Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/6788f7-d58f-4835-8522-984a08898459/1/OpVmURMSjKWFYKHu0e6XUJw5dek.roa
File: OpVmURMSjKWFYKHu0e6XUJw5dek.roa (raw, json)
Hash identifier: rtKiOXu+ufas/szi41npYWJ3PLFaQO6kSM8WmzFPaas=
Subject key identifier: 3A:95:66:51:13:12:8C:A5:85:60:A1:EE:D1:EE:97:50:9C:39:75:E9
Certificate issuer: /CN=0012b9dc976d7ce807e46fea4936c726b0c4a206
Certificate serial: 01856D4173668722CC68947ED57AF67CB162
Authority key identifier: 00:12:B9:DC:97:6D:7C:E8:07:E4:6F:EA:49:36:C7:26:B0:C4:A2:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ABK53JdtfOgH5G_qSTbHJrDEogY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/6788f7-d58f-4835-8522-984a08898459/1/OpVmURMSjKWFYKHu0e6XUJw5dek.roa
Signing time: Sun 01 Jan 2023 12:14:43 +0000
ROA not before: Sun 01 Jan 2023 12:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212335
IP address blocks: 217.28.128.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:73:66:87:22:cc:68:94:7e:d5:7a:f6:7c:b1:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0012b9dc976d7ce807e46fea4936c726b0c4a206
Validity
Not Before: Jan 1 12:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a95665113128ca58560a1eed1ee97509c3975e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8d:c3:0e:a7:c9:62:aa:08:0e:8d:19:95:e2:
43:8a:36:5a:53:34:84:9c:bb:13:d5:9f:d6:3f:7f:
12:8c:97:ac:83:29:ad:1d:3f:33:fd:fd:4c:7d:2e:
e5:e1:27:8a:90:1e:e2:87:ab:30:bd:a6:6d:bb:cd:
ac:f4:b0:a0:28:00:01:84:47:ee:94:a6:68:0f:6b:
a9:75:54:ce:e0:be:40:c5:55:6b:14:16:65:4c:7e:
a0:a5:c3:fa:6d:08:c8:59:51:af:1b:69:2c:c3:cb:
75:89:8e:d8:88:0f:48:70:c9:10:88:26:8d:c2:7f:
d2:a4:53:70:10:16:26:fa:86:ef:e4:f5:f9:27:3b:
66:7c:15:5b:c6:dc:fb:b4:2e:d8:ec:ad:69:54:ec:
8f:98:16:f6:7f:67:6b:a7:34:2c:13:34:d5:4a:18:
cb:96:3b:5d:48:52:99:29:37:b0:ec:2a:55:3e:ae:
19:48:14:47:dc:38:9e:8f:34:42:ea:cd:54:9e:24:
9c:e5:31:b5:d3:a1:07:75:e3:89:d0:63:c9:a3:f8:
0f:8b:14:c1:01:25:7c:5c:86:59:71:95:bb:5b:12:
a2:60:88:13:8b:ce:1a:d6:b6:62:d9:2c:49:95:f8:
2d:dd:ab:49:93:6c:6f:5b:dd:19:13:82:a7:20:c1:
92:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:95:66:51:13:12:8C:A5:85:60:A1:EE:D1:EE:97:50:9C:39:75:E9
X509v3 Authority Key Identifier:
keyid:00:12:B9:DC:97:6D:7C:E8:07:E4:6F:EA:49:36:C7:26:B0:C4:A2:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ABK53JdtfOgH5G_qSTbHJrDEogY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/6788f7-d58f-4835-8522-984a08898459/1/OpVmURMSjKWFYKHu0e6XUJw5dek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/6788f7-d58f-4835-8522-984a08898459/1/ABK53JdtfOgH5G_qSTbHJrDEogY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.28.128.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:ca:00:70:bb:b2:7e:bc:90:e1:53:89:38:82:26:c5:cd:15:
