Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/oSK0pg_mFgFr-3RCxx9zD5eaWwM.roa
File: oSK0pg_mFgFr-3RCxx9zD5eaWwM.roa (raw, json)
Hash identifier: Oa2tz7o0qO3DUG/owTVqkOoSCy67V1LTa6US7Cio/3c=
Subject key identifier: A1:22:B4:A6:0F:E6:16:01:6B:FB:74:42:C7:1F:73:0F:97:9A:5B:03
Certificate issuer: /CN=cfeace714c29568ef197007b141d12758cc415d5
Certificate serial: 01861278741DD84752A135B082879FE52EB8
Authority key identifier: CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/oSK0pg_mFgFr-3RCxx9zD5eaWwM.roa
Signing time: Thu 02 Feb 2023 14:12:09 +0000
ROA not before: Thu 02 Feb 2023 14:12:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57829
IP address blocks: 195.78.37.0/24 maxlen: 24
45.137.208.0/22 maxlen: 24
2a0b:fd82::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 16 Aug 2023 07:28:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:12:78:74:1d:d8:47:52:a1:35:b0:82:87:9f:e5:2e:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfeace714c29568ef197007b141d12758cc415d5
Validity
Not Before: Feb 2 14:12:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a122b4a60fe616016bfb7442c71f730f979a5b03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:43:2c:e9:d6:3d:1e:73:a6:e1:b7:19:26:84:
67:bb:d1:12:0e:aa:26:be:e3:3b:6d:9d:9e:80:37:
2f:73:fa:9f:c4:7d:90:96:bc:f7:c8:19:51:e3:09:
11:b9:85:bb:4f:b9:11:57:bb:6a:98:08:eb:66:dc:
96:b9:bb:3a:84:ce:a3:79:f5:dd:cb:f8:cb:05:a8:
18:f2:76:7c:39:b4:ac:dc:e6:9d:da:15:b2:ca:65:
97:24:05:f0:c5:9c:97:5c:e8:d4:d9:ca:81:af:bf:
18:c8:29:42:b5:45:c3:0a:2c:1d:31:7a:c6:aa:8b:
62:ce:b9:c2:bf:c7:c2:1c:79:80:c0:55:f5:69:a0:
e0:bb:b0:db:29:a7:29:97:c6:12:f6:b2:75:c5:0b:
4b:48:3c:da:cf:ea:50:67:df:08:63:12:9d:ba:ba:
0f:5e:5d:71:a0:4f:e7:34:87:b2:91:ce:a8:e8:0f:
18:0f:6f:a5:d2:2f:d6:d0:fc:4c:41:21:1f:6d:3e:
fb:0b:9b:5f:8f:a2:ef:84:0b:5e:87:98:f1:ef:09:
20:33:14:7b:73:7a:8c:6a:90:e8:a4:8e:a1:a6:86:
51:29:df:c8:01:c2:7f:4b:f6:e4:8a:92:a7:33:91:
31:4a:04:35:d7:c9:d7:35:f4:ec:46:73:3e:03:63:
10:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:22:B4:A6:0F:E6:16:01:6B:FB:74:42:C7:1F:73:0F:97:9A:5B:03
X509v3 Authority Key Identifier:
keyid:CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/oSK0pg_mFgFr-3RCxx9zD5eaWwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.208.0/22
195.78.37.0/24
IPv6:
2a0b:fd82::/32
Signature Algorithm: sha256WithRSAEncryption
