Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/ovO2VUsUt51mEWjG5i-DVdE5Y5A.roa
File: ovO2VUsUt51mEWjG5i-DVdE5Y5A.roa (raw, json)
Hash identifier: ODi+Ge0XK+tETMqqNAK8+LeMwr2XZ69IdJvm5h/Hq/0=
Subject key identifier: A2:F3:B6:55:4B:14:B7:9D:66:11:68:C6:E6:2F:83:55:D1:39:63:90
Certificate issuer: /CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Certificate serial: 01856D4AE8F8164CEA062E38782F95D3CF3B
Authority key identifier: C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/ovO2VUsUt51mEWjG5i-DVdE5Y5A.roa
Signing time: Sun 01 Jan 2023 12:25:03 +0000
ROA not before: Sun 01 Jan 2023 12:25:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33845
IP address blocks: 149.126.48.0/21 maxlen: 21
162.23.0.0/16 maxlen: 16
193.5.216.0/21 maxlen: 21
131.102.0.0/16 maxlen: 16
2a07:2900::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:e8:f8:16:4c:ea:06:2e:38:78:2f:95:d3:cf:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Validity
Not Before: Jan 1 12:25:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2f3b6554b14b79d661168c6e62f8355d1396390
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:cb:78:f2:93:25:71:38:b8:76:0d:37:be:c1:
29:0c:86:00:71:ff:20:c9:bb:db:b2:df:5d:90:37:
fd:a7:88:9d:cc:2f:50:f1:66:91:9a:12:a1:b8:6f:
c9:08:28:18:f0:c7:e3:bd:3c:e3:96:27:34:8e:c0:
67:8f:f0:ad:c1:2e:91:0a:4b:0b:43:8f:81:3d:66:
1f:1c:1e:d5:55:0a:5d:4c:5c:90:65:15:68:ca:7a:
a8:ef:de:0d:e7:a6:61:5b:2b:1a:7d:79:aa:cd:29:
46:6b:47:6d:01:7d:09:2e:e7:59:00:5b:f2:b8:93:
8d:88:1c:d3:80:c4:2c:e0:70:fd:7e:18:ad:8a:4b:
3f:08:8d:3a:f5:c1:ff:49:c6:7f:b5:82:1c:9d:54:
93:9d:6e:d7:75:60:fb:e8:1e:59:f4:9b:51:3f:f1:
c2:d8:19:84:8d:49:75:e4:7c:d5:ba:a6:77:9d:a2:
46:ca:e4:3f:a7:44:34:0f:b1:00:b8:37:48:04:d4:
33:3e:0d:ee:a9:ca:7d:38:9b:9c:2e:23:24:e7:ba:
d5:68:5c:9b:88:45:a2:e9:69:e8:16:7d:40:19:a8:
bc:98:31:fc:73:3d:dc:03:11:58:c0:de:70:dc:35:
82:d5:6f:31:65:d4:1d:4f:b1:e9:c9:47:8f:be:67:
e6:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:F3:B6:55:4B:14:B7:9D:66:11:68:C6:E6:2F:83:55:D1:39:63:90
X509v3 Authority Key Identifier:
keyid:C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/ovO2VUsUt51mEWjG5i-DVdE5Y5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.102.0.0/16
149.126.48.0/21
162.23.0.0/16
193.5.216.0/21
IPv6:
2a07:2900::/32
Signature Algorithm: sha256WithRSAEncryption
76:39:31:48:f6:00:42:e0:31:4f:43:04:a1:3e:94:0d:e5:e9:
