Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/OkhqeG7Xgc07jvs5KhczD-r26xc.roa
File: OkhqeG7Xgc07jvs5KhczD-r26xc.roa (raw, json)
Hash identifier: WFHt1P6N+nM2VlL95iKqlT3XQvAOrT6iIwPmwpq58Ds=
Subject key identifier: 3A:48:6A:78:6E:D7:81:CD:3B:8E:FB:39:2A:17:33:0F:EA:F6:EB:17
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0188C4CF5DA3B8FAA37B27611F596DE06AF1
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/OkhqeG7Xgc07jvs5KhczD-r26xc.roa
Signing time: Fri 16 Jun 2023 15:25:04 +0000
ROA not before: Fri 16 Jun 2023 15:25:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 89.40.70.0/24 maxlen: 24
128.0.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Jul 2023 06:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c4:cf:5d:a3:b8:fa:a3:7b:27:61:1f:59:6d:e0:6a:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jun 16 15:25:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a486a786ed781cd3b8efb392a17330feaf6eb17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:36:4d:71:7c:a3:b7:96:20:0b:45:e1:da:4e:
bc:b5:30:1c:d8:d1:66:db:f3:92:f1:6b:2c:20:f7:
8e:bf:a5:3b:ed:d3:99:59:e3:eb:53:e3:01:b4:91:
4b:37:5c:17:9e:35:a5:9b:25:91:fd:b8:41:0f:75:
de:40:fa:eb:ff:37:ae:41:8b:68:cc:ff:f3:c3:da:
c4:9f:26:92:8f:1e:03:1c:b9:d9:1d:36:9f:cb:a4:
7d:2e:f8:28:c0:de:3c:07:8d:64:04:e7:7d:43:49:
b1:b9:02:f2:e5:7e:c5:b8:0f:fa:19:b1:bc:bb:f2:
d4:0e:d7:22:d3:57:4b:76:19:33:a6:4f:b7:29:0b:
3d:56:30:2b:ad:16:08:21:81:37:8b:4b:84:7c:33:
97:27:7e:55:5a:33:c8:3c:22:01:ef:d2:0c:d2:c0:
46:1a:65:b9:4b:08:80:68:64:2b:ec:87:4b:61:6e:
7c:00:c4:5c:bc:b0:4c:46:5a:00:1d:38:bd:b4:3d:
d0:0a:23:04:5c:28:11:31:66:36:0f:f3:8f:99:06:
99:28:1a:81:54:ce:e7:9d:66:9c:bc:ae:53:ec:aa:
61:26:85:9b:44:17:fb:9e:1b:e8:d3:36:35:18:cf:
00:00:70:45:6a:e4:fd:fd:29:6d:00:79:32:cd:fd:
8d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:48:6A:78:6E:D7:81:CD:3B:8E:FB:39:2A:17:33:0F:EA:F6:EB:17
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/OkhqeG7Xgc07jvs5KhczD-r26xc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.70.0/24
128.0.41.0/24
Signature Algorithm: sha256WithRSAEncryption
73:e9:74:91:20:12:6a:dc:47:93:06:3f:f6:8b:72:83:78:94:
85:8a:1a:8e:02:3f:52:f5:d0:ab:69:c0:e4:ef:e8:85:88:7b:
4a:bb:43:bb:cb:b7:ca:22:fe:8a:19:c8:aa:3c:f0:7f:80:bf:
42:ba:1c:cc:44:52:9c:4f:de:f0:ac:7b:b6:96:68:c7:57:4d:
5f:f3:22:6a:f6:83:37:86:7b:8a:14:42:91:e8:17:e0:61:ec:
9e:42:a3:67:72:b7:b0:40:13:ba:17:38:48:8a:ae:ee:73:6d:
c5:e4:9b:14:1c:4d:a7:12:d3:c2:fd:e2:11:3b:83:a3:9a:f1:
ca:eb:8e:4f:51:b5:92:9c:7e:0a:8b:5b:c4:2f:08:8c:c7:dd:
51:35:a9:99:58:6a:f2:1e:09:d8:c4:38:c8:6d:88:dd:bb:d8:
d0:45:31:d8:5b:a0:2f:c6:4f:08:df:29:bc:4e:93:17:a0:82:
c5:79:a8:91:12:3f:49:19:f6:ce:8d:1e:4a:91:36:76:81:88:
03:2b:6c:23:a6:56:f7:5b:c7:ef:4e:16:bd:c3:50:58:ec:2e:
c2:d6:89:84:89:a5:f5:48:b5:0a:62:b3:d1:f7:01:dd:9a:a1:
e9:30:08:18:ec:bb:fa:51:5d:93:fa:3a:5a:fa:e4:ce:a8:36:
26:51:0c:79
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYjEz12juPqjeydhH1lt4GrxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwNjE2MTUyNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTQ4NmE3ODZlZDc4MWNkM2I4ZWZiMzkyYTE3MzMwZmVhZjZlYjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTZNcXyjt5YgC0Xh2k68tTAc2NFm
2/OS8WssIPeOv6U77dOZWePrU+MBtJFLN1wXnjWlmyWR/bhBD3XeQPrr/zeuQYto
zP/zw9rEnyaSjx4DHLnZHTafy6R9LvgowN48B41kBOd9Q0mxuQLy5X7FuA/6GbG8
u/LUDtci01dLdhkzpk+3KQs9VjArrRYIIYE3i0uEfDOXJ35VWjPIPCIB79IM0sBG
GmW5SwiAaGQr7IdLYW58AMRcvLBMRloAHTi9tD3QCiMEXCgRMWY2D/OPmQaZKBqB
VM7nnWacvK5T7KphJoWbRBf7nhvo0zY1GM8AAHBFauT9/SltAHkyzf2NuwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDpIanhu14HNO477OSoXMw/q9usXMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvT2tocWVHN1hnYzA3anZzNUtoY3pELXIyNnhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWShGAwQA
gAApMA0GCSqGSIb3DQEBCwUAA4IBAQBz6XSRIBJq3EeTBj/2i3KDeJSFihqOAj9S
9dCracDk7+iFiHtKu0O7y7fKIv6KGciqPPB/gL9CuhzMRFKcT97wrHu2lmjHV01f
8yJq9oM3hnuKFEKR6BfgYeyeQqNncrewQBO6FzhIiq7uc23F5JsUHE2nEtPC/eIR
O4OjmvHK645PUbWSnH4Ki1vELwiMx91RNamZWGryHgnYxDjIbYjdu9jQRTHYW6Av
xk8I3ym8TpMXoILFeaiREj9JGfbOjR5KkTZ2gYgDK2wjplb3W8fvTha9w1BY7C7C
1omEiaX1SLUKYrPR9wHdmqHpMAgY7Lv6UV2T+jpa+uTOqDYmUQx5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:06 2024 by rpki-client on console-fra.rpki-client.org