Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/OcJ4uiUyDAOEGjcpsuKh1i-5n9Q.roa
File: OcJ4uiUyDAOEGjcpsuKh1i-5n9Q.roa (raw, json)
Hash identifier: IN3P8q6hZwrkw6VQiN6qb3uj8Kr+lFblcQElEu8Y7QI=
Subject key identifier: 39:C2:78:BA:25:32:0C:03:84:1A:37:29:B2:E2:A1:D6:2F:B9:9F:D4
Certificate issuer: /CN=5a939b0ced38d75cc63ed50d6e5ce72bbb5b4b10
Certificate serial: 01856B49FFC4C70AFF5A9F7FBC0FD61185E4
Authority key identifier: 5A:93:9B:0C:ED:38:D7:5C:C6:3E:D5:0D:6E:5C:E7:2B:BB:5B:4B:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WpObDO0411zGPtUNblznK7tbSxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/OcJ4uiUyDAOEGjcpsuKh1i-5n9Q.roa
Signing time: Sun 01 Jan 2023 03:04:49 +0000
ROA not before: Sun 01 Jan 2023 03:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206757
IP address blocks: 83.175.221.128/25 maxlen: 25
83.175.230.0/24 maxlen: 24
82.144.12.0/25 maxlen: 25
213.171.230.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:49:ff:c4:c7:0a:ff:5a:9f:7f:bc:0f:d6:11:85:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a939b0ced38d75cc63ed50d6e5ce72bbb5b4b10
Validity
Not Before: Jan 1 03:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39c278ba25320c03841a3729b2e2a1d62fb99fd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b3:d6:44:79:56:1b:15:2d:09:6b:d4:3c:01:
1d:12:50:a8:3c:78:60:e0:be:82:08:c5:00:02:f4:
34:f2:c7:7d:e1:ad:77:8d:bd:a9:32:9a:2d:f5:cd:
1d:07:17:f0:e9:66:6c:bb:20:82:17:a2:75:fe:4e:
d2:88:8a:2a:25:08:d6:5e:b8:b7:93:7d:d4:61:3f:
de:b2:c4:5c:6b:4a:24:5d:c5:69:e0:15:ac:56:06:
78:04:3d:29:bd:52:8b:c5:05:5a:aa:75:9c:50:9d:
5d:7e:4f:1d:b6:4c:d2:11:9c:6c:5c:1f:17:79:b6:
fb:b5:d6:63:bc:e6:5f:73:15:ab:d7:e9:fb:99:c7:
2a:47:4c:35:da:52:94:8d:94:76:e3:a9:65:2b:cd:
d1:0c:22:40:36:42:f0:c7:19:2d:f4:4c:6b:6b:f3:
ed:e0:4d:d6:24:1f:f7:cd:f0:ee:8e:69:69:4e:47:
03:8a:90:ef:48:f4:f6:67:fd:56:16:6b:64:07:9a:
73:c9:b5:45:33:ea:3a:7c:fc:2a:8d:69:c1:9b:3b:
97:ee:53:71:01:7b:5e:6d:dd:5b:a1:f0:0c:ce:62:
a1:60:c1:da:dd:89:3d:5e:da:9a:81:0c:8f:43:d5:
76:0b:ed:cd:de:16:5c:c7:e6:3e:90:74:17:db:85:
c9:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:C2:78:BA:25:32:0C:03:84:1A:37:29:B2:E2:A1:D6:2F:B9:9F:D4
X509v3 Authority Key Identifier:
keyid:5A:93:9B:0C:ED:38:D7:5C:C6:3E:D5:0D:6E:5C:E7:2B:BB:5B:4B:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WpObDO0411zGPtUNblznK7tbSxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/OcJ4uiUyDAOEGjcpsuKh1i-5n9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/WpObDO0411zGPtUNblznK7tbSxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.144.12.0/25
83.175.221.128/25
83.175.230.0/24
