Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/ogxWQUCA7o8hisTxy13VGZbWnNA.roa
File: ogxWQUCA7o8hisTxy13VGZbWnNA.roa (raw, json)
Hash identifier: VUgatG6+LNKZpVvfhe3HDGbLxWBU/XnCe2revAql9Jw=
Subject key identifier: A2:0C:56:41:40:80:EE:8F:21:8A:C4:F1:CB:5D:D5:19:96:D6:9C:D0
Certificate issuer: /CN=43dfc066ce7cd3e382574a68667973b0b468df3c
Certificate serial: 0185706736483F635E4A57ED4CB0701140D4
Authority key identifier: 43:DF:C0:66:CE:7C:D3:E3:82:57:4A:68:66:79:73:B0:B4:68:DF:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/ogxWQUCA7o8hisTxy13VGZbWnNA.roa
Signing time: Mon 02 Jan 2023 02:54:50 +0000
ROA not before: Mon 02 Jan 2023 02:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197564
IP address blocks: 213.108.24.0/24 maxlen: 24
213.108.25.0/24 maxlen: 24
45.155.96.0/22 maxlen: 22
45.155.99.0/24 maxlen: 24
91.226.36.0/23 maxlen: 23
2a10:ba00:bee4::/48 maxlen: 48
2a10:ba00:bee2::/48 maxlen: 48
2001:67c:124c::/48 maxlen: 48
2a10:ba00:bee0::/48 maxlen: 48
2a10:ba00:bee3::/48 maxlen: 48
2a10:ba00:bee1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:36:48:3f:63:5e:4a:57:ed:4c:b0:70:11:40:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43dfc066ce7cd3e382574a68667973b0b468df3c
Validity
Not Before: Jan 2 02:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a20c56414080ee8f218ac4f1cb5dd51996d69cd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:9d:83:48:cd:24:71:e7:15:bb:e2:12:93:7a:
ea:12:e0:43:f5:29:61:cf:ba:1b:f0:84:c1:45:ad:
9c:33:43:30:e0:32:d2:41:49:8f:20:e3:f7:a0:77:
40:fe:ee:a1:85:b4:ea:f7:96:5b:e1:9e:18:ee:54:
5a:24:6b:98:48:64:dc:6b:4d:c8:db:26:13:f6:42:
45:22:d3:e2:d4:a8:22:c7:48:0d:b8:e2:ad:4b:c6:
1e:ca:42:44:cc:17:17:95:09:47:d6:12:85:78:23:
45:f5:bf:df:ce:7a:f6:28:66:8c:e3:5a:bc:31:0d:
61:0e:26:de:25:c1:23:88:ff:e7:a5:f1:91:33:03:
c7:c5:e4:30:cb:ba:2f:d3:e3:bf:bb:a4:b0:ee:59:
e1:ff:1a:57:bf:c6:1f:45:da:2e:82:ca:91:f6:83:
52:01:a5:b9:15:5e:00:9c:d2:ea:13:5a:8e:22:c7:
f7:ec:94:55:2b:2f:f0:7d:09:1d:65:13:7b:58:3d:
f3:cf:c6:7b:84:b1:c4:0c:35:d2:1b:b6:e0:1d:15:
69:7b:10:4f:d2:8d:3b:e0:3d:33:bd:b2:3c:8b:da:
3a:de:4c:d1:f1:f1:1a:7c:94:11:77:f0:07:98:43:
f6:10:1e:44:1d:24:51:cb:81:b4:b2:2b:9d:79:57:
02:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:0C:56:41:40:80:EE:8F:21:8A:C4:F1:CB:5D:D5:19:96:D6:9C:D0
X509v3 Authority Key Identifier:
keyid:43:DF:C0:66:CE:7C:D3:E3:82:57:4A:68:66:79:73:B0:B4:68:DF:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/ogxWQUCA7o8hisTxy13VGZbWnNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Q9_AZs580-OCV0poZnlzsLRo3zw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.96.0/22
91.226.36.0/23
213.108.24.0/23
IPv6:
2001:67c:124c::/48
