Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/797390-81d4-4c5d-ab71-7088568c51c0/1/OCkAGnMpicqCHoMfT1JL6uusOTM.roa
File: OCkAGnMpicqCHoMfT1JL6uusOTM.roa (raw, json)
Hash identifier: dYOPK379+g+TBfdaAOvZRDMBq7TNT4yFsqbtg8OE9vQ=
Subject key identifier: 38:29:00:1A:73:29:89:CA:82:1E:83:1F:4F:52:4B:EA:EB:AC:39:33
Certificate issuer: /CN=8aaf78b69774a55507deabf8c4c96942e9ef0d20
Certificate serial: 01856D01882091A85D5C7296EEBC10D99785
Authority key identifier: 8A:AF:78:B6:97:74:A5:55:07:DE:AB:F8:C4:C9:69:42:E9:EF:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iq94tpd0pVUH3qv4xMlpQunvDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/797390-81d4-4c5d-ab71-7088568c51c0/1/OCkAGnMpicqCHoMfT1JL6uusOTM.roa
Signing time: Sun 01 Jan 2023 11:04:54 +0000
ROA not before: Sun 01 Jan 2023 11:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8735
IP address blocks: 194.59.45.0/24 maxlen: 24
193.227.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:88:20:91:a8:5d:5c:72:96:ee:bc:10:d9:97:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8aaf78b69774a55507deabf8c4c96942e9ef0d20
Validity
Not Before: Jan 1 11:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3829001a732989ca821e831f4f524beaebac3933
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a1:4e:bd:76:a7:47:81:d4:42:40:b9:6c:ae:
ff:0f:dc:2a:56:58:09:28:a4:eb:ad:07:b9:96:b2:
4e:c4:97:54:0c:cc:80:24:9c:89:24:60:21:6c:05:
03:14:63:25:d8:54:b5:72:2f:33:5f:ab:a9:7c:16:
ec:b3:eb:52:ef:56:a5:0e:f2:fe:66:9b:e8:19:fe:
73:4a:6e:42:fa:e0:a8:49:4a:64:ba:28:2c:b4:33:
4c:b4:a6:8e:23:46:51:72:f0:a9:b2:a9:97:63:25:
35:83:3d:2a:cb:8c:06:3b:68:44:f5:f1:1e:a8:98:
d9:46:77:54:0b:48:cc:ee:e3:b9:42:45:88:36:ed:
b7:b2:2c:46:ef:a6:51:4e:a4:19:dd:b8:00:03:8f:
3d:ed:8c:dd:8a:93:5d:64:ff:5c:9b:03:aa:69:dc:
a1:cc:7a:e2:fb:33:8d:f3:79:27:82:68:ab:3a:3c:
2b:94:4b:82:20:61:2c:42:9c:a9:cc:c1:3b:7e:2c:
c9:ac:6e:03:96:10:08:44:b9:70:8c:58:d1:6f:12:
d1:09:fe:4c:79:e5:15:cb:29:76:3a:43:d5:9b:fe:
24:ad:85:f9:95:bf:00:8c:6b:f0:37:98:cf:79:c4:
40:b0:ca:c8:10:75:ec:43:38:06:72:0f:07:1f:1b:
10:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:29:00:1A:73:29:89:CA:82:1E:83:1F:4F:52:4B:EA:EB:AC:39:33
X509v3 Authority Key Identifier:
keyid:8A:AF:78:B6:97:74:A5:55:07:DE:AB:F8:C4:C9:69:42:E9:EF:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iq94tpd0pVUH3qv4xMlpQunvDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/797390-81d4-4c5d-ab71-7088568c51c0/1/OCkAGnMpicqCHoMfT1JL6uusOTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/797390-81d4-4c5d-ab71-7088568c51c0/1/iq94tpd0pVUH3qv4xMlpQunvDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.227.203.0/24
