Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/OEKH5yC1r-G3n67xhQK45QkPbgI.roa
File: OEKH5yC1r-G3n67xhQK45QkPbgI.roa (raw, json)
Hash identifier: 4Z/XIoeMqUiKPszYqoLIeUkNWnTmmq4dw7sdIR0f6IU=
Subject key identifier: 38:42:87:E7:20:B5:AF:E1:B7:9F:AE:F1:85:02:B8:E5:09:0F:6E:02
Certificate issuer: /CN=583d76051017d0afa915fcfb790a00f4667b0a88
Certificate serial: 018CCA2B7D10FD1205277D78CCBB42171DB0
Authority key identifier: 58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/OEKH5yC1r-G3n67xhQK45QkPbgI.roa
Signing time: Tue 02 Jan 2024 12:34:56 +0000
ROA not before: Tue 02 Jan 2024 12:34:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12660
IP address blocks: 194.225.40.0/24 maxlen: 24
194.225.40.0/22 maxlen: 22
194.225.40.0/21 maxlen: 21
194.225.44.0/22 maxlen: 22
94.184.128.0/21 maxlen: 21
94.184.128.0/22 maxlen: 22
94.184.132.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 21 May 2024 11:24:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:7d:10:fd:12:05:27:7d:78:cc:bb:42:17:1d:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=583d76051017d0afa915fcfb790a00f4667b0a88
Validity
Not Before: Jan 2 12:34:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=384287e720b5afe1b79faef18502b8e5090f6e02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:79:55:fc:52:79:07:59:6d:b7:2e:56:6e:01:
d9:75:b0:55:a2:61:77:74:04:3f:b1:21:51:d2:9b:
e0:86:66:db:90:28:66:a4:dd:4a:d0:86:52:de:2b:
31:5a:3d:38:cb:58:c7:62:9e:2e:6e:2b:ba:d1:93:
7f:88:97:8a:af:65:a3:5f:cd:da:88:1f:18:a2:9e:
9c:cd:7d:8c:5a:8e:d8:3c:f8:00:b3:58:dc:7a:3a:
c8:a9:7a:45:76:a2:98:76:62:b4:bb:e8:d6:02:9c:
0d:4b:9c:2e:79:f4:8b:0b:20:49:fd:86:b8:8b:25:
cf:52:3f:d6:c9:e7:5e:7a:3f:9d:92:f0:27:3e:bb:
45:6c:4f:77:e1:6f:8d:aa:4f:93:1f:f0:84:92:ed:
d3:89:26:26:42:d4:7d:0f:e2:d8:55:11:6c:c2:d9:
2b:14:85:f1:d3:26:fc:6d:07:f0:94:ff:09:b3:b6:
0c:02:50:a8:77:50:4f:d1:0e:87:0a:68:f5:a9:64:
8b:d3:1a:e8:50:fe:55:68:18:d6:76:16:11:68:7a:
fd:a6:0a:21:15:10:0f:9d:9c:12:79:47:af:02:bf:
cb:87:f2:86:2b:ee:12:70:3f:6a:d6:1a:8b:81:3d:
91:e4:c1:8d:68:4b:68:d1:79:41:ef:68:8e:57:bf:
a8:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:42:87:E7:20:B5:AF:E1:B7:9F:AE:F1:85:02:B8:E5:09:0F:6E:02
X509v3 Authority Key Identifier:
keyid:58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/OEKH5yC1r-G3n67xhQK45QkPbgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.184.128.0/21
194.225.40.0/21
