Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/oHPkI32PtijsbWU9ZmuZvwmH61I.roa
File: oHPkI32PtijsbWU9ZmuZvwmH61I.roa (raw, json)
Hash identifier: 5VKc16a1ZTPTzUbsork9MWzKwlr4ZT4p1Z3DjLbNwk0=
Subject key identifier: A0:73:E4:23:7D:8F:B6:28:EC:6D:65:3D:66:6B:99:BF:09:87:EB:52
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0187E741D1DA5FF8EFDDF2B8B0B4FB7A7B07
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/oHPkI32PtijsbWU9ZmuZvwmH61I.roa
Signing time: Thu 04 May 2023 14:54:23 +0000
ROA not before: Thu 04 May 2023 14:54:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57043
IP address blocks: 213.209.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 May 2023 13:38:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e7:41:d1:da:5f:f8:ef:dd:f2:b8:b0:b4:fb:7a:7b:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: May 4 14:54:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a073e4237d8fb628ec6d653d666b99bf0987eb52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b6:90:bd:94:59:9a:bf:10:7e:03:03:10:79:
da:af:63:f5:7a:ab:2c:79:2b:46:ff:9a:df:d8:ae:
2d:c0:3c:0c:3f:ca:8a:74:ff:8c:b3:c8:5c:bd:c6:
4c:6c:8b:40:1f:95:eb:0e:e2:64:4a:71:f8:11:06:
ee:88:dc:51:ca:01:9a:07:e6:f2:f3:72:53:f5:b0:
56:22:e9:c4:38:db:01:61:64:27:43:5d:a9:e5:40:
31:00:1e:a1:d0:d1:54:19:f4:8a:19:f5:f9:fc:5a:
24:c5:47:83:b6:47:fc:fa:ec:29:12:f9:90:e6:23:
50:e9:e0:6c:5a:99:4a:22:5e:e7:86:b2:97:d4:99:
5e:b7:f8:07:2e:1c:da:bc:dd:ee:c0:c3:c7:2a:23:
2c:e8:2f:35:e6:ed:f7:d1:b9:c0:c9:85:a9:e8:36:
9c:04:eb:e2:3b:35:88:ad:e8:61:77:b5:a9:ac:62:
d3:31:86:e1:bb:98:b3:60:b9:d7:f9:3f:f0:99:dd:
8c:25:a2:08:1a:51:2a:c9:83:c9:42:af:a6:9f:ea:
db:7d:c1:ef:2b:0e:f2:49:31:98:f9:bb:3c:6d:22:
48:a6:f3:eb:83:85:ed:fd:80:3b:54:aa:99:9c:08:
80:be:87:9e:80:92:9a:e2:1d:2d:1d:a2:4f:1d:b1:
a6:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:73:E4:23:7D:8F:B6:28:EC:6D:65:3D:66:6B:99:BF:09:87:EB:52
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/oHPkI32PtijsbWU9ZmuZvwmH61I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.209.130.0/24
Signature Algorithm: sha256WithRSAEncryption
01:96:b3:1a:c8:82:99:e0:c0:c1:b5:11:61:bf:a3:c7:8d:aa:
0f:6a:50:e5:5a:c9:c6:7a:8b:a3:42:33:68:54:8c:04:89:e5:
14:16:40:45:2f:58:7a:1c:35:b3:36:e7:f9:e9:b4:48:a9:f3:
63:f4:86:13:8a:c0:9d:db:54:66:f3:00:fb:e4:a6:1e:68:9a:
ac:bd:65:5d:44:0a:4b:84:cc:62:2f:de:61:8d:a2:7f:62:01:
db:8f:35:58:39:57:f8:8a:c4:36:a5:ec:ce:27:2a:1f:9d:bc:
83:82:d7:6f:48:a6:95:88:bd:e7:f6:85:31:55:65:5c:49:43:
fc:ba:99:57:b7:d5:cf:40:fd:37:5c:7e:fd:83:76:87:ac:aa:
04:86:ba:a9:b7:c6:61:85:8e:fc:2a:bd:8b:93:a1:0a:8c:f2:
b1:bc:b2:74:47:dd:fa:1d:9f:63:d7:a5:36:79:e6:c6:77:87:
dd:7b:fd:73:21:49:7e:79:e8:67:c1:c1:ba:c4:e7:63:0d:59:
92:0e:0b:5c:58:22:35:36:7c:a3:7f:0c:35:f0:f6:dc:b6:7e:
29:4e:40:6b:81:44:a4:2e:6f:f0:2a:a5:0b:26:e7:20:b8:c4:
74:74:bd:54:b9:c6:6a:83:f7:32:10:43:37:29:73:20:21:ea:
1c:16:36:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfnQdHaX/jv3fK4sLT7ensHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwNTA0MTQ1NDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDczZTQyMzdkOGZiNjI4ZWM2ZDY1M2Q2NjZiOTliZjA5ODdlYjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbaQvZRZmr8QfgMDEHnar2P1eqss
eStG/5rf2K4twDwMP8qKdP+Ms8hcvcZMbItAH5XrDuJkSnH4EQbuiNxRygGaB+by
83JT9bBWIunEONsBYWQnQ12p5UAxAB6h0NFUGfSKGfX5/FokxUeDtkf8+uwpEvmQ
5iNQ6eBsWplKIl7nhrKX1Jlet/gHLhzavN3uwMPHKiMs6C815u330bnAyYWp6Dac
BOviOzWIrehhd7WprGLTMYbhu5izYLnX+T/wmd2MJaIIGlEqyYPJQq+mn+rbfcHv
Kw7ySTGY+bs8bSJIpvPrg4Xt/YA7VKqZnAiAvoeegJKa4h0tHaJPHbGmZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKBz5CN9j7Yo7G1lPWZrmb8Jh+tSMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvb0hQa0kzMlB0aWpzYldVOVptdVp2d21INjFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1dGCMA0G
CSqGSIb3DQEBCwUAA4IBAQABlrMayIKZ4MDBtRFhv6PHjaoPalDlWsnGeoujQjNo
VIwEieUUFkBFL1h6HDWzNuf56bRIqfNj9IYTisCd21Rm8wD75KYeaJqsvWVdRApL
hMxiL95hjaJ/YgHbjzVYOVf4isQ2pezOJyofnbyDgtdvSKaViL3n9oUxVWVcSUP8
uplXt9XPQP03XH79g3aHrKoEhrqpt8ZhhY78Kr2Lk6EKjPKxvLJ0R936HZ9j16U2
eebGd4fde/1zIUl+eehnwcG6xOdjDVmSDgtcWCI1Nnyjfww18Pbctn4pTkBrgUSk
Lm/wKqULJucguMR0dL1UucZqg/cyEEM3KXMgIeocFjY3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org