Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/oFGa9S-JYjltUFO30UcMGbN2kgs.roa
File: oFGa9S-JYjltUFO30UcMGbN2kgs.roa (raw, json)
Hash identifier: X5MWHxupxQvWgx53cw9dzwXcUlATQOGSjfA9l3hWnJE=
Subject key identifier: A0:51:9A:F5:2F:89:62:39:6D:50:53:B7:D1:47:0C:19:B3:76:92:0B
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01856F797B5E38A3D366632EF9290F19F7ED
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/oFGa9S-JYjltUFO30UcMGbN2kgs.roa
Signing time: Sun 01 Jan 2023 22:35:10 +0000
ROA not before: Sun 01 Jan 2023 22:35:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 36351
IP address blocks: 45.128.198.0/24 maxlen: 24
2a0f:2740::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:7b:5e:38:a3:d3:66:63:2e:f9:29:0f:19:f7:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 1 22:35:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0519af52f8962396d5053b7d1470c19b376920b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:48:cf:73:05:2b:8e:92:c4:85:19:21:93:98:
e8:1b:cc:c9:f9:40:43:53:34:72:70:34:c6:e4:43:
e6:1b:27:9c:4c:62:8f:1e:25:9a:be:94:3f:85:69:
49:20:05:30:f1:9c:9c:ab:c5:f5:78:70:48:53:82:
3f:ac:31:5d:3a:fb:96:6d:01:32:9c:68:cb:3a:96:
82:18:98:9f:8f:c6:e0:d3:ea:d7:94:ac:b3:cb:9b:
73:61:95:64:bd:fb:8f:7a:f8:80:d0:c8:a7:c4:66:
62:cf:bd:eb:6b:43:c6:41:d6:7d:45:57:a3:f5:89:
0b:54:bd:16:64:d3:c1:95:22:bc:e0:52:83:7e:c3:
17:0e:6c:f5:75:17:72:26:68:32:b1:5a:ae:a1:ef:
6e:5a:52:9d:97:06:6b:cb:2d:61:47:0e:f6:f8:f3:
a9:c9:8d:2f:18:89:a9:1f:d4:e4:fd:17:46:0e:3a:
dc:85:8c:c7:e3:3b:78:ad:6d:61:b4:0e:7f:38:e2:
49:83:ff:b7:d2:d6:eb:0b:2c:d1:62:7f:a2:ac:ec:
37:ba:bd:c6:3d:22:87:cb:69:1e:5e:e1:d9:10:9b:
3a:00:7b:aa:a5:39:ea:97:e6:02:b6:7c:3b:74:44:
46:25:54:12:e6:70:f1:63:e2:79:cc:39:3a:13:0d:
9d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:51:9A:F5:2F:89:62:39:6D:50:53:B7:D1:47:0C:19:B3:76:92:0B
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/oFGa9S-JYjltUFO30UcMGbN2kgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.198.0/24
IPv6:
2a0f:2740::/29
Signature Algorithm: sha256WithRSAEncryption
2d:d5:73:94:9f:f3:a8:68:c4:2d:eb:81:d6:a4:b7:e4:21:a4:
77:c1:78:f5:47:a2:54:37:8e:cd:cc:c7:88:22:b7:51:d5:1c:
86:2f:58:39:aa:4d:f2:c7:45:81:6f:a5:3b:c1:f9:aa:65:97:
ce:9e:d3:3b:e5:a5:81:7e:c7:e1:58:a4:80:66:ab:52:74:2b:
4d:39:3e:ca:59:3c:2d:42:4c:64:55:5f:69:45:d1:40:29:06:
68:49:38:43:c2:22:7f:db:87:6b:d0:80:8d:5b:3c:cb:52:53:
60:68:1b:34:5f:2f:64:22:da:d3:ad:3d:5d:05:b4:35:c3:42:
0f:4c:e3:f9:eb:23:39:ac:b8:f4:da:0e:9c:59:5e:6a:04:cc:
61:09:6e:1a:43:d0:86:3f:14:d1:79:97:c0:56:84:29:e1:d2:
3e:5b:6f:b0:34:95:b5:f6:f8:d9:f7:1f:b5:22:a1:81:bd:5b:
69:db:1c:19:7a:7a:53:7a:2a:2f:ca:77:b6:8c:49:ff:46:a5:
91:0c:ae:9a:04:f3:14:a8:98:ba:1b:5c:82:2c:b9:29:a5:c8:
55:1c:bb:ea:b6:7a:32:81:be:cc:26:22:55:2a:bb:8f:93:1b:
c1:0f:75:66:ae:2b:a0:dc:c5:89:ff:89:ac:6e:84:61:b0:b9:
f5:49:fd:17
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVveXteOKPTZmMu+SkPGfftMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMTAxMjIzNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDUxOWFmNTJmODk2MjM5NmQ1MDUzYjdkMTQ3MGMxOWIzNzY5MjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0jPcwUrjpLEhRkhk5joG8zJ+UBD
UzRycDTG5EPmGyecTGKPHiWavpQ/hWlJIAUw8Zycq8X1eHBIU4I/rDFdOvuWbQEy
nGjLOpaCGJifj8bg0+rXlKyzy5tzYZVkvfuPeviA0MinxGZiz73ra0PGQdZ9RVej
9YkLVL0WZNPBlSK84FKDfsMXDmz1dRdyJmgysVquoe9uWlKdlwZryy1hRw72+POp
yY0vGImpH9Tk/RdGDjrchYzH4zt4rW1htA5/OOJJg/+30tbrCyzRYn+irOw3ur3G
PSKHy2keXuHZEJs6AHuqpTnql+YCtnw7dERGJVQS5nDxY+J5zDk6Ew2dmQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKBRmvUviWI5bVBTt9FHDBmzdpILMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvb0ZHYTlTLUpZamx0VUZPMzBVY01HYk4ya2dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALYDGMA0E
AgACMAcDBQMqDydAMA0GCSqGSIb3DQEBCwUAA4IBAQAt1XOUn/OoaMQt64HWpLfk
IaR3wXj1R6JUN47NzMeIIrdR1RyGL1g5qk3yx0WBb6U7wfmqZZfOntM75aWBfsfh
WKSAZqtSdCtNOT7KWTwtQkxkVV9pRdFAKQZoSThDwiJ/24dr0ICNWzzLUlNgaBs0
Xy9kItrTrT1dBbQ1w0IPTOP56yM5rLj02g6cWV5qBMxhCW4aQ9CGPxTReZfAVoQp
4dI+W2+wNJW19vjZ9x+1IqGBvVtp2xwZenpTeiovyne2jEn/RqWRDK6aBPMUqJi6
G1yCLLkppchVHLvqtnoygb7MJiJVKruPkxvBD3Vmriug3MWJ/4msboRhsLn1Sf0X
-----END CERTIFICATE-----
Generated at Wed Sep 20 04:53:34 2023 by rpki-client on console-fra.rpki-client.org