Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/OENfzlhOxbkoj2brqpBvTWuPXB0.roa
File: OENfzlhOxbkoj2brqpBvTWuPXB0.roa (raw, json)
Hash identifier: 8nkVApNQV9Q75EcywWwTMpusdrJeDWN/ZAnCFaDuxXc=
Subject key identifier: 38:43:5F:CE:58:4E:C5:B9:28:8F:66:EB:AA:90:6F:4D:6B:8F:5C:1D
Certificate issuer: /CN=70847f8221897d6e952e86ea2c339abaacc131f5
Certificate serial: 01856C0A2D620B62B3F478943151BB9CE61E
Authority key identifier: 70:84:7F:82:21:89:7D:6E:95:2E:86:EA:2C:33:9A:BA:AC:C1:31:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/OENfzlhOxbkoj2brqpBvTWuPXB0.roa
Signing time: Sun 01 Jan 2023 06:34:44 +0000
ROA not before: Sun 01 Jan 2023 06:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60972
IP address blocks: 185.38.28.0/22 maxlen: 24
185.95.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:2d:62:0b:62:b3:f4:78:94:31:51:bb:9c:e6:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70847f8221897d6e952e86ea2c339abaacc131f5
Validity
Not Before: Jan 1 06:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38435fce584ec5b9288f66ebaa906f4d6b8f5c1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f0:f7:dd:6e:08:a0:4a:88:5f:c9:9e:9b:7e:
e9:b4:79:a7:31:94:a2:4c:db:14:cd:44:af:86:35:
d2:34:77:b1:29:e9:20:72:f2:d8:82:b4:25:1c:47:
58:14:72:6b:f2:10:db:45:d1:d2:c6:0b:30:5c:5e:
9c:51:cc:f8:49:45:a5:31:53:7c:52:49:0d:f0:a4:
b2:b8:23:93:70:18:3c:8c:1d:5f:86:35:09:c5:dd:
e1:9a:79:a6:cb:f8:6a:40:6c:59:74:e7:d8:78:fd:
43:68:56:9e:1e:97:59:6a:62:5d:f9:59:ec:e6:f6:
51:c6:0b:24:de:fb:05:2f:99:cc:95:ec:bc:ec:d5:
a8:f7:02:f8:db:8b:b0:81:02:37:28:67:ef:60:4d:
b8:66:97:30:78:18:90:f8:bb:41:99:cf:8b:4e:2f:
57:df:dd:82:5f:79:6a:06:f3:71:cc:04:7c:6e:59:
2b:d3:45:df:5b:ba:64:91:38:1a:ea:4e:96:ef:2a:
3d:71:26:bc:eb:fd:2a:ce:8d:cc:5b:15:f2:44:eb:
3d:36:35:41:52:55:3f:3f:c4:fa:fd:cc:0f:0c:0c:
68:a2:88:c2:c2:b3:16:7c:26:4e:a4:95:77:64:09:
b6:c9:c8:8a:49:19:70:22:e2:a4:8c:f0:f7:75:c2:
4c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:43:5F:CE:58:4E:C5:B9:28:8F:66:EB:AA:90:6F:4D:6B:8F:5C:1D
X509v3 Authority Key Identifier:
keyid:70:84:7F:82:21:89:7D:6E:95:2E:86:EA:2C:33:9A:BA:AC:C1:31:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/OENfzlhOxbkoj2brqpBvTWuPXB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/cIR_giGJfW6VLobqLDOauqzBMfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.28.0/22
185.95.252.0/22
Signature Algorithm: sha256WithRSAEncryption
af:09:f4:c0:72:db:2a:bd:f9:c9:03:8f:0a:10:c6:bb:1d:5c:
5b:a6:b6:b2:0b:b6:af:ca:a8:5b:d7:f9:65:3a:9e:0e:34:c6:
89:29:18:de:ce:00:55:84:34:a0:47:ea:18:6a:f5:b2:06:6f:
b7:f7:c7:89:03:e3:3a:6a:46:5c:e3:14:43:42:b0:c6:a9:20:
6a:27:b8:0f:6b:35:dc:8d:f7:20:bf:72:f5:23:10:35:f4:45:
a2:e6:ac:a9:03:4e:d1:11:8c:71:52:f6:f7:c9:d2:7e:d7:8d:
04:4c:09:05:41:85:c4:88:61:2a:fd:e2:46:ef:6e:3a:7d:d8:
8f:6a:47:bf:46:65:58:dd:d3:4b:3c:4a:eb:bd:86:77:0d:45:
b8:b7:c5:4d:67:bb:a9:66:cb:e9:cd:f4:2b:99:7b:55:31:e3:
3b:f6:1b:3f:9d:34:20:01:b6:27:5b:d4:cb:a9:bb:31:4b:d9:
6d:4b:e9:1d:b3:ec:20:a9:68:26:9a:94:79:68:32:b9:ef:4b:
1d:64:12:69:71:9e:61:6d:9a:46:b1:ab:1d:8c:03:3c:02:81:
8f:74:fa:22:92:e3:c1:09:7b:e6:1b:2a:db:b7:73:b6:dd:0b:
e5:0c:7b:a1:70:0e:a0:ea:4b:75:56:36:2c:4b:c7:7e:9d:1b:
9e:5e:83:8e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsCi1iC2Kz9HiUMVG7nOYeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwODQ3ZjgyMjE4OTdkNmU5NTJlODZlYTJjMzM5YWJhYWNj
MTMxZjUwHhcNMjMwMTAxMDYzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODQzNWZjZTU4NGVjNWI5Mjg4ZjY2ZWJhYTkwNmY0ZDZiOGY1YzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfD33W4IoEqIX8mem37ptHmnMZSi
TNsUzUSvhjXSNHexKekgcvLYgrQlHEdYFHJr8hDbRdHSxgswXF6cUcz4SUWlMVN8
UkkN8KSyuCOTcBg8jB1fhjUJxd3hmnmmy/hqQGxZdOfYeP1DaFaeHpdZamJd+Vns
5vZRxgsk3vsFL5nMley87NWo9wL424uwgQI3KGfvYE24ZpcweBiQ+LtBmc+LTi9X
392CX3lqBvNxzAR8blkr00XfW7pkkTga6k6W7yo9cSa86/0qzo3MWxXyROs9NjVB
UlU/P8T6/cwPDAxooojCwrMWfCZOpJV3ZAm2yciKSRlwIuKkjPD3dcJMXQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDhDX85YTsW5KI9m66qQb01rj1wdMB8GA1UdIwQY
MBaAFHCEf4IhiX1ulS6G6iwzmrqswTH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0lSX2dpR0pmVzZWTG9icUxET2F1cXpCTWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy83MDZjMDMtN2QzNS00OTEzLThhMTgt
NmU4Nzg0YTdhZDA5LzEvT0VOZnpsaE94YmtvajJicnFwQnZUV3VQWEIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy83MDZjMDMtN2QzNS00OTEzLThhMTgtNmU4Nzg0YTdhZDA5
LzEvY0lSX2dpR0pmVzZWTG9icUxET2F1cXpCTWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuSYcAwQC
uV/8MA0GCSqGSIb3DQEBCwUAA4IBAQCvCfTActsqvfnJA48KEMa7HVxbprayC7av
yqhb1/llOp4ONMaJKRjezgBVhDSgR+oYavWyBm+398eJA+M6akZc4xRDQrDGqSBq
J7gPazXcjfcgv3L1IxA19EWi5qypA07REYxxUvb3ydJ+140ETAkFQYXEiGEq/eJG
7246fdiPake/RmVY3dNLPErrvYZ3DUW4t8VNZ7upZsvpzfQrmXtVMeM79hs/nTQg
AbYnW9TLqbsxS9ltS+kds+wgqWgmmpR5aDK570sdZBJpcZ5hbZpGsasdjAM8AoGP
dPoikuPBCXvmGyrbt3O23QvlDHuhcA6g6kt1VjYsS8d+nRueXoOO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:18 2024 by rpki-client on console-ams.rpki-client.org