Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/1a27ec-eb0a-4406-a1d1-07ed46b149c3/1/oTNkQD1AwVLFbdwTOBWw_ckJSFY.roa
File: oTNkQD1AwVLFbdwTOBWw_ckJSFY.roa (raw, json)
Hash identifier: trRmqWcvIs9I8vbIgEU+Dcm2S5FU+M6GbnyEqCd4HQM=
Subject key identifier: A1:33:64:40:3D:40:C1:52:C5:6D:DC:13:38:15:B0:FD:C9:09:48:56
Certificate issuer: /CN=31242850cad41cdf75a3c9d60b21fca543f74384
Certificate serial: 018C16AACCE24A563BE2F6706A6B1274361A
Authority key identifier: 31:24:28:50:CA:D4:1C:DF:75:A3:C9:D6:0B:21:FC:A5:43:F7:43:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MSQoUMrUHN91o8nWCyH8pUP3Q4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/1a27ec-eb0a-4406-a1d1-07ed46b149c3/1/oTNkQD1AwVLFbdwTOBWw_ckJSFY.roa
Signing time: Tue 28 Nov 2023 16:02:21 +0000
ROA not before: Tue 28 Nov 2023 16:02:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9136
IP address blocks: 92.118.192.0/22 maxlen: 22
62.176.224.0/19 maxlen: 19
91.186.32.0/19 maxlen: 19
5.159.24.0/21 maxlen: 21
213.162.128.0/19 maxlen: 19
185.72.232.0/22 maxlen: 22
2a01:581:9::/48 maxlen: 48
2a01:581:a::/48 maxlen: 48
2a01:581:6::/48 maxlen: 48
2a01:581:b::/48 maxlen: 48
2a01:581:c::/48 maxlen: 48
2a01:581:7::/48 maxlen: 48
2a01:581:8::/48 maxlen: 48
2a01:580::/29 maxlen: 29
2a01:581:d::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:16:aa:cc:e2:4a:56:3b:e2:f6:70:6a:6b:12:74:36:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31242850cad41cdf75a3c9d60b21fca543f74384
Validity
Not Before: Nov 28 16:02:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a13364403d40c152c56ddc133815b0fdc9094856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:18:d8:4d:61:d3:f3:90:2f:a0:da:17:96:6a:
3a:46:70:cf:d9:d6:1e:8a:b7:8e:53:80:32:b4:bf:
62:26:04:77:ff:1a:54:9b:db:cf:dd:0e:2b:ce:79:
4a:c6:2d:56:cf:7f:e0:53:80:a7:e0:b8:74:d6:36:
d2:ad:5a:c0:83:97:1e:c4:12:eb:d3:58:a3:42:6e:
68:a1:8a:f2:32:38:d2:56:63:1d:5d:b7:6d:a9:de:
cb:26:cb:d5:09:4d:0b:cc:a5:a1:10:7e:64:17:9c:
fe:8b:4f:11:3c:73:d6:a3:c9:cb:e5:99:8a:a8:fe:
da:46:52:bc:dc:11:cc:65:84:de:54:e7:d3:21:cf:
2c:7b:97:31:ca:ae:ab:02:05:8a:27:d2:a2:66:94:
9a:4b:af:83:8b:b9:ee:0d:a5:0a:0e:6c:5b:a4:e5:
10:93:46:c6:2d:dc:fc:c7:2d:54:31:ee:04:74:11:
28:bb:55:dd:29:79:d9:97:bb:f1:07:47:02:b3:ab:
8b:98:83:6f:a4:ec:00:e1:ec:ad:17:a0:02:99:bd:
d4:ce:cd:09:ae:e3:59:b6:5b:93:04:8b:f0:40:a0:
a1:ce:69:ef:4d:66:02:10:6c:14:c6:41:50:b4:1d:
80:b2:b0:3d:96:32:dc:b2:50:6e:91:18:d5:d3:09:
5f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:33:64:40:3D:40:C1:52:C5:6D:DC:13:38:15:B0:FD:C9:09:48:56
X509v3 Authority Key Identifier:
keyid:31:24:28:50:CA:D4:1C:DF:75:A3:C9:D6:0B:21:FC:A5:43:F7:43:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MSQoUMrUHN91o8nWCyH8pUP3Q4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1a27ec-eb0a-4406-a1d1-07ed46b149c3/1/oTNkQD1AwVLFbdwTOBWw_ckJSFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1a27ec-eb0a-4406-a1d1-07ed46b149c3/1/MSQoUMrUHN91o8nWCyH8pUP3Q4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.24.0/21