70:d9:76:3d:11:32:b7:74:2a:7d:4c:98:ab:60:5f:06:bd:f8:
6a:a8:10:38:56:4f:9b:19:65:5f:7b:0e:e0:3d:60:67:fd:7f:
f3:39:68:72:1b:33:67:b0:6d:e5:a9:1e:04:ba:a4:2c:e0:3e:
d9:82:99:2d:23:0f:93:f9:38:e1:8f:b7:54:b9:38:12:29:f7:
62:30:11:d6:04:a1:c9:be:28:13:22:f6:cd:30:4b:16:3b:53:
d0:c7:68:6e:e2:c1:7d:df:ff:4b:2d:b9:c0:b8:cf:6d:91:3e:
7c:43:e0:c5:1c:fc:f0:be:23:16:5d:69:ff:0b:45:7a:5f:62:
f0:9d:8e:b5:0e:0f:8d:63:98:a2:c3:24:d2:78:9b:21:4f:7e:
7a:34:3d:a0:8d:24:ff:9d:72:4e:e8:83:38:35:e0:0b:d3:dd:
00:19:8f:c1:3a:2b:93:a1:20:96:e4:6a:44:7a:55:38:c5:d6:
6e:84:8c:9e:2d:8f:b0:cf:0d:44:94:3c:76:ad:6f:e3:6c:f7:
ee:a7:4b:a8:f4:b0:c2:1f:9d:02:ac:53:69:c4:1b:02:98:6c:
2c:d1:81:aa:6a:be:56:8b:bb:3b:20:2a:a1:7a:b9:69:42:e1:
c6:1c:60:2c
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYVtSuj4FkzqBi44eC+V0887MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NWM2ODNjYjFlYjljMGY0OWI5NjdlM2JkOWI4Yjg0Y2Yw
OTliYjgwHhcNMjMwMTAxMTIyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmYzYjY1NTRiMTRiNzlkNjYxMTY4YzZlNjJmODM1NWQxMzk2MzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtst48pMlcTi4dg03vsEpDIYAcf8g
ybvbst9dkDf9p4idzC9Q8WaRmhKhuG/JCCgY8MfjvTzjlic0jsBnj/CtwS6RCksL
Q4+BPWYfHB7VVQpdTFyQZRVoynqo794N56ZhWysafXmqzSlGa0dtAX0JLudZAFvy
uJONiBzTgMQs4HD9fhitiks/CI069cH/ScZ/tYIcnVSTnW7XdWD76B5Z9JtRP/HC
2BmEjUl15HzVuqZ3naJGyuQ/p0Q0D7EAuDdIBNQzPg3uqcp9OJucLiMk57rVaFyb
iEWi6WnoFn1AGai8mDH8cz3cAxFYwN5w3DWC1W8xZdQdT7HpyUePvmfmUQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFKLztlVLFLedZhFoxuYvg1XROWOQMB8GA1UdIwQY
MBaAFMRcaDyx65wPSbln472bi4TPCZu4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYt
ODhkMmRmMTBkMTViLzEvb3ZPMlZVc1V0NTFtRVdqRzVpLURWZEU1WTVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYtODhkMmRmMTBkMTVi
LzEveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAcBAIAATAWAwMAg2YDBAOV
fjADAwCiFwMEA8EF2DANBAIAAjAHAwUAKgcpADANBgkqhkiG9w0BAQsFAAOCAQEA
djkxSPYAQuAxT0MEoT6UDeXpcNl2PREyt3QqfUyYq2BfBr34aqgQOFZPmxllX3sO
4D1gZ/1/8zlochszZ7Bt5akeBLqkLOA+2YKZLSMPk/k44Y+3VLk4Ein3YjAR1gSh
yb4oEyL2zTBLFjtT0MdobuLBfd//Sy25wLjPbZE+fEPgxRz88L4jFl1p/wtFel9i
8J2OtQ4PjWOYosMk0nibIU9+ejQ9oI0k/51yTuiDODXgC9PdABmPwTork6EgluRq
RHpVOMXWboSMni2PsM8NRJQ8dq1v42z37qdLqPSwwh+dAqxTacQbAphsLNGBqmq+
Vou7OyAqoXq5aULhxhxgLA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:54 2024 by rpki-client on console-ams.rpki-client.org