Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/ocsYKxEbv_n60AjplCYCU2SRUz4.roa
File: ocsYKxEbv_n60AjplCYCU2SRUz4.roa (raw, json)
Hash identifier: Un/VjJ90Wt7g2gDtO5iCCNgQ+K8PIXio7KtVchO+c3k=
Subject key identifier: A1:CB:18:2B:11:1B:BF:F9:FA:D0:08:E9:94:26:02:53:64:91:53:3E
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01856B4A3EF5A1D025AE3800B7CBAAA99CFC
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/ocsYKxEbv_n60AjplCYCU2SRUz4.roa
Signing time: Sun 01 Jan 2023 03:05:05 +0000
ROA not before: Sun 01 Jan 2023 03:05:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204112
IP address blocks: 37.230.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:4a:3e:f5:a1:d0:25:ae:38:00:b7:cb:aa:a9:9c:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:05:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1cb182b111bbff9fad008e9942602536491533e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:3b:47:50:76:af:ff:9a:d3:96:3e:67:2f:32:
63:be:f0:bd:aa:d2:41:61:bb:de:e4:35:6a:bd:ca:
d5:04:31:1d:07:f8:67:64:07:31:20:d0:3f:6a:38:
89:a4:25:31:3e:db:ca:98:b1:72:ca:66:82:10:3a:
04:6d:e8:aa:17:5f:df:48:51:25:d1:ac:04:d6:3d:
fc:ab:ea:28:89:df:97:af:a7:2d:c5:ff:62:84:ff:
70:7b:1a:38:fc:33:fe:d6:6d:19:29:78:be:9e:9f:
27:70:40:70:28:d2:66:47:2d:0e:bd:c2:36:c3:b5:
f5:bf:a9:cd:ed:62:f4:0b:eb:b3:5d:c3:c3:d8:fb:
7d:0e:a4:fa:ae:5d:70:16:6b:68:1d:9c:b3:4b:b5:
c7:d6:b4:0d:44:c9:65:55:e6:9e:19:ff:9a:31:bd:
3d:80:68:b6:38:6f:c0:5a:13:a5:04:76:e3:b5:76:
2b:36:7f:c6:13:d0:6c:9c:39:3b:17:79:99:7c:87:
49:72:c1:3b:45:b3:68:a6:d7:d0:00:23:ee:8b:a7:
5c:1c:70:48:86:e8:16:f8:76:70:39:9a:ea:2d:df:
d3:90:b4:5a:bc:f0:13:d7:c5:be:67:16:d4:b3:24:
a4:ec:3e:08:6b:e7:21:f8:5e:1e:bd:87:fd:a1:dc:
f6:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:CB:18:2B:11:1B:BF:F9:FA:D0:08:E9:94:26:02:53:64:91:53:3E
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/ocsYKxEbv_n60AjplCYCU2SRUz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.225.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:22:22:a7:d0:e4:3d:d0:a3:05:a5:45:db:2e:3d:0e:d0:15:
90:dd:c8:32:0c:68:09:67:a0:7b:d7:a9:a1:66:5b:a7:01:00:
9e:87:70:f7:02:df:a3:93:38:d7:81:66:5b:4f:12:24:4e:12:
83:94:72:1b:a8:0f:f1:70:23:a6:f8:d4:82:ff:73:4f:04:69:
7b:e7:e2:2c:b4:1d:6a:ec:c6:c8:4a:10:6a:b0:14:15:d7:34:
9e:29:c4:fd:5f:75:40:9e:38:b0:9e:40:56:f8:c2:cc:e8:79:
1a:51:82:4a:2f:53:e4:2a:6e:3f:dc:d7:94:37:4c:b1:b3:6b:
c3:6b:4b:79:8d:b4:a6:22:dd:5f:97:a3:ad:af:67:66:48:d0:
ff:21:28:02:90:7a:07:68:a2:d8:24:1b:54:8d:d1:7d:dd:8f:
22:69:56:ed:4d:3a:17:26:17:1e:3a:73:e5:bf:b2:e6:90:37:
7d:79:86:8c:c8:98:e9:5e:73:c2:80:8f:b7:39:59:59:48:b5:
24:5e:fe:dc:5b:ef:d7:d9:2f:81:a3:9f:61:dd:17:bd:cf:a1:
6b:6d:55:f0:6a:32:6a:fa:59:99:75:36:f1:90:e6:c2:49:bb:
ca:0b:41:05:b4:91:37:3f:5d:28:bb:eb:ea:eb:39:5f:43:e1:
17:a8:fc:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrSj71odAlrjgAt8uqqZz8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjMwMTAxMDMwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWNiMTgyYjExMWJiZmY5ZmFkMDA4ZTk5NDI2MDI1MzY0OTE1MzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxztHUHav/5rTlj5nLzJjvvC9qtJB
Ybve5DVqvcrVBDEdB/hnZAcxINA/ajiJpCUxPtvKmLFyymaCEDoEbeiqF1/fSFEl
0awE1j38q+ooid+Xr6ctxf9ihP9wexo4/DP+1m0ZKXi+np8ncEBwKNJmRy0OvcI2
w7X1v6nN7WL0C+uzXcPD2Pt9DqT6rl1wFmtoHZyzS7XH1rQNRMllVeaeGf+aMb09
gGi2OG/AWhOlBHbjtXYrNn/GE9BsnDk7F3mZfIdJcsE7RbNoptfQACPui6dcHHBI
hugW+HZwOZrqLd/TkLRavPAT18W+ZxbUsySk7D4Ia+ch+F4evYf9odz2lwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKHLGCsRG7/5+tAI6ZQmAlNkkVM+MB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvb2NzWUt4RWJ2X242MEFqcGxDWUNVMlNSVXo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJebhMA0G
CSqGSIb3DQEBCwUAA4IBAQAuIiKn0OQ90KMFpUXbLj0O0BWQ3cgyDGgJZ6B716mh
ZlunAQCeh3D3At+jkzjXgWZbTxIkThKDlHIbqA/xcCOm+NSC/3NPBGl75+IstB1q
7MbIShBqsBQV1zSeKcT9X3VAnjiwnkBW+MLM6HkaUYJKL1PkKm4/3NeUN0yxs2vD
a0t5jbSmIt1fl6Otr2dmSND/ISgCkHoHaKLYJBtUjdF93Y8iaVbtTToXJhceOnPl
v7LmkDd9eYaMyJjpXnPCgI+3OVlZSLUkXv7cW+/X2S+Bo59h3Re9z6FrbVXwajJq
+lmZdTbxkObCSbvKC0EFtJE3P10ou+vq6zlfQ+EXqPyv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:33 2024 by rpki-client on console-ams.rpki-client.org