Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/v1_OUEkhuHyWKgcOTJVZiToi5n0.roa
File: v1_OUEkhuHyWKgcOTJVZiToi5n0.roa (raw, json)
Hash identifier: vF0qqvl0FJO65jzgAMZZJx8GrxC5m8Jw7C5fDZgDXZY=
Subject key identifier: BF:5F:CE:50:49:21:B8:7C:96:2A:07:0E:4C:95:59:89:3A:22:E6:7D
Certificate issuer: /CN=29b79380fe407439cc2ecd3fac18157db36cf768
Certificate serial: 018572C357B594CECF8964CEB9DA589AA34C
Authority key identifier: 29:B7:93:80:FE:40:74:39:CC:2E:CD:3F:AC:18:15:7D:B3:6C:F7:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbeTgP5AdDnMLs0_rBgVfbNs92g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/v1_OUEkhuHyWKgcOTJVZiToi5n0.roa
Signing time: Mon 02 Jan 2023 13:54:42 +0000
ROA not before: Mon 02 Jan 2023 13:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1759
IP address blocks: 143.161.74.0/24 maxlen: 24
143.161.91.0/24 maxlen: 24
143.161.92.0/22 maxlen: 22
143.161.96.0/22 maxlen: 22
143.161.100.0/23 maxlen: 23
2a05:6747::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:c3:57:b5:94:ce:cf:89:64:ce:b9:da:58:9a:a3:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29b79380fe407439cc2ecd3fac18157db36cf768
Validity
Not Before: Jan 2 13:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf5fce504921b87c962a070e4c9559893a22e67d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:46:7e:17:45:ce:68:64:df:86:f0:7e:95:77:
6c:ff:6c:35:d9:6c:3e:2c:57:07:42:a2:ce:a5:b5:
60:69:9a:e0:6b:ab:7c:4c:13:35:1b:d0:d7:8c:aa:
c4:d6:36:fb:f0:9b:d1:cc:61:21:17:75:43:5b:37:
8c:0f:b0:26:71:af:70:12:7e:57:5c:16:ed:3a:37:
51:47:9d:b7:8a:4d:28:57:40:9c:1a:86:83:0b:0d:
8e:57:53:bc:61:d3:29:4e:cd:9b:e9:8e:fc:00:f2:
99:80:08:9e:1b:ed:c5:fd:c5:a6:20:9a:b9:c1:66:
77:65:d3:0c:32:1a:20:e3:fb:3e:79:a6:37:ea:1f:
c7:c9:32:32:74:58:9a:19:9f:58:48:57:23:17:f4:
a4:26:1f:11:c9:81:af:1e:36:34:47:88:5f:d6:9e:
9a:06:f0:47:a9:58:ba:49:d5:3d:c6:cc:b5:cc:cb:
2f:b7:7b:d7:bd:31:57:88:35:9e:74:4d:77:2e:60:
81:02:d6:18:cc:70:ec:cf:71:6d:d9:d4:2a:ea:fa:
e5:ba:93:92:f2:d5:53:67:3f:31:14:3b:9c:00:b3:
d3:1d:60:e0:f6:48:f1:45:2d:f7:62:dd:38:ac:fc:
14:c7:e3:8e:24:58:62:79:55:61:8f:cf:79:89:ff:
d0:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:5F:CE:50:49:21:B8:7C:96:2A:07:0E:4C:95:59:89:3A:22:E6:7D
X509v3 Authority Key Identifier:
keyid:29:B7:93:80:FE:40:74:39:CC:2E:CD:3F:AC:18:15:7D:B3:6C:F7:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbeTgP5AdDnMLs0_rBgVfbNs92g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/v1_OUEkhuHyWKgcOTJVZiToi5n0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/KbeTgP5AdDnMLs0_rBgVfbNs92g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.161.74.0/24
143.161.91.0-143.161.101.255
