Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/oxYAf2y8C2tc3x5IESwGFBiecaw.roa
File: oxYAf2y8C2tc3x5IESwGFBiecaw.roa (raw, json)
Hash identifier: 0jOjgIYzpjVT6jby5Sc87RB5vVkm2cONCbTFnwsDhC0=
Subject key identifier: A3:16:00:7F:6C:BC:0B:6B:5C:DF:1E:48:11:2C:06:14:18:9E:71:AC
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 0185730CD8CA3E150A9430AA5D393CAB9143
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/oxYAf2y8C2tc3x5IESwGFBiecaw.roa
Signing time: Mon 02 Jan 2023 15:14:59 +0000
ROA not before: Mon 02 Jan 2023 15:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209514
IP address blocks: 147.234.41.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:0c:d8:ca:3e:15:0a:94:30:aa:5d:39:3c:ab:91:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Jan 2 15:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a316007f6cbc0b6b5cdf1e48112c0614189e71ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a3:b8:24:66:fb:a4:25:51:f0:37:7d:a2:ec:
57:77:fe:08:19:5f:fc:ed:d3:b1:00:bb:eb:9f:3e:
9d:33:f2:ae:86:9b:21:22:03:1a:74:74:a9:16:8e:
24:45:33:ae:a7:ef:9f:a6:30:f6:2b:2f:fa:a1:5f:
ef:4c:82:82:e7:83:07:84:0f:dd:0a:c2:c1:7e:01:
7d:d3:af:f2:d7:e5:31:3a:7d:fa:c5:54:91:00:af:
29:a8:4c:b6:f2:de:3f:33:c1:74:c8:ba:2d:ce:d3:
22:fb:5f:1d:8b:fb:2a:af:e5:84:ea:89:4f:73:43:
23:8b:9a:fc:26:ae:fb:d0:49:51:d6:c7:a1:ef:67:
97:dd:64:81:8c:e5:ab:b5:c6:a1:ed:5e:b3:d6:ae:
26:41:fd:a3:3f:4f:54:cc:3b:a8:2a:a5:31:11:01:
f4:17:16:0d:db:55:df:76:d5:db:f1:d1:35:3d:9f:
bf:db:50:78:bb:2d:4b:9d:c7:18:21:a7:c4:92:d3:
bc:5e:94:5b:04:40:91:ce:6e:f1:f0:24:c2:a4:da:
10:42:b4:fd:0f:0d:f3:75:76:9d:8e:02:4b:d6:1b:
c5:f0:ad:59:f7:2d:da:00:3e:72:81:37:f7:ab:03:
9a:b4:79:1d:69:f1:21:e7:da:79:1f:41:46:5f:54:
0f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:16:00:7F:6C:BC:0B:6B:5C:DF:1E:48:11:2C:06:14:18:9E:71:AC
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/oxYAf2y8C2tc3x5IESwGFBiecaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.234.41.0/24
Signature Algorithm: sha256WithRSAEncryption
27:d3:61:57:ef:74:c0:bb:1a:05:9e:37:cb:2a:0a:11:3b:25:
4a:d2:18:97:62:e3:71:15:bb:c6:02:9b:15:6b:57:7f:74:e1:
30:4b:68:e4:17:cf:99:d4:0a:70:8f:7b:5a:24:3a:97:5b:9a:
12:6f:29:37:a9:27:48:55:f9:b9:b6:cd:4e:ee:91:61:de:cd:
74:24:af:16:92:fb:49:e8:4e:6a:14:b1:65:ba:be:85:39:64:
db:9d:b4:7f:b4:8e:de:5c:93:8d:dd:00:40:0a:7b:b5:d2:b7:
ef:96:03:f0:ca:ff:4e:8e:4d:96:48:4b:06:ee:f4:22:25:88:
1e:46:98:4f:e9:85:62:7b:40:e2:08:de:da:6a:48:df:21:1e:
06:72:95:e1:78:64:d9:87:e6:8d:10:9b:56:d2:b0:5c:ec:b3:
89:13:ba:a3:56:d3:c0:33:f1:10:80:79:22:3f:c0:74:cc:9c:
73:39:44:be:dc:3b:14:c3:33:32:d1:64:4f:79:4f:b2:c5:bb:
3a:12:8e:a6:65:40:2b:2a:a5:eb:b0:73:19:5d:48:e3:46:17:
d3:33:5b:92:5f:96:be:1c:7d:85:a8:49:5f:d5:13:40:be:04:
0e:2f:ad:33:5c:d3:1e:6d:48:60:0b:69:84:d3:24:9e:0f:99:
36:e5:a9:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzDNjKPhUKlDCqXTk8q5FDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjMwMTAyMTUxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzE2MDA3ZjZjYmMwYjZiNWNkZjFlNDgxMTJjMDYxNDE4OWU3MWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqO4JGb7pCVR8Dd9ouxXd/4IGV/8
7dOxALvrnz6dM/KuhpshIgMadHSpFo4kRTOup++fpjD2Ky/6oV/vTIKC54MHhA/d
CsLBfgF906/y1+UxOn36xVSRAK8pqEy28t4/M8F0yLotztMi+18di/sqr+WE6olP
c0Mji5r8Jq770ElR1seh72eX3WSBjOWrtcah7V6z1q4mQf2jP09UzDuoKqUxEQH0
FxYN21XfdtXb8dE1PZ+/21B4uy1LnccYIafEktO8XpRbBECRzm7x8CTCpNoQQrT9
Dw3zdXadjgJL1hvF8K1Z9y3aAD5ygTf3qwOatHkdafEh59p5H0FGX1QPHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKMWAH9svAtrXN8eSBEsBhQYnnGsMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvb3hZQWYyeThDMnRjM3g1SUVTd0dGQmllY2F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk+opMA0G
CSqGSIb3DQEBCwUAA4IBAQAn02FX73TAuxoFnjfLKgoROyVK0hiXYuNxFbvGApsV
a1d/dOEwS2jkF8+Z1Apwj3taJDqXW5oSbyk3qSdIVfm5ts1O7pFh3s10JK8WkvtJ
6E5qFLFlur6FOWTbnbR/tI7eXJON3QBACnu10rfvlgPwyv9Ojk2WSEsG7vQiJYge
RphP6YVie0DiCN7aakjfIR4GcpXheGTZh+aNEJtW0rBc7LOJE7qjVtPAM/EQgHki
P8B0zJxzOUS+3DsUwzMy0WRPeU+yxbs6Eo6mZUArKqXrsHMZXUjjRhfTM1uSX5a+
HH2FqElf1RNAvgQOL60zXNMebUhgC2mE0ySeD5k25anw
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:44 2024 by rpki-client on console-ams.rpki-client.org