Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/o-OzKcHqt93XqMeLaZB6NOECUU0.roa
File: o-OzKcHqt93XqMeLaZB6NOECUU0.roa (raw, json)
Hash identifier: gvNkJpx2W5Q9XPXSw6g/gZvGXvWf0DirUxi4FCikNJE=
Subject key identifier: A3:E3:B3:29:C1:EA:B7:DD:D7:A8:C7:8B:69:90:7A:34:E1:02:51:4D
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 01856E38C4082253534A16D437083097B1B0
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/o-OzKcHqt93XqMeLaZB6NOECUU0.roa
Signing time: Sun 01 Jan 2023 16:44:52 +0000
ROA not before: Sun 01 Jan 2023 16:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3319
IP address blocks: 195.178.144.0/23 maxlen: 23
195.178.152.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 20 Mar 2023 14:16:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:c4:08:22:53:53:4a:16:d4:37:08:30:97:b1:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Jan 1 16:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3e3b329c1eab7ddd7a8c78b69907a34e102514d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:13:76:a5:58:80:1a:da:69:73:79:77:2e:6a:
65:c7:32:c9:55:e2:86:df:9e:dc:bd:35:25:60:2f:
4b:18:c0:2b:8d:fd:4b:04:04:75:92:a4:60:91:47:
3a:63:a1:e3:c0:5f:a9:9d:0d:10:d4:ed:c4:6a:a8:
ea:8b:1e:89:bf:28:8d:f4:5a:e4:ad:11:00:e5:d7:
45:d3:cb:a6:76:d6:f3:1d:e5:f8:56:b3:ec:51:80:
e0:6c:f9:f0:a2:d3:d5:e2:36:1b:fa:a6:f8:f9:03:
1d:f5:6c:a5:69:6a:3c:12:e4:f8:b8:a8:45:a0:70:
37:48:8e:1d:06:7d:3e:3b:d9:44:2b:a8:4a:6c:c7:
2f:58:23:3e:32:74:12:e9:e3:bf:70:75:f1:d8:ff:
ea:06:e2:4c:4a:a8:19:01:94:65:b4:46:53:bd:9d:
2f:d8:8a:93:86:cc:1b:be:d9:9b:64:2f:61:88:d6:
6d:54:89:61:7d:3a:0f:9d:55:ad:d7:f2:fa:0f:70:
f0:d4:46:49:41:51:8e:29:85:e7:e0:6f:3d:f4:c6:
d7:32:26:08:4a:24:ba:c5:0d:07:ee:df:e1:58:90:
43:0b:d3:cb:59:66:f5:25:6d:83:51:9f:a4:eb:d8:
ac:56:31:d4:98:f5:e5:04:16:31:bf:32:e3:07:14:
8c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:E3:B3:29:C1:EA:B7:DD:D7:A8:C7:8B:69:90:7A:34:E1:02:51:4D
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/o-OzKcHqt93XqMeLaZB6NOECUU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.178.144.0/23
195.178.152.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:4d:29:95:2a:ad:8a:63:94:21:3b:99:2a:61:b0:6a:39:c9:
0c:a0:ef:72:e9:cf:29:47:d9:f6:52:da:53:2b:61:2f:b1:f2:
b9:99:fc:63:66:0e:5c:48:a6:ac:bd:c7:37:fd:ea:58:42:40:
68:fb:06:4b:bf:72:25:69:f6:81:32:c4:8e:9b:41:0e:df:46:
75:e4:af:27:74:62:ad:b3:0c:4e:c2:d3:31:dc:45:15:92:17:
68:db:c5:5e:6e:03:a4:45:bb:ba:b5:64:ec:f6:d8:f2:85:2c:
fd:c9:5a:47:ec:6c:5a:9d:77:40:a5:ea:1e:73:64:48:86:6d:
67:7e:e2:7b:1e:04:44:1e:41:53:3b:e1:0d:f7:07:22:85:0c:
fd:6c:57:d2:12:25:59:3a:72:ae:6c:27:e1:b9:50:a2:84:8c:
e9:67:e9:6f:54:71:68:2f:12:1e:0a:ca:b7:aa:95:2d:fd:24:
37:fb:cd:5d:35:8f:42:c5:7c:59:6f:8f:8e:91:2c:c2:96:c4:
10:19:9b:41:59:72:3d:3e:fe:f0:e5:13:a4:e9:b4:78:15:1c:
92:13:45:38:de:83:2d:a5:19:27:ac:be:bc:ae:2b:63:63:d9:
55:75:bd:a9:f8:17:66:69:a7:fc:0a:50:ee:81:a6:f1:14:bc:
72:1d:6d:db
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuOMQIIlNTShbUNwgwl7GwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjMwMTAxMTY0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2UzYjMyOWMxZWFiN2RkZDdhOGM3OGI2OTkwN2EzNGUxMDI1MTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRN2pViAGtppc3l3LmplxzLJVeKG
357cvTUlYC9LGMArjf1LBAR1kqRgkUc6Y6HjwF+pnQ0Q1O3Eaqjqix6JvyiN9Frk
rREA5ddF08umdtbzHeX4VrPsUYDgbPnwotPV4jYb+qb4+QMd9WylaWo8EuT4uKhF
oHA3SI4dBn0+O9lEK6hKbMcvWCM+MnQS6eO/cHXx2P/qBuJMSqgZAZRltEZTvZ0v
2IqThswbvtmbZC9hiNZtVIlhfToPnVWt1/L6D3Dw1EZJQVGOKYXn4G899MbXMiYI
SiS6xQ0H7t/hWJBDC9PLWWb1JW2DUZ+k69isVjHUmPXlBBYxvzLjBxSMqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKPjsynB6rfd16jHi2mQejThAlFNMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvby1PektjSHF0OTNYcU1lTGFaQjZOT0VDVVUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBw7KQAwQC
w7KYMA0GCSqGSIb3DQEBCwUAA4IBAQCLTSmVKq2KY5QhO5kqYbBqOckMoO9y6c8p
R9n2UtpTK2EvsfK5mfxjZg5cSKasvcc3/epYQkBo+wZLv3IlafaBMsSOm0EO30Z1
5K8ndGKtswxOwtMx3EUVkhdo28VebgOkRbu6tWTs9tjyhSz9yVpH7GxanXdApeoe
c2RIhm1nfuJ7HgREHkFTO+EN9wcihQz9bFfSEiVZOnKubCfhuVCihIzpZ+lvVHFo
LxIeCsq3qpUt/SQ3+81dNY9CxXxZb4+OkSzClsQQGZtBWXI9Pv7w5ROk6bR4FRyS
E0U43oMtpRknrL68ritjY9lVdb2p+Bdmaaf8ClDugabxFLxyHW3b
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:38 2024 by rpki-client on console-ams.rpki-client.org