194.59.45.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:ec:77:f7:c9:ea:5c:88:a8:60:6e:95:86:68:29:2e:fb:42:
a7:81:70:f7:ab:a0:d7:16:f9:dd:f0:39:d3:51:35:58:9a:f3:
6d:f3:ab:f4:3b:be:47:bb:94:11:7e:4a:5a:32:48:92:c5:33:
e8:38:0f:3f:6a:2d:50:ee:80:fa:60:b3:be:33:39:54:52:3b:
06:25:75:79:f6:b6:9e:8d:8e:d1:f3:d9:1a:19:2c:52:5e:10:
a3:73:50:9c:41:b4:15:cf:32:1c:f6:07:dc:d7:4f:1e:f2:1b:
a4:ae:d0:ff:e7:19:b5:90:25:89:8f:da:bc:c8:3e:ca:15:17:
75:d1:ed:a7:e8:3a:50:44:95:27:ca:56:c7:0e:04:c1:c4:01:
79:b5:bd:15:c7:b5:27:e2:cf:24:38:cc:c2:f9:e7:23:c8:f4:
b2:32:36:6c:13:09:87:7d:a1:45:91:e8:c3:9a:44:00:f0:6d:
92:52:7d:a5:0b:25:80:ed:e5:82:39:9b:fa:0c:01:d0:42:89:
41:fa:1e:49:12:13:81:94:0c:ad:9c:e2:97:66:6a:b9:b7:7b:
43:1f:0c:3c:ca:3e:78:a1:4c:1a:26:b6:7f:42:83:69:f3:f4:
3b:ee:7d:00:8f:5b:d7:96:7d:8c:e2:bd:2e:1a:a8:d6:37:d9:
e5:6f:92:4d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtAYggkahdXHKW7rwQ2ZeFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYWY3OGI2OTc3NGE1NTUwN2RlYWJmOGM0Yzk2OTQyZTll
ZjBkMjAwHhcNMjMwMTAxMTEwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODI5MDAxYTczMjk4OWNhODIxZTgzMWY0ZjUyNGJlYWViYWMzOTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaFOvXanR4HUQkC5bK7/D9wqVlgJ
KKTrrQe5lrJOxJdUDMyAJJyJJGAhbAUDFGMl2FS1ci8zX6upfBbss+tS71alDvL+
ZpvoGf5zSm5C+uCoSUpkuigstDNMtKaOI0ZRcvCpsqmXYyU1gz0qy4wGO2hE9fEe
qJjZRndUC0jM7uO5QkWINu23sixG76ZRTqQZ3bgAA4897YzdipNdZP9cmwOqadyh
zHri+zON83kngmirOjwrlEuCIGEsQpypzME7fizJrG4DlhAIRLlwjFjRbxLRCf5M
eeUVyyl2OkPVm/4krYX5lb8AjGvwN5jPecRAsMrIEHXsQzgGcg8HHxsQxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDgpABpzKYnKgh6DH09SS+rrrDkzMB8GA1UdIwQY
MBaAFIqveLaXdKVVB96r+MTJaULp7w0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXE5NHRwZDBwVlVIM3F2NHhNbHBRdW52RFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS83OTczOTAtODFkNC00YzVkLWFiNzEt
NzA4ODU2OGM1MWMwLzEvT0NrQUduTXBpY3FDSG9NZlQxSkw2dXVzT1RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS83OTczOTAtODFkNC00YzVkLWFiNzEtNzA4ODU2OGM1MWMw
LzEvaXE5NHRwZDBwVlVIM3F2NHhNbHBRdW52RFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwePLAwQA
wjstMA0GCSqGSIb3DQEBCwUAA4IBAQCc7Hf3yepciKhgbpWGaCku+0KngXD3q6DX
Fvnd8DnTUTVYmvNt86v0O75Hu5QRfkpaMkiSxTPoOA8/ai1Q7oD6YLO+MzlUUjsG
JXV59raejY7R89kaGSxSXhCjc1CcQbQVzzIc9gfc108e8hukrtD/5xm1kCWJj9q8
yD7KFRd10e2n6DpQRJUnylbHDgTBxAF5tb0Vx7Un4s8kOMzC+ecjyPSyMjZsEwmH
faFFkejDmkQA8G2SUn2lCyWA7eWCOZv6DAHQQolB+h5JEhOBlAytnOKXZmq5t3tD
Hww8yj54oUwaJrZ/QoNp8/Q77n0Aj1vXln2M4r0uGqjWN9nlb5JN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:20 2024 by rpki-client on console-ams.rpki-client.org