Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/ffe07c-16f0-4999-8894-10f0093eaae0/1/OsBWMDZEkS_H23TuHeqbaTzovn8.roa
File: OsBWMDZEkS_H23TuHeqbaTzovn8.roa (raw, json)
Hash identifier: 6pkXhONG7TOzctjT04McBP1XGk5QycJ/ZtlU5v9e0pU=
Subject key identifier: 3A:C0:56:30:36:44:91:2F:C7:DB:74:EE:1D:EA:9B:69:3C:E8:BE:7F
Certificate issuer: /CN=f753a19b5dce1d4159352229426a9fdb7d9f9a3b
Certificate serial: 018B44A37B9A7C4D4563348354D02C6EEF15
Authority key identifier: F7:53:A1:9B:5D:CE:1D:41:59:35:22:29:42:6A:9F:DB:7D:9F:9A:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/91Ohm13OHUFZNSIpQmqf232fmjs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/ffe07c-16f0-4999-8894-10f0093eaae0/1/OsBWMDZEkS_H23TuHeqbaTzovn8.roa
Signing time: Wed 18 Oct 2023 21:14:06 +0000
ROA not before: Wed 18 Oct 2023 21:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30830
IP address blocks: 80.73.130.0/23 maxlen: 24
80.73.132.0/23 maxlen: 24
80.73.128.0/23 maxlen: 24
2a01:5140::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 19 Oct 2023 06:58:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:44:a3:7b:9a:7c:4d:45:63:34:83:54:d0:2c:6e:ef:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f753a19b5dce1d4159352229426a9fdb7d9f9a3b
Validity
Not Before: Oct 18 21:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ac056303644912fc7db74ee1dea9b693ce8be7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a5:f5:07:bb:3a:bb:a8:30:f2:9a:82:56:67:
c9:46:d0:10:5c:9f:a3:2e:cd:1d:50:8e:5f:b5:0a:
eb:12:41:b5:b9:c2:ae:d5:51:21:01:1b:1e:81:b8:
58:9a:e9:e9:0f:de:51:af:b3:6c:24:86:a4:48:fc:
7b:c4:29:ae:a3:2c:65:f8:1c:a4:41:af:6b:1b:94:
e1:74:17:cf:dc:43:cb:6c:63:30:dc:c1:aa:85:74:
28:d6:1c:41:58:36:72:a3:6b:2a:29:4f:4c:e3:cc:
82:ec:15:75:3a:c3:1c:0f:6d:c0:52:ef:41:36:37:
fa:5a:ed:23:1e:a6:f5:8c:86:f7:78:ae:0e:e0:3a:
73:39:86:7e:27:ff:dd:c6:0c:bb:f6:45:33:d5:9c:
17:12:b5:68:0a:37:26:43:91:76:53:ca:26:00:e5:
5c:65:68:06:36:f5:5c:51:78:bf:a9:89:bd:b0:c7:
b9:55:34:af:77:3a:3e:a3:11:90:02:70:f1:57:39:
49:ca:50:4e:4b:32:19:f0:74:55:77:91:a8:53:72:
95:3f:31:a7:de:25:60:6f:6c:a1:94:40:6f:0e:5d:
52:fb:49:eb:e7:b3:d7:25:2e:d6:a5:3a:6d:d6:0e:
23:ce:8a:43:3b:ec:4b:ff:24:d7:74:ec:ab:1d:bf:
1d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:C0:56:30:36:44:91:2F:C7:DB:74:EE:1D:EA:9B:69:3C:E8:BE:7F
X509v3 Authority Key Identifier:
keyid:F7:53:A1:9B:5D:CE:1D:41:59:35:22:29:42:6A:9F:DB:7D:9F:9A:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/91Ohm13OHUFZNSIpQmqf232fmjs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ffe07c-16f0-4999-8894-10f0093eaae0/1/OsBWMDZEkS_H23TuHeqbaTzovn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ffe07c-16f0-4999-8894-10f0093eaae0/1/91Ohm13OHUFZNSIpQmqf232fmjs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.73.128.0-80.73.133.255
