Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/OXptEo77c4m8T0prJaV4-e5BD7U.roa
File: OXptEo77c4m8T0prJaV4-e5BD7U.roa (raw, json)
Hash identifier: oyfr/n3807XkpvOBIIi2n4xs+W50VGsmTV5cYos/O2I=
Subject key identifier: 39:7A:6D:12:8E:FB:73:89:BC:4F:4A:6B:25:A5:78:F9:EE:41:0F:B5
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018DA05E7872A59AECBBC4A72FA3B06F158A
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/OXptEo77c4m8T0prJaV4-e5BD7U.roa
Signing time: Tue 13 Feb 2024 02:49:22 +0000
ROA not before: Tue 13 Feb 2024 02:49:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24875
IP address blocks: 160.238.64.0/24 maxlen: 24
160.238.65.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Feb 2024 12:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a0:5e:78:72:a5:9a:ec:bb:c4:a7:2f:a3:b0:6f:15:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Feb 13 02:49:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=397a6d128efb7389bc4f4a6b25a578f9ee410fb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:51:be:60:8b:ca:06:f8:09:4d:28:e5:7b:b1:
3f:5b:24:72:4a:d5:80:b1:5c:e4:46:12:d7:d5:f8:
12:e0:8c:78:dc:f1:f0:56:ef:c0:bb:c9:82:8c:26:
04:d9:aa:d0:b6:ef:69:c1:0c:fd:8a:e5:b4:87:fb:
6b:9f:bf:bf:e3:e2:be:28:57:98:ef:a0:e1:94:32:
29:6e:a8:05:16:0b:eb:74:36:48:e9:8c:10:89:64:
6a:b3:b9:ca:35:72:1a:4d:99:80:43:4d:e7:67:c7:
bc:cd:c6:1a:79:21:29:95:92:c1:71:04:b0:eb:26:
54:c6:13:a1:49:45:7e:29:f1:29:96:7e:74:19:74:
36:ed:84:fc:7f:1c:a3:c5:45:de:9e:ee:6d:60:50:
ae:72:61:d6:51:0e:be:c3:f0:8f:2b:52:a5:56:91:
31:0e:92:5c:c7:ff:22:7e:77:17:e9:3f:7e:9a:31:
64:31:2e:18:37:08:7b:7e:9b:42:e2:f2:2a:8f:d7:
94:04:e7:be:d4:a3:6f:1c:4e:1e:08:7f:02:0a:d0:
d2:49:2c:6c:6d:4d:ce:35:0e:cb:41:7d:eb:a6:6d:
de:15:d2:d5:9e:82:0e:3f:1b:07:32:ab:23:24:0b:
d2:78:9b:98:32:b4:07:a8:42:1d:b6:4e:36:a8:78:
19:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:7A:6D:12:8E:FB:73:89:BC:4F:4A:6B:25:A5:78:F9:EE:41:0F:B5
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/OXptEo77c4m8T0prJaV4-e5BD7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.238.64.0/23
Signature Algorithm: sha256WithRSAEncryption
43:94:57:33:44:33:ec:1c:08:00:bc:98:d5:d4:79:86:ea:5a:
a6:db:e6:9f:f4:3b:f2:bd:71:20:d7:b1:dc:0d:9a:d4:1b:b5:
50:e8:8f:a4:c1:a4:33:87:dc:d0:22:a9:3c:80:96:b9:52:68:
0a:2e:c3:ba:98:6e:68:c3:95:bf:c0:30:d2:fd:17:19:a3:60:
90:ca:50:56:25:9c:13:12:76:90:06:ac:89:23:7b:d8:9a:6b:
d3:b8:7a:2f:81:4f:88:ff:43:df:ab:8e:76:e7:fc:0b:e0:ac:
77:de:22:19:87:5f:98:9f:4d:5a:e7:a2:fe:35:d3:36:a1:6c:
0b:0e:42:34:6b:d3:ce:c3:5a:93:fd:ad:1d:81:61:64:74:48:
9e:56:ac:57:6e:3e:a4:8a:7e:2b:02:22:63:be:fb:eb:08:1b:
64:f4:1e:79:aa:a4:37:3c:37:e7:1f:38:65:80:eb:19:74:4e:
57:1a:82:29:85:83:cd:0a:23:7b:98:c2:ff:92:9e:c1:49:26:
bc:5d:28:1e:97:36:16:aa:79:f2:e0:1b:9f:e0:98:88:1b:21:
75:eb:fd:b9:a3:2d:dd:de:07:57:ef:6b:19:fd:8a:02:d6:76:
b8:bb:c3:bb:d6:52:73:e3:a2:70:d9:5e:4a:d1:92:85:b7:77:
e7:87:8b:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2gXnhypZrsu8SnL6OwbxWKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjQwMjEzMDI0OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTdhNmQxMjhlZmI3Mzg5YmM0ZjRhNmIyNWE1NzhmOWVlNDEwZmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFG+YIvKBvgJTSjle7E/WyRyStWA
sVzkRhLX1fgS4Ix43PHwVu/Au8mCjCYE2arQtu9pwQz9iuW0h/trn7+/4+K+KFeY
76DhlDIpbqgFFgvrdDZI6YwQiWRqs7nKNXIaTZmAQ03nZ8e8zcYaeSEplZLBcQSw
6yZUxhOhSUV+KfEpln50GXQ27YT8fxyjxUXenu5tYFCucmHWUQ6+w/CPK1KlVpEx
DpJcx/8ifncX6T9+mjFkMS4YNwh7fptC4vIqj9eUBOe+1KNvHE4eCH8CCtDSSSxs
bU3ONQ7LQX3rpm3eFdLVnoIOPxsHMqsjJAvSeJuYMrQHqEIdtk42qHgZ2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDl6bRKO+3OJvE9KayWlePnuQQ+1MB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvT1hwdEVvNzdjNG04VDBwckphVjQtZTVCRDdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBoO5AMA0G
CSqGSIb3DQEBCwUAA4IBAQBDlFczRDPsHAgAvJjV1HmG6lqm2+af9DvyvXEg17Hc
DZrUG7VQ6I+kwaQzh9zQIqk8gJa5UmgKLsO6mG5ow5W/wDDS/RcZo2CQylBWJZwT
EnaQBqyJI3vYmmvTuHovgU+I/0Pfq4525/wL4Kx33iIZh1+Yn01a56L+NdM2oWwL
DkI0a9POw1qT/a0dgWFkdEieVqxXbj6kin4rAiJjvvvrCBtk9B55qqQ3PDfnHzhl
gOsZdE5XGoIphYPNCiN7mML/kp7BSSa8XSgelzYWqnny4Buf4JiIGyF16/25oy3d
3gdX72sZ/YoC1na4u8O71lJz46Jw2V5K0ZKFt3fnh4v6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:04 2024 by rpki-client on console-ams.rpki-client.org