Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/olXnXQ2tX_mJThhB_pEtgBHuoIE.roa
File: olXnXQ2tX_mJThhB_pEtgBHuoIE.roa (raw, json)
Hash identifier: Pz+W5Suoo1H9PfzaDOTr0LkMDXEjZFPqJGv4AC+P5UQ=
Subject key identifier: A2:55:E7:5D:0D:AD:5F:F9:89:4E:18:41:FE:91:2D:80:11:EE:A0:81
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 018CC4938DCF0F20BE9BC1C4A1AB5052A346
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/olXnXQ2tX_mJThhB_pEtgBHuoIE.roa
Signing time: Mon 01 Jan 2024 10:30:53 +0000
ROA not before: Mon 01 Jan 2024 10:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29462
IP address blocks: 82.150.128.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 02 Feb 2024 09:34:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:8d:cf:0f:20:be:9b:c1:c4:a1:ab:50:52:a3:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Jan 1 10:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a255e75d0dad5ff9894e1841fe912d8011eea081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:d8:eb:a4:d4:f5:32:da:a4:35:9e:f0:b7:83:
ee:b3:cf:66:60:fc:af:37:64:d5:93:22:12:03:1b:
9f:7e:b7:fc:db:a8:07:87:7f:8b:e8:80:64:93:f8:
15:a1:30:07:20:ba:f9:85:7f:4e:fc:63:65:c3:9e:
87:19:6a:a0:13:73:3d:89:3a:64:5a:90:1c:2c:46:
5c:70:eb:2b:e3:5f:08:3e:f9:aa:0e:7e:9e:81:00:
be:70:e2:2a:8d:0f:da:36:63:45:a3:d2:dd:cf:55:
be:fe:a6:1c:0f:4b:73:99:83:b3:c4:1a:19:a4:4f:
7a:d2:5c:1a:ff:6e:10:bf:4d:0f:3c:68:4b:bb:a4:
ea:3f:eb:c0:e8:c8:6f:ca:23:1c:32:51:af:36:05:
50:7a:59:81:63:c8:75:67:d3:df:db:91:40:b2:b9:
24:50:23:32:1c:92:93:47:23:b6:58:44:58:bb:04:
d3:a6:38:b5:54:34:bf:ed:11:21:60:ae:73:bd:9c:
26:f8:5b:0c:42:c7:41:bc:a2:a4:63:70:89:77:97:
c9:f5:a6:fe:9b:73:66:77:8a:da:dd:b5:a2:34:00:
6d:6b:c8:6f:6e:8b:92:f3:3e:d8:a0:6e:4e:92:49:
a1:d3:c0:a4:64:43:b6:2e:57:3c:a1:5b:ac:81:1f:
0e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:55:E7:5D:0D:AD:5F:F9:89:4E:18:41:FE:91:2D:80:11:EE:A0:81
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/olXnXQ2tX_mJThhB_pEtgBHuoIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.150.128.0/22
Signature Algorithm: sha256WithRSAEncryption
80:48:3d:82:ae:ce:74:48:f0:d5:3e:92:8c:b9:a5:71:ed:c5:
f1:58:38:af:54:dd:f6:fc:2d:76:4c:8a:cc:d4:1b:11:d2:a2:
fd:7e:79:47:a5:4c:d4:64:9c:79:20:83:7e:8d:73:a8:d8:df:
fb:eb:86:c2:3d:fb:e6:7a:7c:67:cc:4f:27:33:d5:f7:d6:09:
10:9b:88:44:38:79:f3:11:51:0c:42:6f:7a:fe:c7:c1:36:b8:
43:0e:6f:32:92:f1:1c:ed:3e:03:a9:6b:ee:92:cf:74:4b:33:
fb:0e:a6:52:79:c9:97:ee:71:9d:0c:3e:49:1e:93:06:93:b2:
75:02:86:31:bd:02:99:41:35:6e:fd:ed:05:24:3b:eb:1d:b2:
cd:64:ab:96:73:07:9a:88:e6:45:f5:08:5a:09:b1:96:0b:ed:
37:d8:b9:0b:9d:c1:6d:eb:7b:0d:b4:bc:4d:6e:4f:3e:b8:6f:
88:a6:f9:4d:76:0a:ef:4c:cd:d0:f1:f7:00:3f:a3:92:65:ac:
9b:57:32:4e:8e:9f:73:0e:a6:5a:bb:ff:5e:10:ff:5f:9f:e7:
ad:c1:36:1d:d4:c5:88:6d:57:f3:00:5e:e7:d7:5d:94:6d:90:
09:24:b4:eb:47:cc:1b:e3:c1:c9:45:89:76:27:fc:1e:4d:fe:
07:3d:f7:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk43PDyC+m8HEoatQUqNGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjQwMTAxMTAzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjU1ZTc1ZDBkYWQ1ZmY5ODk0ZTE4NDFmZTkxMmQ4MDExZWVhMDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19jrpNT1MtqkNZ7wt4Pus89mYPyv
N2TVkyISAxuffrf826gHh3+L6IBkk/gVoTAHILr5hX9O/GNlw56HGWqgE3M9iTpk
WpAcLEZccOsr418IPvmqDn6egQC+cOIqjQ/aNmNFo9Ldz1W+/qYcD0tzmYOzxBoZ
pE960lwa/24Qv00PPGhLu6TqP+vA6MhvyiMcMlGvNgVQelmBY8h1Z9Pf25FAsrkk
UCMyHJKTRyO2WERYuwTTpji1VDS/7REhYK5zvZwm+FsMQsdBvKKkY3CJd5fJ9ab+
m3Nmd4ra3bWiNABta8hvbouS8z7YoG5Okkmh08CkZEO2Llc8oVusgR8OZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKJV510NrV/5iU4YQf6RLYAR7qCBMB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvb2xYblhRMnRYX21KVGhoQl9wRXRnQkh1b0lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUpaAMA0G
CSqGSIb3DQEBCwUAA4IBAQCASD2Crs50SPDVPpKMuaVx7cXxWDivVN32/C12TIrM
1BsR0qL9fnlHpUzUZJx5IIN+jXOo2N/764bCPfvmenxnzE8nM9X31gkQm4hEOHnz
EVEMQm96/sfBNrhDDm8ykvEc7T4DqWvuks90SzP7DqZSecmX7nGdDD5JHpMGk7J1
AoYxvQKZQTVu/e0FJDvrHbLNZKuWcweaiOZF9QhaCbGWC+032LkLncFt63sNtLxN
bk8+uG+IpvlNdgrvTM3Q8fcAP6OSZaybVzJOjp9zDqZau/9eEP9fn+etwTYd1MWI
bVfzAF7n112UbZAJJLTrR8wb48HJRYl2J/weTf4HPfei
-----END CERTIFICATE-----
Generated at Fri Feb 2 12:05:19 2024 by rpki-client on console-ams.rpki-client.org