Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/oBR1M75ltd7FikX6icEnV9HhKpY.roa
File: oBR1M75ltd7FikX6icEnV9HhKpY.roa (raw, json)
Hash identifier: FcRymDAuFoDXi/Tw4/JJlzmfDMw6uiWrNqw08Qrzz0Q=
Subject key identifier: A0:14:75:33:BE:65:B5:DE:C5:8A:45:FA:89:C1:27:57:D1:E1:2A:96
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 01856F9DC962D590EC0219AAB0B9E24FCC87
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/oBR1M75ltd7FikX6icEnV9HhKpY.roa
Signing time: Sun 01 Jan 2023 23:14:49 +0000
ROA not before: Sun 01 Jan 2023 23:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197042
IP address blocks: 213.14.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:c9:62:d5:90:ec:02:19:aa:b0:b9:e2:4f:cc:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 23:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0147533be65b5dec58a45fa89c12757d1e12a96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4f:96:34:10:35:25:f8:79:6d:04:3c:e0:1c:
ce:b3:25:ce:36:33:87:9c:ac:c5:54:21:2a:6a:16:
b0:c3:77:13:13:4a:9c:89:6e:b0:a6:35:bf:9c:c2:
c8:87:1a:41:34:bf:25:7d:fc:46:c8:30:0a:50:82:
9f:2f:4d:65:83:e5:ca:9b:8e:9b:51:32:80:3e:0c:
ea:b7:33:3c:b0:42:66:84:b7:f1:6b:8d:09:49:35:
70:dc:a6:ed:11:06:0d:56:3b:6d:85:6a:d8:38:96:
ad:1f:0b:03:32:38:63:39:e3:c7:82:7e:25:43:0e:
b2:e7:30:b9:a1:32:7d:78:0e:fb:1e:16:28:83:98:
81:df:5b:ab:eb:c3:76:46:9a:31:46:c5:41:c2:22:
c7:2f:03:54:5d:4a:db:d1:df:8a:6d:a7:2f:a3:29:
07:07:1d:ab:de:bb:cd:a9:b9:fa:d3:78:3e:9a:8e:
82:1a:db:35:09:7d:33:b6:2f:a9:e3:ed:b4:5d:65:
45:6c:36:fc:2d:4e:fd:ff:c8:c0:f6:bf:c0:b8:b2:
88:4f:5f:9a:e0:9f:63:59:0a:8b:cf:22:d3:f6:f9:
76:58:a1:09:c8:f2:ef:d8:80:3c:59:86:28:e0:0c:
45:d6:6d:9b:8c:a6:fc:20:77:8b:08:33:02:0c:b1:
9d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:14:75:33:BE:65:B5:DE:C5:8A:45:FA:89:C1:27:57:D1:E1:2A:96
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/oBR1M75ltd7FikX6icEnV9HhKpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.14.209.0/24
Signature Algorithm: sha256WithRSAEncryption
68:b3:91:c0:d5:a4:f0:08:7f:2a:63:24:d3:89:ec:31:29:e0:
44:9d:bf:0c:3a:ea:5b:29:0b:70:8b:c8:79:82:b8:b0:9d:68:
51:c9:5b:e5:11:30:87:fc:f1:e1:78:95:84:40:91:1b:16:3f:
b3:57:aa:49:ce:65:b5:9d:17:bb:2c:6e:6f:35:f4:1a:de:67:
2a:cc:ef:fb:eb:f6:28:33:d9:8b:a8:40:19:7c:17:88:da:e5:
ee:d5:02:5f:22:7a:ce:ee:e4:69:88:82:e6:fe:fd:50:f5:00:
d8:23:68:0d:ae:99:0f:39:96:1a:4b:4a:10:27:f7:cc:38:5c:
76:d6:a0:7b:c9:61:57:4c:c8:f6:7d:61:d7:b9:45:18:1d:38:
a4:00:0c:44:aa:92:9f:c3:18:92:9b:8d:8a:77:20:07:03:93:
e2:2d:10:a5:14:aa:86:17:c1:f8:41:1d:50:89:9d:3b:27:32:
38:f8:e2:95:c3:1d:1b:91:d0:86:06:a5:a1:29:6f:58:49:95:
c7:1d:03:5a:a0:c6:08:e5:3c:e3:fd:53:5e:07:02:1c:3f:2a:
fe:ec:ce:02:24:f3:ff:65:81:ff:74:0b:ec:70:fe:27:ee:7f:
66:7f:f0:c5:fc:27:de:21:87:16:04:44:ec:09:0a:88:60:0c:
c1:12:07:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvncli1ZDsAhmqsLniT8yHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjMwMTAxMjMxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDE0NzUzM2JlNjViNWRlYzU4YTQ1ZmE4OWMxMjc1N2QxZTEyYTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqE+WNBA1Jfh5bQQ84BzOsyXONjOH
nKzFVCEqahaww3cTE0qciW6wpjW/nMLIhxpBNL8lffxGyDAKUIKfL01lg+XKm46b
UTKAPgzqtzM8sEJmhLfxa40JSTVw3KbtEQYNVjtthWrYOJatHwsDMjhjOePHgn4l
Qw6y5zC5oTJ9eA77HhYog5iB31ur68N2RpoxRsVBwiLHLwNUXUrb0d+KbacvoykH
Bx2r3rvNqbn603g+mo6CGts1CX0zti+p4+20XWVFbDb8LU79/8jA9r/AuLKIT1+a
4J9jWQqLzyLT9vl2WKEJyPLv2IA8WYYo4AxF1m2bjKb8IHeLCDMCDLGdQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKAUdTO+ZbXexYpF+onBJ1fR4SqWMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvb0JSMU03NWx0ZDdGaWtYNmljRW5WOUhoS3BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1Q7RMA0G
CSqGSIb3DQEBCwUAA4IBAQBos5HA1aTwCH8qYyTTiewxKeBEnb8MOupbKQtwi8h5
griwnWhRyVvlETCH/PHheJWEQJEbFj+zV6pJzmW1nRe7LG5vNfQa3mcqzO/76/Yo
M9mLqEAZfBeI2uXu1QJfInrO7uRpiILm/v1Q9QDYI2gNrpkPOZYaS0oQJ/fMOFx2
1qB7yWFXTMj2fWHXuUUYHTikAAxEqpKfwxiSm42KdyAHA5PiLRClFKqGF8H4QR1Q
iZ07JzI4+OKVwx0bkdCGBqWhKW9YSZXHHQNaoMYI5Tzj/VNeBwIcPyr+7M4CJPP/
ZYH/dAvscP4n7n9mf/DF/CfeIYcWBETsCQqIYAzBEge4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:16 2024 by rpki-client on console-fra.rpki-client.org