Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/7fb381-fc44-44f6-a385-f8a469d4e2b2/1/OmPoyxBOyWLY_ufVA2DDzLDY38E.roa
File: OmPoyxBOyWLY_ufVA2DDzLDY38E.roa (raw, json)
Hash identifier: +Qi5/n0uR0p5FICXmiC4warFcNvXgpa+1Md10mBgRGs=
Subject key identifier: 3A:63:E8:CB:10:4E:C9:62:D8:FE:E7:D5:03:60:C3:CC:B0:D8:DF:C1
Certificate issuer: /CN=21a717361309d2939351c9d8ba2173db8319a88f
Certificate serial: 018570673997EDC1CDA597A891830A4BF720
Authority key identifier: 21:A7:17:36:13:09:D2:93:93:51:C9:D8:BA:21:73:DB:83:19:A8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IacXNhMJ0pOTUcnYuiFz24MZqI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/7fb381-fc44-44f6-a385-f8a469d4e2b2/1/OmPoyxBOyWLY_ufVA2DDzLDY38E.roa
Signing time: Mon 02 Jan 2023 02:54:51 +0000
ROA not before: Mon 02 Jan 2023 02:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396982
IP address blocks: 195.149.126.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:39:97:ed:c1:cd:a5:97:a8:91:83:0a:4b:f7:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21a717361309d2939351c9d8ba2173db8319a88f
Validity
Not Before: Jan 2 02:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a63e8cb104ec962d8fee7d50360c3ccb0d8dfc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:21:da:62:fa:af:ab:cc:5c:3d:8c:1a:d3:ef:
82:3d:f7:40:ce:d7:e8:e9:14:93:ae:0e:f4:5d:8b:
e9:34:32:24:9a:61:65:03:e6:40:0e:01:15:03:a7:
35:17:0f:8c:86:a8:c7:c2:4b:05:26:61:f6:e7:2f:
5e:8d:a0:50:cc:70:5a:7e:a1:05:0f:aa:95:8d:91:
53:c3:73:39:4a:32:4c:7d:66:f4:c9:58:f5:8b:ca:
94:71:bc:bf:4f:e6:35:37:99:7a:6e:77:0b:ef:35:
e5:f3:df:71:2e:8a:e5:af:a2:e7:75:83:d1:32:1d:
cc:3f:34:bf:c1:1c:ce:4c:31:ab:a7:da:69:75:5c:
5f:b8:be:79:93:a9:aa:ea:67:8b:e7:41:d9:ad:a2:
7d:57:c5:b1:1a:00:76:83:53:f4:08:af:8f:7f:dd:
85:20:39:bb:5c:69:32:19:c8:3e:2b:0d:e4:48:ce:
d7:9a:4d:7d:11:c2:87:84:91:21:4e:4a:28:8a:c9:
6a:5f:5c:03:66:89:f1:da:26:6b:a0:0d:cd:be:65:
0f:a6:ae:11:a3:74:c3:e4:2c:ab:45:25:70:46:92:
c1:4c:09:f9:2b:56:8f:ad:f7:f5:15:ac:67:eb:bc:
f7:95:62:33:ba:f4:e1:92:db:f0:15:ab:94:42:66:
c5:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:63:E8:CB:10:4E:C9:62:D8:FE:E7:D5:03:60:C3:CC:B0:D8:DF:C1
X509v3 Authority Key Identifier:
keyid:21:A7:17:36:13:09:D2:93:93:51:C9:D8:BA:21:73:DB:83:19:A8:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IacXNhMJ0pOTUcnYuiFz24MZqI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/7fb381-fc44-44f6-a385-f8a469d4e2b2/1/OmPoyxBOyWLY_ufVA2DDzLDY38E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/7fb381-fc44-44f6-a385-f8a469d4e2b2/1/IacXNhMJ0pOTUcnYuiFz24MZqI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.149.126.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:2f:98:35:04:18:71:82:d8:06:05:da:1e:2a:a0:aa:f7:cf:
