Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/bda9d2-2228-4806-85d0-ee06b6612ce4/1/oYJkWf5lOu9tBvOJu5zyIOso3M0.roa
File: oYJkWf5lOu9tBvOJu5zyIOso3M0.roa (raw, json)
Hash identifier: QypM6Nq8MhbUPllWGHvY8aodWqwsc2Ll7hAOV/+AxCY=
Subject key identifier: A1:82:64:59:FE:65:3A:EF:6D:06:F3:89:BB:9C:F2:20:EB:28:DC:CD
Certificate issuer: /CN=3d5460f8567ee98f81c56fa4f8db03ce5cddad9c
Certificate serial: 018C1BECA0105C818C329E8E5E99F708F2D3
Authority key identifier: 3D:54:60:F8:56:7E:E9:8F:81:C5:6F:A4:F8:DB:03:CE:5C:DD:AD:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PVRg-FZ-6Y-BxW-k-NsDzlzdrZw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/bda9d2-2228-4806-85d0-ee06b6612ce4/1/oYJkWf5lOu9tBvOJu5zyIOso3M0.roa
Signing time: Wed 29 Nov 2023 16:32:21 +0000
ROA not before: Wed 29 Nov 2023 16:32:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44554
IP address blocks: 88.151.119.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1b:ec:a0:10:5c:81:8c:32:9e:8e:5e:99:f7:08:f2:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d5460f8567ee98f81c56fa4f8db03ce5cddad9c
Validity
Not Before: Nov 29 16:32:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1826459fe653aef6d06f389bb9cf220eb28dccd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:19:dc:c9:67:f2:a5:49:54:ae:72:e7:97:04:
34:4e:c5:f5:4d:32:ff:02:51:22:ac:29:a2:76:8a:
ed:d8:7e:03:ef:db:f8:4a:54:a0:a8:2f:d0:99:98:
a5:35:d6:c6:89:eb:19:7d:01:f0:91:8d:d6:47:7d:
33:ff:f8:12:ae:a5:1d:7c:e1:85:60:68:32:2f:e1:
12:d3:80:7d:28:69:0d:e8:f3:78:05:84:dc:98:79:
a9:9e:04:65:69:89:8d:71:67:e1:3a:e8:b4:d7:8f:
e5:a6:bb:3d:02:82:98:74:37:03:7c:d7:f1:b4:e1:
ff:6c:0e:1f:86:fe:36:a2:5e:42:23:c6:2c:6b:17:
01:02:16:b3:64:5f:b2:76:40:90:d1:53:2c:4a:61:
01:b1:5b:bb:04:1a:1f:83:67:32:73:e3:c1:26:4c:
c5:6e:77:8d:e7:76:7e:82:12:3b:60:28:08:d9:03:
7e:9f:78:3b:5c:51:c6:e2:47:f1:06:9c:7b:59:57:
68:32:ec:12:ce:63:c0:a9:3f:f7:c1:b1:5d:b1:d6:
36:5c:d9:ec:76:04:b8:d8:d1:c5:9a:2c:9c:5c:1e:
8a:17:eb:e0:19:63:f5:e4:17:30:7b:8e:ff:1b:1b:
59:61:4f:3c:66:a6:54:e7:da:e6:61:78:35:bc:d6:
74:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:82:64:59:FE:65:3A:EF:6D:06:F3:89:BB:9C:F2:20:EB:28:DC:CD
X509v3 Authority Key Identifier:
keyid:3D:54:60:F8:56:7E:E9:8F:81:C5:6F:A4:F8:DB:03:CE:5C:DD:AD:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PVRg-FZ-6Y-BxW-k-NsDzlzdrZw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/bda9d2-2228-4806-85d0-ee06b6612ce4/1/oYJkWf5lOu9tBvOJu5zyIOso3M0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/bda9d2-2228-4806-85d0-ee06b6612ce4/1/PVRg-FZ-6Y-BxW-k-NsDzlzdrZw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.119.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:98:e7:c9:02:da:1f:23:8e:1b:4f:eb:a7:30:4d:71:74:11:
9a:48:fe:50:7c:59:4e:bb:b6:9b:d5:70:68:3e:0a:b4:94:68:
23:04:7f:3a:b4:3c:5a:b3:66:44:77:cb:d2:0b:20:f7:ac:c9:
4d:4d:d0:4a:d8:ed:67:28:1d:9c:2e:dd:ee:52:63:11:6e:ee:
14:6b:41:8f:14:3a:fc:12:3c:c5:ed:36:ba:e9:12:2e:bb:98:
6c:0f:77:10:dd:49:a0:7c:a3:cc:34:1b:25:5b:6a:2a:4a:67:
c8:b3:2c:52:3a:3b:14:e1:7a:27:b0:6c:bb:5c:58:ef:ea:ad:
81:70:16:54:68:f4:98:28:7e:8d:f4:16:73:42:d8:0c:a4:e3:
a9:23:57:ee:c3:30:60:37:0c:22:1d:94:d4:1e:68:f9:2a:3b:
bf:d9:bf:fc:4d:7f:bc:66:3a:07:17:14:05:2b:eb:49:0e:69:
af:87:35:3e:f8:ab:66:bf:20:36:df:14:c9:d7:ce:8c:81:21:
c6:af:93:28:2e:af:be:c6:cd:46:26:05:4c:03:84:6c:84:ac:
a9:a4:43:fd:98:77:ef:6b:23:ce:13:b8:87:cc:aa:3b:63:28:
fa:c2:ba:2f:ca:90:ec:d6:14:87:e3:11:6f:28:5a:18:1c:dc:
86:d6:81:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwb7KAQXIGMMp6OXpn3CPLTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNTQ2MGY4NTY3ZWU5OGY4MWM1NmZhNGY4ZGIwM2NlNWNk
ZGFkOWMwHhcNMjMxMTI5MTYzMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTgyNjQ1OWZlNjUzYWVmNmQwNmYzODliYjljZjIyMGViMjhkY2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BncyWfypUlUrnLnlwQ0TsX1TTL/
AlEirCmidort2H4D79v4SlSgqC/QmZilNdbGiesZfQHwkY3WR30z//gSrqUdfOGF
YGgyL+ES04B9KGkN6PN4BYTcmHmpngRlaYmNcWfhOui014/lprs9AoKYdDcDfNfx
tOH/bA4fhv42ol5CI8YsaxcBAhazZF+ydkCQ0VMsSmEBsVu7BBofg2cyc+PBJkzF
bneN53Z+ghI7YCgI2QN+n3g7XFHG4kfxBpx7WVdoMuwSzmPAqT/3wbFdsdY2XNns
dgS42NHFmiycXB6KF+vgGWP15Bcwe47/GxtZYU88ZqZU59rmYXg1vNZ0MwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKGCZFn+ZTrvbQbzibuc8iDrKNzNMB8GA1UdIwQY
MBaAFD1UYPhWfumPgcVvpPjbA85c3a2cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFZSZy1GWi02WS1CeFctay1Oc0R6bHpkclp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9iZGE5ZDItMjIyOC00ODA2LTg1ZDAt
ZWUwNmI2NjEyY2U0LzEvb1lKa1dmNWxPdTl0QnZPSnU1enlJT3NvM00wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9iZGE5ZDItMjIyOC00ODA2LTg1ZDAtZWUwNmI2NjEyY2U0
LzEvUFZSZy1GWi02WS1CeFctay1Oc0R6bHpkclp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWJd3MA0G
CSqGSIb3DQEBCwUAA4IBAQBvmOfJAtofI44bT+unME1xdBGaSP5QfFlOu7ab1XBo
Pgq0lGgjBH86tDxas2ZEd8vSCyD3rMlNTdBK2O1nKB2cLt3uUmMRbu4Ua0GPFDr8
EjzF7Ta66RIuu5hsD3cQ3UmgfKPMNBslW2oqSmfIsyxSOjsU4XonsGy7XFjv6q2B
cBZUaPSYKH6N9BZzQtgMpOOpI1fuwzBgNwwiHZTUHmj5Kju/2b/8TX+8ZjoHFxQF
K+tJDmmvhzU++KtmvyA23xTJ186MgSHGr5MoLq++xs1GJgVMA4RshKyppEP9mHfv
ayPOE7iHzKo7Yyj6wrovypDs1hSH4xFvKFoYHNyG1oH/
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:58 2024 by rpki-client on console-fra.rpki-client.org