IPv6:
2a05:6747::/48
Signature Algorithm: sha256WithRSAEncryption
80:46:fb:91:34:6a:7e:c0:0c:6f:27:8c:58:75:e6:cb:6a:d5:
51:18:1b:92:53:39:d6:0f:f8:99:20:00:f7:03:c4:72:34:01:
73:2e:49:25:71:24:9d:12:ff:2b:17:3e:de:16:78:77:b0:c6:
3b:a9:a3:44:55:0d:82:3d:ad:75:9e:47:c5:ac:91:71:4d:be:
4d:57:ac:9e:e7:7b:d8:59:fa:10:71:a2:9a:a7:88:71:0d:ec:
4d:4b:53:f3:10:e8:eb:03:a5:ed:de:da:61:b8:06:23:d1:9c:
1b:9e:04:a6:b4:69:17:71:09:a9:3a:64:50:06:00:72:89:dc:
15:c4:4c:44:0f:28:29:63:87:f3:16:81:61:5c:71:7d:83:0a:
b3:95:24:45:40:00:f5:63:03:9b:d7:e9:db:2e:cc:84:cc:54:
a2:cc:db:ff:dc:3d:7f:d6:79:18:56:e5:fa:53:7c:2f:1b:53:
dc:3e:cc:9e:32:e5:41:f3:ad:54:80:a1:55:1b:58:6b:df:75:
94:f1:99:1d:27:6f:2b:f9:54:08:5b:b9:d7:84:99:cd:a9:de:
c7:af:a4:d0:d5:7e:7b:25:84:26:54:63:95:06:16:d9:d9:89:
a1:aa:80:31:09:7b:d8:07:38:3c:95:34:3c:40:27:4b:f3:32:
9a:77:c3:95
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYVyw1e1lM7PiWTOudpYmqNMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5Yjc5MzgwZmU0MDc0MzljYzJlY2QzZmFjMTgxNTdkYjM2
Y2Y3NjgwHhcNMjMwMTAyMTM1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjVmY2U1MDQ5MjFiODdjOTYyYTA3MGU0Yzk1NTk4OTNhMjJlNjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEZ+F0XOaGTfhvB+lXds/2w12Ww+
LFcHQqLOpbVgaZrga6t8TBM1G9DXjKrE1jb78JvRzGEhF3VDWzeMD7Amca9wEn5X
XBbtOjdRR523ik0oV0CcGoaDCw2OV1O8YdMpTs2b6Y78APKZgAieG+3F/cWmIJq5
wWZ3ZdMMMhog4/s+eaY36h/HyTIydFiaGZ9YSFcjF/SkJh8RyYGvHjY0R4hf1p6a
BvBHqVi6SdU9xsy1zMsvt3vXvTFXiDWedE13LmCBAtYYzHDsz3Ft2dQq6vrlupOS
8tVTZz8xFDucALPTHWDg9kjxRS33Yt04rPwUx+OOJFhieVVhj895if/QbQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFL9fzlBJIbh8lioHDkyVWYk6IuZ9MB8GA1UdIwQY
MBaAFCm3k4D+QHQ5zC7NP6wYFX2zbPdoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JlVGdQNUFkRG5NTHMwX3JCZ1ZmYk5zOTJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zOTM4NDItZTdlZi00ODkzLTljMWIt
MWU4NDIxMThkYjZmLzEvdjFfT1VFa2h1SHlXS2djT1RKVlppVG9pNW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zOTM4NDItZTdlZi00ODkzLTljMWItMWU4NDIxMThkYjZm
LzEvS2JlVGdQNUFkRG5NTHMwX3JCZ1ZmYk5zOTJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUAwQAj6FKMAwD
BACPoVsDBAGPoWQwDwQCAAIwCQMHACoFZ0cAADANBgkqhkiG9w0BAQsFAAOCAQEA
gEb7kTRqfsAMbyeMWHXmy2rVURgbklM51g/4mSAA9wPEcjQBcy5JJXEknRL/Kxc+
3hZ4d7DGO6mjRFUNgj2tdZ5HxayRcU2+TVesnud72Fn6EHGimqeIcQ3sTUtT8xDo
6wOl7d7aYbgGI9GcG54EprRpF3EJqTpkUAYAconcFcRMRA8oKWOH8xaBYVxxfYMK
s5UkRUAA9WMDm9fp2y7MhMxUoszb/9w9f9Z5GFbl+lN8LxtT3D7MnjLlQfOtVICh
VRtYa991lPGZHSdvK/lUCFu514SZzanex6+k0NV+eyWEJlRjlQYW2dmJoaqAMQl7
2Ac4PJU0PEAnS/MymnfDlQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:01 2024 by rpki-client on console-fra.rpki-client.org