Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/d71ef8-4b98-400a-89ee-c61bf7749df5/1/oj3h-O9wLdCzQqFYBNshjWgkAUw.roa
File: oj3h-O9wLdCzQqFYBNshjWgkAUw.roa (raw, json)
Hash identifier: WGrt1dJjAJMZTeWEIMIqpBp/LRmXhBTTqF61VwQbcJo=
Subject key identifier: A2:3D:E1:F8:EF:70:2D:D0:B3:42:A1:58:04:DB:21:8D:68:24:01:4C
Certificate issuer: /CN=5c45ceb18b14a737282b75af0ba16cffd7a6abae
Certificate serial: 018A50D7F376C386BA434041C312F21A97EE
Authority key identifier: 5C:45:CE:B1:8B:14:A7:37:28:2B:75:AF:0B:A1:6C:FF:D7:A6:AB:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XEXOsYsUpzcoK3WvC6Fs_9emq64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/d71ef8-4b98-400a-89ee-c61bf7749df5/1/oj3h-O9wLdCzQqFYBNshjWgkAUw.roa
Signing time: Fri 01 Sep 2023 13:04:04 +0000
ROA not before: Fri 01 Sep 2023 13:04:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62173
IP address blocks: 185.75.196.0/24 maxlen: 24
185.75.198.0/23 maxlen: 23
185.75.196.0/23 maxlen: 23
185.75.198.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:50:d7:f3:76:c3:86:ba:43:40:41:c3:12:f2:1a:97:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c45ceb18b14a737282b75af0ba16cffd7a6abae
Validity
Not Before: Sep 1 13:04:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a23de1f8ef702dd0b342a15804db218d6824014c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:cd:62:ae:6c:6d:fb:aa:2c:83:01:55:a0:51:
c8:14:2b:d2:d0:83:59:90:e1:ff:64:63:bf:d7:35:
b3:ee:0c:31:6d:ae:43:73:f6:ad:51:05:57:34:56:
ba:89:07:2f:2f:1b:d9:b2:19:ed:7d:12:0a:28:fa:
1a:e3:25:4f:b8:6c:29:0e:03:d6:e3:8f:52:1d:27:
db:09:3b:65:d5:59:cc:8f:bb:0d:c3:f3:14:93:56:
d8:2a:f4:a2:24:8b:62:91:6c:2a:0b:d6:b1:92:ad:
1c:7a:4b:99:27:cd:48:be:61:b9:77:c8:2a:44:4a:
31:ed:53:82:63:79:68:cf:be:3f:39:c6:cc:02:ec:
12:96:4b:cb:22:2a:72:97:75:d5:29:2c:df:91:b9:
0a:4d:77:c1:78:c7:89:eb:3d:a8:ca:a7:c7:e1:1b:
f3:31:1c:b8:74:57:ff:1a:da:c9:b8:7e:34:b0:e2:
42:3d:8e:92:e9:c5:44:67:69:e9:76:9e:59:4c:2d:
df:41:09:2e:03:9d:4d:92:75:77:ff:fb:56:8a:a1:
36:60:9b:05:58:62:2f:04:7f:cb:ec:05:23:6d:33:
6a:28:59:43:a4:4b:f8:c8:60:de:d1:60:37:11:2f:
67:59:7d:19:91:13:34:4a:e4:0a:3a:95:9e:49:b7:
bf:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:3D:E1:F8:EF:70:2D:D0:B3:42:A1:58:04:DB:21:8D:68:24:01:4C
X509v3 Authority Key Identifier:
keyid:5C:45:CE:B1:8B:14:A7:37:28:2B:75:AF:0B:A1:6C:FF:D7:A6:AB:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XEXOsYsUpzcoK3WvC6Fs_9emq64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/d71ef8-4b98-400a-89ee-c61bf7749df5/1/oj3h-O9wLdCzQqFYBNshjWgkAUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/d71ef8-4b98-400a-89ee-c61bf7749df5/1/XEXOsYsUpzcoK3WvC6Fs_9emq64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.196.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:7e:83:96:df:0b:37:52:1d:f3:37:76:b0:b1:73:bd:0f:f7:
