79:50:89:3e:d8:7d:ed:9f:74:dd:c9:3d:
23:27:84:d7:7c:f7:d9:1e:78:57:e2:ec:55:42:92:28:29:b3:
26:81:72:72:d5:6e:b3:07:9a:e7:3c:58:20:1b:e7:57:1a:39:
6f:4b:3d:f6:41:1f:41:d8:d9:7d:ac:76:4b:90:38:86:b0:e0:
05:17:cd:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0c+OvcJdpYvCZ4tFu1VH9LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZmU2YjlkMGNjMWU3ZjZlMTZiMmE0NmI0MmNhNWUwMWM3
MDAzNDYwHhcNMjQwMTE4MTQyODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjQ4OGZkNTU5YWJmMjZhYzg2MzM2N2ZmNzY2NzdmYmVjYjNlNzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+OmesZSot4C4/MGEh41v2+L6ebPi
rzt5JF5939e8AbwGlBcnldaGZHqzWhi9MsovjQrrkHolPKKp5VtSOQD0KiM8uAP1
LUA5ucvh5djohC/VYVg2OkawG9E1QgMH5ool4Sa1i+7ss3EPZDBl2HmmkSbr3Anc
t6Nebid4N3YsjdX9gsYL+ez2Wuesecu+i8jPUv6Jrh3VulkKs533QTFsOujEI5B7
thWqaWR3PPxZoTvmCNvieVtoILFLV6aenXc7MbQHJCFndSD0Gf/jSAxsdFhxhBp+
PefSNS5asqAMqgDMIKYo8dUwBcQYon8mgLm4VfAhFP1SjttJ7Rv+13+ZPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKJIj9VZq/JqyGM2f/dmd/vss+cyMB8GA1UdIwQY
MBaAFDT+a50Mwef24WsqRrQspeAccANGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlA1cm5RekI1X2JoYXlwR3RDeWw0Qnh3QTBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82MmRmMzYtZmQzNi00YmFmLTlkMmUt
MTE4YWZlZDdhNWFlLzEvb2tpUDFWbXI4bXJJWXpaXzkyWjMtLXl6NXpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82MmRmMzYtZmQzNi00YmFmLTlkMmUtMTE4YWZlZDdhNWFl
LzEvTlA1cm5RekI1X2JoYXlwR3RDeWw0Qnh3QTBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuZwQMA0G
CSqGSIb3DQEBCwUAA4IBAQCVTRB/PjWCa2tpLNZF8yeDa7BilBiylGMPiNtF3565
xJ4lhRFoICAJrqorbJimbGAuEQGAhQM1ozG53Rl42t4ljy7lSQK6F65BBU5HRP2a
v9W9vZBlmDdr8v+Bw51yqIulSU/wwzQx+XivVvbxktKw+Zd7eUOuk87hL688GzGm
cNG8Jwze8uHpUVTU5sTBlL4qByOKhgZFd6IuGahimzxD/+CAHJZPru6tbbaavmvk
vM3Iw/twoUACxLN5UIk+2H3tn3TdyT0jJ4TXfPfZHnhX4uxVQpIoKbMmgXJy1W6z
B5rnPFggG+dXGjlvSz32QR9B2Nl9rHZLkDiGsOAFF80j
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:10:53 2025 by rpki-client