Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/oJxfmbyt71uDqA2MKz4j8NVcXEo.roa
File: oJxfmbyt71uDqA2MKz4j8NVcXEo.roa (raw, json)
Hash identifier: PlQJjrrRY7aNvzUQyVnxXo7VbhKKgFMhaKH5WkyRfSs=
Subject key identifier: A0:9C:5F:99:BC:AD:EF:5B:83:A8:0D:8C:2B:3E:23:F0:D5:5C:5C:4A
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 01856BCA1BC9A4E8FFFE4F89912F3D0F56C5
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/oJxfmbyt71uDqA2MKz4j8NVcXEo.roa
Signing time: Sun 01 Jan 2023 05:24:45 +0000
ROA not before: Sun 01 Jan 2023 05:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54103
IP address blocks: 194.55.129.0/24 maxlen: 24
193.201.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ca:1b:c9:a4:e8:ff:fe:4f:89:91:2f:3d:0f:56:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 05:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a09c5f99bcadef5b83a80d8c2b3e23f0d55c5c4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:35:d5:2d:f0:fa:d3:1c:22:e2:60:f7:54:e1:
b9:4c:fc:a6:24:b5:69:25:c5:6d:9c:d0:d3:f5:a4:
ee:54:1a:9c:c6:4c:3d:ae:3a:51:0e:ca:d7:09:aa:
0d:8d:b0:37:10:ef:cf:b3:b1:49:4d:9f:9c:a7:a9:
2e:3c:62:3d:95:04:7b:57:b0:80:56:a1:fe:f7:14:
eb:e1:7b:d2:27:a0:b6:cc:ce:eb:79:4b:a0:45:71:
ec:e3:94:8d:68:41:d9:59:50:90:c2:8a:23:25:b8:
bf:60:e2:01:dd:5c:ff:e0:1b:02:fa:03:22:4c:89:
40:fe:b7:40:1f:f5:f6:ec:75:1c:5c:ac:05:9e:f0:
39:77:dc:68:28:d6:40:d2:7b:b9:1c:ce:e5:a5:51:
c4:1a:78:87:f0:39:11:16:20:73:f8:38:dc:ff:60:
68:d0:4c:b3:b2:97:d5:77:09:2a:3f:2b:1f:7f:a9:
22:39:9d:b0:74:0b:4d:10:91:8d:cd:36:0b:ed:52:
eb:36:c2:71:98:e5:b5:77:ff:f0:ac:0a:f9:f4:e1:
dd:ba:bc:a0:4a:b5:f4:bf:eb:55:98:96:b2:ce:c2:
ee:7e:45:99:d2:b5:38:46:e3:f2:9e:06:44:49:20:
33:82:8c:87:c1:ad:c4:f4:12:e4:2e:5c:a0:b0:d9:
79:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:9C:5F:99:BC:AD:EF:5B:83:A8:0D:8C:2B:3E:23:F0:D5:5C:5C:4A
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/oJxfmbyt71uDqA2MKz4j8NVcXEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.201.203.0/24
194.55.129.0/24
Signature Algorithm: sha256WithRSAEncryption
21:ec:31:48:e4:61:44:6a:07:75:91:1e:b1:c3:a5:97:9d:df:
2c:31:ad:38:31:22:7f:65:4a:66:1f:e5:19:24:c0:d5:ed:cf:
d3:5b:42:8b:81:f5:cd:e7:41:0e:13:7e:e2:a2:23:48:b5:56:
33:ad:f6:30:c4:ff:b4:42:0b:ac:73:3a:7f:2a:c9:a0:fa:cb:
d9:eb:50:0f:88:a4:65:0b:ad:90:f7:b5:18:dc:38:ae:fe:fb:
d7:cc:b3:bb:82:72:05:e4:34:7d:50:8e:bd:ac:6f:cd:f9:77:
55:b9:d5:07:5f:23:4d:b3:0f:30:6c:c5:46:a3:e9:cc:9e:3c:
e7:26:91:3f:24:6b:f0:99:fb:13:9f:3f:9b:b9:67:7b:8a:d1:
13:2b:2c:26:47:d0:78:f0:09:4f:22:c1:ef:f2:52:02:fa:8a:
10:34:ee:81:b3:2f:f2:8b:5d:b5:90:4b:cf:a6:bc:5e:a4:ee:
20:fd:93:a3:32:4a:a0:0f:01:e1:d8:b6:c9:e1:a6:18:4d:cb:
9b:b5:a2:c6:fa:6f:d4:81:35:fb:fb:d3:a2:09:3a:8d:21:77:
cc:57:af:7b:09:f5:5d:b9:34:bd:77:ed:31:db:46:30:ce:a4:
98:3c:c8:74:0f:09:1a:b8:2f:27:91:00:0c:0f:72:90:0d:b0:
5a:b7:3d:94
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVryhvJpOj//k+JkS89D1bFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMwMTAxMDUyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDljNWY5OWJjYWRlZjViODNhODBkOGMyYjNlMjNmMGQ1NWM1YzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzXVLfD60xwi4mD3VOG5TPymJLVp
JcVtnNDT9aTuVBqcxkw9rjpRDsrXCaoNjbA3EO/Ps7FJTZ+cp6kuPGI9lQR7V7CA
VqH+9xTr4XvSJ6C2zM7reUugRXHs45SNaEHZWVCQwoojJbi/YOIB3Vz/4BsC+gMi
TIlA/rdAH/X27HUcXKwFnvA5d9xoKNZA0nu5HM7lpVHEGniH8DkRFiBz+Djc/2Bo
0EyzspfVdwkqPysff6kiOZ2wdAtNEJGNzTYL7VLrNsJxmOW1d//wrAr59OHduryg
SrX0v+tVmJayzsLufkWZ0rU4RuPyngZESSAzgoyHwa3E9BLkLlygsNl5YQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKCcX5m8re9bg6gNjCs+I/DVXFxKMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvb0p4Zm1ieXQ3MXVEcUEyTUt6NGo4TlZjWEVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwcnLAwQA
wjeBMA0GCSqGSIb3DQEBCwUAA4IBAQAh7DFI5GFEagd1kR6xw6WXnd8sMa04MSJ/
ZUpmH+UZJMDV7c/TW0KLgfXN50EOE37ioiNItVYzrfYwxP+0Qgusczp/Ksmg+svZ
61APiKRlC62Q97UY3Diu/vvXzLO7gnIF5DR9UI69rG/N+XdVudUHXyNNsw8wbMVG
o+nMnjznJpE/JGvwmfsTnz+buWd7itETKywmR9B48AlPIsHv8lIC+ooQNO6Bsy/y
i121kEvPprxepO4g/ZOjMkqgDwHh2LbJ4aYYTcubtaLG+m/UgTX7+9OiCTqNIXfM
V697CfVduTS9d+0x20YwzqSYPMh0DwkauC8nkQAMD3KQDbBatz2U
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:24 2024 by rpki-client on console-fra.rpki-client.org