Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/33a733-ef05-4af0-8535-196d666d2b2b/1/OjKfJSNy0MElOCRB615lyjOJhjE.roa
File: OjKfJSNy0MElOCRB615lyjOJhjE.roa (raw, json)
Hash identifier: MzAUWTciVbO2FApyL7wNarwxt+rG8CEJbQQ8QHFE/DA=
Subject key identifier: 3A:32:9F:25:23:72:D0:C1:25:38:24:41:EB:5E:65:CA:33:89:86:31
Certificate issuer: /CN=11184fb6503a760657f90270e276a3fcb50b8e8f
Certificate serial: 018571F0D6EFB31F97E7705B03CCA4212DBD
Authority key identifier: 11:18:4F:B6:50:3A:76:06:57:F9:02:70:E2:76:A3:FC:B5:0B:8E:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ERhPtlA6dgZX-QJw4naj_LULjo8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/33a733-ef05-4af0-8535-196d666d2b2b/1/OjKfJSNy0MElOCRB615lyjOJhjE.roa
Signing time: Mon 02 Jan 2023 10:04:47 +0000
ROA not before: Mon 02 Jan 2023 10:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12891
IP address blocks: 193.110.210.0/24 maxlen: 24
193.110.213.0/24 maxlen: 24
193.110.211.0/24 maxlen: 24
193.110.208.0/24 maxlen: 24
193.110.212.0/24 maxlen: 24
193.110.214.0/24 maxlen: 24
193.110.215.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f0:d6:ef:b3:1f:97:e7:70:5b:03:cc:a4:21:2d:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11184fb6503a760657f90270e276a3fcb50b8e8f
Validity
Not Before: Jan 2 10:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a329f252372d0c125382441eb5e65ca33898631
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a5:73:83:af:d1:b9:b8:d9:97:b3:b2:25:c7:
bc:e1:86:64:aa:70:c3:26:2f:bc:cb:f4:cd:d0:45:
b3:fd:e8:29:c6:b5:20:73:db:b5:ac:e1:8b:5d:22:
2d:06:70:82:6a:e1:91:03:fa:f2:46:85:46:12:0f:
92:b1:61:cf:9a:f2:20:01:f9:ac:a5:92:30:fa:8d:
18:2d:ed:71:81:3b:40:b2:cb:20:f3:45:f0:3f:d8:
55:86:7f:5a:87:4b:43:8a:96:9e:f0:4d:6b:ff:65:
f8:1b:95:10:39:0a:3b:b1:1e:78:8b:8b:53:0b:d0:
bd:01:70:f8:b1:d7:4a:88:bd:19:d1:1f:3b:19:9e:
fa:03:a7:f3:e9:55:f0:9f:fb:13:55:08:4d:03:be:
f1:51:02:f5:f0:01:00:de:a8:ea:96:28:0a:9d:6f:
ba:58:24:cc:d1:9d:39:cb:d1:2a:9c:15:57:1e:8e:
77:00:f2:4a:49:2f:cf:25:8a:b7:e4:ee:83:0d:f8:
97:15:28:84:5e:c7:af:19:15:b8:16:ac:49:8a:a7:
49:6a:0b:c5:e9:00:b9:d9:43:16:7c:bb:91:60:18:
27:30:e8:2c:22:f6:ef:40:c4:1c:fc:b0:5c:35:f4:
65:70:68:a5:94:3e:d2:21:8c:a0:cf:4d:19:91:f8:
0b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:32:9F:25:23:72:D0:C1:25:38:24:41:EB:5E:65:CA:33:89:86:31
X509v3 Authority Key Identifier:
keyid:11:18:4F:B6:50:3A:76:06:57:F9:02:70:E2:76:A3:FC:B5:0B:8E:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ERhPtlA6dgZX-QJw4naj_LULjo8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/33a733-ef05-4af0-8535-196d666d2b2b/1/OjKfJSNy0MElOCRB615lyjOJhjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/33a733-ef05-4af0-8535-196d666d2b2b/1/ERhPtlA6dgZX-QJw4naj_LULjo8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.110.208.0/24
