Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/OC1WDd4Clpc0MIatuAeBoJzJQlk.roa
File: OC1WDd4Clpc0MIatuAeBoJzJQlk.roa (raw, json)
Hash identifier: vYFhy2KoUvclzB3pBwEdaApwSAYwLHWUQ6dQCZXn8HU=
Subject key identifier: 38:2D:56:0D:DE:02:96:97:34:30:86:AD:B8:07:81:A0:9C:C9:42:59
Certificate issuer: /CN=37ed49efac9795987771acdc77a0e228904277ad
Certificate serial: 018BFD6D024EE6C7A86F930D1E9A79CBF5CF
Authority key identifier: 37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/OC1WDd4Clpc0MIatuAeBoJzJQlk.roa
Signing time: Thu 23 Nov 2023 18:24:21 +0000
ROA not before: Thu 23 Nov 2023 18:24:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9123
IP address blocks: 178.130.131.0/24 maxlen: 24
178.130.132.0/24 maxlen: 24
178.130.133.0/24 maxlen: 24
109.172.80.0/24 maxlen: 24
109.172.81.0/24 maxlen: 24
109.172.82.0/24 maxlen: 24
109.172.83.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fd:6d:02:4e:e6:c7:a8:6f:93:0d:1e:9a:79:cb:f5:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37ed49efac9795987771acdc77a0e228904277ad
Validity
Not Before: Nov 23 18:24:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=382d560dde029697343086adb80781a09cc94259
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:da:35:55:88:d1:d8:ea:bc:f5:bf:ac:24:bb:
6f:b4:bd:fa:b8:fa:b4:e1:45:e8:df:0c:c2:18:59:
91:32:1b:b9:f8:fb:e1:7c:73:c9:14:b7:1d:9c:06:
db:ce:48:5d:0b:2a:2a:3b:eb:2a:d3:66:66:9b:e1:
e6:37:2f:ac:79:55:08:b0:08:36:bf:68:d1:ef:b4:
f5:96:83:b9:0b:88:9e:0e:cf:0d:9f:c9:7d:19:6a:
92:2a:f6:d2:be:5a:4d:c2:19:7b:5b:19:a0:4f:bd:
d4:0e:3a:b0:78:d9:96:74:dd:1c:c2:3d:19:7c:a6:
7e:40:e9:d0:6b:98:11:82:a8:cc:e5:00:22:97:e5:
b7:00:fa:16:fa:78:ba:7f:bc:9b:ff:b4:a8:60:59:
db:2a:c1:63:01:5c:67:43:f4:bf:c5:c0:8e:11:d5:
42:f0:a6:de:a1:a4:04:fd:ba:5b:d8:09:01:f5:fa:
97:f1:0d:ba:2f:d4:91:9a:7e:30:0e:15:b0:75:6a:
0f:29:23:e4:5e:b8:c9:7f:d9:da:8f:f6:fa:55:d6:
89:36:9d:fd:ea:7d:8e:27:cb:52:a2:36:08:b1:e5:
3a:21:fa:dd:d2:d3:46:92:b0:aa:37:45:a9:b2:78:
43:f9:b0:ce:e1:d2:61:59:0f:62:5a:08:8d:4c:8b:
81:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:2D:56:0D:DE:02:96:97:34:30:86:AD:B8:07:81:A0:9C:C9:42:59
X509v3 Authority Key Identifier:
keyid:37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/OC1WDd4Clpc0MIatuAeBoJzJQlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/N-1J76yXlZh3cazcd6DiKJBCd60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.172.80.0/22
178.130.131.0-178.130.133.255
