Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/97b0b7-013d-433e-b538-a84eb411ef8a/1/Ou4kiVmBUPz4Ezm87vWY8QY1k_Y.roa
File: Ou4kiVmBUPz4Ezm87vWY8QY1k_Y.roa (raw, json)
Hash identifier: Rw2zna6IdNqxOgFeBltfAizGjGG8uBS4rKp+NyrCUlY=
Subject key identifier: 3A:EE:24:89:59:81:50:FC:F8:13:39:BC:EE:F5:98:F1:06:35:93:F6
Certificate issuer: /CN=c0a233590de586e0c55821c6f6d5732afc841229
Certificate serial: 01856DD41E12CF4E59A69FD078E45007FCA2
Authority key identifier: C0:A2:33:59:0D:E5:86:E0:C5:58:21:C6:F6:D5:73:2A:FC:84:12:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wKIzWQ3lhuDFWCHG9tVzKvyEEik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/97b0b7-013d-433e-b538-a84eb411ef8a/1/Ou4kiVmBUPz4Ezm87vWY8QY1k_Y.roa
Signing time: Sun 01 Jan 2023 14:54:55 +0000
ROA not before: Sun 01 Jan 2023 14:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57630
IP address blocks: 134.65.164.0/22 maxlen: 22
31.12.80.0/22 maxlen: 22
5.152.152.0/23 maxlen: 23
2a02:7e00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 12 Sep 2023 04:54:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:1e:12:cf:4e:59:a6:9f:d0:78:e4:50:07:fc:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0a233590de586e0c55821c6f6d5732afc841229
Validity
Not Before: Jan 1 14:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3aee2489598150fcf81339bceef598f1063593f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:99:03:60:63:3e:f8:27:af:1b:4b:c2:3a:28:
92:db:69:9a:3b:9b:05:17:be:a7:79:de:24:b7:4f:
ab:f4:99:9c:71:ae:b3:0f:1d:01:bd:f8:0d:e0:52:
b2:62:37:70:e4:ba:5d:00:43:57:4e:8d:55:bd:5e:
26:b6:48:88:f0:5b:22:94:c4:37:9b:80:99:28:4d:
e8:3e:e1:50:58:e5:61:b6:8b:07:16:0e:fd:c0:7d:
13:2b:cc:b4:75:09:40:c8:6a:4f:46:1c:b1:d8:b4:
66:ae:3f:2e:82:e7:ad:6f:ed:fd:ac:61:34:4a:89:
86:9f:c7:8b:ba:6e:86:37:3f:89:7a:73:2f:d9:9f:
91:43:f1:c9:35:1d:6c:c7:69:19:c4:58:f5:7b:19:
3d:33:c1:f1:2f:55:f2:d2:5f:9f:16:d2:1c:ea:a2:
eb:8b:c7:f1:87:8c:34:00:85:b8:c3:07:76:a5:6f:
21:57:8c:0a:b7:af:b4:f6:9e:95:cf:9d:1c:ea:33:
b0:22:64:16:03:60:24:31:db:98:f7:e2:57:ca:0b:
ca:c9:7c:e2:97:8e:ec:ce:7c:2d:7c:16:b9:65:f8:
d5:6a:5f:87:36:43:9f:18:89:f0:ad:47:d0:bd:71:
de:d2:b4:23:f8:33:30:2a:55:64:cf:e5:34:90:83:
02:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:EE:24:89:59:81:50:FC:F8:13:39:BC:EE:F5:98:F1:06:35:93:F6
X509v3 Authority Key Identifier:
keyid:C0:A2:33:59:0D:E5:86:E0:C5:58:21:C6:F6:D5:73:2A:FC:84:12:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wKIzWQ3lhuDFWCHG9tVzKvyEEik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/97b0b7-013d-433e-b538-a84eb411ef8a/1/Ou4kiVmBUPz4Ezm87vWY8QY1k_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/97b0b7-013d-433e-b538-a84eb411ef8a/1/wKIzWQ3lhuDFWCHG9tVzKvyEEik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.152.152.0/23
