Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/OF4DvVk-GhFofZTsi_Mo44QxhuQ.roa
File: OF4DvVk-GhFofZTsi_Mo44QxhuQ.roa (raw, json)
Hash identifier: 2CDgpRq7trjRZPfyIXKPpH8qxHbrHqJNnp61YtSIluo=
Subject key identifier: 38:5E:03:BD:59:3E:1A:11:68:7D:94:EC:8B:F3:28:E3:84:31:86:E4
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 018A9A4816CE2B315192F2ECFB45C5A8DCDA
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/OF4DvVk-GhFofZTsi_Mo44QxhuQ.roa
Signing time: Fri 15 Sep 2023 19:18:50 +0000
ROA not before: Fri 15 Sep 2023 19:18:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211318
IP address blocks: 81.21.11.0/24 maxlen: 24
81.21.13.0/24 maxlen: 24
81.21.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Nov 2023 11:16:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:9a:48:16:ce:2b:31:51:92:f2:ec:fb:45:c5:a8:dc:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Sep 15 19:18:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=385e03bd593e1a11687d94ec8bf328e3843186e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c0:fc:46:28:61:f9:2d:01:ea:a0:d2:97:1c:
29:47:85:ac:a9:38:d7:be:78:75:e8:0f:22:01:1f:
8b:ac:1c:c6:aa:ed:ed:e4:44:14:b9:b4:7a:5e:2f:
88:19:96:a8:f5:30:01:10:53:49:4e:50:fa:22:c7:
02:9f:65:0c:7f:33:35:c4:90:b8:09:d8:3c:2f:bf:
e6:19:e7:a4:a2:e8:8d:bd:61:b6:0c:a3:6a:a9:f1:
c6:2a:85:06:f5:76:bc:37:ef:be:7f:1d:9d:7a:aa:
b9:4d:50:57:1f:ac:0b:e3:d6:3b:e6:7c:2e:da:8c:
31:a6:4c:51:82:52:bc:ac:3e:b4:21:02:21:75:d5:
1d:ce:1f:cb:14:70:70:60:f6:1f:4d:34:12:84:6d:
94:42:12:84:9c:4e:b1:01:b4:ee:37:89:bc:72:22:
67:73:d5:59:9a:ee:e8:f9:4b:23:ed:b2:ad:60:07:
ba:ea:46:20:a9:f6:43:7f:d0:cc:dd:ac:13:f6:09:
f1:0d:c1:3a:fe:63:ee:66:7c:31:32:6f:db:fc:63:
06:3b:08:c7:cd:05:d5:38:4d:1b:66:c3:02:84:cc:
aa:96:86:ca:0a:31:70:f2:48:ad:f2:e9:80:a8:7e:
43:fc:ec:af:51:ab:91:e2:04:36:dc:f4:a3:64:e7:
da:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:5E:03:BD:59:3E:1A:11:68:7D:94:EC:8B:F3:28:E3:84:31:86:E4
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/OF4DvVk-GhFofZTsi_Mo44QxhuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.11.0-81.21.13.255
Signature Algorithm: sha256WithRSAEncryption
79:6c:ce:94:34:c4:ba:1b:9a:c8:0f:f3:bd:96:40:09:ec:dd:
d5:f5:26:d1:0c:5d:1d:7e:c0:c8:0f:cc:be:0b:aa:34:16:14:
e0:3d:92:1e:a3:fc:6a:a1:17:f1:68:cf:20:d9:63:97:4f:66:
91:91:8e:58:e8:f7:cf:be:3c:dd:ef:38:2d:26:3a:56:b0:f4:
72:39:d7:b7:e9:1e:ce:15:4d:76:d3:05:8c:7e:eb:0d:e9:54:
2c:c2:78:75:b3:58:af:74:d0:22:c1:ab:0a:f0:70:fa:76:41:
d3:66:cf:56:f1:99:32:0b:74:9e:11:8c:51:e3:fe:e2:63:04:
a3:89:4d:6a:5a:2d:b9:a9:b5:4f:e5:58:aa:29:09:00:5d:6b:
aa:38:db:0c:bf:0e:a4:57:28:73:eb:4e:7e:1b:ec:dd:ec:76:
e3:ac:19:50:4b:09:2b:a6:4b:26:95:fa:bb:68:b4:9e:72:96:
9f:41:25:87:c1:d9:b0:31:49:46:2e:cc:d6:ec:c3:b9:46:21:
9d:ee:8d:34:f3:69:6c:6a:69:25:8e:7b:68:56:bc:44:70:eb:
dc:8b:8a:f5:63:14:a8:da:f8:4a:9b:24:71:3a:a9:59:0b:a7:
39:b8:35:5c:d3:47:77:32:ee:cd:e4:15:97:0e:bf:1f:ca:eb:
f0:a1:4c:6d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYqaSBbOKzFRkvLs+0XFqNzaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMwOTE1MTkxODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODVlMDNiZDU5M2UxYTExNjg3ZDk0ZWM4YmYzMjhlMzg0MzE4NmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssD8Rihh+S0B6qDSlxwpR4WsqTjX
vnh16A8iAR+LrBzGqu3t5EQUubR6Xi+IGZao9TABEFNJTlD6IscCn2UMfzM1xJC4
Cdg8L7/mGeekouiNvWG2DKNqqfHGKoUG9Xa8N+++fx2deqq5TVBXH6wL49Y75nwu
2owxpkxRglK8rD60IQIhddUdzh/LFHBwYPYfTTQShG2UQhKEnE6xAbTuN4m8ciJn
c9VZmu7o+Usj7bKtYAe66kYgqfZDf9DM3awT9gnxDcE6/mPuZnwxMm/b/GMGOwjH
zQXVOE0bZsMChMyqlobKCjFw8kit8umAqH5D/OyvUauR4gQ23PSjZOfaFQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDheA71ZPhoRaH2U7IvzKOOEMYbkMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvT0Y0RHZWay1HaEZvZlpUc2lfTW80NFF4aHVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABRFQsD
BAFRFQwwDQYJKoZIhvcNAQELBQADggEBAHlszpQ0xLobmsgP872WQAns3dX1JtEM
XR1+wMgPzL4LqjQWFOA9kh6j/GqhF/FozyDZY5dPZpGRjljo98++PN3vOC0mOlaw
9HI517fpHs4VTXbTBYx+6w3pVCzCeHWzWK900CLBqwrwcPp2QdNmz1bxmTILdJ4R
jFHj/uJjBKOJTWpaLbmptU/lWKopCQBda6o42wy/DqRXKHPrTn4b7N3sduOsGVBL
CSumSyaV+rtotJ5ylp9BJYfB2bAxSUYuzNbsw7lGIZ3ujTTzaWxqaSWOe2hWvERw
69yLivVjFKja+EqbJHE6qVkLpzm4NVzTR3cy7s3kFZcOvx/K6/ChTG0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:55 2024 by rpki-client on console-ams.rpki-client.org