Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/0807isrvyDE2_lxabB5etP33EY0.roa
File: 0807isrvyDE2_lxabB5etP33EY0.roa (raw, json)
Hash identifier: oeYCzBHOwQLMgh/rl1cwDlCHeTWlSh69BaVdlrGfoXk=
Subject key identifier: D3:CD:3B:8A:CA:EF:C8:31:36:FE:5C:5A:6C:1E:5E:B4:FD:F7:11:8D
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 01856CB856F0CBC2745B731C5D7BCF370F22
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/0807isrvyDE2_lxabB5etP33EY0.roa
Signing time: Sun 01 Jan 2023 09:44:58 +0000
ROA not before: Sun 01 Jan 2023 09:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206443
IP address blocks: 194.2.82.0/24 maxlen: 24
194.2.84.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Nov 2023 07:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:56:f0:cb:c2:74:5b:73:1c:5d:7b:cf:37:0f:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 09:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3cd3b8acaefc83136fe5c5a6c1e5eb4fdf7118d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:72:1d:9e:f1:f2:96:e4:a6:1c:22:6c:5a:e1:
e7:d9:ff:f3:fb:39:43:c7:00:0a:a0:7f:68:5f:86:
01:f4:ee:f1:58:6f:53:34:1f:23:58:5a:f8:9c:44:
71:d1:4b:04:c7:f4:c0:c5:c1:9c:a7:e7:2b:11:60:
b3:70:f0:89:f2:bf:03:aa:49:4d:5b:b3:9a:9e:ae:
8a:4d:01:19:e4:93:cc:46:ba:e1:f4:72:3f:0f:af:
60:29:e7:7f:42:47:3a:4d:b5:d7:16:fb:e2:3c:92:
79:7c:c4:2a:be:c5:28:cf:fe:e5:95:fd:96:cd:01:
5e:d3:a0:97:f9:f4:e5:88:7c:c8:d3:57:d4:21:ef:
f3:fb:65:c1:25:1a:46:24:a4:46:2c:41:b8:4c:24:
3b:cd:04:18:77:70:56:63:0a:3f:8b:6e:8c:04:e5:
91:ef:ae:43:7f:0e:ba:c8:8c:82:68:fb:cf:fb:c7:
a7:b1:79:e1:29:4e:50:fd:34:c0:13:b3:e9:0a:15:
7f:ef:d8:d3:17:ab:c0:9e:4b:2e:4f:0e:fc:c0:33:
30:d7:fe:ec:ff:51:bb:58:69:b6:05:d5:9a:2d:7b:
21:da:ab:74:f8:b2:f8:52:1e:81:4b:66:ba:67:08:
d9:b3:3b:db:33:3e:1c:a8:17:2f:c2:71:9a:b7:40:
95:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:CD:3B:8A:CA:EF:C8:31:36:FE:5C:5A:6C:1E:5E:B4:FD:F7:11:8D
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/0807isrvyDE2_lxabB5etP33EY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.2.82.0/24
194.2.84.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:9d:64:c7:3f:3e:03:74:9c:19:58:8e:3b:3b:af:72:86:2e:
13:95:da:10:aa:21:de:a8:e0:fe:ef:f2:6b:c6:24:d0:26:f7:
24:2c:37:90:41:32:f4:2a:a2:b4:e1:19:7c:90:0a:e4:2b:c2:
42:66:5f:d0:03:da:e4:9a:0c:42:41:95:1d:b8:e8:15:56:76:
16:c6:78:23:7d:d6:71:3a:1a:d3:3f:7a:d8:50:ad:51:b7:10:
1d:e4:b3:a4:b4:0c:81:55:26:83:6d:c3:74:ca:ce:f6:cf:f8:
8b:69:06:c6:23:3f:e9:e5:b9:62:6a:95:6a:7d:70:dc:39:7b:
24:f1:aa:8e:a9:25:49:9f:e9:cb:54:24:6e:3b:bf:24:a8:25:
b9:4d:8d:22:23:d6:d1:26:d0:82:2a:24:64:d3:d3:3d:95:5b:
67:6e:53:bf:a5:82:df:47:46:9a:df:89:43:7f:eb:63:b8:ff:
83:00:df:bf:61:aa:fd:f9:ae:c6:78:2a:ac:bd:7c:b9:85:fb:
25:c7:e1:4e:2e:8f:93:64:67:17:c1:51:36:8d:bd:13:42:73:
a8:2f:64:24:5b:8c:dd:ff:44:70:7e:5a:e3:fc:64:f9:5a:f7:
18:6b:26:d4:55:2f:6f:8d:dd:e0:4a:af:7b:c6:b7:f6:63:f2:
bb:2a:46:f4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsuFbwy8J0W3McXXvPNw8iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwMTAxMDk0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2NkM2I4YWNhZWZjODMxMzZmZTVjNWE2YzFlNWViNGZkZjcxMThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3IdnvHyluSmHCJsWuHn2f/z+zlD
xwAKoH9oX4YB9O7xWG9TNB8jWFr4nERx0UsEx/TAxcGcp+crEWCzcPCJ8r8DqklN
W7Oanq6KTQEZ5JPMRrrh9HI/D69gKed/Qkc6TbXXFvviPJJ5fMQqvsUoz/7llf2W
zQFe06CX+fTliHzI01fUIe/z+2XBJRpGJKRGLEG4TCQ7zQQYd3BWYwo/i26MBOWR
765Dfw66yIyCaPvP+8ensXnhKU5Q/TTAE7PpChV/79jTF6vAnksuTw78wDMw1/7s
/1G7WGm2BdWaLXsh2qt0+LL4Uh6BS2a6ZwjZszvbMz4cqBcvwnGat0CV7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNPNO4rK78gxNv5cWmweXrT99xGNMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvMDgwN2lzcnZ5REUyX2x4YWJCNWV0UDMzRVkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwgJSAwQA
wgJUMA0GCSqGSIb3DQEBCwUAA4IBAQAenWTHPz4DdJwZWI47O69yhi4TldoQqiHe
qOD+7/JrxiTQJvckLDeQQTL0KqK04Rl8kArkK8JCZl/QA9rkmgxCQZUduOgVVnYW
xngjfdZxOhrTP3rYUK1RtxAd5LOktAyBVSaDbcN0ys72z/iLaQbGIz/p5bliapVq
fXDcOXsk8aqOqSVJn+nLVCRuO78kqCW5TY0iI9bRJtCCKiRk09M9lVtnblO/pYLf
R0aa34lDf+tjuP+DAN+/Yar9+a7GeCqsvXy5hfslx+FOLo+TZGcXwVE2jb0TQnOo
L2QkW4zd/0Rwflrj/GT5WvcYaybUVS9vjd3gSq97xrf2Y/K7Kkb0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:19 2024 by rpki-client on console-ams.rpki-client.org