Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/c63f9e-9e7b-46dc-a402-879979d29e1e/1/oHv-R-NkvL6oux7u8TBXm-Q9oGM.roa
File: oHv-R-NkvL6oux7u8TBXm-Q9oGM.roa (raw, json)
Hash identifier: HTLyv/m0jCYYGTSC926FBFCAxuk5T3WxaAv5nqvP0UA=
Subject key identifier: A0:7B:FE:47:E3:64:BC:BE:A8:BB:1E:EE:F1:30:57:9B:E4:3D:A0:63
Certificate issuer: /CN=1bb45744a541285eea0e4e04e5de766a9c823b53
Certificate serial: 018570FBCEF409E96E5801717F6FF67B65FC
Authority key identifier: 1B:B4:57:44:A5:41:28:5E:EA:0E:4E:04:E5:DE:76:6A:9C:82:3B:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G7RXRKVBKF7qDk4E5d52apyCO1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/c63f9e-9e7b-46dc-a402-879979d29e1e/1/oHv-R-NkvL6oux7u8TBXm-Q9oGM.roa
Signing time: Mon 02 Jan 2023 05:37:08 +0000
ROA not before: Mon 02 Jan 2023 05:37:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200623
IP address blocks: 185.100.250.0/24 maxlen: 24
185.100.249.0/24 maxlen: 24
185.100.248.0/24 maxlen: 24
185.100.248.0/22 maxlen: 22
2a00:9da0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 09 Feb 2023 10:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:ce:f4:09:e9:6e:58:01:71:7f:6f:f6:7b:65:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bb45744a541285eea0e4e04e5de766a9c823b53
Validity
Not Before: Jan 2 05:37:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a07bfe47e364bcbea8bb1eeef130579be43da063
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d8:e6:d6:77:90:a1:b1:15:a2:51:99:a3:f2:
4b:d0:28:e7:cd:aa:03:98:46:6d:30:8b:b9:ab:a9:
24:5e:43:09:39:f5:bb:8d:ae:9e:d3:c4:b2:4a:f0:
31:98:12:5f:52:c4:af:69:36:b1:53:df:c0:b2:20:
84:22:2c:7f:6b:a9:76:92:a0:57:57:ee:e6:0f:ca:
5b:ff:d8:d0:65:4c:b4:6c:28:a0:ab:4c:78:66:45:
1e:b4:93:e6:c7:fd:95:ab:8e:3b:31:55:3e:a0:f4:
f0:90:f7:a1:62:72:9e:13:91:1d:ba:d6:61:80:48:
fe:e3:92:8f:ed:d9:eb:34:e4:53:7f:9a:ee:24:0d:
05:cc:c7:87:47:60:fb:5c:47:d8:69:ec:3b:00:ba:
18:8c:d9:d4:9d:26:d4:07:d6:07:59:1e:b8:fc:65:
05:1f:88:d3:0c:3c:57:cb:82:68:bf:f6:9c:cb:b4:
c3:be:9b:42:ab:9f:90:9d:2f:0e:c5:15:06:6c:08:
c9:b1:07:eb:33:f8:0d:fc:90:b9:b9:96:a1:6d:75:
60:c5:1f:98:62:fb:29:c8:ae:e9:d1:57:cd:fb:78:
7f:12:24:8c:5b:74:5d:98:ad:c6:60:4e:97:d6:6e:
74:ab:bb:58:da:43:1a:54:21:7d:43:7a:2e:1a:6b:
6d:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:7B:FE:47:E3:64:BC:BE:A8:BB:1E:EE:F1:30:57:9B:E4:3D:A0:63
X509v3 Authority Key Identifier:
keyid:1B:B4:57:44:A5:41:28:5E:EA:0E:4E:04:E5:DE:76:6A:9C:82:3B:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G7RXRKVBKF7qDk4E5d52apyCO1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/c63f9e-9e7b-46dc-a402-879979d29e1e/1/oHv-R-NkvL6oux7u8TBXm-Q9oGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/c63f9e-9e7b-46dc-a402-879979d29e1e/1/G7RXRKVBKF7qDk4E5d52apyCO1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.248.0/22
