Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/OkbQK20KwN0zRBqujQF4wTfMBxU.roa
File: OkbQK20KwN0zRBqujQF4wTfMBxU.roa (raw, json)
Hash identifier: BzD8pqlTeh6wBZzqki73FYWHAe8F1cqg/7Ztnlo5PBU=
Subject key identifier: 3A:46:D0:2B:6D:0A:C0:DD:33:44:1A:AE:8D:01:78:C1:37:CC:07:15
Certificate issuer: /CN=8fc69646457a8bf8ef9569b9b427e9f2c462e56e
Certificate serial: 01856DAF6968A168107D7A79EA14CAEFA357
Authority key identifier: 8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/OkbQK20KwN0zRBqujQF4wTfMBxU.roa
Signing time: Sun 01 Jan 2023 14:14:50 +0000
ROA not before: Sun 01 Jan 2023 14:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39855
IP address blocks: 194.104.85.0/24 maxlen: 24
194.104.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:af:69:68:a1:68:10:7d:7a:79:ea:14:ca:ef:a3:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fc69646457a8bf8ef9569b9b427e9f2c462e56e
Validity
Not Before: Jan 1 14:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a46d02b6d0ac0dd33441aae8d0178c137cc0715
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:33:d2:92:14:55:03:94:20:a9:8a:4c:d7:05:
6d:f0:85:3e:78:56:ce:ed:34:ee:b7:5f:bd:9d:11:
e4:10:c7:4a:82:2c:6a:d4:40:d6:ea:73:74:b2:4f:
b3:78:c4:58:81:1e:d0:cb:38:9b:9c:d0:c8:f4:f1:
59:ba:91:e5:cd:9d:04:ba:79:77:c4:55:39:2b:0f:
8f:47:fa:9e:24:56:62:76:b5:c0:25:be:40:e4:c8:
d6:ce:76:33:f8:72:28:c8:b1:96:34:c1:87:38:77:
56:dc:2c:03:79:b7:31:45:f3:4f:2e:78:00:d0:7c:
bb:20:c0:3a:44:8a:fd:0b:30:6b:8b:63:38:0b:51:
37:92:8b:37:9a:60:50:f0:54:a3:22:68:b1:08:c9:
9d:23:76:fc:6b:f7:3a:a6:ce:14:cb:5a:25:80:00:
45:d7:20:6d:d3:27:15:4f:33:16:e8:cb:f6:ec:e0:
6a:01:7f:5a:bf:3b:20:18:bf:11:10:3b:2b:97:e1:
a8:dd:29:3b:c1:e3:fb:10:30:1d:09:57:84:12:f7:
25:86:ac:11:ff:8a:99:6d:97:8e:86:82:aa:e6:2b:
61:5b:d9:e9:2d:26:93:85:6e:16:c8:e4:fe:56:ff:
22:7f:b6:82:12:64:6a:a4:21:41:d3:20:bf:b0:60:
a5:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:46:D0:2B:6D:0A:C0:DD:33:44:1A:AE:8D:01:78:C1:37:CC:07:15
X509v3 Authority Key Identifier:
keyid:8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/OkbQK20KwN0zRBqujQF4wTfMBxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/j8aWRkV6i_jvlWm5tCfp8sRi5W4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.104.1.0/24
194.104.85.0/24
Signature Algorithm: sha256WithRSAEncryption
04:31:fd:af:d5:aa:e2:d7:01:9f:17:17:71:ba:e2:bf:c8:19:
ae:4c:6f:3b:94:fc:8d:b4:3f:0f:c5:e0:57:c6:b9:42:b1:5a:
