Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/ohoZ4SzX7bFXoUlRii6EiTf9O5o.roa
File: ohoZ4SzX7bFXoUlRii6EiTf9O5o.roa (raw, json)
Hash identifier: XV5EBOEv9NJfwQVt+ZI0AiuRvKRZTMt86V+8d8TwZzg=
Subject key identifier: A2:1A:19:E1:2C:D7:ED:B1:57:A1:49:51:8A:2E:84:89:37:FD:3B:9A
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 01886F32DF4AA8945833CBB7752574C56DAB
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/ohoZ4SzX7bFXoUlRii6EiTf9O5o.roa
Signing time: Wed 31 May 2023 00:26:24 +0000
ROA not before: Wed 31 May 2023 00:26:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 149457
IP address blocks: 185.233.17.0/24 maxlen: 24
85.92.114.0/24 maxlen: 24
193.107.218.0/24 maxlen: 24
185.243.5.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:6f:32:df:4a:a8:94:58:33:cb:b7:75:25:74:c5:6d:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: May 31 00:26:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a21a19e12cd7edb157a149518a2e848937fd3b9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:25:46:e5:69:00:5a:43:ca:9e:9a:9b:e6:ad:
5b:69:f0:cf:ce:49:d6:19:44:07:95:d7:5d:8a:d4:
e5:a0:69:e8:71:03:2c:09:7d:b1:09:42:18:43:95:
e7:83:53:ff:dc:fe:c2:af:ed:01:98:32:8b:56:9a:
bd:8d:4e:9e:05:2e:a5:3b:6e:bc:90:81:ba:dc:4e:
00:a4:0a:97:bf:ba:62:c8:5c:8e:9f:6c:26:4a:0f:
25:68:4a:8b:50:bc:07:05:6f:7a:28:11:f8:29:6e:
fc:aa:c5:3b:35:43:a7:d7:f2:71:b5:d4:bd:f1:b7:
59:df:43:93:d4:c6:39:32:ce:4e:d5:23:7f:f5:0e:
fa:29:ad:c8:22:06:20:4a:da:31:a0:e2:c4:c2:08:
93:4b:ff:60:9b:6b:95:0f:d5:94:e3:f2:f0:e9:ea:
c0:14:46:3d:41:60:3b:49:6b:36:3b:0f:fa:c8:22:
25:9c:33:a8:06:d7:ef:f9:84:21:06:59:eb:5b:36:
34:31:7f:c9:9c:f4:27:ed:6d:57:8c:6e:8e:01:61:
06:0f:5b:9e:78:e7:b0:9a:07:02:28:9f:bc:b2:fa:
4c:93:b5:12:af:9d:a1:7a:19:e3:8f:f4:81:70:63:
56:3c:41:58:c5:30:35:f0:89:73:6c:d8:e8:96:a3:
e6:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:1A:19:E1:2C:D7:ED:B1:57:A1:49:51:8A:2E:84:89:37:FD:3B:9A
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/ohoZ4SzX7bFXoUlRii6EiTf9O5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.92.114.0/24
185.233.17.0/24
185.243.5.0/24
193.107.218.0/24
Signature Algorithm: sha256WithRSAEncryption
21:78:75:2a:51:ab:c0:52:95:57:1c:3e:3f:c1:01:0f:f5:b3:
5e:ef:7a:41:88:42:2c:fa:ef:c1:02:4e:23:d7:89:c7:69:b4:
de:90:36:d3:61:f2:91:59:ca:2a:dd:a4:08:9b:da:b2:13:b4:
75:32:60:19:89:66:43:a7:8a:03:90:4e:6f:7b:e3:04:de:df:
78:53:f6:5e:b2:af:27:d2:64:f4:0c:8a:c4:fa:98:31:a2:6a:
53:c4:06:92:5f:7a:47:da:61:11:6b:9a:ff:23:99:32:b1:a0:
34:c7:28:ea:db:e9:4c:f0:b0:7f:45:a1:36:bc:ca:e0:c0:a6:
ed:f5:54:26:8f:78:16:ec:c0:df:72:25:f5:78:ed:c5:0a:90:
30:37:ef:f0:8d:90:63:f7:0c:ff:79:d3:bd:6c:a5:d0:e2:db:
cc:87:e4:03:61:56:f4:7a:78:4b:07:56:49:90:30:17:09:7e:
0b:fa:9c:f2:ca:b0:a7:21:55:55:71:23:71:08:24:76:27:db:
25:d6:75:00:6c:89:e9:e3:29:8a:83:e4:3b:5a:a2:dd:a6:03:
16:a3:cd:d2:3f:bb:6d:92:15:00:e0:99:e1:ae:0c:32:44:49:
43:88:f8:b2:41:4d:27:82:21:43:e9:3e:bb:56:b3:a4:ec:86:
50:2d:e4:e8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYhvMt9KqJRYM8u3dSV0xW2rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjMwNTMxMDAyNjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjFhMTllMTJjZDdlZGIxNTdhMTQ5NTE4YTJlODQ4OTM3ZmQzYjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4iVG5WkAWkPKnpqb5q1bafDPzknW
GUQHlddditTloGnocQMsCX2xCUIYQ5Xng1P/3P7Cr+0BmDKLVpq9jU6eBS6lO268
kIG63E4ApAqXv7piyFyOn2wmSg8laEqLULwHBW96KBH4KW78qsU7NUOn1/JxtdS9
8bdZ30OT1MY5Ms5O1SN/9Q76Ka3IIgYgStoxoOLEwgiTS/9gm2uVD9WU4/Lw6erA
FEY9QWA7SWs2Ow/6yCIlnDOoBtfv+YQhBlnrWzY0MX/JnPQn7W1XjG6OAWEGD1ue
eOewmgcCKJ+8svpMk7USr52hehnjj/SBcGNWPEFYxTA18IlzbNjolqPmlwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKIaGeEs1+2xV6FJUYouhIk3/TuaMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvb2hvWjRTelg3YkZYb1VsUmlpNkVpVGY5TzVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVVxyAwQA
uekRAwQAufMFAwQAwWvaMA0GCSqGSIb3DQEBCwUAA4IBAQAheHUqUavAUpVXHD4/
wQEP9bNe73pBiEIs+u/BAk4j14nHabTekDbTYfKRWcoq3aQIm9qyE7R1MmAZiWZD
p4oDkE5ve+ME3t94U/Zesq8n0mT0DIrE+pgxompTxAaSX3pH2mERa5r/I5kysaA0
xyjq2+lM8LB/RaE2vMrgwKbt9VQmj3gW7MDfciX1eO3FCpAwN+/wjZBj9wz/edO9
bKXQ4tvMh+QDYVb0enhLB1ZJkDAXCX4L+pzyyrCnIVVVcSNxCCR2J9sl1nUAbInp
4ymKg+Q7WqLdpgMWo83SP7ttkhUA4JnhrgwyRElDiPiyQU0ngiFD6T67VrOk7IZQ
LeTo
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:03 2023 by rpki-client on console-fra.rpki-client.org