Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/OaWZfKDFDu0dtVqIGghNI3aVoiM.roa
File: OaWZfKDFDu0dtVqIGghNI3aVoiM.roa (raw, json)
Hash identifier: 5ewzaQhexP7akjefKLPedbAOBhCrEHLttkIfmi+nKcs=
Subject key identifier: 39:A5:99:7C:A0:C5:0E:ED:1D:B5:5A:88:1A:08:4D:23:76:95:A2:23
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 0186A0DAA6A9704D0235F968FE647A2C1829
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/OaWZfKDFDu0dtVqIGghNI3aVoiM.roa
Signing time: Thu 02 Mar 2023 05:45:29 +0000
ROA not before: Thu 02 Mar 2023 05:45:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46450
IP address blocks: 188.209.136.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a0:da:a6:a9:70:4d:02:35:f9:68:fe:64:7a:2c:18:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Mar 2 05:45:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39a5997ca0c50eed1db55a881a084d237695a223
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:42:cd:df:a2:8b:00:87:e6:49:ae:26:52:e7:
cd:65:0a:70:88:f4:72:33:ea:5e:11:47:01:f1:99:
ff:29:00:e6:19:01:51:8a:e4:70:1c:ed:3a:32:14:
dc:10:c6:70:d0:e6:4e:51:d0:d8:31:74:ec:23:a1:
9d:df:a7:a6:79:e3:d3:60:61:f6:5a:d4:80:a1:d5:
a3:47:8c:9e:50:e9:ed:26:b1:3c:f6:eb:15:ae:49:
8b:d5:76:4e:2b:a9:75:de:b6:4e:ec:5e:70:8f:c3:
c9:e6:5a:33:ca:10:1f:c7:79:01:6c:df:72:55:b2:
92:13:70:65:11:69:dc:2b:32:10:c9:d3:e6:4d:11:
10:f5:35:3d:f4:3b:15:a7:58:0f:b8:42:b0:3f:1f:
e4:17:42:43:aa:d9:c4:c0:d8:f2:4b:c5:7b:de:d3:
dd:e6:dc:34:7d:e1:76:95:1f:22:87:6a:da:8e:b6:
a0:f4:d9:e8:e8:ee:14:f4:39:b2:c1:1f:ad:39:87:
ed:dd:e3:a6:8d:6a:b6:0f:c1:36:1f:9f:96:e9:7b:
59:dc:39:20:e5:e8:42:63:47:8e:9d:0f:f2:a0:4f:
85:50:ae:f7:2e:c9:7a:54:4c:db:88:ea:d0:cb:58:
e2:81:d3:05:b6:78:d3:69:87:d0:64:30:92:c8:71:
9d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:A5:99:7C:A0:C5:0E:ED:1D:B5:5A:88:1A:08:4D:23:76:95:A2:23
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/OaWZfKDFDu0dtVqIGghNI3aVoiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.136.0/22
Signature Algorithm: sha256WithRSAEncryption
25:58:ce:81:72:02:6e:57:4c:bb:79:5a:c3:7f:6c:ec:cf:65:
5d:5a:0b:d7:1d:1a:9a:b9:3b:f6:0d:36:1f:82:89:d9:66:bd:
2c:14:4f:c5:af:6e:95:de:94:bc:82:c6:18:d2:d7:2f:2d:76:
29:1e:3b:7c:34:3b:9d:a8:a6:9f:6c:d9:9a:9d:85:93:98:ad:
e7:5d:69:96:a2:68:b4:79:3f:e6:c4:05:22:99:26:fb:93:f7:
5c:dd:33:bc:12:86:43:14:9e:3e:c4:f4:d5:a3:74:0d:d5:e2:
5e:ac:db:b7:85:99:d9:89:8f:21:6f:14:91:b2:4c:34:b8:bd:
02:42:de:b7:ba:37:59:73:5a:09:f3:ba:d6:46:84:be:2a:52:
0a:cd:85:45:89:f7:24:25:ef:dc:3e:c6:96:41:c2:da:a1:de:
cc:b5:ad:03:6b:14:f0:73:7e:46:13:89:12:d7:88:fc:3d:32:
95:6b:f3:e4:72:f7:36:6b:ca:7c:fa:2c:c1:bf:58:61:d7:bf:
7e:f7:d9:b0:bf:fb:21:12:cd:0e:a0:3a:0a:80:30:14:f2:20:
12:0b:9d:c5:21:66:df:e6:35:fd:51:b3:a6:3b:0e:82:a8:49:
8d:d2:b7:30:1c:e7:12:7e:ef:5c:3a:bf:d3:71:2d:36:1e:d2:
e0:47:fe:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYag2qapcE0CNflo/mR6LBgpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjMwMzAyMDU0NTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWE1OTk3Y2EwYzUwZWVkMWRiNTVhODgxYTA4NGQyMzc2OTVhMjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhULN36KLAIfmSa4mUufNZQpwiPRy
M+peEUcB8Zn/KQDmGQFRiuRwHO06MhTcEMZw0OZOUdDYMXTsI6Gd36emeePTYGH2
WtSAodWjR4yeUOntJrE89usVrkmL1XZOK6l13rZO7F5wj8PJ5lozyhAfx3kBbN9y
VbKSE3BlEWncKzIQydPmTREQ9TU99DsVp1gPuEKwPx/kF0JDqtnEwNjyS8V73tPd
5tw0feF2lR8ih2rajrag9Nno6O4U9DmywR+tOYft3eOmjWq2D8E2H5+W6XtZ3Dkg
5ehCY0eOnQ/yoE+FUK73Lsl6VEzbiOrQy1jigdMFtnjTaYfQZDCSyHGdVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDmlmXygxQ7tHbVaiBoITSN2laIjMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvT2FXWmZLREZEdTBkdFZxSUdnaE5JM2FWb2lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvNGIMA0G
CSqGSIb3DQEBCwUAA4IBAQAlWM6BcgJuV0y7eVrDf2zsz2VdWgvXHRqauTv2DTYf
gonZZr0sFE/Fr26V3pS8gsYY0tcvLXYpHjt8NDudqKafbNmanYWTmK3nXWmWomi0
eT/mxAUimSb7k/dc3TO8EoZDFJ4+xPTVo3QN1eJerNu3hZnZiY8hbxSRskw0uL0C
Qt63ujdZc1oJ87rWRoS+KlIKzYVFifckJe/cPsaWQcLaod7Mta0DaxTwc35GE4kS
14j8PTKVa/Pkcvc2a8p8+izBv1hh179+99mwv/shEs0OoDoKgDAU8iASC53FIWbf
5jX9UbOmOw6CqEmN0rcwHOcSfu9cOr/TcS02HtLgR/4E
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:07 2024 by rpki-client on console-ams.rpki-client.org