Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/1529c6-8082-4f3a-bc92-423fca224041/1/oq0ug4AMCUlL2Poh_uNz6XJgmPA.roa
File: oq0ug4AMCUlL2Poh_uNz6XJgmPA.roa (raw, json)
Hash identifier: Pf14BSf7QNn3wwPGawW160FWHIRzC83/BAqPW5WTU+I=
Subject key identifier: A2:AD:2E:83:80:0C:09:49:4B:D8:FA:21:FE:E3:73:E9:72:60:98:F0
Certificate issuer: /CN=6e9a558ad546dcc9abc0b8a131067af02e407007
Certificate serial: 0192C3843F8F4959B1ACBA707829668DF12F
Authority key identifier: 6E:9A:55:8A:D5:46:DC:C9:AB:C0:B8:A1:31:06:7A:F0:2E:40:70:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bppVitVG3MmrwLihMQZ68C5AcAc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/1529c6-8082-4f3a-bc92-423fca224041/1/oq0ug4AMCUlL2Poh_uNz6XJgmPA.roa
Signing time: Fri 25 Oct 2024 11:51:17 +0000
ROA not before: Fri 25 Oct 2024 11:51:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 79.171.96.0/21 maxlen: 21
185.62.60.0/22 maxlen: 22
185.67.180.0/22 maxlen: 22
185.130.12.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 28 Oct 2024 14:33:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c3:84:3f:8f:49:59:b1:ac:ba:70:78:29:66:8d:f1:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e9a558ad546dcc9abc0b8a131067af02e407007
Validity
Not Before: Oct 25 11:51:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2ad2e83800c09494bd8fa21fee373e9726098f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:46:68:95:8a:5f:28:2c:da:1f:08:be:0f:6e:
12:70:23:67:4a:ea:f4:c3:8a:12:29:88:56:fc:50:
68:8b:8b:a2:b8:0c:98:b8:1f:22:19:e3:06:a5:42:
72:b5:3c:42:58:d6:5f:a4:64:8d:88:b4:67:e3:fc:
a3:2c:3d:9f:55:90:8b:dc:73:9b:53:19:7a:88:6c:
d2:cb:e5:21:da:81:a4:05:f7:af:81:bf:ce:98:01:
c5:30:74:6c:87:57:92:35:3c:7f:e6:69:3b:26:ff:
b3:90:70:a3:d8:44:06:b7:cd:6c:85:f2:26:8e:6c:
b2:0e:c7:7a:c7:e0:5a:8a:99:3f:b6:7e:e7:62:5a:
8f:17:97:61:4b:3f:5f:ac:16:59:e5:5c:fe:3b:6c:
32:6a:80:67:ac:5d:55:46:21:4c:05:b2:14:b7:9e:
3d:94:04:7d:9e:e8:37:8a:4a:6d:86:15:dd:ce:90:
12:b0:4a:e3:cc:d6:61:0e:f1:17:4b:bc:c2:52:da:
5a:61:47:05:39:19:af:4a:4a:6a:86:7a:90:e2:cb:
03:64:33:eb:96:7b:cd:92:a9:3d:8d:0e:ed:e1:b4:
78:33:bf:db:10:cb:3c:05:53:c3:b1:0a:da:b3:c9:
70:dd:ce:56:40:5e:d1:27:83:dc:a4:1c:4b:f4:5d:
85:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:AD:2E:83:80:0C:09:49:4B:D8:FA:21:FE:E3:73:E9:72:60:98:F0
X509v3 Authority Key Identifier:
keyid:6E:9A:55:8A:D5:46:DC:C9:AB:C0:B8:A1:31:06:7A:F0:2E:40:70:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bppVitVG3MmrwLihMQZ68C5AcAc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/1529c6-8082-4f3a-bc92-423fca224041/1/oq0ug4AMCUlL2Poh_uNz6XJgmPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/1529c6-8082-4f3a-bc92-423fca224041/1/bppVitVG3MmrwLihMQZ68C5AcAc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.171.96.0/21
