Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7c38f4-5dae-4d2c-8208-1d19499d098f/1/7OXC4oflVijGcgLuG1SK5p4WuuQ.roa
File: 7OXC4oflVijGcgLuG1SK5p4WuuQ.roa (raw, json)
Hash identifier: hM6i4i+XmFexZ7ji7kJVldI+gL7Y0d0MMYM87F6DBPM=
Subject key identifier: EC:E5:C2:E2:87:E5:56:28:C6:72:02:EE:1B:54:8A:E6:9E:16:BA:E4
Certificate issuer: /CN=0c9bc1b14f0d9653f514ec167771b77559ac63cc
Certificate serial: 018C62D59D68AA9C647B15CA20AA309B3265
Authority key identifier: 0C:9B:C1:B1:4F:0D:96:53:F5:14:EC:16:77:71:B7:75:59:AC:63:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DJvBsU8NllP1FOwWd3G3dVmsY8w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7c38f4-5dae-4d2c-8208-1d19499d098f/1/7OXC4oflVijGcgLuG1SK5p4WuuQ.roa
Signing time: Wed 13 Dec 2023 11:00:15 +0000
ROA not before: Wed 13 Dec 2023 11:00:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200689
IP address blocks: 178.255.116.0/22 maxlen: 22
185.98.164.0/22 maxlen: 22
2a0d:20c0::/29 maxlen: 29
2a06:d00::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:62:d5:9d:68:aa:9c:64:7b:15:ca:20:aa:30:9b:32:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c9bc1b14f0d9653f514ec167771b77559ac63cc
Validity
Not Before: Dec 13 11:00:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ece5c2e287e55628c67202ee1b548ae69e16bae4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:27:23:a3:0d:25:d6:ec:8a:f3:dc:22:13:ee:
db:fc:62:d9:6c:6b:74:0d:35:0a:b2:9a:96:76:2d:
cc:2d:bc:ac:f7:b1:08:c6:e0:30:d7:04:82:25:89:
9d:7a:ee:aa:91:34:1d:a4:a7:b6:3f:23:1c:c1:7f:
81:b5:2f:e0:df:4b:e7:0e:0a:bb:72:c3:c8:9e:89:
06:3b:ad:28:63:80:2c:91:62:b1:51:ef:a1:04:ff:
0f:f7:c6:91:aa:3c:b1:b7:69:e3:35:67:e0:9c:80:
f3:ab:d0:e0:b6:4b:f7:e9:32:d7:97:aa:ff:a9:6a:
44:23:0f:ed:39:7b:f9:b7:96:59:1c:d1:95:ee:e8:
c8:a0:16:04:10:1e:a3:f3:61:48:3b:a6:54:ec:fc:
f5:4c:95:8a:a1:71:9c:0d:b2:64:ee:d2:ab:97:c7:
69:f8:2a:7a:b5:fc:b2:6e:37:a8:a9:b1:10:9c:f0:
d6:11:5e:55:6c:d8:2f:7b:f0:1b:20:24:6f:43:c3:
f3:3f:0e:8a:94:95:4c:8d:c0:87:ba:66:d0:e2:8a:
4c:6f:2e:c9:71:ad:4f:91:0e:d4:e5:bb:80:ed:d3:
0d:61:d2:de:68:92:14:42:2b:23:15:e8:77:0d:19:
f4:62:25:c9:86:87:2c:e2:be:14:a6:8b:e2:2d:bd:
00:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:E5:C2:E2:87:E5:56:28:C6:72:02:EE:1B:54:8A:E6:9E:16:BA:E4
X509v3 Authority Key Identifier:
keyid:0C:9B:C1:B1:4F:0D:96:53:F5:14:EC:16:77:71:B7:75:59:AC:63:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DJvBsU8NllP1FOwWd3G3dVmsY8w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7c38f4-5dae-4d2c-8208-1d19499d098f/1/7OXC4oflVijGcgLuG1SK5p4WuuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7c38f4-5dae-4d2c-8208-1d19499d098f/1/DJvBsU8NllP1FOwWd3G3dVmsY8w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.116.0/22
