Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/b4f584-f256-4cab-adbb-c4620fab1f19/1/OuLCZcEVEK1FjARNj8rkyXFshZg.roa
File: OuLCZcEVEK1FjARNj8rkyXFshZg.roa (raw, json)
Hash identifier: Ej7NJd9/isSIEiz2uZFGMwWQ8H1qa+XvuXUQ7sUq1cg=
Subject key identifier: 3A:E2:C2:65:C1:15:10:AD:45:8C:04:4D:8F:CA:E4:C9:71:6C:85:98
Certificate issuer: /CN=6bd0c5b3fa6c288860ccb6d90200cbb8e57db7f7
Certificate serial: 018B967C63C746BEE6FD0D28CF5928C037C4
Authority key identifier: 6B:D0:C5:B3:FA:6C:28:88:60:CC:B6:D9:02:00:CB:B8:E5:7D:B7:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a9DFs_psKIhgzLbZAgDLuOV9t_c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/b4f584-f256-4cab-adbb-c4620fab1f19/1/OuLCZcEVEK1FjARNj8rkyXFshZg.roa
Signing time: Fri 03 Nov 2023 18:40:16 +0000
ROA not before: Fri 03 Nov 2023 18:40:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64267
IP address blocks: 45.150.4.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:96:7c:63:c7:46:be:e6:fd:0d:28:cf:59:28:c0:37:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bd0c5b3fa6c288860ccb6d90200cbb8e57db7f7
Validity
Not Before: Nov 3 18:40:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ae2c265c11510ad458c044d8fcae4c9716c8598
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:11:a9:2e:40:0b:0b:2b:04:0d:cd:a6:b7:3d:
c6:34:ae:b1:1b:97:84:cf:c0:33:e2:8a:cb:2e:a8:
2d:a3:d4:43:b0:f4:00:bd:c2:b5:71:25:55:43:06:
43:04:2f:2c:3d:54:39:08:7e:d7:36:b1:32:a9:52:
f4:8e:68:a6:f6:59:fd:cd:4e:dc:1b:1f:e8:b3:8f:
2a:c4:68:2f:9c:b9:ce:56:7e:21:ff:b4:f6:2a:dc:
0c:34:7d:36:a7:4a:d2:6e:35:7f:a5:37:1b:6c:c6:
41:d1:5d:7c:ea:f2:37:91:5d:02:95:81:73:da:38:
15:1a:6f:19:b6:4a:22:e3:59:82:6d:d2:40:4b:90:
8c:bb:60:0a:79:f0:c7:2d:93:ce:18:73:e7:97:f4:
45:b4:97:60:cf:68:91:ca:23:a0:51:b9:73:fd:98:
01:08:0c:fe:ab:79:2b:4a:7c:d2:cf:0d:c5:e1:9b:
a1:5c:eb:15:33:0a:c9:f7:95:e3:85:bb:bd:9e:94:
24:9e:f7:4e:98:1d:20:35:8d:f0:ef:f7:c3:8a:cf:
04:df:4d:e6:a4:ff:56:69:b6:21:23:9d:7f:5e:41:
52:5d:ed:d1:a3:9c:2e:16:c3:7d:79:19:19:c8:ce:
98:b5:f8:e7:c5:cd:7e:76:b7:ab:c7:b7:c7:9c:07:
45:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:E2:C2:65:C1:15:10:AD:45:8C:04:4D:8F:CA:E4:C9:71:6C:85:98
X509v3 Authority Key Identifier:
keyid:6B:D0:C5:B3:FA:6C:28:88:60:CC:B6:D9:02:00:CB:B8:E5:7D:B7:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9DFs_psKIhgzLbZAgDLuOV9t_c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/b4f584-f256-4cab-adbb-c4620fab1f19/1/OuLCZcEVEK1FjARNj8rkyXFshZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/b4f584-f256-4cab-adbb-c4620fab1f19/1/a9DFs_psKIhgzLbZAgDLuOV9t_c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.4.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:8c:c6:02:28:83:cc:0c:0d:f5:3e:30:47:7d:c7:65:a7:87:
