Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/e106c3-0b1f-4010-86f1-65a46c8e41e9/1/2oBA9Oxt91uCFHKEWhE_a3Vb_2s.roa
File: 2oBA9Oxt91uCFHKEWhE_a3Vb_2s.roa (raw, json)
Hash identifier: EzyCR0bdEHM9cMN8SKFXLIK8amhYGTyJM3Z9A+Oz7/w=
Subject key identifier: DA:80:40:F4:EC:6D:F7:5B:82:14:72:84:5A:11:3F:6B:75:5B:FF:6B
Certificate issuer: /CN=3d0483538737453e2f57ffb57499c3922e83636d
Certificate serial: 018572CCAF43778987AFFB83F21FD14BF9AC
Authority key identifier: 3D:04:83:53:87:37:45:3E:2F:57:FF:B5:74:99:C3:92:2E:83:63:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PQSDU4c3RT4vV_-1dJnDki6DY20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/e106c3-0b1f-4010-86f1-65a46c8e41e9/1/2oBA9Oxt91uCFHKEWhE_a3Vb_2s.roa
Signing time: Mon 02 Jan 2023 14:04:54 +0000
ROA not before: Mon 02 Jan 2023 14:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30823
IP address blocks: 194.62.29.0/24 maxlen: 24
194.62.157.0/24 maxlen: 24
194.62.1.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:af:43:77:89:87:af:fb:83:f2:1f:d1:4b:f9:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d0483538737453e2f57ffb57499c3922e83636d
Validity
Not Before: Jan 2 14:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da8040f4ec6df75b821472845a113f6b755bff6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ec:e9:33:17:ff:59:59:9b:a8:cf:e1:3e:e4:
b0:1c:dc:f5:ec:2c:45:85:cd:75:e0:91:bd:8c:50:
c1:35:7d:d7:fd:82:95:c7:7d:87:67:21:2e:69:07:
bb:59:a1:2b:aa:05:f9:3d:a2:eb:3f:12:43:c3:49:
36:97:72:f8:a2:2a:1b:c1:e7:71:f8:f6:21:dc:03:
d7:83:6d:c5:02:ff:74:32:40:48:0a:b1:ea:53:f0:
3c:0a:61:98:65:08:7e:c7:64:c0:16:f3:a2:0a:29:
6b:c3:3e:04:4b:65:69:5e:df:71:47:c3:a4:f5:ca:
db:e1:22:35:b8:06:75:73:53:15:73:da:6b:19:d3:
c5:bf:18:95:d6:1c:49:73:d9:f4:f1:fb:2a:45:3f:
ff:7b:cb:a1:68:5b:6f:46:cb:84:b7:fb:2f:a8:f5:
15:59:7e:96:b9:27:15:5c:37:61:5c:8e:4e:9d:43:
12:b4:11:cf:77:91:b6:eb:b5:ea:3a:26:72:bd:79:
89:cd:f9:85:f1:dc:20:c7:1b:e4:9a:f5:d1:25:5e:
84:2b:b3:80:99:3a:13:de:b6:39:dc:40:ba:2a:e9:
c4:cc:ca:a1:25:31:73:1e:83:a0:c0:20:32:d3:d1:
ef:35:cb:fe:ac:9b:25:87:c7:e8:ab:93:83:e4:b0:
8d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:80:40:F4:EC:6D:F7:5B:82:14:72:84:5A:11:3F:6B:75:5B:FF:6B
X509v3 Authority Key Identifier:
keyid:3D:04:83:53:87:37:45:3E:2F:57:FF:B5:74:99:C3:92:2E:83:63:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PQSDU4c3RT4vV_-1dJnDki6DY20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/e106c3-0b1f-4010-86f1-65a46c8e41e9/1/2oBA9Oxt91uCFHKEWhE_a3Vb_2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/e106c3-0b1f-4010-86f1-65a46c8e41e9/1/PQSDU4c3RT4vV_-1dJnDki6DY20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.62.1.0/24
