Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/1-oyBoxixJlsCZxUo2QHhvXIODdw.roa
File: 1-oyBoxixJlsCZxUo2QHhvXIODdw.roa (raw, json)
Hash identifier: TW8TXUZhza83bMD793ks7bLgi2TZQT99+HgzJJsTAMs=
Subject key identifier: FA:8C:81:A3:18:B1:26:5B:02:67:15:28:D9:01:E1:BD:72:0E:0D:DC
Certificate issuer: /CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
Certificate serial: 018CC794CC549F8AF6F170F6D1C709301A82
Authority key identifier: D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/1-oyBoxixJlsCZxUo2QHhvXIODdw.roa
Signing time: Tue 02 Jan 2024 00:31:06 +0000
ROA not before: Tue 02 Jan 2024 00:31:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.199.29.0/24 maxlen: 24
81.199.26.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 13:40:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:cc:54:9f:8a:f6:f1:70:f6:d1:c7:09:30:1a:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
Validity
Not Before: Jan 2 00:31:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa8c81a318b1265b02671528d901e1bd720e0ddc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d8:f1:12:28:a8:f8:a8:68:66:7f:a3:de:e7:
34:e1:3d:7c:f7:95:04:5c:32:d2:3f:0c:75:27:cc:
0e:65:a4:6c:7e:f3:ab:3c:0f:5a:ea:7f:5b:f9:23:
2d:b7:b2:17:7d:a1:30:81:6d:91:32:ed:60:f0:b6:
2e:dd:81:dd:a0:c8:8f:71:f2:27:24:bf:34:b8:4d:
1f:a0:62:41:5a:5e:fa:0a:9d:f6:64:d1:80:d1:e4:
0f:50:fa:b9:01:cc:c3:04:bd:37:53:e9:49:4a:46:
49:a3:85:87:d3:1f:ba:50:09:db:d2:77:03:e6:9c:
1a:f2:03:06:bf:bd:bd:98:66:9e:36:99:bf:dc:db:
11:46:1b:70:77:43:ff:3b:8b:03:f6:e2:da:d0:da:
5e:18:93:14:44:7b:56:4e:e3:bf:ba:c4:08:54:f5:
2d:4d:84:1c:b3:e4:e1:eb:88:97:0d:55:02:f5:f5:
e7:c5:c5:c0:ec:e9:5d:10:11:37:80:2e:a1:35:f3:
05:23:cd:59:2c:60:2c:ed:3d:c8:4e:e2:91:8c:00:
80:b0:8d:10:b6:e3:5c:83:d3:da:3d:53:ba:c7:f5:
6b:00:fb:43:ed:23:3f:58:1a:e6:0b:45:c8:57:38:
01:41:3b:bb:34:01:0e:75:6c:d8:1c:a8:dc:c6:67:
96:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:8C:81:A3:18:B1:26:5B:02:67:15:28:D9:01:E1:BD:72:0E:0D:DC
X509v3 Authority Key Identifier:
keyid:D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/1-oyBoxixJlsCZxUo2QHhvXIODdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/0d4STg-K2059lXbOrjJfZo3SJLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.199.26.0/24
81.199.29.0/24
Signature Algorithm: sha256WithRSAEncryption
15:61:3a:1a:00:c6:57:5e:06:62:ae:0b:45:89:8c:63:1a:62:
98:00:56:f6:84:5d:f2:e8:2c:2c:58:7f:cb:63:05:52:b2:61:
da:f1:b0:67:01:84:d4:2d:e4:69:3b:fd:4a:56:9d:7d:00:9a:
4f:e6:38:3c:db:e8:3f:67:10:18:a9:12:ee:58:4b:68:d0:1d:
37:bf:d3:85:76:9e:bd:1c:ad:e1:46:e8:14:ae:20:91:8c:e4:
59:e5:9c:f7:bb:7f:29:91:49:7f:3f:ba:bf:fa:18:21:01:33:
53:a9:21:e5:41:38:0d:72:eb:25:c8:c2:aa:c9:da:cb:3e:45:
a0:0b:a4:32:08:da:2f:24:7f:92:14:72:ce:5f:f4:f7:68:30:
cf:57:9f:12:c5:58:64:7d:b4:13:ba:52:5e:dd:1d:cc:89:6c:
48:11:80:89:aa:81:c5:79:be:4d:14:2b:24:b4:ca:8a:67:99:
d1:ba:b9:33:23:f5:67:f0:f0:15:ab:e4:84:2d:e1:54:a3:af:
d7:c0:72:3e:8e:5c:e6:8b:95:ed:20:eb:8f:30:0a:00:19:b3:
f2:b6:1c:74:93:5e:22:05:4c:8e:a2:d3:5b:f7:cd:ce:b3:0d:
43:1f:e0:8e:8c:b6:90:1c:62:8c:b4:13:9a:f2:25:d8:80:4b:
51:f9:fe:1c
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYzHlMxUn4r28XD20ccJMBqCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGUxMjRlMGY4YWRiNGU3ZDk1NzZjZWFlMzI1ZjY2OGRk
MjI0YjEwHhcNMjQwMTAyMDAzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYThjODFhMzE4YjEyNjViMDI2NzE1MjhkOTAxZTFiZDcyMGUwZGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9jxEiio+KhoZn+j3uc04T1895UE
XDLSPwx1J8wOZaRsfvOrPA9a6n9b+SMtt7IXfaEwgW2RMu1g8LYu3YHdoMiPcfIn
JL80uE0foGJBWl76Cp32ZNGA0eQPUPq5AczDBL03U+lJSkZJo4WH0x+6UAnb0ncD
5pwa8gMGv729mGaeNpm/3NsRRhtwd0P/O4sD9uLa0NpeGJMURHtWTuO/usQIVPUt
TYQcs+Th64iXDVUC9fXnxcXA7OldEBE3gC6hNfMFI81ZLGAs7T3ITuKRjACAsI0Q
tuNcg9PaPVO6x/VrAPtD7SM/WBrmC0XIVzgBQTu7NAEOdWzYHKjcxmeW9wIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPqMgaMYsSZbAmcVKNkB4b1yDg3cMB8GA1UdIwQY
MBaAFNHeEk4PittOfZV2zq4yX2aN0iSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGQ0U1RnLUsyMDU5bFhiT3JqSmZabzNTSkxFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hYmUxMzQtMDA5My00NjUyLTkwNTct
NGY0YzliMzQzZTkwLzEvMS1veUJveGl4SmxzQ1p4VW8yUUhodlhJT0Rkdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2EvYWJlMTM0LTAwOTMtNDY1Mi05MDU3LTRmNGM5YjM0M2U5
MC8xLzBkNFNUZy1LMjA1OWxYYk9yakpmWm8zU0pMRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFHHGgME
AFHHHTANBgkqhkiG9w0BAQsFAAOCAQEAFWE6GgDGV14GYq4LRYmMYxpimABW9oRd
8ugsLFh/y2MFUrJh2vGwZwGE1C3kaTv9SladfQCaT+Y4PNvoP2cQGKkS7lhLaNAd
N7/ThXaevRyt4UboFK4gkYzkWeWc97t/KZFJfz+6v/oYIQEzU6kh5UE4DXLrJcjC
qsnayz5FoAukMgjaLyR/khRyzl/092gwz1efEsVYZH20E7pSXt0dzIlsSBGAiaqB
xXm+TRQrJLTKimeZ0bq5MyP1Z/DwFavkhC3hVKOv18ByPo5c5ouV7SDrjzAKABmz
8rYcdJNeIgVMjqLTW/fNzrMNQx/gjoy2kBxijLQTmvIl2IBLUfn+HA==
-----END CERTIFICATE-----
Generated at Wed Jan 31 17:49:59 2024 by rpki-client on console-ams.rpki-client.org