IPv6:
2a00:9da0::/32
Signature Algorithm: sha256WithRSAEncryption
6c:4b:8b:58:d1:b6:76:27:b9:de:7a:d2:31:1d:f0:68:41:53:
0d:0c:0f:4e:38:80:23:c6:3e:20:bf:cd:90:b8:4f:98:ff:bf:
d8:30:dd:68:60:2a:36:08:f1:c1:d0:87:42:a1:ef:8a:d6:8e:
c4:9f:86:7e:b6:32:e6:60:87:24:44:2e:bc:40:22:6a:14:fb:
c6:b7:e2:a5:92:8d:52:a6:8c:b8:72:e6:b3:7f:40:8a:9e:cd:
b2:57:a0:57:99:cf:8d:ee:67:1f:16:e9:79:00:0f:cf:61:a8:
20:9a:69:66:7b:a3:79:70:75:61:61:4a:ee:ec:80:1a:61:c6:
2b:05:b2:fb:64:e5:4b:f4:9c:4f:cf:02:bc:25:0d:45:b7:35:
da:95:fb:a5:48:e8:76:f9:ba:e5:ae:28:bc:22:c5:81:19:bd:
2d:93:d3:07:25:9b:a5:4f:b3:a6:9c:3c:96:57:4f:a8:9f:2d:
5b:2b:a4:66:b8:59:0c:ae:98:ef:e4:3a:8b:6c:74:61:1d:55:
97:c0:8c:8b:35:ef:a4:74:93:e1:31:cd:26:19:85:37:2a:b0:
77:e6:42:51:21:7a:f5:99:8b:5e:a9:3c:b3:3b:90:cf:ba:6b:
d5:f2:8e:f5:8a:9f:b9:33:33:a6:77:51:b5:99:ed:fc:1f:14:
79:b5:cd:67
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVw+870CeluWAFxf2/2e2X8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYjQ1NzQ0YTU0MTI4NWVlYTBlNGUwNGU1ZGU3NjZhOWM4
MjNiNTMwHhcNMjMwMTAyMDUzNzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDdiZmU0N2UzNjRiY2JlYThiYjFlZWVmMTMwNTc5YmU0M2RhMDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdjm1neQobEVolGZo/JL0CjnzaoD
mEZtMIu5q6kkXkMJOfW7ja6e08SySvAxmBJfUsSvaTaxU9/AsiCEIix/a6l2kqBX
V+7mD8pb/9jQZUy0bCigq0x4ZkUetJPmx/2Vq447MVU+oPTwkPehYnKeE5EdutZh
gEj+45KP7dnrNORTf5ruJA0FzMeHR2D7XEfYaew7ALoYjNnUnSbUB9YHWR64/GUF
H4jTDDxXy4Jov/acy7TDvptCq5+QnS8OxRUGbAjJsQfrM/gN/JC5uZahbXVgxR+Y
YvspyK7p0VfN+3h/EiSMW3RdmK3GYE6X1m50q7tY2kMaVCF9Q3ouGmttRwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKB7/kfjZLy+qLse7vEwV5vkPaBjMB8GA1UdIwQY
MBaAFBu0V0SlQShe6g5OBOXedmqcgjtTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzdSWFJLVkJLRjdxRGs0RTVkNTJhcHlDTzFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9jNjNmOWUtOWU3Yi00NmRjLWE0MDIt
ODc5OTc5ZDI5ZTFlLzEvb0h2LVItTmt2TDZvdXg3dThUQlhtLVE5b0dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9jNjNmOWUtOWU3Yi00NmRjLWE0MDItODc5OTc5ZDI5ZTFl
LzEvRzdSWFJLVkJLRjdxRGs0RTVkNTJhcHlDTzFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWT4MA0E
AgACMAcDBQAqAJ2gMA0GCSqGSIb3DQEBCwUAA4IBAQBsS4tY0bZ2J7neetIxHfBo
QVMNDA9OOIAjxj4gv82QuE+Y/7/YMN1oYCo2CPHB0IdCoe+K1o7En4Z+tjLmYIck
RC68QCJqFPvGt+Klko1Spoy4cuazf0CKns2yV6BXmc+N7mcfFul5AA/PYaggmmlm
e6N5cHVhYUru7IAaYcYrBbL7ZOVL9JxPzwK8JQ1FtzXalfulSOh2+brlrii8IsWB
Gb0tk9MHJZulT7OmnDyWV0+ony1bK6RmuFkMrpjv5DqLbHRhHVWXwIyLNe+kdJPh
Mc0mGYU3KrB35kJRIXr1mYteqTyzO5DPumvV8o71ip+5MzOmd1G1me38HxR5tc1n
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:29 2024 by rpki-client on console-ams.rpki-client.org