194.62.29.0/24
194.62.157.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:13:65:77:b8:80:61:78:cb:ea:36:90:ec:0a:21:82:b3:d4:
09:5f:ac:1a:61:da:e6:f4:f9:44:60:53:51:ea:ad:b0:70:53:
84:3c:6e:a6:29:ae:a2:9a:0d:19:93:83:ce:2b:bd:d1:d1:9b:
a0:64:45:5b:6a:64:94:62:21:07:f0:8d:a0:ff:df:ec:fa:20:
1f:b2:05:47:37:f7:27:77:ee:5a:3b:07:9d:26:0f:f1:c5:07:
13:c3:83:fa:bd:00:37:ed:b7:3e:61:73:07:d1:e2:99:7f:b9:
3d:33:08:cc:35:ef:65:7e:15:ba:91:80:c5:78:85:3f:83:97:
9e:b3:0c:ed:3a:b6:02:79:af:d2:e8:9b:a4:ef:c5:64:1e:81:
1d:cf:b6:13:c4:c6:50:e4:7d:e3:d8:f9:a7:6b:58:74:9c:87:
4d:d3:af:f1:26:21:b0:d8:91:06:1f:92:72:90:bd:de:e9:78:
e4:87:f4:21:cb:27:58:d7:64:e9:81:93:76:a5:70:2e:c0:de:
a5:96:16:aa:64:f3:85:2b:7f:f8:db:7d:dc:56:36:04:3f:a1:
b3:6d:27:31:67:de:59:6f:b1:b8:07:cc:e5:fd:8b:be:3c:17:
2d:1c:21:93:b4:52:14:8d:65:57:4d:44:60:c4:81:ed:a1:7c:
eb:4d:b0:07
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyzK9Dd4mHr/uD8h/RS/msMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMDQ4MzUzODczNzQ1M2UyZjU3ZmZiNTc0OTljMzkyMmU4
MzYzNmQwHhcNMjMwMTAyMTQwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTgwNDBmNGVjNmRmNzViODIxNDcyODQ1YTExM2Y2Yjc1NWJmZjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOzpMxf/WVmbqM/hPuSwHNz17CxF
hc114JG9jFDBNX3X/YKVx32HZyEuaQe7WaErqgX5PaLrPxJDw0k2l3L4oiobwedx
+PYh3APXg23FAv90MkBICrHqU/A8CmGYZQh+x2TAFvOiCilrwz4ES2VpXt9xR8Ok
9crb4SI1uAZ1c1MVc9prGdPFvxiV1hxJc9n08fsqRT//e8uhaFtvRsuEt/svqPUV
WX6WuScVXDdhXI5OnUMStBHPd5G267XqOiZyvXmJzfmF8dwgxxvkmvXRJV6EK7OA
mToT3rY53EC6KunEzMqhJTFzHoOgwCAy09HvNcv+rJslh8foq5OD5LCNDwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNqAQPTsbfdbghRyhFoRP2t1W/9rMB8GA1UdIwQY
MBaAFD0Eg1OHN0U+L1f/tXSZw5Iug2NtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFFTRFU0YzNSVDR2Vl8tMWRKbkRraTZEWTIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9lMTA2YzMtMGIxZi00MDEwLTg2ZjEt
NjVhNDZjOGU0MWU5LzEvMm9CQTlPeHQ5MXVDRkhLRVdoRV9hM1ZiXzJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9lMTA2YzMtMGIxZi00MDEwLTg2ZjEtNjVhNDZjOGU0MWU5
LzEvUFFTRFU0YzNSVDR2Vl8tMWRKbkRraTZEWTIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwj4BAwQA
wj4dAwQAwj6dMA0GCSqGSIb3DQEBCwUAA4IBAQBuE2V3uIBheMvqNpDsCiGCs9QJ
X6waYdrm9PlEYFNR6q2wcFOEPG6mKa6img0Zk4POK73R0ZugZEVbamSUYiEH8I2g
/9/s+iAfsgVHN/cnd+5aOwedJg/xxQcTw4P6vQA37bc+YXMH0eKZf7k9MwjMNe9l
fhW6kYDFeIU/g5eeswztOrYCea/S6Juk78VkHoEdz7YTxMZQ5H3j2Pmna1h0nIdN
06/xJiGw2JEGH5JykL3e6Xjkh/QhyydY12TpgZN2pXAuwN6llhaqZPOFK3/4233c
VjYEP6GzbScxZ95Zb7G4B8zl/Yu+PBctHCGTtFIUjWVXTURgxIHtoXzrTbAH
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:18 2024 by rpki-client on console-ams.rpki-client.org