Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/aOOBOC1V5csvlQwhMPSqNGrfY_A.roa
File: aOOBOC1V5csvlQwhMPSqNGrfY_A.roa (raw, json)
Hash identifier: zgd5DPXWjJNLznWTyhGMPigRa0/tHuqo6f1GJZ4oODM=
Subject key identifier: 68:E3:81:38:2D:55:E5:CB:2F:95:0C:21:30:F4:AA:34:6A:DF:63:F0
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 01857195681C46189A84DA32259EA2A98AFD
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/aOOBOC1V5csvlQwhMPSqNGrfY_A.roa
Signing time: Mon 02 Jan 2023 08:24:54 +0000
ROA not before: Mon 02 Jan 2023 08:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6900
IP address blocks: 145.61.196.0/24 maxlen: 24
145.61.200.0/24 maxlen: 24
145.61.200.0/23 maxlen: 23
145.61.200.0/22 maxlen: 22
145.61.201.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:68:1c:46:18:9a:84:da:32:25:9e:a2:a9:8a:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Jan 2 08:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68e381382d55e5cb2f950c2130f4aa346adf63f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:4f:95:02:7e:2f:94:f5:b1:c9:02:ef:5a:a9:
fe:a9:a6:75:ff:97:a0:c4:ed:92:c3:12:a5:2b:de:
7f:44:09:43:1f:c0:ba:89:ae:8a:94:1e:9e:ec:9a:
85:06:62:14:b0:e8:c8:5c:16:de:41:bd:ed:8d:72:
47:3e:e8:4d:ce:89:a6:d3:05:41:d1:ed:dd:07:7d:
8e:df:99:11:eb:56:15:86:07:e5:28:86:85:36:b2:
6e:1c:83:7c:51:d5:34:0b:81:be:ef:4b:50:63:21:
2c:73:95:72:c4:13:97:c2:e5:44:d7:f6:20:29:e0:
e9:18:28:cc:e9:6e:88:d3:f2:d0:4f:b9:f6:50:89:
19:32:c1:9f:4b:a8:c6:9a:84:dd:9b:44:07:64:f6:
bc:e3:5b:e0:99:96:a7:0b:c7:27:71:ac:b5:03:49:
8a:54:20:f1:a9:c6:33:50:6f:e2:13:7b:3a:84:7e:
04:a5:9a:e0:42:4b:4b:4a:04:28:ac:51:d2:c8:fd:
27:f0:06:79:31:6d:95:cd:1a:28:c9:36:13:22:09:
ea:a5:d2:97:b8:b2:f7:f8:f4:9b:4c:e1:41:4f:ee:
df:dd:6c:10:71:c2:ad:53:cb:63:28:fb:ef:44:5b:
7b:a9:77:88:42:3a:05:e0:9e:f6:19:82:12:95:f1:
9f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:E3:81:38:2D:55:E5:CB:2F:95:0C:21:30:F4:AA:34:6A:DF:63:F0
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/aOOBOC1V5csvlQwhMPSqNGrfY_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.61.196.0/24
145.61.200.0/22
Signature Algorithm: sha256WithRSAEncryption
79:3a:af:c7:65:5c:1d:6d:51:bd:ee:22:7c:cd:22:33:1a:ea:
f0:59:39:1a:61:5d:d9:df:57:98:ff:02:da:5a:d1:72:df:aa:
c3:b1:d7:1e:9f:c9:a3:c9:54:6e:5d:6e:95:ce:6f:fc:16:b6:
59:81:22:5f:e7:ec:8a:8c:ef:a9:2a:80:bb:32:eb:15:be:96:
29:d5:45:a7:73:5b:62:c0:26:1d:13:b2:e3:05:04:f4:f0:8f:
29:11:0c:ed:93:fe:f9:34:66:ba:7b:d0:94:39:80:5c:8e:3b:
cb:83:59:79:14:99:6f:af:13:01:78:7d:f6:bc:a7:fb:d6:97:
68:77:14:e2:27:39:95:e1:31:03:fb:4d:24:42:65:53:40:57:
a7:fa:ed:d4:9c:29:06:c5:87:11:6a:49:f2:ef:1e:18:a8:ae:
dc:8f:8c:03:42:d3:2c:52:98:dc:47:eb:c2:85:7b:f4:e5:07:
85:ef:02:a9:06:d4:67:4b:85:9d:d8:27:3d:bd:56:0b:0d:fd:
da:05:ea:b4:e4:5e:9f:f2:54:09:8e:7f:02:69:24:a2:5a:6e:
b7:83:da:0b:f4:91:9a:b1:6a:45:35:a1:ed:66:e4:cf:03:88:
66:e1:10:75:f4:84:95:a3:b2:b5:0a:3f:98:06:f9:47:03:b9:
08:20:76:aa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxlWgcRhiahNoyJZ6iqYr9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjMwMTAyMDgyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGUzODEzODJkNTVlNWNiMmY5NTBjMjEzMGY0YWEzNDZhZGY2M2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0+VAn4vlPWxyQLvWqn+qaZ1/5eg
xO2SwxKlK95/RAlDH8C6ia6KlB6e7JqFBmIUsOjIXBbeQb3tjXJHPuhNzomm0wVB
0e3dB32O35kR61YVhgflKIaFNrJuHIN8UdU0C4G+70tQYyEsc5VyxBOXwuVE1/Yg
KeDpGCjM6W6I0/LQT7n2UIkZMsGfS6jGmoTdm0QHZPa841vgmZanC8cncay1A0mK
VCDxqcYzUG/iE3s6hH4EpZrgQktLSgQorFHSyP0n8AZ5MW2VzRooyTYTIgnqpdKX
uLL3+PSbTOFBT+7f3WwQccKtU8tjKPvvRFt7qXeIQjoF4J72GYISlfGfhQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGjjgTgtVeXLL5UMITD0qjRq32PwMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvYU9PQk9DMVY1Y3N2bFF3aE1QU3FOR3JmWV9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkT3EAwQC
kT3IMA0GCSqGSIb3DQEBCwUAA4IBAQB5Oq/HZVwdbVG97iJ8zSIzGurwWTkaYV3Z
31eY/wLaWtFy36rDsdcen8mjyVRuXW6Vzm/8FrZZgSJf5+yKjO+pKoC7MusVvpYp
1UWnc1tiwCYdE7LjBQT08I8pEQztk/75NGa6e9CUOYBcjjvLg1l5FJlvrxMBeH32
vKf71pdodxTiJzmV4TED+00kQmVTQFen+u3UnCkGxYcRakny7x4YqK7cj4wDQtMs
UpjcR+vChXv05QeF7wKpBtRnS4Wd2Cc9vVYLDf3aBeq05F6f8lQJjn8CaSSiWm63
g9oL9JGasWpFNaHtZuTPA4hm4RB19ISVo7K1Cj+YBvlHA7kIIHaq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:44 2024 by rpki-client on console-ams.rpki-client.org