2a10:ba00:bee0::-2a10:ba00:bee4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
22:6c:db:b6:61:cc:bc:c7:ae:77:82:55:03:36:36:ac:a5:d4:
8d:03:e1:a9:1f:54:88:38:dd:fe:cd:05:7e:78:37:52:cd:60:
68:ca:92:d7:e7:57:69:67:54:f0:c1:7a:bc:70:e7:e4:fb:84:
90:a8:37:4d:cd:f4:d6:99:12:6f:7a:c6:f8:de:44:62:29:5a:
0d:03:36:8a:9c:d9:02:81:49:77:21:5d:d9:89:f8:81:87:27:
41:7f:9c:5e:40:63:57:ec:08:57:f1:d4:4d:4f:49:bc:2b:d2:
80:8b:84:bc:32:f2:86:03:d4:ce:f1:4a:c0:3f:56:05:75:ab:
15:19:b5:c9:1c:c7:04:86:75:0e:82:cc:4b:18:f6:86:80:7f:
c8:28:a9:3c:3d:46:65:2c:69:fc:79:ca:2e:4a:a2:2a:cd:56:
bc:9c:c6:f6:b1:6b:49:cd:0a:ca:43:a0:e5:47:d7:7e:10:36:
53:ae:0e:ec:bf:71:a1:8f:ad:60:36:97:16:b2:78:ce:e3:af:
b5:e7:de:f7:df:44:d0:03:4f:a9:c9:18:d7:d4:91:1f:ea:1c:
60:cf:40:1e:a8:53:cd:d1:45:e1:22:89:7c:b4:4f:44:60:51:
8d:b6:f4:6e:ae:28:50:41:b1:e9:61:f6:82:16:8b:ad:3d:c7:
95:0a:21:a6
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYVwZzZIP2NeSlftTLBwEUDUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZGZjMDY2Y2U3Y2QzZTM4MjU3NGE2ODY2Nzk3M2IwYjQ2
OGRmM2MwHhcNMjMwMTAyMDI1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjBjNTY0MTQwODBlZThmMjE4YWM0ZjFjYjVkZDUxOTk2ZDY5Y2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj52DSM0kcecVu+ISk3rqEuBD9Slh
z7ob8ITBRa2cM0Mw4DLSQUmPIOP3oHdA/u6hhbTq95Zb4Z4Y7lRaJGuYSGTca03I
2yYT9kJFItPi1Kgix0gNuOKtS8YeykJEzBcXlQlH1hKFeCNF9b/fznr2KGaM41q8
MQ1hDibeJcEjiP/npfGRMwPHxeQwy7ov0+O/u6Sw7lnh/xpXv8YfRdougsqR9oNS
AaW5FV4AnNLqE1qOIsf37JRVKy/wfQkdZRN7WD3zz8Z7hLHEDDXSG7bgHRVpexBP
0o074D0zvbI8i9o63kzR8fEafJQRd/AHmEP2EB5EHSRRy4G0siudeVcC3wIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFKIMVkFAgO6PIYrE8ctd1RmW1pzQMB8GA1UdIwQY
MBaAFEPfwGbOfNPjgldKaGZ5c7C0aN88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlfQVpzNTgwLU9DVjBwb1pubHpzTFJvM3p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xNjM2ZjgtNTAyNi00MDRlLWExYWUt
MjUwOTc0M2FkMjllLzEvb2d4V1FVQ0E3bzhoaXNUeHkxM1ZHWmJXbk5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xNjM2ZjgtNTAyNi00MDRlLWExYWUtMjUwOTc0M2FkMjll
LzEvUTlfQVpzNTgwLU9DVjBwb1pubHpzTFJvM3p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAYBAIAATASAwQCLZtgAwQB
W+IkAwQB1WwYMCMEAgACMB0DBwAgAQZ8EkwwEgMHBSoQugC+4AMHACoQugC+5DAN
BgkqhkiG9w0BAQsFAAOCAQEAImzbtmHMvMeud4JVAzY2rKXUjQPhqR9UiDjd/s0F
fng3Us1gaMqS1+dXaWdU8MF6vHDn5PuEkKg3Tc301pkSb3rG+N5EYilaDQM2ipzZ
AoFJdyFd2Yn4gYcnQX+cXkBjV+wIV/HUTU9JvCvSgIuEvDLyhgPUzvFKwD9WBXWr
FRm1yRzHBIZ1DoLMSxj2hoB/yCipPD1GZSxp/HnKLkqiKs1WvJzG9rFrSc0KykOg
5UfXfhA2U64O7L9xoY+tYDaXFrJ4zuOvtefe999E0ANPqckY19SRH+ocYM9AHqhT
zdFF4SKJfLRPRGBRjbb0bq4oUEGx6WH2ghaLrT3HlQohpg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:46 2024 by rpki-client on console-fra.rpki-client.org