Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/4f4b20-5136-420b-b516-b6d64a003d9e/1/0PP7tWRPWwdqohiSiX6y9r3H7Iw.roa
File: 0PP7tWRPWwdqohiSiX6y9r3H7Iw.roa (raw, json)
Hash identifier: P2w7SfkO906qeeUL1NQWRyMih80hCpiVcQgqZ8DASPE=
Subject key identifier: D0:F3:FB:B5:64:4F:5B:07:6A:A2:18:92:89:7E:B2:F6:BD:C7:EC:8C
Certificate issuer: /CN=416532420a21e42b8ad30da24ebf4347de95ef35
Certificate serial: 01856C782D51209A08D7FD8D4D97494F39C7
Authority key identifier: 41:65:32:42:0A:21:E4:2B:8A:D3:0D:A2:4E:BF:43:47:DE:95:EF:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QWUyQgoh5CuK0w2iTr9DR96V7zU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/4f4b20-5136-420b-b516-b6d64a003d9e/1/0PP7tWRPWwdqohiSiX6y9r3H7Iw.roa
Signing time: Sun 01 Jan 2023 08:34:53 +0000
ROA not before: Sun 01 Jan 2023 08:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207645
IP address blocks: 194.120.133.0/24 maxlen: 24
2a0d:b100::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:2d:51:20:9a:08:d7:fd:8d:4d:97:49:4f:39:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=416532420a21e42b8ad30da24ebf4347de95ef35
Validity
Not Before: Jan 1 08:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0f3fbb5644f5b076aa21892897eb2f6bdc7ec8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:8c:5d:c5:e6:83:e9:8a:e0:9a:20:92:2d:b6:
2b:bb:22:89:12:07:8a:2e:ea:33:0a:ca:a7:60:d2:
92:5f:9d:8f:d5:62:a8:72:bc:81:c8:c3:3a:33:67:
d9:4f:e4:b0:07:26:18:46:ed:54:2d:a0:94:4c:85:
17:3c:9b:f3:62:96:d9:8d:e8:e0:b6:21:bd:ba:e7:
03:f2:a0:51:62:ac:f0:7e:57:86:77:2f:52:86:b0:
5c:08:eb:5b:cf:7f:5f:05:82:7b:f5:a9:c5:a9:25:
e3:86:b2:1f:46:d5:63:9a:65:44:3c:58:c9:c5:1f:
bf:f0:9d:35:80:e2:f0:4a:1a:db:ba:3a:68:4b:5e:
81:06:83:40:f8:a6:55:fe:7c:d1:0d:3c:f2:86:86:
c8:26:20:7e:3e:35:cc:9e:c2:19:9a:62:ed:8e:41:
c9:e5:87:fe:2a:bd:67:dc:aa:e2:f3:47:0b:96:c5:
dc:96:a0:84:5e:9e:b3:0a:b0:cd:e4:4d:16:f6:75:
9d:dc:a7:f1:14:d3:d8:99:2c:00:af:a2:ec:1c:ed:
13:55:f5:61:a8:40:b0:ff:0f:5a:68:8e:7a:b1:8e:
24:55:a2:33:b2:05:64:df:d1:f8:39:14:53:4b:d1:
8f:40:99:c3:51:72:c8:cc:f6:55:56:66:88:f0:d2:
1f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:F3:FB:B5:64:4F:5B:07:6A:A2:18:92:89:7E:B2:F6:BD:C7:EC:8C
X509v3 Authority Key Identifier:
keyid:41:65:32:42:0A:21:E4:2B:8A:D3:0D:A2:4E:BF:43:47:DE:95:EF:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QWUyQgoh5CuK0w2iTr9DR96V7zU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4f4b20-5136-420b-b516-b6d64a003d9e/1/0PP7tWRPWwdqohiSiX6y9r3H7Iw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4f4b20-5136-420b-b516-b6d64a003d9e/1/QWUyQgoh5CuK0w2iTr9DR96V7zU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.120.133.0/24