9c:41:12:5a:2d:1d:01:0c:be:0a:d3:89:8f:ce:e9:a8:7f:30:
7e:fb:6c:bb:09:c3:62:81:ce:4f:1b:90:99:7d:05:50:51:d9:
4f:5b:54:bf:5a:16:f7:15:2f:a8:bd:4e:63:1a:aa:98:8f:41:
3d:1f:59:b3:ab:36:5b:d8:5d:ac:5d:8e:ee:e2:b9:88:b9:77:
ce:19:e1:b9:82:9a:a2:1e:61:e0:5a:08:89:7b:51:fa:59:44:
dc:3b:73:14:66:30:66:17:af:6c:03:68:69:eb:a4:ea:4c:03:
f1:f3:17:58:32:cf:26:96:16:3e:be:bf:8a:5b:80:b7:20:68:
15:a8:f0:65:7a:be:b9:aa:60:c0:96:a2:ef:2d:f5:86:c9:55:
a9:cc:98:c2:36:f7:5d:2e:10:b1:76:72:3c:a6:d1:78:b4:3a:
64:60:e5:c6:f2:16:82:be:b9:8f:74:fb:86:e4:c3:42:44:f6:
6e:7e:8b:8c:12:fa:22:3e:33:98:50:24:78:a6:19:cd:5f:5e:
1a:42:87:fd:48:59:bb:e6:ac:6e:18:52:be:f4:76:20:f6:26:
19:47:f0:ec:38:77:8d:4d:e1:12:f4:4c:3e:e5:8b:2b:26:86:
44:e4:48:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuWfGPHRr7m/Q0oz1kowDfEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiZDBjNWIzZmE2YzI4ODg2MGNjYjZkOTAyMDBjYmI4ZTU3
ZGI3ZjcwHhcNMjMxMTAzMTg0MDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWUyYzI2NWMxMTUxMGFkNDU4YzA0NGQ4ZmNhZTRjOTcxNmM4NTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBGpLkALCysEDc2mtz3GNK6xG5eE
z8Az4orLLqgto9RDsPQAvcK1cSVVQwZDBC8sPVQ5CH7XNrEyqVL0jmim9ln9zU7c
Gx/os48qxGgvnLnOVn4h/7T2KtwMNH02p0rSbjV/pTcbbMZB0V186vI3kV0ClYFz
2jgVGm8Ztkoi41mCbdJAS5CMu2AKefDHLZPOGHPnl/RFtJdgz2iRyiOgUblz/ZgB
CAz+q3krSnzSzw3F4ZuhXOsVMwrJ95Xjhbu9npQknvdOmB0gNY3w7/fDis8E303m
pP9WabYhI51/XkFSXe3Ro5wuFsN9eRkZyM6Ytfjnxc1+drerx7fHnAdFqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDriwmXBFRCtRYwETY/K5MlxbIWYMB8GA1UdIwQY
MBaAFGvQxbP6bCiIYMy22QIAy7jlfbf3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTlERnNfcHNLSWhnekxiWkFnREx1T1Y5dF9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9iNGY1ODQtZjI1Ni00Y2FiLWFkYmIt
YzQ2MjBmYWIxZjE5LzEvT3VMQ1pjRVZFSzFGakFSTmo4cmt5WEZzaFpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9iNGY1ODQtZjI1Ni00Y2FiLWFkYmItYzQ2MjBmYWIxZjE5
LzEvYTlERnNfcHNLSWhnekxiWkFnREx1T1Y5dF9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZYEMA0G
CSqGSIb3DQEBCwUAA4IBAQAPjMYCKIPMDA31PjBHfcdlp4ecQRJaLR0BDL4K04mP
zumofzB++2y7CcNigc5PG5CZfQVQUdlPW1S/Whb3FS+ovU5jGqqYj0E9H1mzqzZb
2F2sXY7u4rmIuXfOGeG5gpqiHmHgWgiJe1H6WUTcO3MUZjBmF69sA2hp66TqTAPx
8xdYMs8mlhY+vr+KW4C3IGgVqPBler65qmDAlqLvLfWGyVWpzJjCNvddLhCxdnI8
ptF4tDpkYOXG8haCvrmPdPuG5MNCRPZufouMEvoiPjOYUCR4phnNX14aQof9SFm7
5qxuGFK+9HYg9iYZR/DsOHeNTeES9Ew+5YsrJoZE5Ei3
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:09 2024 by rpki-client on console-fra.rpki-client.org