Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/oWEceoImUw8WQv8ZlykfTazEA-M.roa
File: oWEceoImUw8WQv8ZlykfTazEA-M.roa (raw, json)
Hash identifier: 0Xwd4mTJz6O7Y6tck2C0o4GXanzRHo+t2z4jenb9nGo=
Subject key identifier: A1:61:1C:7A:82:26:53:0F:16:42:FF:19:97:29:1F:4D:AC:C4:03:E3
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018A3669BE9BD8C1061E833A6B78A4FB4AB7
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/oWEceoImUw8WQv8ZlykfTazEA-M.roa
Signing time: Sun 27 Aug 2023 09:53:34 +0000
ROA not before: Sun 27 Aug 2023 09:53:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48147
IP address blocks: 78.39.47.0/24 maxlen: 24
2.189.242.0/23 maxlen: 23
2.189.254.0/23 maxlen: 23
2.189.58.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Sep 2023 07:40:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:36:69:be:9b:d8:c1:06:1e:83:3a:6b:78:a4:fb:4a:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Aug 27 09:53:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1611c7a8226530f1642ff1997291f4dacc403e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a1:4d:23:9f:e0:c6:b5:09:da:6a:56:25:f3:
95:9a:52:be:96:2f:f5:5a:28:f5:ab:fa:f5:f3:19:
ca:51:a2:73:9a:65:dc:bd:a4:6e:cd:1a:f9:59:41:
e5:db:f9:ee:8e:57:ae:f0:46:5a:2b:fa:fb:93:04:
73:72:73:7c:fb:21:55:d2:cb:8e:38:0f:79:78:66:
9a:0f:36:6d:32:2a:fd:95:a5:fd:39:e6:d8:b3:7d:
e9:83:a9:15:3c:22:3c:eb:72:03:34:b0:a4:5f:38:
20:1b:8d:c6:5e:74:3c:61:2d:d7:de:60:91:e5:23:
0c:09:7f:fe:62:31:62:09:17:ec:63:e2:b2:c5:df:
20:ef:d7:52:b3:b6:76:94:4a:2d:c6:c4:d3:f2:ce:
3c:ac:c7:a9:8d:f2:81:ee:d0:dd:bb:3a:45:ec:3f:
86:79:e1:99:65:f8:6c:24:cc:10:97:bc:1f:08:2d:
b9:3b:b4:a1:32:b1:0b:b2:e2:4b:9c:90:62:83:98:
c4:6f:1c:87:fb:60:aa:63:ac:65:01:e3:b0:52:12:
56:b6:09:f4:85:71:78:62:7c:9e:c9:96:56:4e:fa:
52:b4:6a:59:70:11:28:8b:42:db:e2:53:a6:70:c3:
e4:06:9d:d7:9f:9a:70:66:58:35:9a:41:0f:cd:df:
9f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:61:1C:7A:82:26:53:0F:16:42:FF:19:97:29:1F:4D:AC:C4:03:E3
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/oWEceoImUw8WQv8ZlykfTazEA-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.189.58.0/24
2.189.242.0/23
2.189.254.0/23
78.39.47.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:f6:7e:f4:99:d6:7d:78:f1:d6:bb:32:f2:b3:94:8c:09:9e:
99:ab:a5:9d:ea:96:9c:83:73:5e:13:6a:37:e1:8c:75:08:bb:
09:dc:41:84:45:e6:bd:ef:08:b9:be:39:d4:51:8e:fd:bb:ea:
f6:fa:af:fc:74:32:df:b1:9d:ef:a8:8d:45:ff:22:2b:47:fd:
f4:71:79:7c:74:d7:a3:1a:68:c5:60:d3:b8:e4:3f:70:00:8e:
2d:ff:8b:75:8a:3b:ae:f5:4e:97:fd:e8:46:54:7f:ca:d4:7d:
7e:d2:b0:4e:21:19:87:6d:c2:c4:17:d1:50:db:66:bc:6a:4a:
4f:c4:c5:db:44:a4:17:e3:0f:8f:4f:5d:a3:aa:74:76:db:10:
b3:08:aa:7e:82:77:cd:3e:aa:44:e0:e1:17:2b:e8:db:95:43:
1f:37:9a:07:a8:e3:a6:42:63:52:0a:c8:63:f2:f4:28:0a:98:
a8:74:dd:e5:c7:38:77:f8:a0:1c:21:d1:82:d7:67:12:65:f1:
21:54:44:2c:31:24:93:87:a7:6c:6a:15:36:c5:ec:be:57:9d:
52:5b:cd:4d:a8:7a:6a:df:c8:b0:d7:15:f5:61:db:1b:00:66:
53:6e:1e:18:78:29:b4:0b:57:9b:f6:cf:ed:1b:54:20:fc:58:
f9:0a:d2:21
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYo2ab6b2MEGHoM6a3ik+0q3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwODI3MDk1MzM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTYxMWM3YTgyMjY1MzBmMTY0MmZmMTk5NzI5MWY0ZGFjYzQwM2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKFNI5/gxrUJ2mpWJfOVmlK+li/1
Wij1q/r18xnKUaJzmmXcvaRuzRr5WUHl2/nujleu8EZaK/r7kwRzcnN8+yFV0suO
OA95eGaaDzZtMir9laX9OebYs33pg6kVPCI863IDNLCkXzggG43GXnQ8YS3X3mCR
5SMMCX/+YjFiCRfsY+Kyxd8g79dSs7Z2lEotxsTT8s48rMepjfKB7tDduzpF7D+G
eeGZZfhsJMwQl7wfCC25O7ShMrELsuJLnJBig5jEbxyH+2CqY6xlAeOwUhJWtgn0
hXF4YnyeyZZWTvpStGpZcBEoi0Lb4lOmcMPkBp3Xn5pwZlg1mkEPzd+frwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKFhHHqCJlMPFkL/GZcpH02sxAPjMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvb1dFY2VvSW1VdzhXUXY4Wmx5a2ZUYXpFQS1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAr06AwQB
Ar3yAwQBAr3+AwQATicvMA0GCSqGSIb3DQEBCwUAA4IBAQB79n70mdZ9ePHWuzLy
s5SMCZ6Zq6Wd6pacg3NeE2o34Yx1CLsJ3EGERea97wi5vjnUUY79u+r2+q/8dDLf
sZ3vqI1F/yIrR/30cXl8dNejGmjFYNO45D9wAI4t/4t1ijuu9U6X/ehGVH/K1H1+
0rBOIRmHbcLEF9FQ22a8akpPxMXbRKQX4w+PT12jqnR22xCzCKp+gnfNPqpE4OEX
K+jblUMfN5oHqOOmQmNSCshj8vQoCpiodN3lxzh3+KAcIdGC12cSZfEhVEQsMSST
h6dsahU2xey+V51SW81NqHpq38iw1xX1YdsbAGZTbh4YeCm0C1eb9s/tG1Qg/Fj5
CtIh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:53 2024 by rpki-client on console-ams.rpki-client.org