Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/OsB8r_0TN13ZB1A7TlZ4sSyeKnk.roa
File: OsB8r_0TN13ZB1A7TlZ4sSyeKnk.roa (raw, json)
Hash identifier: vH3Tz2k4q5klhU58lG+FiDl3uCk091U+NAmd/Nhxm3A=
Subject key identifier: 3A:C0:7C:AF:FD:13:37:5D:D9:07:50:3B:4E:56:78:B1:2C:9E:2A:79
Certificate issuer: /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial: 01856DC1BF2345450480AD5D66E598AAE870
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/OsB8r_0TN13ZB1A7TlZ4sSyeKnk.roa
Signing time: Sun 01 Jan 2023 14:34:51 +0000
ROA not before: Sun 01 Jan 2023 14:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41952
IP address blocks: 193.32.192.0/24 maxlen: 24
193.32.192.0/22 maxlen: 22
193.32.194.0/24 maxlen: 24
193.32.193.0/24 maxlen: 24
193.32.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:bf:23:45:45:04:80:ad:5d:66:e5:98:aa:e8:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Validity
Not Before: Jan 1 14:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ac07caffd13375dd907503b4e5678b12c9e2a79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:de:b9:ac:c5:3f:5e:8d:0a:79:d9:ab:0b:25:
bd:7f:4f:fb:8a:bf:ac:8d:55:b9:06:c5:3f:21:59:
05:9c:15:ff:01:4e:3a:1a:a6:46:c1:4e:66:d9:a6:
99:33:16:b7:16:d5:77:51:c3:aa:c0:2e:d0:23:55:
de:90:ab:d5:87:1c:d9:da:1f:82:59:5d:cb:f1:02:
86:7d:a2:bf:1c:18:82:5d:c8:16:e7:5d:b5:57:46:
17:d1:81:94:80:87:7f:c8:db:78:b4:68:47:2e:25:
ee:d4:b8:ca:b2:cd:cb:f9:a5:17:c9:62:1d:b4:00:
3c:ab:f5:52:9d:9c:d9:9a:f8:be:5a:c6:19:e0:02:
f8:ae:12:8c:06:76:52:b1:db:dd:24:14:f4:d5:5d:
de:8a:12:0d:14:49:e9:f9:35:6f:04:f1:76:c4:30:
6e:cf:6e:41:d7:83:c1:24:9e:3c:8a:e3:c6:fc:35:
79:39:f7:58:21:41:25:ae:f4:dc:7b:ec:b6:3b:9a:
d0:42:36:47:f2:2e:5d:39:3d:d3:97:50:5e:4f:51:
93:66:2b:8f:12:f6:1a:4a:e1:51:23:bc:19:27:41:
02:30:3b:0f:a4:5e:e7:35:1d:59:d7:1e:e3:6d:3c:
da:ac:ea:64:36:fb:e7:2f:9f:7d:94:2a:47:18:95:
ed:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:C0:7C:AF:FD:13:37:5D:D9:07:50:3B:4E:56:78:B1:2C:9E:2A:79
X509v3 Authority Key Identifier:
keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/OsB8r_0TN13ZB1A7TlZ4sSyeKnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.192.0/22
Signature Algorithm: sha256WithRSAEncryption
53:70:27:2b:31:58:0b:4e:11:3f:18:42:dc:56:73:0f:29:d5:
65:58:b6:af:bb:08:0c:ec:41:d5:92:e1:7b:94:8a:6e:86:5e:
1d:28:50:bd:03:58:8c:30:5c:4b:54:f4:a6:59:7e:c0:78:a1:
eb:d8:c8:a1:83:77:5b:1b:6f:d2:6d:30:c6:64:ff:86:f6:cb:
38:9b:2e:71:a3:3f:be:9a:5e:d9:85:94:7d:c6:e1:4c:fe:fd:
02:bc:d8:1c:36:06:7c:fb:59:38:2e:69:66:2e:44:7c:49:ae:
f3:bb:74:36:a2:e9:80:d9:d5:b0:d2:c9:ac:1d:8c:af:0b:1b:
95:cd:46:10:56:33:0a:d8:3a:68:6d:96:cc:20:7b:0f:8d:44:
4e:47:03:4d:f3:d3:e7:ee:5f:0f:2f:e8:3d:a9:d5:d3:c2:ae:
1f:24:39:87:98:0e:e6:d1:f0:87:2a:e0:b8:56:7e:30:0e:c4:
59:82:c2:03:21:9f:10:1b:3c:0c:9a:35:17:a6:7f:52:9a:45:
cd:5c:0c:81:6f:cb:d9:0d:8c:63:58:b1:03:68:64:a9:9a:4f:
0b:18:38:28:eb:96:d0:2d:44:89:fb:27:fe:c4:9d:0c:7f:78:
3f:80:31:15:aa:2e:c1:3c:19:93:f3:f2:67:d4:8b:e5:77:f7:
f4:bd:d4:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtwb8jRUUEgK1dZuWYquhwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjMwMTAxMTQzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWMwN2NhZmZkMTMzNzVkZDkwNzUwM2I0ZTU2NzhiMTJjOWUyYTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAid65rMU/Xo0KedmrCyW9f0/7ir+s
jVW5BsU/IVkFnBX/AU46GqZGwU5m2aaZMxa3FtV3UcOqwC7QI1XekKvVhxzZ2h+C
WV3L8QKGfaK/HBiCXcgW5121V0YX0YGUgId/yNt4tGhHLiXu1LjKss3L+aUXyWId
tAA8q/VSnZzZmvi+WsYZ4AL4rhKMBnZSsdvdJBT01V3eihINFEnp+TVvBPF2xDBu
z25B14PBJJ48iuPG/DV5OfdYIUElrvTce+y2O5rQQjZH8i5dOT3Tl1BeT1GTZiuP
EvYaSuFRI7wZJ0ECMDsPpF7nNR1Z1x7jbTzarOpkNvvnL599lCpHGJXtvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDrAfK/9Ezdd2QdQO05WeLEsnip5MB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEvT3NCOHJfMFROMTNaQjFBN1RsWjRzU3llS25rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwSDAMA0G
CSqGSIb3DQEBCwUAA4IBAQBTcCcrMVgLThE/GELcVnMPKdVlWLavuwgM7EHVkuF7
lIpuhl4dKFC9A1iMMFxLVPSmWX7AeKHr2Mihg3dbG2/SbTDGZP+G9ss4my5xoz++
ml7ZhZR9xuFM/v0CvNgcNgZ8+1k4LmlmLkR8Sa7zu3Q2oumA2dWw0smsHYyvCxuV
zUYQVjMK2DpobZbMIHsPjURORwNN89Pn7l8PL+g9qdXTwq4fJDmHmA7m0fCHKuC4
Vn4wDsRZgsIDIZ8QGzwMmjUXpn9SmkXNXAyBb8vZDYxjWLEDaGSpmk8LGDgo65bQ
LUSJ+yf+xJ0Mf3g/gDEVqi7BPBmT8/Jn1Ivld/f0vdTE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:21 2024 by rpki-client on console-fra.rpki-client.org