9a:10:0a:9d:63:f7:89:f8:9c:94:88:92:67:e8:90:3d:83:f0:
13:a4:4c:ba:3f:60:96:98:fa:46:4f:30:a1:21:2b:e8:36:5d:
3f:db:09:bb:50:6a:57:fb:4e:ff:cd:04:f5:1c:3d:af:fd:43:
6e:73:69:ba:82:a5:75:75:6b:b1:33:71:9f:21:2c:34:a0:55:
3e:b9:96:ab:01:1d:f3:42:5f:5f:dd:c0:bf:da:f5:01:d1:e6:
40:36:6e:7c:2f:dc:84:d1:80:c1:2e:6f:e5:7e:59:df:4f:20:
b9:3c:38:d8:51:75:b3:61:aa:14:50:91:1b:59:b7:4a:9a:65:
a2:57:34:8c:77:5b:9e:b8:0e:54:9e:27:8a:91:86:df:95:d9:
fd:81:c6:d4:1e:f1:dc:bc:a5:a7:b5:81:45:ba:06:10:05:39:
f5:3f:49:c6:a1:ae:ac:85:39:53:9b:c0:1c:8a:0f:81:84:9c:
b6:65:15:60:10:80:c1:0a:ce:83:ef:6d:82:56:f0:5b:30:83:
3d:6f:ac:02:9b:e6:df:34:cf:d8:c7:cf:fc:f1:71:3a:a4:5e:
36:e0:6e:d6:12:e6:5c:31:d0:1d:f6:18:b3:de:92:d4:ac:e2:
ea:4e:c7:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpQ1/N2w4a6Q0BBwxLyGpfuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNDVjZWIxOGIxNGE3MzcyODJiNzVhZjBiYTE2Y2ZmZDdh
NmFiYWUwHhcNMjMwOTAxMTMwNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjNkZTFmOGVmNzAyZGQwYjM0MmExNTgwNGRiMjE4ZDY4MjQwMTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAis1irmxt+6osgwFVoFHIFCvS0INZ
kOH/ZGO/1zWz7gwxba5Dc/atUQVXNFa6iQcvLxvZshntfRIKKPoa4yVPuGwpDgPW
449SHSfbCTtl1VnMj7sNw/MUk1bYKvSiJItikWwqC9axkq0cekuZJ81IvmG5d8gq
REox7VOCY3loz74/OcbMAuwSlkvLIipyl3XVKSzfkbkKTXfBeMeJ6z2oyqfH4Rvz
MRy4dFf/GtrJuH40sOJCPY6S6cVEZ2npdp5ZTC3fQQkuA51NknV3//tWiqE2YJsF
WGIvBH/L7AUjbTNqKFlDpEv4yGDe0WA3ES9nWX0ZkRM0SuQKOpWeSbe/cQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKI94fjvcC3Qs0KhWATbIY1oJAFMMB8GA1UdIwQY
MBaAFFxFzrGLFKc3KCt1rwuhbP/XpquuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEVYT3NZc1VwemNvSzNXdkM2RnNfOWVtcTY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kNzFlZjgtNGI5OC00MDBhLTg5ZWUt
YzYxYmY3NzQ5ZGY1LzEvb2ozaC1POXdMZEN6UXFGWUJOc2hqV2drQVV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kNzFlZjgtNGI5OC00MDBhLTg5ZWUtYzYxYmY3NzQ5ZGY1
LzEvWEVYT3NZc1VwemNvSzNXdkM2RnNfOWVtcTY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUvEMA0G
CSqGSIb3DQEBCwUAA4IBAQBMfoOW3ws3Uh3zN3awsXO9D/eaEAqdY/eJ+JyUiJJn
6JA9g/ATpEy6P2CWmPpGTzChISvoNl0/2wm7UGpX+07/zQT1HD2v/UNuc2m6gqV1
dWuxM3GfISw0oFU+uZarAR3zQl9f3cC/2vUB0eZANm58L9yE0YDBLm/lflnfTyC5
PDjYUXWzYaoUUJEbWbdKmmWiVzSMd1ueuA5UnieKkYbfldn9gcbUHvHcvKWntYFF
ugYQBTn1P0nGoa6shTlTm8Acig+BhJy2ZRVgEIDBCs6D722CVvBbMIM9b6wCm+bf
NM/Yx8/88XE6pF424G7WEuZcMdAd9hiz3pLUrOLqTscx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:33 2024 by rpki-client on console-ams.rpki-client.org