Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/oYEoPnJvZeKTKOHvXNU0bPl0K-w.roa
File: oYEoPnJvZeKTKOHvXNU0bPl0K-w.roa (raw, json)
Hash identifier: AXJwn9UXJOqX3VMTDYlK3hVR74BwJpiXmT/YlkpCD30=
Subject key identifier: A1:81:28:3E:72:6F:65:E2:93:28:E1:EF:5C:D5:34:6C:F9:74:2B:EC
Certificate issuer: /CN=cf4a717f8fa1bb0359274223acdae22b70e66bec
Certificate serial: 018BD823B8F151DFA4D6EB0A91EFCCC9A555
Authority key identifier: CF:4A:71:7F:8F:A1:BB:03:59:27:42:23:AC:DA:E2:2B:70:E6:6B:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z0pxf4-huwNZJ0IjrNriK3Dma-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/oYEoPnJvZeKTKOHvXNU0bPl0K-w.roa
Signing time: Thu 16 Nov 2023 12:38:21 +0000
ROA not before: Thu 16 Nov 2023 12:38:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42323
IP address blocks: 109.197.128.0/21 maxlen: 32
91.202.140.0/22 maxlen: 32
195.238.100.0/22 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:23:b8:f1:51:df:a4:d6:eb:0a:91:ef:cc:c9:a5:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf4a717f8fa1bb0359274223acdae22b70e66bec
Validity
Not Before: Nov 16 12:38:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a181283e726f65e29328e1ef5cd5346cf9742bec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:92:74:06:0d:18:81:94:2d:e5:68:d2:69:e3:
a9:4e:30:d3:04:e5:df:4f:ae:dd:44:04:0e:ca:d3:
7c:e8:d2:27:03:3b:fa:78:87:06:ca:d7:a9:fb:1a:
f2:f1:26:92:89:59:fe:1f:c5:0a:7a:40:82:32:c2:
99:fa:fb:79:87:ea:44:2a:00:10:cd:8d:e2:6b:fe:
8b:8e:f2:36:8f:60:39:48:90:f1:e0:69:8e:4c:08:
47:1d:72:0a:99:2b:24:9b:aa:3d:56:12:24:aa:a0:
61:55:01:6f:9d:95:79:d2:3e:92:56:75:7b:b7:88:
79:a1:f1:2c:85:94:06:19:90:b6:4c:66:ec:27:2c:
84:92:1e:b2:d6:37:89:81:6d:d4:90:17:e0:ac:29:
cf:00:45:62:88:7b:09:73:60:ae:63:3e:d1:3b:ce:
51:b3:1e:56:33:59:eb:7e:f6:74:d0:a1:de:a4:8d:
bb:df:70:c8:d1:46:ad:10:35:6b:8b:ef:3f:0b:4f:
08:ab:51:bc:72:0f:59:8d:5a:d9:9a:1f:6e:0d:de:
35:f3:d3:26:67:aa:7b:4f:a3:06:43:ed:b3:66:ff:
3b:6d:dd:f9:25:c0:d1:76:b6:9c:3a:67:19:03:6f:
8e:7d:45:76:89:aa:01:26:b1:e0:3d:15:aa:33:de:
af:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:81:28:3E:72:6F:65:E2:93:28:E1:EF:5C:D5:34:6C:F9:74:2B:EC
X509v3 Authority Key Identifier:
keyid:CF:4A:71:7F:8F:A1:BB:03:59:27:42:23:AC:DA:E2:2B:70:E6:6B:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z0pxf4-huwNZJ0IjrNriK3Dma-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/oYEoPnJvZeKTKOHvXNU0bPl0K-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/z0pxf4-huwNZJ0IjrNriK3Dma-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.140.0/22
109.197.128.0/21
195.238.100.0/22