2f:81:07:6c:93:09:ee:f6:1b:f7:6b:50:c0:d0:41:fb:7d:b4:
67:f9:44:26:01:d3:47:8d:18:e5:fc:86:0f:92:93:9b:8d:ef:
00:5c:81:8e:87:b5:02:6b:d4:bb:84:86:76:fc:fb:01:1e:05:
03:26:26:20:89:96:1c:da:0e:45:90:8e:b3:bc:95:28:0e:12:
ce:c2:9e:22:df:bb:c1:25:d5:f2:26:ad:dc:60:3d:e0:99:cb:
96:99:49:c9:10:b5:57:db:cc:cc:c8:ff:82:4e:49:8f:58:76:
1e:2a:95:28:3d:c0:ac:aa:46:8d:fd:cc:5c:b1:a9:80:92:54:
7c:40:90:e4:5b:eb:83:52:1a:f0:64:02:b8:4d:c6:5c:5d:68:
58:1d:bb:f4:a2:2a:c3:18:c0:1c:ed:55:f4:39:de:eb:08:c3:
fb:a8:7a:ba:89:5f:99:42:c7:35:e1:07:55:a4:2b:56:fa:d5:
8f:07:6a:d6:c2:4c:0f:11:d8:1f:00:f5:e8:86:84:2d:94:6c:
ff:08:80:cf:c5:fe:47:e7:8d:71:2f:f0:44:80:e9:6c:17:96:
f0:9b:80:08:30:33:38:46:1a:b9:1a:90:d0:23:e4:bf:c3:55:
29:c7:24:4e:17:3d:03:78:fb:e1:6a:33:cb:e3:29:e4:1b:50:
7e:4d:bc:1a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYYSeHQd2EdSoTWwgoef5S64MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZWFjZTcxNGMyOTU2OGVmMTk3MDA3YjE0MWQxMjc1OGNj
NDE1ZDUwHhcNMjMwMjAyMTQxMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTIyYjRhNjBmZTYxNjAxNmJmYjc0NDJjNzFmNzMwZjk3OWE1YjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEMs6dY9HnOm4bcZJoRnu9ESDqom
vuM7bZ2egDcvc/qfxH2Qlrz3yBlR4wkRuYW7T7kRV7tqmAjrZtyWubs6hM6jefXd
y/jLBagY8nZ8ObSs3Oad2hWyymWXJAXwxZyXXOjU2cqBr78YyClCtUXDCiwdMXrG
qotizrnCv8fCHHmAwFX1aaDgu7DbKacpl8YS9rJ1xQtLSDzaz+pQZ98IYxKduroP
Xl1xoE/nNIeykc6o6A8YD2+l0i/W0PxMQSEfbT77C5tfj6LvhAteh5jx7wkgMxR7
c3qMapDopI6hpoZRKd/IAcJ/S/bkipKnM5ExSgQ118nXNfTsRnM+A2MQBQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKEitKYP5hYBa/t0Qscfcw+XmlsDMB8GA1UdIwQY
MBaAFM/qznFMKVaO8ZcAexQdEnWMxBXVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMt
OGZkMzk0YjUzNTdjLzEvb1NLMHBnX21GZ0ZyLTNSQ3h4OXpENWVhV3dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMtOGZkMzk0YjUzNTdj
LzEvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLYnQAwQA
w04lMA0EAgACMAcDBQAqC/2CMA0GCSqGSIb3DQEBCwUAA4IBAQAvgQdskwnu9hv3
a1DA0EH7fbRn+UQmAdNHjRjl/IYPkpObje8AXIGOh7UCa9S7hIZ2/PsBHgUDJiYg
iZYc2g5FkI6zvJUoDhLOwp4i37vBJdXyJq3cYD3gmcuWmUnJELVX28zMyP+CTkmP
WHYeKpUoPcCsqkaN/cxcsamAklR8QJDkW+uDUhrwZAK4TcZcXWhYHbv0oirDGMAc
7VX0Od7rCMP7qHq6iV+ZQsc14QdVpCtW+tWPB2rWwkwPEdgfAPXohoQtlGz/CIDP
xf5H541xL/BEgOlsF5bwm4AIMDM4Rhq5GpDQI+S/w1UpxyROFz0DePvhajPL4ynk
G1B+Tbwa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:54 2024 by rpki-client on console-ams.rpki-client.org