185.98.164.0/22
IPv6:
2a06:d00::/29
2a0d:20c0::/29
Signature Algorithm: sha256WithRSAEncryption
0c:30:83:db:76:3c:29:83:20:f2:42:93:f4:23:00:4d:aa:f5:
44:59:f0:17:10:52:59:40:fe:c9:f7:f3:aa:76:01:d0:1b:39:
40:17:2d:8c:cc:6d:f8:f7:21:c4:5d:bc:13:71:71:6a:3c:0f:
20:63:50:ba:dd:06:01:59:2a:71:9c:5b:02:40:7c:a9:09:98:
c4:c8:a8:c8:c9:c9:f5:f1:20:e9:31:7b:0f:92:43:45:5f:d0:
8f:03:f9:df:c6:a7:c7:4d:a0:f8:21:8a:cf:26:e8:59:5b:3d:
f7:3f:94:fe:4a:ee:fd:37:f5:c1:bb:6b:e3:7b:88:ad:16:95:
1c:54:55:0a:35:58:87:51:74:ab:bb:fb:9c:4e:38:58:b4:0e:
21:54:ee:4c:c9:1e:d0:66:a0:41:6d:70:a2:4a:1f:c5:f4:b8:
92:e0:ea:c3:45:0f:0d:e2:16:14:ea:a9:fc:a8:bf:db:42:4a:
05:eb:8f:28:f7:ea:65:cb:87:d3:04:99:06:1b:6f:ee:35:2a:
0a:e1:3d:1d:8f:fd:33:b5:83:e2:44:bb:05:48:2a:42:53:31:
8f:d4:6f:60:78:03:9d:82:e4:a7:44:1e:48:34:8c:3f:c8:5e:
44:9b:5d:5b:cc:12:fb:e7:b3:e8:93:04:cc:3e:a5:e2:53:8d:
b7:8a:21:30
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYxi1Z1oqpxkexXKIKowmzJlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjOWJjMWIxNGYwZDk2NTNmNTE0ZWMxNjc3NzFiNzc1NTlh
YzYzY2MwHhcNMjMxMjEzMTEwMDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2U1YzJlMjg3ZTU1NjI4YzY3MjAyZWUxYjU0OGFlNjllMTZiYWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyycjow0l1uyK89wiE+7b/GLZbGt0
DTUKspqWdi3MLbys97EIxuAw1wSCJYmdeu6qkTQdpKe2PyMcwX+BtS/g30vnDgq7
csPInokGO60oY4AskWKxUe+hBP8P98aRqjyxt2njNWfgnIDzq9Dgtkv36TLXl6r/
qWpEIw/tOXv5t5ZZHNGV7ujIoBYEEB6j82FIO6ZU7Pz1TJWKoXGcDbJk7tKrl8dp
+Cp6tfyybjeoqbEQnPDWEV5VbNgve/AbICRvQ8PzPw6KlJVMjcCHumbQ4opMby7J
ca1PkQ7U5buA7dMNYdLeaJIUQisjFeh3DRn0YiXJhocs4r4UpoviLb0AdQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFOzlwuKH5VYoxnIC7htUiuaeFrrkMB8GA1UdIwQY
MBaAFAybwbFPDZZT9RTsFndxt3VZrGPMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREp2QnNVOE5sbFAxRk93V2QzRzNkVm1zWTh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YzM4ZjQtNWRhZS00ZDJjLTgyMDgt
MWQxOTQ5OWQwOThmLzEvN09YQzRvZmxWaWpHY2dMdUcxU0s1cDRXdXVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YzM4ZjQtNWRhZS00ZDJjLTgyMDgtMWQxOTQ5OWQwOThm
LzEvREp2QnNVOE5sbFAxRk93V2QzRzNkVm1zWTh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCsv90AwQC
uWKkMBQEAgACMA4DBQMqBg0AAwUDKg0gwDANBgkqhkiG9w0BAQsFAAOCAQEADDCD
23Y8KYMg8kKT9CMATar1RFnwFxBSWUD+yffzqnYB0Bs5QBctjMxt+PchxF28E3Fx
ajwPIGNQut0GAVkqcZxbAkB8qQmYxMioyMnJ9fEg6TF7D5JDRV/QjwP538anx02g
+CGKzyboWVs99z+U/kru/Tf1wbtr43uIrRaVHFRVCjVYh1F0q7v7nE44WLQOIVTu
TMke0GagQW1wokofxfS4kuDqw0UPDeIWFOqp/Ki/20JKBeuPKPfqZcuH0wSZBhtv
7jUqCuE9HY/9M7WD4kS7BUgqQlMxj9RvYHgDnYLkp0QeSDSMP8heRJtdW8wS++ez
6JMEzD6l4lONt4ohMA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:33 2024 by rpki-client on console-fra.rpki-client.org