Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/ojcD1ECExDL3wuvbWrop_aIAqAs.roa
File: ojcD1ECExDL3wuvbWrop_aIAqAs.roa (raw, json)
Hash identifier: sqxfiVxxHPfrVEQUmevueRYgEjBsBu9V6inwjVQJ8RY=
Subject key identifier: A2:37:03:D4:40:84:C4:32:F7:C2:EB:DB:5A:BA:29:FD:A2:00:A8:0B
Certificate issuer: /CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Certificate serial: 0185A88100B31C84A6AC6F4D59618D943DA4
Authority key identifier: 87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/ojcD1ECExDL3wuvbWrop_aIAqAs.roa
Signing time: Fri 13 Jan 2023 00:21:44 +0000
ROA not before: Fri 13 Jan 2023 00:21:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49549
IP address blocks: 178.250.189.0/24 maxlen: 24
193.0.230.0/24 maxlen: 24
2a0f:cdc4::/30 maxlen: 30
2a0f:cdc2::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 20 Feb 2023 12:52:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a8:81:00:b3:1c:84:a6:ac:6f:4d:59:61:8d:94:3d:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Validity
Not Before: Jan 13 00:21:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a23703d44084c432f7c2ebdb5aba29fda200a80b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:20:9a:89:e7:13:06:8e:bb:b1:50:75:3f:01:
d5:27:81:df:48:bb:46:ee:68:a8:70:12:a2:d1:87:
f2:fa:5d:98:9f:f5:61:6a:fe:d0:50:a6:43:75:2d:
99:96:f1:0c:35:b7:6e:c6:fc:e5:49:03:11:33:3c:
bd:7b:b8:1f:26:89:f7:95:e2:1a:4a:f7:ed:b2:e6:
ff:59:68:f7:41:14:25:21:be:8a:0d:60:fe:cf:09:
42:62:20:a9:3a:74:e9:cd:16:ab:87:f4:c9:35:de:
69:94:42:9c:6d:c1:b1:c0:72:f0:d8:19:e2:32:72:
4e:94:33:54:f4:bb:f0:eb:4e:5a:59:14:88:af:67:
3e:3e:b4:bc:05:10:46:85:a6:ff:34:72:ab:5a:23:
07:ee:70:6f:ff:ae:7e:48:5b:75:98:61:c6:7a:f1:
0e:25:09:b9:f4:a9:ee:78:7b:ac:2f:aa:b9:c2:ed:
4c:d0:a1:0b:b8:f4:f1:84:a8:00:ec:63:44:1f:a5:
28:1f:a8:8d:3f:45:b7:c4:5d:a0:ba:2d:76:46:90:
4e:4e:08:fe:fb:ab:50:4c:a7:c9:1c:71:ac:8e:b4:
7f:d7:c2:cb:b9:0c:33:48:18:98:67:b5:6b:54:90:
ee:8c:08:e2:66:3d:16:fe:c1:ef:0e:90:aa:ec:25:
68:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:37:03:D4:40:84:C4:32:F7:C2:EB:DB:5A:BA:29:FD:A2:00:A8:0B
X509v3 Authority Key Identifier:
keyid:87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/ojcD1ECExDL3wuvbWrop_aIAqAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.250.189.0/24
193.0.230.0/24
IPv6:
2a0f:cdc2::/32
2a0f:cdc4::/30
Signature Algorithm: sha256WithRSAEncryption
98:fc:1a:44:b4:44:3e:62:d9:07:46:f4:4a:77:59:94:be:42:
be:5b:bf:e2:8f:a2:ed:ee:77:3e:1d:23:5e:9d:99:dc:93:49:
07:32:59:35:59:78:d2:b0:8a:09:d3:71:95:0d:fb:42:bc:3b:
ed:f7:7c:31:3e:16:5f:ba:5c:9c:95:3b:10:97:0e:0b:69:78:
f2:07:e0:d3:71:36:26:cb:fe:af:8e:f4:37:72:a9:65:8a:10:
44:d4:14:25:2c:70:b2:c4:4d:31:50:b0:ca:24:a9:dc:40:ce:
4e:07:78:ba:59:4d:25:00:7a:60:d0:f8:48:26:a2:ce:9b:fd:
f4:4e:ea:fa:29:c3:60:89:89:42:d6:b0:04:67:30:90:39:d6:
37:d7:e2:a9:22:8e:a5:a1:76:7e:0e:d3:71:6e:d9:63:56:a7:
05:ed:49:b2:ed:e4:df:70:dc:84:51:b5:e5:85:f7:f3:b3:9c:
17:cf:70:26:7a:f6:46:df:38:c3:1a:bb:0a:7f:d6:70:f7:bf:
0c:f9:5e:aa:26:69:81:6c:4e:92:71:73:08:da:64:96:51:bd:
55:9f:3e:b7:33:0b:47:06:66:cb:8f:73:60:37:1f:e7:bd:29:
76:f2:1a:cb:2c:12:6a:2c:42:c5:e3:52:3e:8d:45:75:cc:1f:
e9:58:38:77
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYWogQCzHISmrG9NWWGNlD2kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzhhZDgxNjhlMDljZjkyZDRlMDQ5ODI1N2Y4ZTljZWFi
ZjA2OTIwHhcNMjMwMTEzMDAyMTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjM3MDNkNDQwODRjNDMyZjdjMmViZGI1YWJhMjlmZGEyMDBhODBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyCaiecTBo67sVB1PwHVJ4HfSLtG
7miocBKi0Yfy+l2Yn/Vhav7QUKZDdS2ZlvEMNbduxvzlSQMRMzy9e7gfJon3leIa
Svftsub/WWj3QRQlIb6KDWD+zwlCYiCpOnTpzRarh/TJNd5plEKcbcGxwHLw2Bni
MnJOlDNU9Lvw605aWRSIr2c+PrS8BRBGhab/NHKrWiMH7nBv/65+SFt1mGHGevEO
JQm59KnueHusL6q5wu1M0KELuPTxhKgA7GNEH6UoH6iNP0W3xF2gui12RpBOTgj+
+6tQTKfJHHGsjrR/18LLuQwzSBiYZ7VrVJDujAjiZj0W/sHvDpCq7CVo2wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFKI3A9RAhMQy98Lr21q6Kf2iAKgLMB8GA1UdIwQY
MBaAFId4rYFo4Jz5LU4EmCV/jpzqvwaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAt
YWE5ZDY5MTgxMWU3LzEvb2pjRDFFQ0V4REwzd3V2Yldyb3BfYUlBcUFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAtYWE5ZDY5MTgxMWU3
LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAsvq9AwQA
wQDmMBQEAgACMA4DBQAqD83CAwUCKg/NxDANBgkqhkiG9w0BAQsFAAOCAQEAmPwa
RLREPmLZB0b0SndZlL5Cvlu/4o+i7e53Ph0jXp2Z3JNJBzJZNVl40rCKCdNxlQ37
Qrw77fd8MT4WX7pcnJU7EJcOC2l48gfg03E2Jsv+r470N3KpZYoQRNQUJSxwssRN
MVCwyiSp3EDOTgd4ullNJQB6YND4SCaizpv99E7q+inDYImJQtawBGcwkDnWN9fi
qSKOpaF2fg7TcW7ZY1anBe1Jsu3k33DchFG15YX387OcF89wJnr2Rt84wxq7Cn/W
cPe/DPleqiZpgWxOknFzCNpkllG9VZ8+tzMLRwZmy49zYDcf570pdvIayywSaixC
xeNSPo1Fdcwf6Vg4dw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:33 2024 by rpki-client on console-fra.rpki-client.org