Signature Algorithm: sha256WithRSAEncryption
38:f6:65:6c:3a:73:83:88:a1:e3:5f:08:8b:03:ab:0a:de:a3:
a1:d8:f4:2c:92:72:c7:48:96:6a:6c:f8:5e:67:c8:0b:59:1e:
c6:03:56:5d:d0:13:a0:04:b4:68:fd:43:0b:48:65:80:09:76:
7c:b7:51:c7:3d:83:18:5f:9d:2b:7e:56:f9:b5:d9:57:61:79:
1f:26:82:35:32:16:84:58:b0:da:12:29:ef:3c:c2:d2:10:b5:
e8:61:44:2f:d3:d8:9c:4d:74:57:7f:05:2a:f8:2e:25:05:fc:
0a:fa:04:78:e4:ef:0c:9f:49:14:5b:19:1b:40:be:f8:de:9e:
5a:78:37:b9:80:35:d5:95:9d:6f:40:76:fa:32:82:4f:8e:f1:
d1:f9:53:77:35:a3:e4:03:a4:25:dd:8c:32:6e:b7:3d:1c:8d:
41:f6:b7:27:03:ec:f3:c5:b0:53:6a:61:38:74:58:72:ea:67:
ba:bf:0c:a6:81:8e:47:df:f7:20:ed:09:ad:5b:ed:79:4f:68:
22:03:21:bd:e0:cc:0d:a1:10:23:be:1a:a0:af:d7:f7:b7:70:
7f:c8:06:01:8a:02:90:a1:50:b3:03:18:cb:54:bd:21:ed:87:
dc:ab:f1:1a:52:8e:72:e4:34:e7:56:ea:0c:f7:de:4e:7b:82:
97:dc:37:62
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvYI7jxUd+k1usKke/MyaVVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNGE3MTdmOGZhMWJiMDM1OTI3NDIyM2FjZGFlMjJiNzBl
NjZiZWMwHhcNMjMxMTE2MTIzODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTgxMjgzZTcyNmY2NWUyOTMyOGUxZWY1Y2Q1MzQ2Y2Y5NzQyYmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5J0Bg0YgZQt5WjSaeOpTjDTBOXf
T67dRAQOytN86NInAzv6eIcGytep+xry8SaSiVn+H8UKekCCMsKZ+vt5h+pEKgAQ
zY3ia/6LjvI2j2A5SJDx4GmOTAhHHXIKmSskm6o9VhIkqqBhVQFvnZV50j6SVnV7
t4h5ofEshZQGGZC2TGbsJyyEkh6y1jeJgW3UkBfgrCnPAEViiHsJc2CuYz7RO85R
sx5WM1nrfvZ00KHepI2733DI0UatEDVri+8/C08Iq1G8cg9ZjVrZmh9uDd4189Mm
Z6p7T6MGQ+2zZv87bd35JcDRdracOmcZA2+OfUV2iaoBJrHgPRWqM96v2QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKGBKD5yb2Xikyjh71zVNGz5dCvsMB8GA1UdIwQY
MBaAFM9KcX+PobsDWSdCI6za4itw5mvsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejBweGY0LWh1d05aSjBJanJOcmlLM0RtYS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9lNTBmNTQtNmZkZC00ZmU5LTlmZTkt
NmFhYTZiMDIxNjBkLzEvb1lFb1BuSnZaZUtUS09IdlhOVTBiUGwwSy13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9lNTBmNTQtNmZkZC00ZmU5LTlmZTktNmFhYTZiMDIxNjBk
LzEvejBweGY0LWh1d05aSjBJanJOcmlLM0RtYS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW8qMAwQD
bcWAAwQCw+5kMA0GCSqGSIb3DQEBCwUAA4IBAQA49mVsOnODiKHjXwiLA6sK3qOh
2PQsknLHSJZqbPheZ8gLWR7GA1Zd0BOgBLRo/UMLSGWACXZ8t1HHPYMYX50rflb5
tdlXYXkfJoI1MhaEWLDaEinvPMLSELXoYUQv09icTXRXfwUq+C4lBfwK+gR45O8M
n0kUWxkbQL743p5aeDe5gDXVlZ1vQHb6MoJPjvHR+VN3NaPkA6Ql3Ywybrc9HI1B
9rcnA+zzxbBTamE4dFhy6me6vwymgY5H3/cg7QmtW+15T2giAyG94MwNoRAjvhqg
r9f3t3B/yAYBigKQoVCzAxjLVL0h7Yfcq/EaUo5y5DTnVuoM995Oe4KX3Ddi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:27 2024 by rpki-client on console-fra.rpki-client.org