IPv6:
2a01:5140::/32
Signature Algorithm: sha256WithRSAEncryption
53:e8:dd:24:73:f6:8d:28:25:35:21:a1:ff:26:07:c5:3d:27:
dd:64:83:11:2e:dd:56:14:b9:4a:11:b8:ca:5e:99:c9:92:97:
e4:37:af:c4:06:92:c6:23:bb:c9:43:c0:e4:1a:8c:13:36:58:
88:b5:ad:fa:e3:23:d0:6d:19:6e:11:a8:4c:4e:2c:7f:0b:09:
0f:44:0e:86:11:8e:b5:d6:83:b2:c2:19:d9:d7:cd:ff:67:83:
2c:ac:13:3f:cb:21:3d:ca:a0:9c:43:cf:d3:6d:cf:1b:37:8b:
f1:ca:f9:6e:55:3a:ea:24:5f:ab:84:31:7a:05:ad:8c:69:b8:
a2:73:56:6d:f9:66:c1:4e:12:b9:fd:da:af:08:18:58:a1:6e:
b3:b2:1b:5b:ae:eb:06:e0:1d:c3:01:02:1e:c6:b7:11:53:c9:
c9:6a:f5:fa:6a:9f:fa:ae:e7:e3:4e:18:4b:d9:7e:7e:5d:47:
39:57:b4:94:52:60:2a:d5:b9:ab:a5:4d:fb:7d:a7:0f:0b:2e:
ec:42:7e:2e:78:68:c5:bf:94:85:6d:12:64:7b:87:b2:79:45:
c7:a1:15:e0:c7:6b:b4:a1:76:07:9e:c1:4f:9a:0c:86:12:3c:
8f:7e:9a:cc:d9:aa:c5:f9:ac:f3:ab:f5:c3:8d:01:a3:93:07:
50:52:1c:e9
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYtEo3uafE1FYzSDVNAsbu8VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NTNhMTliNWRjZTFkNDE1OTM1MjIyOTQyNmE5ZmRiN2Q5
ZjlhM2IwHhcNMjMxMDE4MjExNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWMwNTYzMDM2NDQ5MTJmYzdkYjc0ZWUxZGVhOWI2OTNjZThiZTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6X1B7s6u6gw8pqCVmfJRtAQXJ+j
Ls0dUI5ftQrrEkG1ucKu1VEhARsegbhYmunpD95Rr7NsJIakSPx7xCmuoyxl+Byk
Qa9rG5ThdBfP3EPLbGMw3MGqhXQo1hxBWDZyo2sqKU9M48yC7BV1OsMcD23AUu9B
Njf6Wu0jHqb1jIb3eK4O4DpzOYZ+J//dxgy79kUz1ZwXErVoCjcmQ5F2U8omAOVc
ZWgGNvVcUXi/qYm9sMe5VTSvdzo+oxGQAnDxVzlJylBOSzIZ8HRVd5GoU3KVPzGn
3iVgb2yhlEBvDl1S+0nr57PXJS7WpTpt1g4jzopDO+xL/yTXdOyrHb8dbQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFDrAVjA2RJEvx9t07h3qm2k86L5/MB8GA1UdIwQY
MBaAFPdToZtdzh1BWTUiKUJqn9t9n5o7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTFPaG0xM09IVUZaTlNJcFFtcWYyMzJmbWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9mZmUwN2MtMTZmMC00OTk5LTg4OTQt
MTBmMDA5M2VhYWUwLzEvT3NCV01EWkVrU19IMjNUdUhlcWJhVHpvdm44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9mZmUwN2MtMTZmMC00OTk5LTg4OTQtMTBmMDA5M2VhYWUw
LzEvOTFPaG0xM09IVUZaTlNJcFFtcWYyMzJmbWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAdQSYAD
BAFQSYQwDQQCAAIwBwMFACoBUUAwDQYJKoZIhvcNAQELBQADggEBAFPo3SRz9o0o
JTUhof8mB8U9J91kgxEu3VYUuUoRuMpemcmSl+Q3r8QGksYju8lDwOQajBM2WIi1
rfrjI9BtGW4RqExOLH8LCQ9EDoYRjrXWg7LCGdnXzf9ngyysEz/LIT3KoJxDz9Nt
zxs3i/HK+W5VOuokX6uEMXoFrYxpuKJzVm35ZsFOErn92q8IGFihbrOyG1uu6wbg
HcMBAh7GtxFTyclq9fpqn/qu5+NOGEvZfn5dRzlXtJRSYCrVuaulTft9pw8LLuxC
fi54aMW/lIVtEmR7h7J5RcehFeDHa7ShdgeewU+aDIYSPI9+mszZqsX5rPOr9cON
AaOTB1BSHOk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:59 2024 by rpki-client on console-fra.rpki-client.org