Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/85fa84-5d99-4aa8-8753-5d8ca63681ad/1/oLkr4CQoo0wIFkSkXD6AZ_0xEoU.roa
File: oLkr4CQoo0wIFkSkXD6AZ_0xEoU.roa (raw, json)
Hash identifier: 6UGpt5qi3ESxg0iLlqsZokWI5Ibq0rsX+gN08F/HV5E=
Subject key identifier: A0:B9:2B:E0:24:28:A3:4C:08:16:44:A4:5C:3E:80:67:FD:31:12:85
Certificate issuer: /CN=7c2380d764a9611dfe2fbc0ce0cc40496ec1e83e
Certificate serial: 01856D2F2F67D893769AD0D72ABB61E707C3
Authority key identifier: 7C:23:80:D7:64:A9:61:1D:FE:2F:BC:0C:E0:CC:40:49:6E:C1:E8:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fCOA12SpYR3-L7wM4MxASW7B6D4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/85fa84-5d99-4aa8-8753-5d8ca63681ad/1/oLkr4CQoo0wIFkSkXD6AZ_0xEoU.roa
Signing time: Sun 01 Jan 2023 11:54:46 +0000
ROA not before: Sun 01 Jan 2023 11:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60703
IP address blocks: 185.26.220.0/24 maxlen: 24
185.26.222.0/24 maxlen: 24
185.26.221.0/24 maxlen: 24
2a04:3a00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:2f:2f:67:d8:93:76:9a:d0:d7:2a:bb:61:e7:07:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c2380d764a9611dfe2fbc0ce0cc40496ec1e83e
Validity
Not Before: Jan 1 11:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0b92be02428a34c081644a45c3e8067fd311285
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:32:10:8a:26:d3:77:9b:50:4a:1f:cc:4d:ab:
58:35:4d:45:19:5d:cf:82:51:cf:a1:fa:42:f7:9e:
0b:fd:a6:b0:20:19:3d:c7:12:be:de:44:6c:f0:20:
cc:95:50:85:3d:53:4a:7a:66:b0:d0:2e:93:d5:66:
b8:04:82:8b:dd:05:33:bd:29:05:52:3a:4f:31:fe:
44:21:8b:bb:a4:7e:ad:86:08:1d:dc:9c:96:8c:fe:
a5:df:2f:bd:6e:cc:05:55:94:af:bb:4f:16:ae:ec:
c2:4b:90:1a:ca:2f:45:07:99:5b:a4:15:07:8f:bb:
de:8b:cf:ef:20:36:5a:ef:ec:8a:61:98:59:1e:23:
e0:16:1b:9b:8b:b9:8d:e0:04:f4:31:af:80:ac:f6:
08:6e:77:ed:dc:db:a9:94:2b:b6:5e:20:4e:9c:6d:
13:fd:e5:03:2e:b9:5f:97:48:8c:e3:a3:ef:d9:5b:
f9:4e:0c:64:26:09:0d:06:d0:c8:4f:3a:1a:19:e2:
c9:c9:67:4d:46:46:87:c5:1b:39:fe:81:3a:9e:b7:
c3:04:b1:89:46:d1:45:06:95:51:7d:b9:dc:43:2d:
f9:36:63:34:b8:8e:d0:12:4a:0f:8d:57:7c:12:3f:
28:f1:ac:06:36:bb:6c:37:4d:92:e6:63:25:d2:39:
c3:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:B9:2B:E0:24:28:A3:4C:08:16:44:A4:5C:3E:80:67:FD:31:12:85
X509v3 Authority Key Identifier:
keyid:7C:23:80:D7:64:A9:61:1D:FE:2F:BC:0C:E0:CC:40:49:6E:C1:E8:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fCOA12SpYR3-L7wM4MxASW7B6D4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/85fa84-5d99-4aa8-8753-5d8ca63681ad/1/oLkr4CQoo0wIFkSkXD6AZ_0xEoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/85fa84-5d99-4aa8-8753-5d8ca63681ad/1/fCOA12SpYR3-L7wM4MxASW7B6D4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.26.220.0-185.26.222.255
