Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/qOjzSWTVKtlU4iF7NxJmNbwO7X4.roa
File: qOjzSWTVKtlU4iF7NxJmNbwO7X4.roa (raw, json)
Hash identifier: LBBetjraN0DLdJql2NxyvFZhI1pk0MKpRTBdvjOiqaw=
Subject key identifier: A8:E8:F3:49:64:D5:2A:D9:54:E2:21:7B:37:12:66:35:BC:0E:ED:7E
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 018E509EC0FB140C4186EEE5B49D00C25D1B
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/qOjzSWTVKtlU4iF7NxJmNbwO7X4.roa
Signing time: Mon 18 Mar 2024 08:12:45 +0000
ROA not before: Mon 18 Mar 2024 08:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205113
IP address blocks: 86.240.128.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 13 May 2024 15:08:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:50:9e:c0:fb:14:0c:41:86:ee:e5:b4:9d:00:c2:5d:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Mar 18 08:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8e8f34964d52ad954e2217b37126635bc0eed7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c0:26:b8:8f:7f:d5:ac:09:aa:46:aa:18:6f:
ab:37:cf:e5:e0:fe:b6:33:c3:2a:c0:9f:40:ab:93:
28:e7:92:5b:7e:6f:4d:71:01:71:c7:48:17:87:09:
df:59:1d:19:86:8a:34:d1:c1:d4:4e:93:bd:b4:77:
f6:7c:ec:9a:7e:6e:50:8f:6e:74:09:53:9b:01:cd:
b7:8b:00:a0:ad:ab:04:98:33:51:a1:a1:10:58:58:
c8:c1:3f:36:17:09:36:86:7a:a0:b7:7b:66:4f:a5:
ee:6d:34:95:17:bc:1a:ab:3c:0d:fb:b0:f3:ee:24:
cf:a9:76:c1:a3:72:e0:1f:1d:14:21:f1:b2:4a:15:
d0:66:4d:e9:a5:ec:b3:78:ed:d0:d4:7e:5c:9c:33:
91:c6:c1:74:69:ba:86:16:65:37:77:07:ff:d4:c1:
69:ab:a9:03:7e:1e:0f:e8:a6:d5:d7:9e:1a:a4:72:
60:21:cd:0d:50:bd:ca:15:31:4a:3d:61:50:54:06:
84:de:74:4f:46:db:9b:ff:30:fe:26:01:9d:d1:a3:
07:16:e3:0e:f8:91:60:52:fd:c9:b0:ed:fd:b3:59:
0c:b2:a3:24:91:c4:f9:5e:fb:96:72:0d:80:ab:2f:
f9:4f:0c:82:c1:cd:81:47:bd:21:93:ab:49:14:fa:
8b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:E8:F3:49:64:D5:2A:D9:54:E2:21:7B:37:12:66:35:BC:0E:ED:7E
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/qOjzSWTVKtlU4iF7NxJmNbwO7X4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.240.128.0/22
Signature Algorithm: sha256WithRSAEncryption
54:2d:4b:42:a3:93:d4:22:13:af:38:c2:db:9e:e2:bb:39:c6:
67:6b:d5:54:ce:dc:53:5b:bb:0a:04:f1:33:9a:f5:39:36:b5:
8d:9d:77:49:5c:36:f8:6f:7b:74:9f:90:aa:b2:6c:1f:46:97:
18:4a:dc:40:6e:34:d3:fe:24:d2:5f:98:5f:9e:bc:6d:5f:77:
cc:f1:f8:71:33:b7:4b:6c:ad:80:d4:53:15:9d:4e:c3:44:9e:
ae:72:45:ff:2d:7a:22:e5:d6:00:f0:7a:17:6e:f3:3f:be:1d:
1b:e4:53:2d:d6:57:76:38:98:28:7e:92:83:3b:8f:aa:f2:f6:
5c:85:ee:e1:e2:13:ff:e1:f1:68:93:1d:3a:dc:61:f1:2c:9b:
99:88:da:64:17:6c:d8:db:00:a7:62:d0:bb:4c:13:6c:cf:71:
4e:50:e2:af:44:7a:78:dc:c6:7c:07:d8:50:fe:42:7b:23:0b:
c4:4f:d0:88:57:a1:71:c7:29:32:7d:0f:0f:2a:ca:e2:39:23:
04:c4:46:0e:45:72:f2:79:1f:3e:35:41:de:38:9a:29:f4:e1:
b3:b3:db:a2:3b:02:39:b9:1f:8e:aa:6e:f7:a0:a6:51:7d:8c:
db:c9:68:94:d1:96:9a:10:1f:04:54:b6:47:66:bd:36:9f:8c:
c9:7e:0b:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5QnsD7FAxBhu7ltJ0Awl0bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjQwMzE4MDgxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGU4ZjM0OTY0ZDUyYWQ5NTRlMjIxN2IzNzEyNjYzNWJjMGVlZDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsAmuI9/1awJqkaqGG+rN8/l4P62
M8MqwJ9Aq5Mo55Jbfm9NcQFxx0gXhwnfWR0Zhoo00cHUTpO9tHf2fOyafm5Qj250
CVObAc23iwCgrasEmDNRoaEQWFjIwT82Fwk2hnqgt3tmT6XubTSVF7waqzwN+7Dz
7iTPqXbBo3LgHx0UIfGyShXQZk3ppeyzeO3Q1H5cnDORxsF0abqGFmU3dwf/1MFp
q6kDfh4P6KbV154apHJgIc0NUL3KFTFKPWFQVAaE3nRPRtub/zD+JgGd0aMHFuMO
+JFgUv3JsO39s1kMsqMkkcT5XvuWcg2Aqy/5TwyCwc2BR70hk6tJFPqLrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKjo80lk1SrZVOIhezcSZjW8Du1+MB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvcU9qelNXVFZLdGxVNGlGN054Sm1OYndPN1g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVvCAMA0G
CSqGSIb3DQEBCwUAA4IBAQBULUtCo5PUIhOvOMLbnuK7OcZna9VUztxTW7sKBPEz
mvU5NrWNnXdJXDb4b3t0n5CqsmwfRpcYStxAbjTT/iTSX5hfnrxtX3fM8fhxM7dL
bK2A1FMVnU7DRJ6uckX/LXoi5dYA8HoXbvM/vh0b5FMt1ld2OJgofpKDO4+q8vZc
he7h4hP/4fFokx063GHxLJuZiNpkF2zY2wCnYtC7TBNsz3FOUOKvRHp43MZ8B9hQ
/kJ7IwvET9CIV6FxxykyfQ8PKsriOSMExEYORXLyeR8+NUHeOJop9OGzs9uiOwI5
uR+Oqm73oKZRfYzbyWiU0ZaaEB8EVLZHZr02n4zJfguc
-----END CERTIFICATE-----
Generated at Mon May 13 17:57:48 2024 by rpki-client on console-fra.rpki-client.org