43:54:8e:ce:da:fc:4b:03:f7:17:9c:b3:40:b6:18:a1:36:6a:
a1:4b:6e:c4:7f:fd:3d:1f:c0:3f:ed:18:c2:82:a3:e7:34:af:
bd:90:ef:cf:50:e9:4a:80:ba:6b:0a:ff:2d:9a:cb:ac:cf:4c:
cc:33:f0:e8:53:7d:aa:a5:5e:cc:f8:60:67:1c:61:ce:26:c5:
aa:4d:d1:03:3a:f2:be:af:9b:ac:45:58:b1:d3:ed:5a:93:a0:
6f:6c:e2:b8:a1:d4:62:d4:11:f3:d0:ca:b6:6f:0c:e3:a6:04:
bf:88:f4:31:9b:6a:23:93:58:cd:20:ed:1b:7e:20:93:da:de:
f6:f2:9f:a0:79:82:d4:d3:6c:43:53:cf:67:42:19:f3:fc:75:
b9:ff:7b:37:fa:00:20:9d:c5:cb:05:2f:92:d8:45:da:12:c8:
d8:de:67:f3:88:4b:e2:fb:2f:16:38:58:fc:95:b6:94:41:7a:
05:aa:14:f7:58:15:dc:84:ca:b2:70:62:90:a5:86:21:b8:bc:
fc:64:e5:e2:ba:32:3d:8f:3b:e6:d4:91:32:b4:b9:c7:e0:04:
96:86:65:af:b0:96:5c:a9:a6:62:1f:06:54:6c:62:77:29:49:
63:3f:7d:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtQXNmhyLMaJR+1Xr2fLFiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMTJiOWRjOTc2ZDdjZTgwN2U0NmZlYTQ5MzZjNzI2YjBj
NGEyMDYwHhcNMjMwMTAxMTIxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTk1NjY1MTEzMTI4Y2E1ODU2MGExZWVkMWVlOTc1MDljMzk3NWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvY3DDqfJYqoIDo0ZleJDijZaUzSE
nLsT1Z/WP38SjJesgymtHT8z/f1MfS7l4SeKkB7ih6swvaZtu82s9LCgKAABhEfu
lKZoD2updVTO4L5AxVVrFBZlTH6gpcP6bQjIWVGvG2ksw8t1iY7YiA9IcMkQiCaN
wn/SpFNwEBYm+obv5PX5JztmfBVbxtz7tC7Y7K1pVOyPmBb2f2drpzQsEzTVShjL
ljtdSFKZKTew7CpVPq4ZSBRH3DiejzRC6s1UniSc5TG106EHdeOJ0GPJo/gPixTB
ASV8XIZZcZW7WxKiYIgTi84a1rZi2SxJlfgt3atJk2xvW90ZE4KnIMGSpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDqVZlETEoylhWCh7tHul1CcOXXpMB8GA1UdIwQY
MBaAFAASudyXbXzoB+Rv6kk2xyawxKIGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUJLNTNKZHRmT2dINUdfcVNUYkhKckRFb2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS82Nzg4ZjctZDU4Zi00ODM1LTg1MjIt
OTg0YTA4ODk4NDU5LzEvT3BWbVVSTVNqS1dGWUtIdTBlNlhVSnc1ZGVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS82Nzg4ZjctZDU4Zi00ODM1LTg1MjItOTg0YTA4ODk4NDU5
LzEvQUJLNTNKZHRmT2dINUdfcVNUYkhKckRFb2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RyAMA0G
CSqGSIb3DQEBCwUAA4IBAQAOygBwu7J+vJDhU4k4gibFzRVDVI7O2vxLA/cXnLNA
thihNmqhS27Ef/09H8A/7RjCgqPnNK+9kO/PUOlKgLprCv8tmsusz0zMM/DoU32q
pV7M+GBnHGHOJsWqTdEDOvK+r5usRVix0+1ak6BvbOK4odRi1BHz0Mq2bwzjpgS/
iPQxm2ojk1jNIO0bfiCT2t728p+geYLU02xDU89nQhnz/HW5/3s3+gAgncXLBS+S
2EXaEsjY3mfziEvi+y8WOFj8lbaUQXoFqhT3WBXchMqycGKQpYYhuLz8ZOXiujI9
jzvm1JEytLnH4ASWhmWvsJZcqaZiHwZUbGJ3KUljP32A
-----END CERTIFICATE-----
Generated at Thu Oct 12 08:26:14 2023 by rpki-client on console-fra.rpki-client.org