Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/o3ElDwv08YPHtWs_e04AB64x0lw.roa
File: o3ElDwv08YPHtWs_e04AB64x0lw.roa (raw, json)
Hash identifier: a8Ir8O4oE576G2kBEluZJoScq5UhgKx5kt5CtxPwRKY=
Subject key identifier: A3:71:25:0F:0B:F4:F1:83:C7:B5:6B:3F:7B:4E:00:07:AE:31:D2:5C
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 01856F9DD40D7975B2C2A4B955870C778AC4
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/o3ElDwv08YPHtWs_e04AB64x0lw.roa
Signing time: Sun 01 Jan 2023 23:14:52 +0000
ROA not before: Sun 01 Jan 2023 23:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209466
IP address blocks: 85.153.156.0/24 maxlen: 24
176.88.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Jul 2023 14:21:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:d4:0d:79:75:b2:c2:a4:b9:55:87:0c:77:8a:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 23:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a371250f0bf4f183c7b56b3f7b4e0007ae31d25c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:77:f1:5a:a4:7a:7b:92:e1:90:c4:4a:27:30:
a2:ea:da:63:06:b1:90:c2:a6:5b:52:5b:c0:28:eb:
91:76:37:ed:75:2c:39:02:51:c4:0a:a9:c4:27:40:
b1:5d:41:fb:48:84:06:82:ca:70:82:de:f5:cc:3d:
0a:dd:9d:b8:c6:e0:ab:de:1a:18:1e:00:e9:36:7d:
fa:c2:f3:1d:02:f6:39:09:82:9b:b9:be:5c:48:9a:
84:90:ee:96:2e:d2:49:b3:af:01:d5:90:46:e7:25:
c1:c9:01:4c:17:51:d6:a6:90:79:e6:aa:48:e9:35:
b3:aa:69:e5:2d:7e:ca:c9:3f:3c:23:e1:30:48:ec:
39:4c:50:c5:3d:f9:03:36:2e:25:44:71:0b:aa:d3:
30:0b:39:57:9f:8a:87:2b:a4:c9:3c:89:dc:d1:67:
2a:97:07:e8:72:97:67:05:20:ff:7b:3b:32:26:37:
05:ca:81:a0:12:66:9a:b9:cb:cb:27:3b:7a:23:66:
e2:b6:d9:67:03:8e:05:c8:2a:e6:91:13:24:2b:aa:
42:69:94:a7:4e:40:e2:49:73:f5:c3:30:f9:de:fe:
16:54:10:e9:5d:ab:40:37:96:0d:31:38:fd:43:b9:
7a:17:0e:2b:7f:d5:0e:f1:04:fe:ca:ec:71:44:16:
26:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:71:25:0F:0B:F4:F1:83:C7:B5:6B:3F:7B:4E:00:07:AE:31:D2:5C
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/o3ElDwv08YPHtWs_e04AB64x0lw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.156.0/24
176.88.51.0/24
Signature Algorithm: sha256WithRSAEncryption
08:c2:49:ca:7f:53:4f:a9:83:c6:d2:da:e4:e4:53:d8:36:a6:
95:b2:a4:fe:2d:d4:80:96:cb:7f:f4:19:8a:e2:a7:d2:d5:1c:
c7:ed:2b:ff:49:93:10:ef:43:ed:ee:cd:30:2e:a3:db:7a:d2:
53:55:05:67:bc:ed:1f:6f:25:38:05:66:7e:42:99:2e:91:cd:
23:f6:00:ed:f3:1b:1f:5a:c5:e3:36:d8:45:59:9c:d6:cd:bd:
ea:4d:02:64:d5:8a:85:09:34:1a:17:ea:3c:ad:b7:99:d0:be:
2d:39:aa:12:e3:c3:22:da:dc:48:76:91:de:06:e0:b1:5c:15:
4a:98:4d:70:ad:a4:ff:55:1c:c2:96:5f:9a:88:60:46:4f:35:
12:f2:1f:b2:3b:d7:36:03:c8:b3:94:05:83:f5:79:3f:43:71:
97:f3:72:92:5e:a6:c5:4d:23:46:68:cd:b0:fe:c6:50:4a:fe:
18:27:e1:d1:6f:59:5e:49:76:87:b9:e1:48:4a:1c:ce:10:7b:
28:1a:f8:55:b6:f9:7a:65:37:78:f9:a9:84:5a:28:ae:b2:e2:
4e:fa:b0:8b:b9:4f:4b:43:49:13:a5:c5:86:bf:7d:99:e1:c2:
b8:e6:f9:58:bf:ae:60:08:34:5a:cc:e3:4c:ca:94:6a:86:24:
04:9b:3a:42
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvndQNeXWywqS5VYcMd4rEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjMwMTAxMjMxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzcxMjUwZjBiZjRmMTgzYzdiNTZiM2Y3YjRlMDAwN2FlMzFkMjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnfxWqR6e5LhkMRKJzCi6tpjBrGQ
wqZbUlvAKOuRdjftdSw5AlHECqnEJ0CxXUH7SIQGgspwgt71zD0K3Z24xuCr3hoY
HgDpNn36wvMdAvY5CYKbub5cSJqEkO6WLtJJs68B1ZBG5yXByQFMF1HWppB55qpI
6TWzqmnlLX7KyT88I+EwSOw5TFDFPfkDNi4lRHELqtMwCzlXn4qHK6TJPInc0Wcq
lwfocpdnBSD/ezsyJjcFyoGgEmaaucvLJzt6I2bittlnA44FyCrmkRMkK6pCaZSn
TkDiSXP1wzD53v4WVBDpXatAN5YNMTj9Q7l6Fw4rf9UO8QT+yuxxRBYmaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKNxJQ8L9PGDx7VrP3tOAAeuMdJcMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvbzNFbER3djA4WVBIdFdzX2UwNEFCNjR4MGx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVZmcAwQA
sFgzMA0GCSqGSIb3DQEBCwUAA4IBAQAIwknKf1NPqYPG0trk5FPYNqaVsqT+LdSA
lst/9BmK4qfS1RzH7Sv/SZMQ70Pt7s0wLqPbetJTVQVnvO0fbyU4BWZ+Qpkukc0j
9gDt8xsfWsXjNthFWZzWzb3qTQJk1YqFCTQaF+o8rbeZ0L4tOaoS48Mi2txIdpHe
BuCxXBVKmE1wraT/VRzCll+aiGBGTzUS8h+yO9c2A8izlAWD9Xk/Q3GX83KSXqbF
TSNGaM2w/sZQSv4YJ+HRb1leSXaHueFIShzOEHsoGvhVtvl6ZTd4+amEWiiusuJO
+rCLuU9LQ0kTpcWGv32Z4cK45vlYv65gCDRazONMypRqhiQEmzpC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:22 2024 by rpki-client on console-ams.rpki-client.org