Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/otpLExYyZw_mYp7HYfKU3_HUPbY.roa
File: otpLExYyZw_mYp7HYfKU3_HUPbY.roa (raw, json)
Hash identifier: Qaq6Qs2UlhmjKKa40pyJlakAOzmrM+jOETAKujwJveU=
Subject key identifier: A2:DA:4B:13:16:32:67:0F:E6:62:9E:C7:61:F2:94:DF:F1:D4:3D:B6
Certificate issuer: /CN=22f344a63dcb70e89057deb8e2761dc45165881a
Certificate serial: 018CC7936224F581D66505EA080D349492EB
Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/otpLExYyZw_mYp7HYfKU3_HUPbY.roa
Signing time: Tue 02 Jan 2024 00:29:34 +0000
ROA not before: Tue 02 Jan 2024 00:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 85.28.52.0/23 maxlen: 23
194.31.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Oct 2024 07:27:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:62:24:f5:81:d6:65:05:ea:08:0d:34:94:92:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a
Validity
Not Before: Jan 2 00:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2da4b131632670fe6629ec761f294dff1d43db6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:93:5a:42:cb:bb:94:92:80:ca:6f:3c:b7:45:
23:98:8b:98:94:5d:6e:80:82:e7:a7:a3:29:35:f3:
3c:57:53:f7:20:c4:68:83:33:a1:e1:e2:dc:0f:cd:
34:83:2d:e7:3d:2c:d6:2f:26:21:82:ab:d8:4d:21:
ce:60:ee:fc:e2:df:d6:b4:dd:f0:b1:45:af:83:b3:
7d:b7:cb:e6:e5:28:a3:e6:9c:9c:68:06:f2:f5:1e:
c3:c8:1f:47:98:c0:2d:47:08:eb:11:3b:2b:14:4a:
f1:e9:bb:f0:b6:24:9f:9f:17:f6:db:6b:d2:e2:4d:
51:1a:80:6d:91:69:c9:02:13:b6:55:a4:8c:97:c8:
55:35:08:20:2d:bf:d2:4a:81:06:d7:80:fa:af:49:
53:8e:54:82:73:bd:29:38:5c:63:66:a7:11:bd:26:
6a:0f:e1:4a:07:fd:f6:5d:af:d7:c6:ba:cf:ad:fa:
06:92:60:33:8b:73:40:81:3b:d3:cf:75:61:80:cb:
41:00:f9:87:73:2e:a0:e7:28:35:fb:7b:27:0c:61:
3e:a1:d6:66:34:6a:22:3d:63:39:f1:a6:bc:6d:25:
15:55:8d:c0:72:42:aa:0a:3b:d8:ef:10:88:a7:0e:
d2:0b:d8:3f:98:cf:07:7e:b6:f1:28:2a:29:7f:cc:
36:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:DA:4B:13:16:32:67:0F:E6:62:9E:C7:61:F2:94:DF:F1:D4:3D:B6
X509v3 Authority Key Identifier:
keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/otpLExYyZw_mYp7HYfKU3_HUPbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.28.52.0/23
194.31.157.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:2b:c7:d1:87:f2:75:c7:71:f5:fd:4b:e3:27:70:d2:80:1f:
f2:29:bd:44:6c:32:63:6c:be:5c:b3:db:25:ac:a4:d3:52:86:
e6:0c:fd:17:db:b2:e2:d4:74:56:9f:06:4b:df:bf:5f:fa:ae:
fc:94:69:10:c2:2d:67:ee:f3:fd:80:1a:71:e5:f0:eb:c2:d5:
ed:05:3a:d6:fc:42:3e:3b:2d:9c:0c:ea:84:20:d5:41:6b:9f:
9a:8f:c1:6e:1e:3b:b7:1c:77:5c:8d:d2:ee:b3:c1:af:3a:3c:
dd:6a:8c:59:24:72:77:aa:18:b2:62:e6:0c:64:41:0d:3a:c4:
73:bd:20:21:85:45:db:3e:15:5a:78:a0:7a:70:2d:f5:38:15:
23:dd:09:fb:0f:da:bf:fa:3c:b4:98:0a:6d:31:5f:f0:c8:c7:
90:ab:03:48:ff:ce:a8:14:36:fb:48:24:86:da:1b:9f:f7:21:
7f:37:e4:ef:0c:86:3f:c0:f3:8c:3f:94:5a:d1:0c:93:91:eb:
2d:ca:f8:d0:2e:0e:fe:6c:eb:f8:17:a4:31:2c:94:f6:01:85:
99:30:ee:6f:2c:ab:81:b9:68:27:db:68:33:ec:c1:85:8a:08:
f3:7d:8f:d4:04:32:74:51:90:08:55:08:9c:f3:63:7c:c5:06:
3c:73:04:a2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHk2Ik9YHWZQXqCA00lJLrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjM0NGE2M2RjYjcwZTg5MDU3ZGViOGUyNzYxZGM0NTE2
NTg4MWEwHhcNMjQwMTAyMDAyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmRhNGIxMzE2MzI2NzBmZTY2MjllYzc2MWYyOTRkZmYxZDQzZGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpNaQsu7lJKAym88t0UjmIuYlF1u
gILnp6MpNfM8V1P3IMRogzOh4eLcD800gy3nPSzWLyYhgqvYTSHOYO784t/WtN3w
sUWvg7N9t8vm5Sij5pycaAby9R7DyB9HmMAtRwjrETsrFErx6bvwtiSfnxf222vS
4k1RGoBtkWnJAhO2VaSMl8hVNQggLb/SSoEG14D6r0lTjlSCc70pOFxjZqcRvSZq
D+FKB/32Xa/XxrrPrfoGkmAzi3NAgTvTz3VhgMtBAPmHcy6g5yg1+3snDGE+odZm
NGoiPWM58aa8bSUVVY3AckKqCjvY7xCIpw7SC9g/mM8HfrbxKCopf8w2gwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKLaSxMWMmcP5mKex2HylN/x1D22MB8GA1UdIwQY
MBaAFCLzRKY9y3DokFfeuOJ2HcRRZYgaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5Yzct
ZmViYjY0YjVlMTY0LzEvb3RwTEV4WXlad19tWXA3SFlmS1UzX0hVUGJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5YzctZmViYjY0YjVlMTY0
LzEvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVRw0AwQA
wh+dMA0GCSqGSIb3DQEBCwUAA4IBAQCfK8fRh/J1x3H1/UvjJ3DSgB/yKb1EbDJj
bL5cs9slrKTTUobmDP0X27Li1HRWnwZL379f+q78lGkQwi1n7vP9gBpx5fDrwtXt
BTrW/EI+Oy2cDOqEINVBa5+aj8FuHju3HHdcjdLus8GvOjzdaoxZJHJ3qhiyYuYM
ZEENOsRzvSAhhUXbPhVaeKB6cC31OBUj3Qn7D9q/+jy0mAptMV/wyMeQqwNI/86o
FDb7SCSG2huf9yF/N+TvDIY/wPOMP5Ra0QyTkestyvjQLg7+bOv4F6QxLJT2AYWZ
MO5vLKuBuWgn22gz7MGFigjzfY/UBDJ0UZAIVQic82N8xQY8cwSi
-----END CERTIFICATE-----
Generated at Mon Oct 7 10:52:31 2024 by rpki-client on console-ams.rpki-client.org