Signature Algorithm: sha256WithRSAEncryption
23:f8:7c:8b:c9:c8:13:b8:25:b0:de:9d:f3:d7:2e:44:36:11:
0a:6a:8d:43:3e:b5:b2:85:d5:1b:9e:aa:2b:3e:e6:d7:6c:4e:
95:b5:f2:72:c6:30:05:26:bb:bb:e8:70:cf:e6:52:77:b6:37:
26:1c:bf:90:b3:e9:c8:3f:f5:49:d7:a7:c3:2a:56:0f:0f:85:
8d:f8:61:c2:71:f5:89:73:9f:6f:db:f4:c1:0d:99:19:67:fd:
54:3f:21:2d:da:ed:0d:04:cf:cb:42:fd:af:37:9b:26:76:fa:
a1:2d:b8:12:fd:b5:e3:f6:f0:17:42:55:dc:fb:e2:fa:5a:68:
f5:12:6b:56:0d:25:2c:8e:3c:c4:89:e8:f3:b7:cf:7e:b1:40:
46:91:b1:92:c9:0b:3d:fe:0f:d0:3f:73:af:ff:04:48:5a:33:
5a:6a:79:ce:21:da:0d:e7:fc:ed:c9:0b:13:54:df:b3:e9:32:
2e:f8:d6:82:2f:4d:50:27:60:99:42:4f:78:35:ea:53:c6:4e:
c2:25:5d:2b:fe:0a:d2:74:f9:54:37:8f:0f:d0:98:76:35:4a:
1d:ce:e9:4d:c4:91:dd:64:b3:fe:6f:ec:88:f3:fb:f5:01:a9:
b8:86:dd:1c:87:1b:a8:9f:fe:00:54:10:1c:30:1e:a6:67:13:
59:c2:46:be
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKK30Q/RIFJ314zLtCFx2wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4M2Q3NjA1MTAxN2QwYWZhOTE1ZmNmYjc5MGEwMGY0NjY3
YjBhODgwHhcNMjQwMTAyMTIzNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODQyODdlNzIwYjVhZmUxYjc5ZmFlZjE4NTAyYjhlNTA5MGY2ZTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3lV/FJ5B1ltty5WbgHZdbBVomF3
dAQ/sSFR0pvghmbbkChmpN1K0IZS3isxWj04y1jHYp4ubiu60ZN/iJeKr2WjX83a
iB8Yop6czX2MWo7YPPgAs1jcejrIqXpFdqKYdmK0u+jWApwNS5wuefSLCyBJ/Ya4
iyXPUj/Wyedeej+dkvAnPrtFbE934W+Nqk+TH/CEku3TiSYmQtR9D+LYVRFswtkr
FIXx0yb8bQfwlP8Js7YMAlCod1BP0Q6HCmj1qWSL0xroUP5VaBjWdhYRaHr9pgoh
FRAPnZwSeUevAr/Lh/KGK+4ScD9q1hqLgT2R5MGNaEto0XlB72iOV7+oZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDhCh+cgta/ht5+u8YUCuOUJD24CMB8GA1UdIwQY
MBaAFFg9dgUQF9CvqRX8+3kKAPRmewqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGIt
ZGE2MTUzODg1ZjNiLzEvT0VLSDV5QzFyLUczbjY3eGhRSzQ1UWtQYmdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGItZGE2MTUzODg1ZjNi
LzEvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDXriAAwQD
wuEoMA0GCSqGSIb3DQEBCwUAA4IBAQAj+HyLycgTuCWw3p3z1y5ENhEKao1DPrWy
hdUbnqorPubXbE6VtfJyxjAFJru76HDP5lJ3tjcmHL+Qs+nIP/VJ16fDKlYPD4WN
+GHCcfWJc59v2/TBDZkZZ/1UPyEt2u0NBM/LQv2vN5smdvqhLbgS/bXj9vAXQlXc
++L6Wmj1EmtWDSUsjjzEiejzt89+sUBGkbGSyQs9/g/QP3Ov/wRIWjNaannOIdoN
5/ztyQsTVN+z6TIu+NaCL01QJ2CZQk94NepTxk7CJV0r/grSdPlUN48P0Jh2NUod
zulNxJHdZLP+b+yI8/v1Aam4ht0chxuon/4AVBAcMB6mZxNZwka+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:22 2024 by rpki-client on console-fra.rpki-client.org