IPv6:
2a04:3a00::/29
Signature Algorithm: sha256WithRSAEncryption
1e:70:99:98:70:4c:91:eb:7c:a8:aa:50:32:48:b6:f1:ea:e0:
85:f1:18:7b:fd:1a:73:3e:c9:5f:9c:43:46:16:e5:1f:45:09:
e4:ea:d0:c1:2c:f2:48:63:a7:b5:43:2a:db:a6:57:bf:a0:12:
28:99:c1:e8:81:29:a0:5c:fa:de:3b:fd:37:61:f5:3d:33:ab:
f0:fc:81:a1:29:c3:1a:20:08:63:42:64:78:00:b8:a4:9c:c3:
00:61:47:66:b2:68:87:ba:d4:b9:d7:50:b9:6c:f2:14:92:95:
4c:ad:96:11:39:f8:d2:ab:4f:17:a3:06:00:f7:f2:2a:6e:08:
38:90:34:a6:42:07:14:1d:08:ad:a3:3f:31:77:ae:2f:c1:f5:
1e:de:20:ea:69:a3:41:0d:8d:88:12:b4:fd:c0:3b:73:bb:0f:
c9:b4:33:05:f1:02:03:80:20:8f:47:f3:b7:f3:9e:33:60:0c:
a5:2c:8b:ae:26:0e:9b:9e:84:05:6e:df:cd:a9:75:e3:09:c5:
0f:8b:2e:fa:83:b5:6f:56:a9:b9:29:b0:60:94:7d:1b:69:0f:
19:0b:09:35:89:a1:f3:50:5e:54:42:2c:ba:f5:20:ff:9c:8f:
46:7e:df:c0:e8:14:8e:46:cc:25:8b:70:6c:cc:64:f5:9e:cf:
cb:28:1c:66
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVtLy9n2JN2mtDXKrth5wfDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjMjM4MGQ3NjRhOTYxMWRmZTJmYmMwY2UwY2M0MDQ5NmVj
MWU4M2UwHhcNMjMwMTAxMTE1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGI5MmJlMDI0MjhhMzRjMDgxNjQ0YTQ1YzNlODA2N2ZkMzExMjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjIQiibTd5tQSh/MTatYNU1FGV3P
glHPofpC954L/aawIBk9xxK+3kRs8CDMlVCFPVNKemaw0C6T1Wa4BIKL3QUzvSkF
UjpPMf5EIYu7pH6thggd3JyWjP6l3y+9bswFVZSvu08WruzCS5Aayi9FB5lbpBUH
j7vei8/vIDZa7+yKYZhZHiPgFhubi7mN4AT0Ma+ArPYIbnft3NuplCu2XiBOnG0T
/eUDLrlfl0iM46Pv2Vv5TgxkJgkNBtDITzoaGeLJyWdNRkaHxRs5/oE6nrfDBLGJ
RtFFBpVRfbncQy35NmM0uI7QEkoPjVd8Ej8o8awGNrtsN02S5mMl0jnD9wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKC5K+AkKKNMCBZEpFw+gGf9MRKFMB8GA1UdIwQY
MBaAFHwjgNdkqWEd/i+8DODMQEluweg+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkNPQTEyU3BZUjMtTDd3TTRNeEFTVzdCNkQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy84NWZhODQtNWQ5OS00YWE4LTg3NTMt
NWQ4Y2E2MzY4MWFkLzEvb0xrcjRDUW9vMHdJRmtTa1hENkFaXzB4RW9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy84NWZhODQtNWQ5OS00YWE4LTg3NTMtNWQ4Y2E2MzY4MWFk
LzEvZkNPQTEyU3BZUjMtTDd3TTRNeEFTVzdCNkQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAK5GtwD
BAC5Gt4wDQQCAAIwBwMFAyoEOgAwDQYJKoZIhvcNAQELBQADggEBAB5wmZhwTJHr
fKiqUDJItvHq4IXxGHv9GnM+yV+cQ0YW5R9FCeTq0MEs8khjp7VDKtumV7+gEiiZ
weiBKaBc+t47/Tdh9T0zq/D8gaEpwxogCGNCZHgAuKScwwBhR2ayaIe61LnXULls
8hSSlUytlhE5+NKrTxejBgD38ipuCDiQNKZCBxQdCK2jPzF3ri/B9R7eIOppo0EN
jYgStP3AO3O7D8m0MwXxAgOAII9H87fznjNgDKUsi64mDpuehAVu382pdeMJxQ+L
LvqDtW9WqbkpsGCUfRtpDxkLCTWJofNQXlRCLLr1IP+cj0Z+38DoFI5GzCWLcGzM
ZPWez8soHGY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:13 2024 by rpki-client on console-ams.rpki-client.org