213.171.230.0/24
Signature Algorithm: sha256WithRSAEncryption
50:b2:19:9a:b2:e8:a9:2c:a4:f4:c9:f0:2c:61:8e:63:7d:d6:
05:62:e3:3e:16:00:39:8c:e8:72:95:ac:6c:8b:11:14:93:cb:
e3:e5:09:81:57:db:3c:8a:38:c5:70:ab:9f:b7:18:8e:3e:f7:
92:78:50:e9:3c:ce:f0:5a:df:8f:d7:92:34:c5:b8:c3:bb:0c:
6e:c1:f0:e2:30:31:41:3e:90:24:09:21:84:55:a9:71:8d:ab:
2b:3c:8d:b5:da:3a:8b:4d:6e:c5:5e:c0:0a:9e:76:64:26:d2:
40:d7:5d:ef:50:80:6c:52:ab:8d:81:23:3d:ea:39:b9:8d:11:
a8:0c:2e:ca:62:ff:0c:e7:dd:eb:22:c7:00:95:6d:0f:9b:b2:
03:6f:4c:38:b6:00:46:d0:ce:04:fb:df:d1:d2:d9:ab:3a:fa:
48:a2:55:fc:c2:7e:34:ab:9b:37:41:f4:67:bd:72:8e:45:41:
b8:c2:91:f1:66:38:6e:ca:1f:79:42:f3:a1:28:cd:09:e8:68:
41:07:2a:27:b0:f4:b2:5e:dd:ec:c1:46:40:5d:25:9f:d6:dd:
16:12:cb:13:5a:ba:8a:3d:14:2d:16:17:3d:9d:0e:a1:84:b2:
72:d2:c2:22:f5:f8:ce:fa:12:24:2e:11:9d:91:c4:4a:c1:07:
17:8b:89:ec
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVrSf/Exwr/Wp9/vA/WEYXkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhOTM5YjBjZWQzOGQ3NWNjNjNlZDUwZDZlNWNlNzJiYmI1
YjRiMTAwHhcNMjMwMTAxMDMwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWMyNzhiYTI1MzIwYzAzODQxYTM3MjliMmUyYTFkNjJmYjk5ZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLPWRHlWGxUtCWvUPAEdElCoPHhg
4L6CCMUAAvQ08sd94a13jb2pMpot9c0dBxfw6WZsuyCCF6J1/k7SiIoqJQjWXri3
k33UYT/essRca0okXcVp4BWsVgZ4BD0pvVKLxQVaqnWcUJ1dfk8dtkzSEZxsXB8X
ebb7tdZjvOZfcxWr1+n7mccqR0w12lKUjZR246llK83RDCJANkLwxxkt9Exra/Pt
4E3WJB/3zfDujmlpTkcDipDvSPT2Z/1WFmtkB5pzybVFM+o6fPwqjWnBmzuX7lNx
AXtebd1bofAMzmKhYMHa3Yk9XtqagQyPQ9V2C+3N3hZcx+Y+kHQX24XJaQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDnCeLolMgwDhBo3KbLiodYvuZ/UMB8GA1UdIwQY
MBaAFFqTmwztONdcxj7VDW5c5yu7W0sQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3BPYkRPMDQxMXpHUHRVTmJsem5LN3RiU3hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9iZWExNGEtMGQzMi00YWE3LWI4OTgt
ZDYwYjNiNmNjYTZlLzEvT2NKNHVpVXlEQU9FR2pjcHN1S2gxaS01bjlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9iZWExNGEtMGQzMi00YWE3LWI4OTgtZDYwYjNiNmNjYTZl
LzEvV3BPYkRPMDQxMXpHUHRVTmJsem5LN3RiU3hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwUHUpAMAAMF
B1Ov3YADBABTr+YDBADVq+YwDQYJKoZIhvcNAQELBQADggEBAFCyGZqy6KkspPTJ
8CxhjmN91gVi4z4WADmM6HKVrGyLERSTy+PlCYFX2zyKOMVwq5+3GI4+95J4UOk8
zvBa34/XkjTFuMO7DG7B8OIwMUE+kCQJIYRVqXGNqys8jbXaOotNbsVewAqedmQm
0kDXXe9QgGxSq42BIz3qObmNEagMLspi/wzn3esixwCVbQ+bsgNvTDi2AEbQzgT7
39HS2as6+kiiVfzCfjSrmzdB9Ge9co5FQbjCkfFmOG7KH3lC86EozQnoaEEHKiew
9LJe3ezBRkBdJZ/W3RYSyxNauoo9FC0WFz2dDqGEsnLSwiL1+M76EiQuEZ2RxErB
BxeLiew=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:35:11 2024 by rpki-client on console-ams.rpki-client.org