Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/ok2rfa3pxr76gDMT6t7Gpq-J7N4.roa
File: ok2rfa3pxr76gDMT6t7Gpq-J7N4.roa (raw, json)
Hash identifier: x+I3XY3odqWj/5Hzq6AI/A0vEaQOS96ERFySr4zGogo=
Subject key identifier: A2:4D:AB:7D:AD:E9:C6:BE:FA:80:33:13:EA:DE:C6:A6:AF:89:EC:DE
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 01857203647327E5507991A3722745C8F653
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/ok2rfa3pxr76gDMT6t7Gpq-J7N4.roa
Signing time: Mon 02 Jan 2023 10:25:03 +0000
ROA not before: Mon 02 Jan 2023 10:25:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200590
IP address blocks: 45.159.250.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:64:73:27:e5:50:79:91:a3:72:27:45:c8:f6:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Jan 2 10:25:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a24dab7dade9c6befa803313eadec6a6af89ecde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5d:26:8a:81:9c:73:db:5a:4d:ce:a3:ce:6d:
a6:6b:36:4b:1a:d2:5b:e5:07:b8:19:4c:48:93:58:
fa:72:5b:4b:b5:cf:03:b5:24:03:10:11:24:5a:7a:
6a:4a:b0:a3:d4:43:9e:93:80:0b:60:d4:c7:be:9e:
11:76:4a:a2:53:6d:2a:9c:4c:5d:36:b4:b4:cb:9d:
2c:47:1e:52:f8:8c:1d:7c:8e:24:68:19:e6:72:66:
b7:a8:42:47:65:16:b6:b4:05:03:3d:90:9d:9a:f4:
07:57:8d:a5:64:8e:6c:85:e6:f2:11:d5:93:26:ba:
ec:07:eb:a7:99:e1:db:4e:2d:16:1a:68:8a:69:7a:
ea:79:8c:c3:08:82:6a:90:21:4c:27:ab:aa:e5:f0:
bb:1e:41:55:73:e9:a8:31:8a:22:c4:11:b1:28:52:
57:09:80:a5:af:31:aa:4d:44:94:16:bb:ce:b8:10:
3f:dc:c1:bd:07:8e:4f:01:30:e3:9d:8a:c9:dc:53:
6c:2a:a0:1f:e7:68:78:8d:72:15:c7:28:d8:07:fb:
8c:2b:b0:69:a2:8b:71:d0:50:08:2c:56:bd:f0:5d:
a7:b4:04:d2:6b:52:3a:74:57:4d:08:be:f3:35:26:
91:75:0c:b9:db:3a:93:ed:7c:71:c9:14:f9:1b:d7:
64:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:4D:AB:7D:AD:E9:C6:BE:FA:80:33:13:EA:DE:C6:A6:AF:89:EC:DE
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/ok2rfa3pxr76gDMT6t7Gpq-J7N4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.250.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:fe:04:d1:40:77:be:09:f8:95:4b:4c:f0:6c:bb:70:c7:f4:
d8:7f:c4:3e:81:d9:5d:01:02:5c:6f:cb:3c:ba:90:43:62:2d:
c5:d1:dd:2a:f2:8f:ae:18:58:3c:2f:4b:42:7a:a2:b7:f6:62:
b8:24:74:f8:cb:a2:da:c3:ec:1a:03:00:bd:64:bd:12:f1:c4:
2d:78:03:7a:32:50:3c:07:43:99:f6:44:d9:27:5a:b9:72:69:
48:d5:23:6d:a0:66:14:ac:82:e7:63:2a:2d:fc:5b:74:06:74:
7e:97:6a:14:15:e9:f1:00:16:df:d4:55:d0:59:ad:d5:d4:a8:
a1:1b:91:d0:84:49:dc:a5:f2:68:b3:70:34:6f:c4:a2:2e:ef:
35:58:93:a3:88:fa:b9:41:84:ae:b7:4a:38:d3:a0:59:bb:67:
6f:f3:51:8f:04:57:70:e4:1a:f9:d1:34:66:74:f3:df:02:aa:
4a:fe:51:1d:59:ad:7d:30:b1:30:b6:55:db:20:4b:db:18:7b:
0c:7e:fb:e6:b7:f1:53:2d:5a:17:ac:db:57:fc:17:73:6b:06:
dc:d3:9a:73:3e:20:b4:ff:8a:59:57:51:e5:23:65:6e:68:82:
99:94:82:6f:22:d8:b7:ba:e9:40:03:8b:d2:b9:5f:54:75:8c:
8b:aa:3d:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyA2RzJ+VQeZGjcidFyPZTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjMwMTAyMTAyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjRkYWI3ZGFkZTljNmJlZmE4MDMzMTNlYWRlYzZhNmFmODllY2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkl0mioGcc9taTc6jzm2mazZLGtJb
5Qe4GUxIk1j6cltLtc8DtSQDEBEkWnpqSrCj1EOek4ALYNTHvp4RdkqiU20qnExd
NrS0y50sRx5S+IwdfI4kaBnmcma3qEJHZRa2tAUDPZCdmvQHV42lZI5shebyEdWT
JrrsB+unmeHbTi0WGmiKaXrqeYzDCIJqkCFMJ6uq5fC7HkFVc+moMYoixBGxKFJX
CYClrzGqTUSUFrvOuBA/3MG9B45PATDjnYrJ3FNsKqAf52h4jXIVxyjYB/uMK7Bp
ootx0FAILFa98F2ntATSa1I6dFdNCL7zNSaRdQy52zqT7XxxyRT5G9dk4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKJNq32t6ca++oAzE+rexqaviezeMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvb2sycmZhM3B4cjc2Z0RNVDZ0N0dwcS1KN040LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ/6MA0G
CSqGSIb3DQEBCwUAA4IBAQCi/gTRQHe+CfiVS0zwbLtwx/TYf8Q+gdldAQJcb8s8
upBDYi3F0d0q8o+uGFg8L0tCeqK39mK4JHT4y6Law+waAwC9ZL0S8cQteAN6MlA8
B0OZ9kTZJ1q5cmlI1SNtoGYUrILnYyot/Ft0BnR+l2oUFenxABbf1FXQWa3V1Kih
G5HQhEncpfJos3A0b8SiLu81WJOjiPq5QYSut0o406BZu2dv81GPBFdw5Br50TRm
dPPfAqpK/lEdWa19MLEwtlXbIEvbGHsMfvvmt/FTLVoXrNtX/Bdzawbc05pzPiC0
/4pZV1HlI2VuaIKZlIJvIti3uulAA4vSuV9UdYyLqj2p
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:17 2024 by rpki-client on console-ams.rpki-client.org