Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/oZqu9ibK8T2EbOAkFNH68CT-pRI.roa
File: oZqu9ibK8T2EbOAkFNH68CT-pRI.roa (raw, json)
Hash identifier: JjSClhluMTOTfwAwVeLDfkGBfx+4NmAGmP1KaMj5ljY=
Subject key identifier: A1:9A:AE:F6:26:CA:F1:3D:84:6C:E0:24:14:D1:FA:F0:24:FE:A5:12
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 0185730CD98FB51E0A36E044FA9944B1CD34
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/oZqu9ibK8T2EbOAkFNH68CT-pRI.roa
Signing time: Mon 02 Jan 2023 15:14:59 +0000
ROA not before: Mon 02 Jan 2023 15:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212361
IP address blocks: 147.234.90.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:0c:d9:8f:b5:1e:0a:36:e0:44:fa:99:44:b1:cd:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Jan 2 15:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a19aaef626caf13d846ce02414d1faf024fea512
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:0d:47:10:6e:56:a3:eb:46:b4:7e:88:69:a8:
de:ee:0d:f1:c6:c9:cc:fa:f0:b5:09:ff:d2:d4:d2:
18:e6:d4:15:52:98:71:ba:e4:87:80:ce:9f:fc:98:
60:7b:d7:e6:11:e0:61:b8:1a:e4:05:60:6d:2e:d1:
15:3e:ec:71:c4:5c:a3:4b:0e:af:18:31:3d:c1:c6:
4c:b9:cc:18:81:94:3d:b3:99:29:3d:28:88:1e:74:
bc:74:16:e9:5a:b5:a8:ca:10:33:58:aa:fb:15:01:
98:09:9d:4e:4f:31:b5:8a:6b:8f:5e:c7:f3:61:ee:
9b:ff:c9:2e:e1:1d:3d:4f:ff:bc:48:33:6c:1e:fc:
43:e6:43:6a:e3:9d:da:10:9e:4b:9e:03:66:01:d8:
d1:5a:64:c4:d4:ff:cf:4b:11:43:f7:c1:a5:ca:e3:
8f:18:13:70:c4:72:8b:90:ca:32:19:89:67:69:15:
f0:47:1c:e3:37:b7:c1:43:87:5a:c8:cb:e1:ea:ed:
fb:a9:d4:ba:9f:16:5a:86:9b:a4:2e:bc:27:7b:47:
8c:f5:c6:5c:21:39:04:95:26:9c:29:cb:7b:f4:9a:
19:3a:00:87:2b:10:c7:8f:d5:8d:06:cb:9c:ac:6c:
0d:e6:97:d6:c7:89:57:ab:b6:c2:43:9d:2c:f8:b2:
3f:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:9A:AE:F6:26:CA:F1:3D:84:6C:E0:24:14:D1:FA:F0:24:FE:A5:12
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/oZqu9ibK8T2EbOAkFNH68CT-pRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.234.90.0/24
Signature Algorithm: sha256WithRSAEncryption
88:92:f2:65:f6:6e:91:30:e3:3b:75:f3:b6:0f:7f:f4:c7:77:
92:e7:20:22:7f:aa:5d:79:d0:cf:fb:13:69:49:fd:6c:c2:2f:
c5:be:83:7f:ae:b8:61:d2:1b:cc:ef:d9:67:a5:ea:63:46:d6:
76:c0:c6:30:d7:24:3a:26:54:eb:c4:e9:61:09:84:d1:5a:e1:
9d:e5:7c:c0:84:67:66:9a:25:ed:14:60:88:d3:75:17:98:44:
6d:6d:d0:a8:e2:63:5d:e6:c0:ca:88:02:2c:e9:fb:d7:e0:a4:
26:75:1a:1f:82:02:8d:9d:2d:ff:eb:d4:1c:1e:72:16:f8:db:
f9:e9:d4:b3:eb:f5:a0:af:2b:8a:d6:d2:17:6a:9f:3b:45:61:
ac:3f:89:2e:66:fa:7b:a1:5f:c3:93:b6:fe:f2:8a:4a:9c:d6:
23:64:c2:f3:1f:2c:06:f9:8b:a9:e5:b0:e1:23:85:f3:5c:de:
cf:b3:0c:d0:5d:80:61:9a:d1:a6:9b:64:5d:f4:db:8b:04:13:
1b:07:23:17:58:95:b9:86:61:55:68:16:20:9c:e8:89:24:0e:
82:fd:6e:e5:a9:26:86:10:4e:8a:8a:9f:fb:87:50:4a:49:2d:
a0:4f:4e:e1:02:6b:18:ec:95:ce:70:7f:d5:36:7c:e5:ea:c4:
68:7d:d5:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzDNmPtR4KNuBE+plEsc00MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjMwMTAyMTUxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTlhYWVmNjI2Y2FmMTNkODQ2Y2UwMjQxNGQxZmFmMDI0ZmVhNTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkw1HEG5Wo+tGtH6Iaaje7g3xxsnM
+vC1Cf/S1NIY5tQVUphxuuSHgM6f/Jhge9fmEeBhuBrkBWBtLtEVPuxxxFyjSw6v
GDE9wcZMucwYgZQ9s5kpPSiIHnS8dBbpWrWoyhAzWKr7FQGYCZ1OTzG1imuPXsfz
Ye6b/8ku4R09T/+8SDNsHvxD5kNq453aEJ5LngNmAdjRWmTE1P/PSxFD98GlyuOP
GBNwxHKLkMoyGYlnaRXwRxzjN7fBQ4dayMvh6u37qdS6nxZahpukLrwne0eM9cZc
ITkElSacKct79JoZOgCHKxDHj9WNBsucrGwN5pfWx4lXq7bCQ50s+LI/vwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKGarvYmyvE9hGzgJBTR+vAk/qUSMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvb1pxdTlpYks4VDJFYk9Ba0ZOSDY4Q1QtcFJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk+paMA0G
CSqGSIb3DQEBCwUAA4IBAQCIkvJl9m6RMOM7dfO2D3/0x3eS5yAif6pdedDP+xNp
Sf1swi/FvoN/rrhh0hvM79lnpepjRtZ2wMYw1yQ6JlTrxOlhCYTRWuGd5XzAhGdm
miXtFGCI03UXmERtbdCo4mNd5sDKiAIs6fvX4KQmdRofggKNnS3/69QcHnIW+Nv5
6dSz6/WgryuK1tIXap87RWGsP4kuZvp7oV/Dk7b+8opKnNYjZMLzHywG+Yup5bDh
I4XzXN7PswzQXYBhmtGmm2Rd9NuLBBMbByMXWJW5hmFVaBYgnOiJJA6C/W7lqSaG
EE6Kip/7h1BKSS2gT07hAmsY7JXOcH/VNnzl6sRofdU9
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:19:32 2024 by rpki-client on console-fra.rpki-client.org