Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/e74b81-5ff7-4823-9267-0d3e662b0ee0/1/oYoH5dxuX7hFVe4UK0rfMvgnx1E.roa
File: oYoH5dxuX7hFVe4UK0rfMvgnx1E.roa (raw, json)
Hash identifier: GtnoKvUvS+3/peCpQmocrtKCaOcNdzGZ3lxXREqLEfY=
Subject key identifier: A1:8A:07:E5:DC:6E:5F:B8:45:55:EE:14:2B:4A:DF:32:F8:27:C7:51
Certificate issuer: /CN=3092b117062f6065faa1cdfd38915e4bb9c924bb
Certificate serial: 0185CE854B2AAC7398F9BA0C5D4981B3CEF9
Authority key identifier: 30:92:B1:17:06:2F:60:65:FA:A1:CD:FD:38:91:5E:4B:B9:C9:24:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MJKxFwYvYGX6oc39OJFeS7nJJLs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/e74b81-5ff7-4823-9267-0d3e662b0ee0/1/oYoH5dxuX7hFVe4UK0rfMvgnx1E.roa
Signing time: Fri 20 Jan 2023 09:32:00 +0000
ROA not before: Fri 20 Jan 2023 09:32:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 185.121.142.0/24 maxlen: 24
185.121.143.0/24 maxlen: 24
185.121.140.0/24 maxlen: 24
185.121.141.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ce:85:4b:2a:ac:73:98:f9:ba:0c:5d:49:81:b3:ce:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3092b117062f6065faa1cdfd38915e4bb9c924bb
Validity
Not Before: Jan 20 09:32:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a18a07e5dc6e5fb84555ee142b4adf32f827c751
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:91:c1:f9:4b:2f:75:7a:b5:b3:d5:da:50:16:
af:a5:3c:59:49:09:a3:cb:de:03:44:9a:d9:ba:4b:
0f:24:87:69:08:5b:db:46:08:3e:3e:64:98:1c:9e:
4f:71:2d:bd:dd:a2:24:f6:0e:81:e5:88:20:52:83:
77:2d:15:c6:bb:16:5c:9f:95:f3:8c:22:ad:3e:aa:
b4:34:e4:60:10:6f:d0:84:8a:81:84:c1:35:79:a3:
44:21:d2:9c:12:52:8c:f0:c7:53:d8:ad:e3:79:01:
90:a9:50:f5:e7:c5:95:01:ed:7a:a0:e5:c8:fc:a7:
32:33:2f:8b:ca:e8:cf:c0:7c:b2:44:10:55:d1:86:
6e:f2:4f:bf:ee:37:67:d4:4c:86:1c:1a:8f:3a:e1:
31:72:3b:b5:e1:85:57:b3:63:17:2d:d3:bc:b3:cf:
76:02:30:0b:d2:0e:1f:85:75:2b:7e:40:76:a4:3e:
80:30:d4:84:1e:16:75:19:aa:cf:12:b6:f8:52:39:
db:a5:e4:b0:c0:a6:17:c1:72:bf:a0:fc:62:ae:23:
a1:ed:e3:39:a4:7c:ae:d8:67:8a:dc:b9:c5:16:cc:
e3:d0:72:99:63:7c:d8:9c:04:5f:d4:32:c5:6c:d0:
33:a5:51:37:e8:82:61:3f:92:af:55:f4:2b:60:20:
c2:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:8A:07:E5:DC:6E:5F:B8:45:55:EE:14:2B:4A:DF:32:F8:27:C7:51
X509v3 Authority Key Identifier:
keyid:30:92:B1:17:06:2F:60:65:FA:A1:CD:FD:38:91:5E:4B:B9:C9:24:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MJKxFwYvYGX6oc39OJFeS7nJJLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e74b81-5ff7-4823-9267-0d3e662b0ee0/1/oYoH5dxuX7hFVe4UK0rfMvgnx1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e74b81-5ff7-4823-9267-0d3e662b0ee0/1/MJKxFwYvYGX6oc39OJFeS7nJJLs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.140.0/22