Signature Algorithm: sha256WithRSAEncryption
04:f3:19:54:93:50:28:56:7a:c2:1e:cc:d7:48:b4:35:24:06:
cd:d7:a9:db:97:54:a9:c3:6a:15:e3:b2:ee:ea:71:ba:02:94:
98:c8:66:0c:20:86:58:05:b4:ff:ac:0d:29:b6:f6:dd:3f:5d:
f3:47:43:ba:72:7e:28:39:3a:9b:db:bd:2a:75:a7:dd:34:0e:
43:0f:fc:f3:f4:3d:08:98:25:32:06:72:c6:37:bf:2a:45:c6:
73:a0:3f:18:2f:ed:0e:ea:4b:91:7a:63:8a:6f:f2:28:dc:6d:
9d:42:11:cf:75:d1:6c:55:db:f2:ec:6e:34:3e:55:5f:a4:f2:
3b:2d:8d:a1:c8:14:b5:ca:06:0c:43:50:73:fe:14:89:35:fd:
bc:d2:10:b8:dd:3f:e4:cd:3c:ab:cd:ec:76:cc:38:15:68:f4:
cf:a2:5a:92:50:2e:63:e8:77:6f:bf:64:56:1a:96:28:32:2e:
ec:da:cc:6a:5f:dc:ba:0b:1c:d5:d5:fb:d1:50:dd:33:32:16:
09:26:2a:a8:b3:9b:48:3d:05:33:c0:8e:10:18:f9:f2:15:96:
44:9c:73:39:ce:1e:ac:a3:ee:e8:37:4b:3e:bc:5d:e4:60:7d:
0f:8c:7a:e4:df:c7:7a:47:14:f7:a2:f4:e8:82:b4:0c:65:39:
b9:4b:70:8c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYv9bQJO5seob5MNHpp5y/XPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZWQ0OWVmYWM5Nzk1OTg3NzcxYWNkYzc3YTBlMjI4OTA0
Mjc3YWQwHhcNMjMxMTIzMTgyNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODJkNTYwZGRlMDI5Njk3MzQzMDg2YWRiODA3ODFhMDljYzk0MjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdo1VYjR2Oq89b+sJLtvtL36uPq0
4UXo3wzCGFmRMhu5+PvhfHPJFLcdnAbbzkhdCyoqO+sq02Zmm+HmNy+seVUIsAg2
v2jR77T1loO5C4ieDs8Nn8l9GWqSKvbSvlpNwhl7WxmgT73UDjqweNmWdN0cwj0Z
fKZ+QOnQa5gRgqjM5QAil+W3APoW+ni6f7yb/7SoYFnbKsFjAVxnQ/S/xcCOEdVC
8KbeoaQE/bpb2AkB9fqX8Q26L9SRmn4wDhWwdWoPKSPkXrjJf9naj/b6VdaJNp39
6n2OJ8tSojYIseU6Ifrd0tNGkrCqN0WpsnhD+bDO4dJhWQ9iWgiNTIuBqQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDgtVg3eApaXNDCGrbgHgaCcyUJZMB8GA1UdIwQY
MBaAFDftSe+sl5WYd3Gs3Heg4iiQQnetMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAt
NmEwNmI3NTAyYmQ3LzEvT0MxV0RkNENscGMwTUlhdHVBZUJvSnpKUWxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAtNmEwNmI3NTAyYmQ3
LzEvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCbaxQMAwD
BACygoMDBAGygoQwDQYJKoZIhvcNAQELBQADggEBAATzGVSTUChWesIezNdItDUk
Bs3XqduXVKnDahXjsu7qcboClJjIZgwghlgFtP+sDSm29t0/XfNHQ7pyfig5Opvb
vSp1p900DkMP/PP0PQiYJTIGcsY3vypFxnOgPxgv7Q7qS5F6Y4pv8ijcbZ1CEc91
0WxV2/LsbjQ+VV+k8jstjaHIFLXKBgxDUHP+FIk1/bzSELjdP+TNPKvN7HbMOBVo
9M+iWpJQLmPod2+/ZFYaligyLuzazGpf3LoLHNXV+9FQ3TMyFgkmKqizm0g9BTPA
jhAY+fIVlkSccznOHqyj7ug3Sz68XeRgfQ+MeuTfx3pHFPei9OiCtAxlOblLcIw=
-----END CERTIFICATE-----
Generated at Wed Nov 29 17:15:24 2023 by rpki-client on console-fra.rpki-client.org