31.12.80.0/22
134.65.164.0/22
IPv6:
2a02:7e00::/29
Signature Algorithm: sha256WithRSAEncryption
8c:a3:e6:bb:f3:64:62:b5:a4:ca:3e:29:67:8c:03:02:f9:d6:
49:9b:00:86:81:f6:e0:49:26:81:ab:cd:bf:0d:c5:b7:bb:b9:
1f:0f:ba:da:cb:72:74:f2:2a:f2:9a:9a:88:a9:e4:7e:05:d8:
a6:46:b0:ac:d2:8f:fd:58:ec:ea:a5:8a:26:4e:47:b3:ec:74:
e3:ba:72:66:4e:91:42:0a:c7:38:5d:66:9e:3a:63:73:24:7f:
db:31:06:8a:e8:73:f1:97:7e:4f:28:99:6b:d1:27:cb:8d:02:
fe:da:d0:56:9e:eb:a1:0f:18:46:2b:95:35:4c:52:e1:a2:37:
3a:f1:bd:dc:cc:9e:3c:fa:b3:79:22:4b:3e:e3:de:79:c7:9d:
55:b0:a1:f5:ec:cf:f5:6d:b2:13:2c:4d:22:e1:16:be:a4:3d:
6d:5e:fd:aa:b6:f9:79:46:52:48:27:2e:36:f9:0e:d2:86:8b:
91:31:c9:d5:bc:71:41:c5:50:ef:02:e4:af:d6:7b:04:b3:77:
8f:69:ba:e2:2d:af:5b:95:70:32:1d:dc:d8:b0:c0:b5:40:19:
74:0b:f7:10:86:38:ee:dc:08:8b:03:09:2d:90:3f:25:45:de:
89:f2:f7:5e:ed:6f:ee:a1:9f:44:50:5a:85:e3:71:c3:00:79:
3c:d7:2b:06
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVt1B4Sz05Zpp/QeORQB/yiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwYTIzMzU5MGRlNTg2ZTBjNTU4MjFjNmY2ZDU3MzJhZmM4
NDEyMjkwHhcNMjMwMTAxMTQ1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWVlMjQ4OTU5ODE1MGZjZjgxMzM5YmNlZWY1OThmMTA2MzU5M2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpkDYGM++CevG0vCOiiS22maO5sF
F76ned4kt0+r9Jmcca6zDx0BvfgN4FKyYjdw5LpdAENXTo1VvV4mtkiI8FsilMQ3
m4CZKE3oPuFQWOVhtosHFg79wH0TK8y0dQlAyGpPRhyx2LRmrj8uguetb+39rGE0
SomGn8eLum6GNz+JenMv2Z+RQ/HJNR1sx2kZxFj1exk9M8HxL1Xy0l+fFtIc6qLr
i8fxh4w0AIW4wwd2pW8hV4wKt6+09p6Vz50c6jOwImQWA2AkMduY9+JXygvKyXzi
l47sznwtfBa5ZfjVal+HNkOfGInwrUfQvXHe0rQj+DMwKlVkz+U0kIMC9wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDruJIlZgVD8+BM5vO71mPEGNZP2MB8GA1UdIwQY
MBaAFMCiM1kN5YbgxVghxvbVcyr8hBIpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0tJeldRM2xodURGV0NIRzl0VnpLdnlFRWlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy85N2IwYjctMDEzZC00MzNlLWI1Mzgt
YTg0ZWI0MTFlZjhhLzEvT3U0a2lWbUJVUHo0RXptODd2V1k4UVkxa19ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy85N2IwYjctMDEzZC00MzNlLWI1MzgtYTg0ZWI0MTFlZjhh
LzEvd0tJeldRM2xodURGV0NIRzl0VnpLdnlFRWlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBBZiYAwQC
HwxQAwQChkGkMA0EAgACMAcDBQMqAn4AMA0GCSqGSIb3DQEBCwUAA4IBAQCMo+a7
82RitaTKPilnjAMC+dZJmwCGgfbgSSaBq82/DcW3u7kfD7ray3J08irympqIqeR+
BdimRrCs0o/9WOzqpYomTkez7HTjunJmTpFCCsc4XWaeOmNzJH/bMQaK6HPxl35P
KJlr0SfLjQL+2tBWnuuhDxhGK5U1TFLhojc68b3czJ48+rN5Iks+4955x51VsKH1
7M/1bbITLE0i4Ra+pD1tXv2qtvl5RlJIJy42+Q7ShouRMcnVvHFBxVDvAuSv1nsE
s3ePabriLa9blXAyHdzYsMC1QBl0C/cQhjju3AiLAwktkD8lRd6J8vde7W/uoZ9E
UFqF43HDAHk81ysG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:30 2024 by rpki-client on console-fra.rpki-client.org