Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/ojNUT_k7bOnsqItI0xywtErf_j4.roa
File: ojNUT_k7bOnsqItI0xywtErf_j4.roa (raw, json)
Hash identifier: bZqQnVPjHmXcq1GbQ+/3Hrzbnep9cfTfmWW033KS/MM=
Subject key identifier: A2:33:54:4F:F9:3B:6C:E9:EC:A8:8B:48:D3:1C:B0:B4:4A:DF:FE:3E
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 0191320A0BD250969268940AD8BC93DA997B
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/ojNUT_k7bOnsqItI0xywtErf_j4.roa
Signing time: Thu 08 Aug 2024 12:50:04 +0000
ROA not before: Thu 08 Aug 2024 12:50:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 188.209.128.0/22 maxlen: 24
188.209.132.0/22 maxlen: 24
194.15.97.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 11 Aug 2024 19:11:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:32:0a:0b:d2:50:96:92:68:94:0a:d8:bc:93:da:99:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Aug 8 12:50:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a233544ff93b6ce9eca88b48d31cb0b44adffe3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b4:e7:3d:92:1d:58:23:75:03:7d:79:b2:f2:
0f:97:35:e3:60:66:3b:e8:d0:0c:f9:11:38:02:bb:
55:e1:c0:ff:c4:47:19:66:95:1d:a9:ef:7a:a5:46:
2f:04:8f:f5:11:e0:32:30:6f:d2:2b:f9:82:7a:34:
11:51:4c:55:48:59:6c:d2:64:c4:0d:c7:f1:0f:c9:
74:de:a4:31:02:48:57:fe:50:70:c6:23:96:d2:53:
89:e9:c8:f1:51:9f:53:ca:81:ec:44:80:b0:37:2d:
b1:9e:e2:33:dc:f5:b4:9a:95:76:6d:92:70:55:91:
66:b0:3f:8b:34:8d:0f:37:a9:c6:d2:29:fa:5a:34:
de:5f:be:86:e1:ff:5b:d0:18:cb:44:82:a5:e5:3b:
f2:3d:40:23:f5:38:38:81:a1:7e:fd:95:f6:b4:7b:
9f:23:bf:25:1a:fe:b2:db:59:48:88:90:a3:ab:88:
02:bd:82:a9:4a:3f:e2:28:48:a0:52:1f:56:9c:5f:
55:54:7b:76:83:8c:a6:27:aa:8c:a2:22:2f:ab:11:
59:85:25:ec:6d:a7:26:2f:ff:92:01:44:a8:d0:8a:
01:88:5f:ac:6b:b6:a4:c1:0b:7a:2e:60:72:db:0d:
a4:06:1b:9b:9f:7b:94:17:46:d0:c3:13:51:61:38:
19:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:33:54:4F:F9:3B:6C:E9:EC:A8:8B:48:D3:1C:B0:B4:4A:DF:FE:3E
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/ojNUT_k7bOnsqItI0xywtErf_j4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.128.0/21
194.15.97.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:6b:00:13:aa:3c:b0:15:c1:c7:57:67:8b:69:cd:84:e5:f4:
2f:4c:4b:74:64:7d:95:ae:49:7b:f1:43:59:f5:15:73:5e:aa:
07:9e:87:68:ff:ec:d5:93:c9:94:b1:f1:4f:35:ff:7b:88:e1:
ae:a0:d2:f3:6a:20:4a:84:04:97:19:09:7d:25:a4:46:2b:33:
a2:38:5f:c9:7a:72:ec:7d:60:f3:c4:57:7d:69:50:55:37:f2:
08:bf:62:6f:43:1d:f3:b4:2a:b0:ac:cb:f3:3e:b1:a8:e9:18:
6b:d4:74:f8:b5:f4:84:c0:3d:c8:4e:97:c1:8e:1d:4c:13:e3:
fb:7e:30:26:7e:ef:72:67:ad:69:81:b8:2b:54:bd:d2:f2:5b:
e8:23:6a:34:05:88:e7:c1:3f:b4:cb:43:9e:05:c6:22:85:ba:
2f:4e:b7:33:13:7e:f4:46:65:48:54:dc:98:29:2f:39:1a:6a:
85:70:2c:26:d8:3c:37:1e:c3:ff:5c:48:06:96:12:93:22:6c:
cd:fd:fe:c0:71:18:9a:6f:5d:4a:bd:a5:db:d2:2a:9b:91:e3:
2a:56:79:54:e4:69:a1:ce:0d:72:21:e7:79:a7:88:69:be:12:
57:63:70:98:d9:8e:09:6e:8f:31:c6:ed:3c:2c:9a:86:d0:3a:
bc:69:06:77
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZEyCgvSUJaSaJQK2LyT2pl7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwODA4MTI1MDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjMzNTQ0ZmY5M2I2Y2U5ZWNhODhiNDhkMzFjYjBiNDRhZGZmZTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrTnPZIdWCN1A315svIPlzXjYGY7
6NAM+RE4ArtV4cD/xEcZZpUdqe96pUYvBI/1EeAyMG/SK/mCejQRUUxVSFls0mTE
DcfxD8l03qQxAkhX/lBwxiOW0lOJ6cjxUZ9TyoHsRICwNy2xnuIz3PW0mpV2bZJw
VZFmsD+LNI0PN6nG0in6WjTeX76G4f9b0BjLRIKl5TvyPUAj9Tg4gaF+/ZX2tHuf
I78lGv6y21lIiJCjq4gCvYKpSj/iKEigUh9WnF9VVHt2g4ymJ6qMoiIvqxFZhSXs
bacmL/+SAUSo0IoBiF+sa7akwQt6LmBy2w2kBhubn3uUF0bQwxNRYTgZLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKIzVE/5O2zp7KiLSNMcsLRK3/4+MB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvb2pOVVRfazdiT25zcUl0STB4eXd0RXJmX2o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDvNGAAwQA
wg9hMA0GCSqGSIb3DQEBCwUAA4IBAQBfawATqjywFcHHV2eLac2E5fQvTEt0ZH2V
rkl78UNZ9RVzXqoHnodo/+zVk8mUsfFPNf97iOGuoNLzaiBKhASXGQl9JaRGKzOi
OF/JenLsfWDzxFd9aVBVN/IIv2JvQx3ztCqwrMvzPrGo6Rhr1HT4tfSEwD3ITpfB
jh1ME+P7fjAmfu9yZ61pgbgrVL3S8lvoI2o0BYjnwT+0y0OeBcYihbovTrczE370
RmVIVNyYKS85GmqFcCwm2Dw3HsP/XEgGlhKTImzN/f7AcRiab11KvaXb0iqbkeMq
VnlU5Gmhzg1yIed5p4hpvhJXY3CY2Y4Jbo8xxu08LJqG0Dq8aQZ3
-----END CERTIFICATE-----
Generated at Sun Aug 11 20:20:19 2024 by rpki-client on console-fra.rpki-client.org