Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/oEj34BVwiQ8-V2KmYZbo4yDeihg.roa
File: oEj34BVwiQ8-V2KmYZbo4yDeihg.roa (raw, json)
Hash identifier: lh+w4JQ5y3oJKys9Z0XH2hYb0A6M/t4izegvesWiZK0=
Subject key identifier: A0:48:F7:E0:15:70:89:0F:3E:57:62:A6:61:96:E8:E3:20:DE:8A:18
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 01856D66497274E7F078AC14C2FE7E80514C
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/oEj34BVwiQ8-V2KmYZbo4yDeihg.roa
Signing time: Sun 01 Jan 2023 12:54:58 +0000
ROA not before: Sun 01 Jan 2023 12:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200093
IP address blocks: 83.125.118.0/23 maxlen: 23
83.125.24.0/24 maxlen: 24
83.125.32.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:49:72:74:e7:f0:78:ac:14:c2:fe:7e:80:51:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Jan 1 12:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a048f7e01570890f3e5762a66196e8e320de8a18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ad:6a:40:49:3c:e8:77:01:69:e3:cb:bf:ad:
13:95:1f:0d:35:fe:79:36:93:d0:be:85:99:79:cd:
79:86:fd:6e:9a:0b:7a:85:a6:a1:e9:5c:37:80:92:
98:1f:cd:72:ee:67:99:6d:80:91:98:5e:b4:04:6a:
f4:69:b7:4d:98:f6:2b:6d:fc:b9:84:00:f7:2b:5a:
93:09:28:15:27:8a:17:b5:f5:55:40:02:c6:a1:ad:
f9:b7:ad:ae:0e:d9:87:a2:7e:95:9e:ec:61:ff:15:
2b:9a:43:6f:b6:7b:b5:5a:e1:18:77:61:49:cd:fe:
af:6e:97:59:e6:b9:4c:74:9b:78:b7:e9:5b:20:34:
80:cc:2f:db:94:fd:9b:f6:7d:48:f7:6a:7e:39:44:
51:8e:cb:db:f9:67:64:0c:4b:50:e2:e2:41:96:b9:
1e:7b:22:6a:25:1e:59:5c:90:24:85:74:51:fa:c0:
12:40:fb:41:ec:07:ad:b3:40:6e:d5:b6:ea:9a:00:
d8:68:6b:81:bc:94:7e:e2:fc:d7:83:b2:88:22:5a:
26:af:b0:90:6a:bb:4f:6e:a1:51:6b:6d:9f:b6:ab:
ab:15:d2:c2:2c:34:5a:38:2c:d4:b5:7b:cc:64:2f:
51:00:5a:be:8b:f8:65:2f:93:b7:ec:d7:de:d9:38:
95:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:48:F7:E0:15:70:89:0F:3E:57:62:A6:61:96:E8:E3:20:DE:8A:18
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/oEj34BVwiQ8-V2KmYZbo4yDeihg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.125.24.0/24
83.125.32.0/22
83.125.118.0/23
Signature Algorithm: sha256WithRSAEncryption
31:3b:e9:4c:86:b6:e9:f2:38:26:07:16:ba:fe:e6:20:65:9c:
66:a1:5a:79:46:f0:10:77:89:ba:3b:27:a0:3b:ae:4f:f3:5d:
33:46:bc:2b:9d:f3:6d:67:78:c2:8b:22:f1:26:bd:a5:d6:8e:
ff:a9:6b:3b:eb:d1:a8:f7:2d:14:f5:83:b0:95:f7:2f:e7:ce:
ca:41:11:95:88:14:6f:e9:54:7e:07:f2:d0:d3:0c:80:bd:4a:
2c:57:0c:b1:ce:e6:cf:43:6d:c8:bd:b2:a2:50:ff:18:f2:80:
a2:68:c8:d1:d8:e4:c1:85:43:50:75:6b:1c:07:52:63:4a:12:
0e:c2:75:9f:85:18:f0:f6:6d:08:f6:45:92:3c:0d:b3:dc:ab:
e6:8f:83:e7:a1:4b:fe:81:52:7c:ca:e1:df:dc:da:78:1a:9e:
98:a4:ae:b6:4a:cb:76:4f:78:5b:99:71:8b:e9:c5:c8:9e:c9:
a5:fe:dc:14:33:c9:a2:dc:cb:1a:e6:72:34:2b:67:16:e8:5d:
3d:41:2b:1d:c3:f3:c1:26:5d:72:ae:4d:54:ea:90:8c:40:ae:
00:6c:85:19:22:76:f8:f9:f9:39:61:3c:30:89:6b:27:02:6e:
d5:2e:33:25:f3:c2:4b:0d:1a:b0:42:e6:56:05:7c:2b:5b:c3:
ba:d2:f6:48
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtZklydOfweKwUwv5+gFFMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTkwZmRlOTc4NGE5MWQ5M2E3YTJhZjU5ZDRkMDQzZjEx
NzFmYmEwHhcNMjMwMTAxMTI1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDQ4ZjdlMDE1NzA4OTBmM2U1NzYyYTY2MTk2ZThlMzIwZGU4YTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg61qQEk86HcBaePLv60TlR8NNf55
NpPQvoWZec15hv1umgt6haah6Vw3gJKYH81y7meZbYCRmF60BGr0abdNmPYrbfy5
hAD3K1qTCSgVJ4oXtfVVQALGoa35t62uDtmHon6Vnuxh/xUrmkNvtnu1WuEYd2FJ
zf6vbpdZ5rlMdJt4t+lbIDSAzC/blP2b9n1I92p+OURRjsvb+WdkDEtQ4uJBlrke
eyJqJR5ZXJAkhXRR+sASQPtB7Aets0Bu1bbqmgDYaGuBvJR+4vzXg7KIIlomr7CQ
artPbqFRa22ftqurFdLCLDRaOCzUtXvMZC9RAFq+i/hlL5O37Nfe2TiVSQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKBI9+AVcIkPPldipmGW6OMg3ooYMB8GA1UdIwQY
MBaAFB/pD96XhKkdk6eir1nU0EPxFx+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQt
MjM3NzJlN2Y5MmUzLzEvb0VqMzRCVndpUTgtVjJLbVlaYm80eURlaWhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQtMjM3NzJlN2Y5MmUz
LzEvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAU30YAwQC
U30gAwQBU312MA0GCSqGSIb3DQEBCwUAA4IBAQAxO+lMhrbp8jgmBxa6/uYgZZxm
oVp5RvAQd4m6OyegO65P810zRrwrnfNtZ3jCiyLxJr2l1o7/qWs769Go9y0U9YOw
lfcv587KQRGViBRv6VR+B/LQ0wyAvUosVwyxzubPQ23IvbKiUP8Y8oCiaMjR2OTB
hUNQdWscB1JjShIOwnWfhRjw9m0I9kWSPA2z3Kvmj4PnoUv+gVJ8yuHf3Np4Gp6Y
pK62Sst2T3hbmXGL6cXInsml/twUM8mi3Msa5nI0K2cW6F09QSsdw/PBJl1yrk1U
6pCMQK4AbIUZInb4+fk5YTwwiWsnAm7VLjMl88JLDRqwQuZWBXwrW8O60vZI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:11 2024 by rpki-client on console-ams.rpki-client.org