e3:c9:5d:c7:3b:03:bb:02:90:75:14:1d:e0:d7:b1:46:76:2e:
88:45:f9:6c:81:9d:72:75:d5:b3:af:40:f0:23:bf:d1:3d:5a:
ba:36:f6:89:11:ab:19:2a:0c:73:2c:56:45:f8:21:9f:87:8d:
21:b5:3f:3d:88:d4:fc:5f:10:74:16:e6:bd:c3:ee:c4:7f:f3:
00:d8:51:54:d8:38:d5:41:3e:19:bf:40:0d:18:13:93:0e:0c:
de:c8:41:2f:39:da:26:a5:51:3c:9e:51:53:9e:62:ae:3d:b3:
92:ec:2a:5f:38:27:cd:f1:a7:2f:02:65:b0:42:22:a9:fa:cb:
cc:0f:fa:94:e1:31:14:d4:33:fd:50:ca:b9:f5:ef:ce:fa:6c:
32:f2:5a:0b:07:bb:8a:4f:3e:4f:4b:fa:c2:83:0c:0a:ab:c9:
1e:c7:35:41:3d:a3:e1:3d:64:c3:54:d7:ff:88:fb:e3:db:1e:
76:e6:c8:b8:76:73:0e:79:aa:1f:57:17:d0:99:a2:20:30:06:
98:a0:dd:0a:c8:9a:30:e3:a2:54:b1:78:8c:72:b0:52:25:79:
93:d5:81:54
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtr2looWgQfXp56hTK76NXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYzY5NjQ2NDU3YThiZjhlZjk1NjliOWI0MjdlOWYyYzQ2
MmU1NmUwHhcNMjMwMTAxMTQxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTQ2ZDAyYjZkMGFjMGRkMzM0NDFhYWU4ZDAxNzhjMTM3Y2MwNzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTPSkhRVA5QgqYpM1wVt8IU+eFbO
7TTut1+9nRHkEMdKgixq1EDW6nN0sk+zeMRYgR7QyzibnNDI9PFZupHlzZ0Eunl3
xFU5Kw+PR/qeJFZidrXAJb5A5MjWznYz+HIoyLGWNMGHOHdW3CwDebcxRfNPLngA
0Hy7IMA6RIr9CzBri2M4C1E3kos3mmBQ8FSjImixCMmdI3b8a/c6ps4Uy1olgABF
1yBt0ycVTzMW6Mv27OBqAX9avzsgGL8REDsrl+Go3Sk7weP7EDAdCVeEEvclhqwR
/4qZbZeOhoKq5ithW9npLSaThW4WyOT+Vv8if7aCEmRqpCFB0yC/sGClLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDpG0CttCsDdM0Qaro0BeME3zAcVMB8GA1UdIwQY
MBaAFI/GlkZFeov475VpubQn6fLEYuVuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajhhV1JrVjZpX2p2bFdtNXRDZnA4c1JpNVc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85ZmFiNWMtZTEzOC00ZWY2LTg3OTkt
YjBiMzVhMzRlMzg4LzEvT2tiUUsyMEt3TjB6UkJxdWpRRjR3VGZNQnhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny85ZmFiNWMtZTEzOC00ZWY2LTg3OTktYjBiMzVhMzRlMzg4
LzEvajhhV1JrVjZpX2p2bFdtNXRDZnA4c1JpNVc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwmgBAwQA
wmhVMA0GCSqGSIb3DQEBCwUAA4IBAQAEMf2v1ari1wGfFxdxuuK/yBmuTG87lPyN
tD8PxeBXxrlCsVrjyV3HOwO7ApB1FB3g17FGdi6IRflsgZ1yddWzr0DwI7/RPVq6
NvaJEasZKgxzLFZF+CGfh40htT89iNT8XxB0Fua9w+7Ef/MA2FFU2DjVQT4Zv0AN
GBOTDgzeyEEvOdompVE8nlFTnmKuPbOS7CpfOCfN8acvAmWwQiKp+svMD/qU4TEU
1DP9UMq59e/O+mwy8loLB7uKTz5PS/rCgwwKq8kexzVBPaPhPWTDVNf/iPvj2x52
5si4dnMOeaofVxfQmaIgMAaYoN0KyJow46JUsXiMcrBSJXmT1YFU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:37 2024 by rpki-client on console-ams.rpki-client.org