193.110.210.0-193.110.215.255
Signature Algorithm: sha256WithRSAEncryption
bc:f5:f4:b0:5d:5d:82:4e:06:12:23:18:7d:53:86:16:93:44:
a1:18:7d:85:ac:34:c9:93:ba:4f:5a:fb:19:ef:b6:26:d1:52:
39:a4:f7:93:79:0f:36:1e:42:d0:86:7a:4f:7e:f3:41:6f:08:
d5:e1:7b:6e:42:b3:79:46:5b:dd:0c:11:8e:e9:aa:13:54:7c:
e5:5b:de:d6:ca:1c:b1:da:8b:8b:43:fc:e9:67:2f:cc:c2:0a:
7e:ef:4d:ff:da:e7:37:26:8f:70:5f:3d:a9:b7:13:00:9e:63:
6f:b1:98:25:1a:b0:3a:9e:84:66:4d:cc:1c:02:cd:74:43:4a:
39:86:20:cd:5e:c8:76:e3:89:52:1c:47:24:74:2e:09:c5:cf:
3d:60:83:fe:16:9e:a7:5f:e2:51:6a:87:8b:9e:9a:2a:46:03:
4c:86:e4:f4:95:0e:2f:17:a7:84:db:fc:3e:a2:d5:ef:db:0c:
d2:eb:9f:32:69:37:e9:c7:19:ef:2f:d8:fc:35:66:68:96:3c:
b7:00:40:43:66:ed:6c:27:d0:54:99:b1:8f:99:65:04:d2:d2:
03:7a:45:3a:80:99:fd:e5:eb:8d:24:cc:84:70:15:f6:c1:cb:
17:9a:ff:69:9a:8f:42:d9:22:86:a6:5f:b6:34:c4:49:06:34:
1f:c0:07:e8
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVx8Nbvsx+X53BbA8ykIS29MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMTg0ZmI2NTAzYTc2MDY1N2Y5MDI3MGUyNzZhM2ZjYjUw
YjhlOGYwHhcNMjMwMTAyMTAwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTMyOWYyNTIzNzJkMGMxMjUzODI0NDFlYjVlNjVjYTMzODk4NjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6Vzg6/RubjZl7OyJce84YZkqnDD
Ji+8y/TN0EWz/egpxrUgc9u1rOGLXSItBnCCauGRA/ryRoVGEg+SsWHPmvIgAfms
pZIw+o0YLe1xgTtAsssg80XwP9hVhn9ah0tDipae8E1r/2X4G5UQOQo7sR54i4tT
C9C9AXD4sddKiL0Z0R87GZ76A6fz6VXwn/sTVQhNA77xUQL18AEA3qjqligKnW+6
WCTM0Z05y9EqnBVXHo53APJKSS/PJYq35O6DDfiXFSiEXsevGRW4FqxJiqdJagvF
6QC52UMWfLuRYBgnMOgsIvbvQMQc/LBcNfRlcGillD7SIYygz00ZkfgLBQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDoynyUjctDBJTgkQeteZcoziYYxMB8GA1UdIwQY
MBaAFBEYT7ZQOnYGV/kCcOJ2o/y1C46PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVJoUHRsQTZkZ1pYLVFKdzRuYWpfTFVMam84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8zM2E3MzMtZWYwNS00YWYwLTg1MzUt
MTk2ZDY2NmQyYjJiLzEvT2pLZkpTTnkwTUVsT0NSQjYxNWx5ak9KaGpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8zM2E3MzMtZWYwNS00YWYwLTg1MzUtMTk2ZDY2NmQyYjJi
LzEvRVJoUHRsQTZkZ1pYLVFKdzRuYWpfTFVMam84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAwW7QMAwD
BAHBbtIDBAPBbtAwDQYJKoZIhvcNAQELBQADggEBALz19LBdXYJOBhIjGH1ThhaT
RKEYfYWsNMmTuk9a+xnvtibRUjmk95N5DzYeQtCGek9+80FvCNXhe25Cs3lGW90M
EY7pqhNUfOVb3tbKHLHai4tD/OlnL8zCCn7vTf/a5zcmj3BfPam3EwCeY2+xmCUa
sDqehGZNzBwCzXRDSjmGIM1eyHbjiVIcRyR0LgnFzz1gg/4Wnqdf4lFqh4uemipG
A0yG5PSVDi8Xp4Tb/D6i1e/bDNLrnzJpN+nHGe8v2Pw1ZmiWPLcAQENm7Wwn0FSZ
sY+ZZQTS0gN6RTqAmf3l640kzIRwFfbByxea/2maj0LZIoamX7Y0xEkGNB/AB+g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:49 2024 by rpki-client on console-fra.rpki-client.org