Signature Algorithm: sha256WithRSAEncryption
49:b8:2e:97:15:e2:83:1f:82:1c:92:7c:fd:3e:dd:d7:86:2b:
d7:10:e1:94:a4:38:42:dd:23:9e:79:2c:92:01:a8:01:c9:c9:
75:52:4b:cf:87:4a:ac:06:a3:27:81:fd:a7:18:7b:f4:bc:1f:
81:68:21:27:84:a9:1c:f9:b2:dc:ed:0b:cd:2b:ec:b2:08:51:
c6:88:e8:9b:7b:b2:66:a5:5b:bd:c3:95:02:6e:20:5a:a3:00:
c5:6c:8f:c0:f0:2b:13:ff:33:1a:fb:65:30:55:16:3c:26:eb:
e4:5d:f9:4d:5f:cb:15:68:f1:ed:49:b0:cd:7a:75:e8:24:8a:
38:63:6b:ad:f9:86:34:a6:93:f1:23:33:a4:46:af:38:13:6b:
5d:ac:b9:f6:11:b2:ed:e4:54:55:bf:1f:bd:28:82:73:a1:3c:
40:71:a2:5a:e4:b2:d9:01:b2:c7:3d:53:87:fc:e3:30:84:a0:
65:4e:ec:1b:e9:20:39:ea:62:fb:67:97:4f:9c:b2:3e:0a:9a:
aa:9d:cd:6c:a5:07:cf:d2:03:19:37:04:53:e2:53:3b:b9:9e:
88:f0:94:87:77:28:3b:29:92:e5:19:03:62:24:56:6e:56:50:
92:5c:81:13:63:d8:d2:cd:cd:2f:22:e2:9d:52:fe:33:f5:3d:
8b:37:76:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXOhUsqrHOY+boMXUmBs875MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwOTJiMTE3MDYyZjYwNjVmYWExY2RmZDM4OTE1ZTRiYjlj
OTI0YmIwHhcNMjMwMTIwMDkzMjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMThhMDdlNWRjNmU1ZmI4NDU1NWVlMTQyYjRhZGYzMmY4MjdjNzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZHB+UsvdXq1s9XaUBavpTxZSQmj
y94DRJrZuksPJIdpCFvbRgg+PmSYHJ5PcS293aIk9g6B5YggUoN3LRXGuxZcn5Xz
jCKtPqq0NORgEG/QhIqBhME1eaNEIdKcElKM8MdT2K3jeQGQqVD158WVAe16oOXI
/KcyMy+LyujPwHyyRBBV0YZu8k+/7jdn1EyGHBqPOuExcju14YVXs2MXLdO8s892
AjAL0g4fhXUrfkB2pD6AMNSEHhZ1GarPErb4UjnbpeSwwKYXwXK/oPxiriOh7eM5
pHyu2GeK3LnFFszj0HKZY3zYnARf1DLFbNAzpVE36IJhP5KvVfQrYCDCRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKGKB+Xcbl+4RVXuFCtK3zL4J8dRMB8GA1UdIwQY
MBaAFDCSsRcGL2Bl+qHN/TiRXku5ySS7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUpLeEZ3WXZZR1g2b2MzOU9KRmVTN25KSkxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lNzRiODEtNWZmNy00ODIzLTkyNjct
MGQzZTY2MmIwZWUwLzEvb1lvSDVkeHVYN2hGVmU0VUswcmZNdmdueDFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9lNzRiODEtNWZmNy00ODIzLTkyNjctMGQzZTY2MmIwZWUw
LzEvTUpLeEZ3WXZZR1g2b2MzOU9KRmVTN25KSkxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXmMMA0G
CSqGSIb3DQEBCwUAA4IBAQBJuC6XFeKDH4Icknz9Pt3XhivXEOGUpDhC3SOeeSyS
AagBycl1UkvPh0qsBqMngf2nGHv0vB+BaCEnhKkc+bLc7QvNK+yyCFHGiOibe7Jm
pVu9w5UCbiBaowDFbI/A8CsT/zMa+2UwVRY8JuvkXflNX8sVaPHtSbDNenXoJIo4
Y2ut+YY0ppPxIzOkRq84E2tdrLn2EbLt5FRVvx+9KIJzoTxAcaJa5LLZAbLHPVOH
/OMwhKBlTuwb6SA56mL7Z5dPnLI+Cpqqnc1spQfP0gMZNwRT4lM7uZ6I8JSHdyg7
KZLlGQNiJFZuVlCSXIETY9jSzc0vIuKdUv4z9T2LN3Z+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:14 2024 by rpki-client on console-fra.rpki-client.org