Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/OUF3WZuQmPHnKROyjF1bbgsuTeE.roa
File: OUF3WZuQmPHnKROyjF1bbgsuTeE.roa (raw, json)
Hash identifier: ifON62/EhCzP+cf1c0BXo4spGFVzg6cwWErY2gZ56Ac=
Subject key identifier: 39:41:77:59:9B:90:98:F1:E7:29:13:B2:8C:5D:5B:6E:0B:2E:4D:E1
Certificate issuer: /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial: 0185CB8C3D9A016F3554A52541491A901CE6
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/OUF3WZuQmPHnKROyjF1bbgsuTeE.roa
Signing time: Thu 19 Jan 2023 19:40:43 +0000
ROA not before: Thu 19 Jan 2023 19:40:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52035
IP address blocks: 158.41.24.0/21 maxlen: 24
185.179.216.0/24 maxlen: 24
148.222.240.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 20 Jan 2023 18:39:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:cb:8c:3d:9a:01:6f:35:54:a5:25:41:49:1a:90:1c:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18101772248996b87d90840c2d27d62549458173
Validity
Not Before: Jan 19 19:40:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=394177599b9098f1e72913b28c5d5b6e0b2e4de1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:0c:08:6c:bb:49:3e:8e:a7:87:6f:51:b9:2a:
f0:2b:f2:52:74:0d:f2:0e:28:07:52:61:4b:0c:8c:
f1:b3:cb:de:fc:79:d5:37:7d:07:cf:30:e3:04:a8:
0f:97:ed:a5:2a:c8:10:d7:d9:5e:47:e9:f8:8d:95:
8d:e7:dd:b6:b6:85:11:fa:ab:dc:aa:98:bf:18:44:
4d:52:97:91:42:1e:bb:d3:ce:64:32:20:ec:e2:46:
b4:a4:99:ff:3d:f4:25:11:a7:50:e9:e3:5f:e0:db:
17:37:10:80:ec:9f:58:66:6e:6d:19:0c:da:98:39:
a4:aa:2c:0b:1b:0d:1f:b3:e3:d8:3c:bb:a0:e9:22:
5e:50:f4:a1:14:90:55:7a:e3:75:df:fc:79:2f:6d:
01:5d:5c:ec:21:28:58:33:1e:7a:40:5e:6f:e6:70:
04:d0:eb:ce:f4:5e:0c:1b:e2:c8:bc:97:f0:57:e8:
25:9d:32:64:75:23:79:dd:f4:6a:18:ed:77:55:f0:
d7:88:91:d6:3b:a6:91:b5:cf:a2:ce:0c:43:77:e4:
37:14:ab:eb:f4:d3:a5:7a:76:3f:6c:0c:65:16:13:
ac:c0:0e:ab:6d:ef:f9:e9:ad:6d:d4:e7:51:9a:b1:
52:1c:a4:44:50:69:16:cf:5b:da:d4:f5:88:66:2b:
e3:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:41:77:59:9B:90:98:F1:E7:29:13:B2:8C:5D:5B:6E:0B:2E:4D:E1
X509v3 Authority Key Identifier:
keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/OUF3WZuQmPHnKROyjF1bbgsuTeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.222.240.0/22
158.41.24.0/21
185.179.216.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:94:67:78:c0:35:dc:7a:96:da:e5:2e:7a:2c:ac:36:2e:b6:
7e:8e:98:19:16:00:03:b9:6a:09:c6:a6:cb:79:92:af:c7:57:
d8:f8:0e:e3:9e:4f:7d:5e:52:c5:ac:e1:2f:b1:e2:64:dc:f5:
7f:ab:dc:c9:18:7e:01:23:66:b8:a5:0b:91:64:7c:43:02:db:
1c:4d:e2:04:6f:48:1a:d4:29:58:f2:e7:77:ca:20:26:f8:2d:
2c:e5:d6:d0:0d:bc:89:25:d8:82:eb:a8:1f:3e:e2:61:3b:dc:
64:a3:ea:73:e9:55:27:6b:d8:14:3e:cc:df:56:7e:f5:71:b9:
b2:c3:6d:b7:c8:c3:b2:95:ed:b4:41:d4:18:48:38:46:dd:86:
eb:38:84:d3:96:57:ab:32:39:78:6d:07:cd:4e:b5:d4:6b:c6:
26:86:94:85:32:e8:93:20:ae:46:5b:cf:be:f7:83:f9:07:a1:
75:13:ec:7f:cd:53:22:2a:00:59:eb:d8:87:b6:4b:65:8d:df:
66:24:3c:e3:2b:25:af:d4:72:5b:93:aa:c8:5c:ab:42:91:df:
50:73:fe:7c:16:0a:6d:4e:6b:0e:54:35:6b:f1:ec:d6:5b:b0:
95:72:f9:0a:80:44:8a:f8:1b:53:fe:3b:c3:cd:62:57:82:f6:
cb:1b:32:86
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXLjD2aAW81VKUlQUkakBzmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjMwMTE5MTk0MDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTQxNzc1OTliOTA5OGYxZTcyOTEzYjI4YzVkNWI2ZTBiMmU0ZGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQwIbLtJPo6nh29RuSrwK/JSdA3y
DigHUmFLDIzxs8ve/HnVN30HzzDjBKgPl+2lKsgQ19leR+n4jZWN5922toUR+qvc
qpi/GERNUpeRQh67085kMiDs4ka0pJn/PfQlEadQ6eNf4NsXNxCA7J9YZm5tGQza
mDmkqiwLGw0fs+PYPLug6SJeUPShFJBVeuN13/x5L20BXVzsIShYMx56QF5v5nAE
0OvO9F4MG+LIvJfwV+glnTJkdSN53fRqGO13VfDXiJHWO6aRtc+izgxDd+Q3FKvr
9NOlenY/bAxlFhOswA6rbe/56a1t1OdRmrFSHKREUGkWz1va1PWIZivjhwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDlBd1mbkJjx5ykTsoxdW24LLk3hMB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvT1VGM1dadVFtUEhuS1JPeWpGMWJiZ3N1VGVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQClN7wAwQD
nikYAwQAubPYMA0GCSqGSIb3DQEBCwUAA4IBAQCflGd4wDXcepba5S56LKw2LrZ+
jpgZFgADuWoJxqbLeZKvx1fY+A7jnk99XlLFrOEvseJk3PV/q9zJGH4BI2a4pQuR
ZHxDAtscTeIEb0ga1ClY8ud3yiAm+C0s5dbQDbyJJdiC66gfPuJhO9xko+pz6VUn
a9gUPszfVn71cbmyw223yMOyle20QdQYSDhG3YbrOITTllerMjl4bQfNTrXUa8Ym
hpSFMuiTIK5GW8++94P5B6F1E+x/zVMiKgBZ69iHtktljd9mJDzjKyWv1HJbk6rI
XKtCkd9Qc/58FgptTmsOVDVr8ezWW7CVcvkKgESK+BtT/jvDzWJXgvbLGzKG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:38 2024 by rpki-client on console-ams.rpki-client.org