Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/OKd0oMXarUVzdmVIzXpGnWlmyl0.roa
File: OKd0oMXarUVzdmVIzXpGnWlmyl0.roa (raw, json)
Hash identifier: fLC4gBbsZRlBsxJ/OOhIKv3UMKf/lsxbkm7YtGn2qWM=
Subject key identifier: 38:A7:74:A0:C5:DA:AD:45:73:76:65:48:CD:7A:46:9D:69:66:CA:5D
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01916B4AFF7699C36657E2CCFAABC5C7B73C
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/OKd0oMXarUVzdmVIzXpGnWlmyl0.roa
Signing time: Mon 19 Aug 2024 15:39:22 +0000
ROA not before: Mon 19 Aug 2024 15:39:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57152
IP address blocks: 185.184.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Aug 2024 10:09:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6b:4a:ff:76:99:c3:66:57:e2:cc:fa:ab:c5:c7:b7:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Aug 19 15:39:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38a774a0c5daad4573766548cd7a469d6966ca5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:00:ea:5f:3a:1a:d4:bd:c8:24:cb:1e:d7:13:
bc:b5:21:82:8f:06:94:92:fd:7b:25:da:61:c4:c8:
48:0b:bb:78:0f:ef:ff:4c:eb:45:3e:fc:93:ce:ad:
79:ac:ce:22:6a:e4:f2:09:c0:cd:78:20:57:ee:08:
1a:01:6a:7e:64:82:fc:b5:28:8c:3d:e4:26:de:08:
42:3b:99:f6:9d:45:42:f7:b7:d8:06:fe:d9:f1:5e:
47:41:18:9f:81:01:dc:e8:cd:8b:bd:87:da:77:46:
6c:40:d1:da:b4:95:18:0c:c8:74:45:b5:4f:3b:45:
ea:1f:a5:f7:48:ba:a3:03:70:f8:ea:d2:c9:6d:84:
77:d2:ea:56:17:8e:0d:1a:2d:06:3d:17:06:0f:ac:
48:18:10:1a:79:34:4d:c3:68:39:19:d9:5f:60:10:
8b:4f:e5:fb:4b:23:db:25:fb:86:9d:e7:7a:5c:be:
5a:de:b6:12:55:f6:53:29:2e:82:01:90:ae:c7:6e:
49:a8:27:cd:3e:e8:f1:55:9d:38:48:25:f1:62:5b:
bf:68:89:9e:29:22:81:9a:fd:75:3d:df:af:64:6f:
86:d0:36:0e:d7:e5:a1:ab:5d:79:9b:17:44:1e:b2:
f3:43:66:09:b2:72:fc:6d:78:fa:f3:f4:a5:1b:a1:
c8:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:A7:74:A0:C5:DA:AD:45:73:76:65:48:CD:7A:46:9D:69:66:CA:5D
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/OKd0oMXarUVzdmVIzXpGnWlmyl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.184.220.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:47:27:18:2f:f3:52:5d:af:1e:af:6b:22:6b:11:50:19:4a:
0f:5b:c2:7e:ad:ff:37:1d:d9:cb:28:8a:35:35:8f:b2:02:53:
90:f0:ae:92:d0:b8:cf:b4:cd:d7:38:40:c8:64:1c:a0:f0:04:
8e:d4:d1:90:5c:6c:09:07:9b:42:8a:aa:29:e2:63:d2:fd:cd:
45:8f:88:63:0e:82:26:1d:fa:05:68:6a:77:99:74:d4:08:03:
e9:fc:f0:2e:af:e3:d1:3b:f6:a4:a8:24:d1:b8:a7:53:e0:f9:
90:e2:7c:ea:b8:0e:21:73:e7:42:35:b5:41:dc:9b:6f:44:30:
90:3e:20:e8:5a:30:6d:b5:94:3f:78:6c:fb:48:b9:a4:e6:d2:
1c:f2:85:3e:ff:78:0d:a7:94:21:85:32:2d:c1:52:1a:e0:6c:
16:ff:08:40:90:81:a4:df:0c:c6:76:c6:d2:37:63:67:b6:60:
4a:74:c3:4f:2f:08:68:51:b9:97:41:49:3f:ca:f7:e1:46:78:
92:cf:f9:0e:8f:96:b0:2c:07:cb:92:1d:be:f1:fa:4a:4f:18:
d4:9e:a9:b2:04:ae:26:c8:e9:63:e0:65:c8:2d:8f:36:39:3d:
9d:94:1e:2b:3d:9e:06:8a:e2:2a:ec:bf:d7:b2:bd:f2:8a:cf:
00:b3:d2:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFrSv92mcNmV+LM+qvFx7c8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwODE5MTUzOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGE3NzRhMGM1ZGFhZDQ1NzM3NjY1NDhjZDdhNDY5ZDY5NjZjYTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQDqXzoa1L3IJMse1xO8tSGCjwaU
kv17JdphxMhIC7t4D+//TOtFPvyTzq15rM4iauTyCcDNeCBX7ggaAWp+ZIL8tSiM
PeQm3ghCO5n2nUVC97fYBv7Z8V5HQRifgQHc6M2LvYfad0ZsQNHatJUYDMh0RbVP
O0XqH6X3SLqjA3D46tLJbYR30upWF44NGi0GPRcGD6xIGBAaeTRNw2g5GdlfYBCL
T+X7SyPbJfuGned6XL5a3rYSVfZTKS6CAZCux25JqCfNPujxVZ04SCXxYlu/aIme
KSKBmv11Pd+vZG+G0DYO1+Whq115mxdEHrLzQ2YJsnL8bXj68/SlG6HIwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDindKDF2q1Fc3ZlSM16Rp1pZspdMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvT0tkMG9NWGFyVVZ6ZG1WSXpYcEduV2xteWwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubjcMA0G
CSqGSIb3DQEBCwUAA4IBAQBuRycYL/NSXa8er2siaxFQGUoPW8J+rf83HdnLKIo1
NY+yAlOQ8K6S0LjPtM3XOEDIZByg8ASO1NGQXGwJB5tCiqop4mPS/c1Fj4hjDoIm
HfoFaGp3mXTUCAPp/PAur+PRO/akqCTRuKdT4PmQ4nzquA4hc+dCNbVB3JtvRDCQ
PiDoWjBttZQ/eGz7SLmk5tIc8oU+/3gNp5QhhTItwVIa4GwW/whAkIGk3wzGdsbS
N2NntmBKdMNPLwhoUbmXQUk/yvfhRniSz/kOj5awLAfLkh2+8fpKTxjUnqmyBK4m
yOlj4GXILY82OT2dlB4rPZ4GiuIq7L/Xsr3yis8As9Lg
-----END CERTIFICATE-----
Generated at Tue Aug 20 13:32:11 2024 by rpki-client on console-ams.rpki-client.org