62.176.224.0/19
91.186.32.0/19
92.118.192.0/22
185.72.232.0/22
213.162.128.0/19
IPv6:
2a01:580::/29
Signature Algorithm: sha256WithRSAEncryption
15:82:df:97:81:f0:3f:0d:0a:db:51:83:e1:e4:c3:82:27:6f:
3c:9d:fc:f5:f0:f3:12:95:e6:a9:29:8f:74:4f:34:f9:eb:84:
e8:1e:5d:30:76:5c:ed:6a:43:05:20:f5:51:e5:d9:61:66:d1:
ea:7f:3f:d4:af:75:74:09:8b:61:13:05:92:1d:1d:c9:4b:6e:
7f:21:5c:ba:60:f0:a7:a4:17:38:12:b8:23:57:5c:af:bd:54:
a5:3c:16:31:8a:ef:a5:a6:7b:a7:1b:90:a9:3e:27:82:b0:f1:
29:7b:8e:8f:78:af:56:d3:1f:1c:59:b0:cb:67:e3:ca:ed:12:
80:ae:c3:9c:d9:47:68:1f:79:34:c6:43:fa:6d:d2:43:7d:d4:
a1:75:26:fe:25:7c:48:49:84:28:c3:a8:f0:19:de:ac:19:35:
b6:58:b1:d6:83:f5:b3:8a:60:d2:94:7b:d7:c1:4e:a0:e4:3e:
3e:6b:b1:c4:93:d6:12:62:f8:70:32:00:cb:bd:ae:ba:4a:12:
e2:60:65:87:e7:b7:d7:a4:85:62:f3:19:9d:2c:06:cb:cd:55:
04:6c:ca:a6:18:e4:72:7b:44:90:6f:bf:fe:ac:03:12:fc:56:
ad:4c:f5:55:f9:77:c1:fd:77:2e:82:3e:4c:37:8f:52:fd:43:
f2:de:ba:8c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYwWqsziSlY74vZwamsSdDYaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMjQyODUwY2FkNDFjZGY3NWEzYzlkNjBiMjFmY2E1NDNm
NzQzODQwHhcNMjMxMTI4MTYwMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTMzNjQ0MDNkNDBjMTUyYzU2ZGRjMTMzODE1YjBmZGM5MDk0ODU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRjYTWHT85AvoNoXlmo6RnDP2dYe
ireOU4AytL9iJgR3/xpUm9vP3Q4rznlKxi1Wz3/gU4Cn4Lh01jbSrVrAg5cexBLr
01ijQm5ooYryMjjSVmMdXbdtqd7LJsvVCU0LzKWhEH5kF5z+i08RPHPWo8nL5ZmK
qP7aRlK83BHMZYTeVOfTIc8se5cxyq6rAgWKJ9KiZpSaS6+Di7nuDaUKDmxbpOUQ
k0bGLdz8xy1UMe4EdBEou1XdKXnZl7vxB0cCs6uLmINvpOwA4eytF6ACmb3Uzs0J
ruNZtluTBIvwQKChzmnvTWYCEGwUxkFQtB2AsrA9ljLcslBukRjV0wlfIQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFKEzZEA9QMFSxW3cEzgVsP3JCUhWMB8GA1UdIwQY
MBaAFDEkKFDK1BzfdaPJ1gsh/KVD90OEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVNRb1VNclVITjkxbzhuV0N5SDhwVVAzUTRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xYTI3ZWMtZWIwYS00NDA2LWExZDEt
MDdlZDQ2YjE0OWMzLzEvb1ROa1FEMUF3VkxGYmR3VE9CV3dfY2tKU0ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8xYTI3ZWMtZWIwYS00NDA2LWExZDEtMDdlZDQ2YjE0OWMz
LzEvTVNRb1VNclVITjkxbzhuV0N5SDhwVVAzUTRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDBZ8YAwQF
PrDgAwQFW7ogAwQCXHbAAwQCuUjoAwQF1aKAMA0EAgACMAcDBQMqAQWAMA0GCSqG
SIb3DQEBCwUAA4IBAQAVgt+XgfA/DQrbUYPh5MOCJ288nfz18PMSleapKY90TzT5
64ToHl0wdlztakMFIPVR5dlhZtHqfz/Ur3V0CYthEwWSHR3JS25/IVy6YPCnpBc4
ErgjV1yvvVSlPBYxiu+lpnunG5CpPieCsPEpe46PeK9W0x8cWbDLZ+PK7RKArsOc
2UdoH3k0xkP6bdJDfdShdSb+JXxISYQow6jwGd6sGTW2WLHWg/WzimDSlHvXwU6g
5D4+a7HEk9YSYvhwMgDLva66ShLiYGWH57fXpIVi8xmdLAbLzVUEbMqmGORye0SQ
b7/+rAMS/FatTPVV+XfB/Xcugj5MN49S/UPy3rqM
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:01 2024 by rpki-client on console-fra.rpki-client.org