7f:26:8f:a8:7e:ab:04:32:8b:15:fc:72:71:fc:c2:a7:b0:e0:
b0:eb:8a:fb:87:b5:a0:6e:b4:6b:23:af:ff:7d:dc:ea:24:a2:
03:ba:54:00:28:da:2e:95:a4:b5:23:80:e4:25:e0:cf:67:a6:
08:32:f8:e4:43:c4:a6:22:18:c5:71:01:4e:7b:13:9b:52:91:
c6:dc:a8:72:9c:d6:ca:39:13:31:1d:ff:ec:58:1e:88:0f:ea:
0d:14:9a:64:9d:e5:38:d2:ea:6e:71:28:50:f1:41:b6:a3:37:
ba:82:fe:13:3e:0e:c1:da:9d:2e:7b:cd:fd:5b:1e:ff:13:4a:
67:62:ca:10:75:53:c1:eb:f8:40:87:8b:0a:f1:89:33:4f:d2:
e0:bc:6c:cf:08:5d:27:4c:b5:61:ec:6b:6c:1a:64:e9:1a:6b:
e6:e7:0c:5e:72:ff:da:94:ae:6e:b1:bb:5f:ca:87:30:3e:eb:
9b:fc:32:32:5e:9d:e1:c0:5c:dd:f8:52:6d:5b:7b:b9:09:bd:
06:42:00:4c:04:a4:54:62:13:36:ae:9d:e7:d1:a9:24:0a:d1:
dc:fd:26:3b:84:44:29:5a:c8:d6:0a:62:fe:e8:32:47:39:41:
0b:7f:c7:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwZzmX7cHNpZeokYMKS/cgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYTcxNzM2MTMwOWQyOTM5MzUxYzlkOGJhMjE3M2RiODMx
OWE4OGYwHhcNMjMwMTAyMDI1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTYzZThjYjEwNGVjOTYyZDhmZWU3ZDUwMzYwYzNjY2IwZDhkZmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryHaYvqvq8xcPYwa0++CPfdAztfo
6RSTrg70XYvpNDIkmmFlA+ZADgEVA6c1Fw+MhqjHwksFJmH25y9ejaBQzHBafqEF
D6qVjZFTw3M5SjJMfWb0yVj1i8qUcby/T+Y1N5l6bncL7zXl899xLorlr6LndYPR
Mh3MPzS/wRzOTDGrp9ppdVxfuL55k6mq6meL50HZraJ9V8WxGgB2g1P0CK+Pf92F
IDm7XGkyGcg+Kw3kSM7Xmk19EcKHhJEhTkooislqX1wDZonx2iZroA3NvmUPpq4R
o3TD5CyrRSVwRpLBTAn5K1aPrff1Faxn67z3lWIzuvThktvwFauUQmbFHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDpj6MsQTsli2P7n1QNgw8yw2N/BMB8GA1UdIwQY
MBaAFCGnFzYTCdKTk1HJ2Lohc9uDGaiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWFjWE5oTUowcE9UVWNuWXVpRnoyNE1acUk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny83ZmIzODEtZmM0NC00NGY2LWEzODUt
ZjhhNDY5ZDRlMmIyLzEvT21Qb3l4Qk95V0xZX3VmVkEyRER6TERZMzhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny83ZmIzODEtZmM0NC00NGY2LWEzODUtZjhhNDY5ZDRlMmIy
LzEvSWFjWE5oTUowcE9UVWNuWXVpRnoyNE1acUk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw5V+MA0G
CSqGSIb3DQEBCwUAA4IBAQBsL5g1BBhxgtgGBdoeKqCq989/Jo+ofqsEMosV/HJx
/MKnsOCw64r7h7WgbrRrI6//fdzqJKIDulQAKNoulaS1I4DkJeDPZ6YIMvjkQ8Sm
IhjFcQFOexObUpHG3KhynNbKORMxHf/sWB6ID+oNFJpkneU40upucShQ8UG2oze6
gv4TPg7B2p0ue839Wx7/E0pnYsoQdVPB6/hAh4sK8YkzT9LgvGzPCF0nTLVh7Gts
GmTpGmvm5wxecv/alK5usbtfyocwPuub/DIyXp3hwFzd+FJtW3u5Cb0GQgBMBKRU
YhM2rp3n0akkCtHc/SY7hEQpWsjWCmL+6DJHOUELf8cg
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:13 2024 by rpki-client on console-fra.rpki-client.org