IPv6:
2a0d:b100::/29
Signature Algorithm: sha256WithRSAEncryption
d3:9b:49:fd:23:03:12:51:30:c8:52:42:63:4d:10:bf:47:db:
d2:7f:a1:2b:5c:e0:1d:ac:17:a2:98:8f:bc:dd:f0:cc:c6:b5:
00:90:aa:a3:1f:3a:9b:8a:f1:f4:56:72:44:30:7d:bd:e2:62:
ee:58:df:25:bf:a8:cb:c6:7b:7f:d8:e1:2a:8d:c3:cb:9b:1b:
13:64:f9:44:7a:34:81:97:11:2b:20:3f:cd:de:23:5b:8f:de:
b7:19:5c:4e:4f:59:53:64:ee:07:ec:c4:0d:78:4e:04:78:e7:
26:d4:fe:7b:e3:a3:f2:24:25:6c:f0:48:17:a5:fe:a5:bd:91:
6a:44:ca:73:83:f1:8d:73:0c:b2:e4:8e:6e:4e:07:9b:d5:9f:
11:15:16:d0:59:8f:6f:b6:16:65:14:00:84:eb:7d:e7:8c:53:
7a:3f:5a:45:a0:15:f6:ad:77:6b:b2:33:a2:9d:50:a8:ba:48:
bf:b8:32:99:78:70:27:27:c5:9a:e9:e3:20:ca:c1:e7:36:08:
f9:3c:a2:92:56:46:7c:45:f3:79:e0:fb:be:8d:56:e7:f4:c2:
aa:c6:e9:57:d3:bd:42:0d:43:34:dd:b3:ef:da:89:21:b9:2d:
be:cd:0c:f8:23:15:c8:2e:81:08:89:1e:35:ee:7d:aa:fa:53:
f1:f4:da:76
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVseC1RIJoI1/2NTZdJTznHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNjUzMjQyMGEyMWU0MmI4YWQzMGRhMjRlYmY0MzQ3ZGU5
NWVmMzUwHhcNMjMwMTAxMDgzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGYzZmJiNTY0NGY1YjA3NmFhMjE4OTI4OTdlYjJmNmJkYzdlYzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkoxdxeaD6YrgmiCSLbYruyKJEgeK
LuozCsqnYNKSX52P1WKocryByMM6M2fZT+SwByYYRu1ULaCUTIUXPJvzYpbZjejg
tiG9uucD8qBRYqzwfleGdy9ShrBcCOtbz39fBYJ79anFqSXjhrIfRtVjmmVEPFjJ
xR+/8J01gOLwShrbujpoS16BBoNA+KZV/nzRDTzyhobIJiB+PjXMnsIZmmLtjkHJ
5Yf+Kr1n3Kri80cLlsXclqCEXp6zCrDN5E0W9nWd3KfxFNPYmSwAr6LsHO0TVfVh
qECw/w9aaI56sY4kVaIzsgVk39H4ORRTS9GPQJnDUXLIzPZVVmaI8NIf2QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNDz+7VkT1sHaqIYkol+sva9x+yMMB8GA1UdIwQY
MBaAFEFlMkIKIeQritMNok6/Q0fele81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVdVeVFnb2g1Q3VLMHcyaVRyOURSOTZWN3pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80ZjRiMjAtNTEzNi00MjBiLWI1MTYt
YjZkNjRhMDAzZDllLzEvMFBQN3RXUlBXd2Rxb2hpU2lYNnk5cjNIN0l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni80ZjRiMjAtNTEzNi00MjBiLWI1MTYtYjZkNjRhMDAzZDll
LzEvUVdVeVFnb2g1Q3VLMHcyaVRyOURSOTZWN3pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwniFMA0E
AgACMAcDBQMqDbEAMA0GCSqGSIb3DQEBCwUAA4IBAQDTm0n9IwMSUTDIUkJjTRC/
R9vSf6ErXOAdrBeimI+83fDMxrUAkKqjHzqbivH0VnJEMH294mLuWN8lv6jLxnt/
2OEqjcPLmxsTZPlEejSBlxErID/N3iNbj963GVxOT1lTZO4H7MQNeE4EeOcm1P57
46PyJCVs8EgXpf6lvZFqRMpzg/GNcwyy5I5uTgeb1Z8RFRbQWY9vthZlFACE633n
jFN6P1pFoBX2rXdrsjOinVCouki/uDKZeHAnJ8Wa6eMgysHnNgj5PKKSVkZ8RfN5
4Pu+jVbn9MKqxulX071CDUM03bPv2okhuS2+zQz4IxXILoEIiR417n2q+lPx9Np2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:37 2024 by rpki-client on console-fra.rpki-client.org