185.62.60.0/22
185.67.180.0/22
185.130.12.0/22
Signature Algorithm: sha256WithRSAEncryption
af:9c:59:7c:74:bc:f5:db:5a:d6:06:30:e5:56:d1:5e:cd:67:
58:3f:2e:b1:72:d9:42:29:6a:23:1d:8c:88:4d:31:34:02:3a:
3e:fb:2a:e0:3c:55:84:70:1e:92:c8:11:22:0d:fd:5e:bd:d6:
03:fb:46:d0:04:39:4c:8c:22:88:cd:da:3a:45:4e:d8:8a:14:
72:96:c1:36:74:9d:9c:ef:14:83:f0:11:22:18:cd:af:b6:5d:
c0:ef:9c:4d:e4:c6:05:23:8d:af:47:8b:1d:ef:0a:c3:b5:f8:
9d:e8:5f:ac:71:23:93:f4:ed:30:b0:fb:60:f4:f8:26:10:78:
b0:a0:66:8c:ff:db:e6:69:0a:20:85:f3:73:09:d3:63:70:0c:
4c:14:e4:2e:47:c7:c3:ac:f1:6f:f5:56:b4:b5:17:5d:ff:f3:
16:93:2b:ce:d9:bd:bf:40:9e:2e:37:c4:7a:a3:db:8c:e4:45:
ad:05:00:05:40:90:80:15:29:8e:11:3e:e2:07:da:dd:81:38:
f2:64:f1:91:b9:59:b2:a5:72:f5:de:00:b9:ed:4c:01:0c:09:
56:23:5d:83:a2:a4:61:4b:0e:13:6a:a8:87:7c:c8:5b:93:cb:
5d:cb:c5:38:cc:38:7c:35:c0:88:39:59:4d:76:4d:9e:32:1f:
3d:9d:94:43
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZLDhD+PSVmxrLpweClmjfEvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlOWE1NThhZDU0NmRjYzlhYmMwYjhhMTMxMDY3YWYwMmU0
MDcwMDcwHhcNMjQxMDI1MTE1MTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmFkMmU4MzgwMGMwOTQ5NGJkOGZhMjFmZWUzNzNlOTcyNjA5OGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA90ZolYpfKCzaHwi+D24ScCNnSur0
w4oSKYhW/FBoi4uiuAyYuB8iGeMGpUJytTxCWNZfpGSNiLRn4/yjLD2fVZCL3HOb
Uxl6iGzSy+Uh2oGkBfevgb/OmAHFMHRsh1eSNTx/5mk7Jv+zkHCj2EQGt81shfIm
jmyyDsd6x+Baipk/tn7nYlqPF5dhSz9frBZZ5Vz+O2wyaoBnrF1VRiFMBbIUt549
lAR9nug3ikpthhXdzpASsErjzNZhDvEXS7zCUtpaYUcFORmvSkpqhnqQ4ssDZDPr
lnvNkqk9jQ7t4bR4M7/bEMs8BVPDsQras8lw3c5WQF7RJ4PcpBxL9F2FGwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKKtLoOADAlJS9j6If7jc+lyYJjwMB8GA1UdIwQY
MBaAFG6aVYrVRtzJq8C4oTEGevAuQHAHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnBwVml0VkczTW1yd0xpaE1RWjY4QzVBY0FjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8xNTI5YzYtODA4Mi00ZjNhLWJjOTIt
NDIzZmNhMjI0MDQxLzEvb3EwdWc0QU1DVWxMMlBvaF91Tno2WEpnbVBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8xNTI5YzYtODA4Mi00ZjNhLWJjOTItNDIzZmNhMjI0MDQx
LzEvYnBwVml0VkczTW1yd0xpaE1RWjY4QzVBY0FjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDT6tgAwQC
uT48AwQCuUO0AwQCuYIMMA0GCSqGSIb3DQEBCwUAA4IBAQCvnFl8dLz121rWBjDl
VtFezWdYPy6xctlCKWojHYyITTE0Ajo++yrgPFWEcB6SyBEiDf1evdYD+0bQBDlM
jCKIzdo6RU7YihRylsE2dJ2c7xSD8BEiGM2vtl3A75xN5MYFI42vR4sd7wrDtfid
6F+scSOT9O0wsPtg9PgmEHiwoGaM/9vmaQoghfNzCdNjcAxMFOQuR8fDrPFv9Va0
tRdd//MWkyvO2b2/QJ4uN8R6o9uM5EWtBQAFQJCAFSmOET7iB9rdgTjyZPGRuVmy
pXL13gC57UwBDAlWI12DoqRhSw4TaqiHfMhbk8tdy8U4zDh8NcCIOVlNdk2eMh89
nZRD
-----END CERTIFICATE-----
Generated at Mon Oct 28 17:32:36 2024 by rpki-client on console-ams.rpki-client.org